Zamrzání pc, problem s hdd

[mozzek]

Dobrý den. Prosím o kontrolu logu, pc začalo zamrzat vždy pri nacteni obsahu druhých dvou hdd. systémový disk se tváří normálně.

Děkuji

info.txt logfile of random's system information tool 1.06 2010-05-12 07:20:59

======Uninstall list======

-->MsiExec /X{54194F60-988C-4D03-B922-C2B00EFDA39A}
-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A2092B2A-A4FB-4464-A4C0-023D2C9993F8}\Setup.exe" -l0x9
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {E64BA721-2310-4B55-BE5A-2925F9706192}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
2007 Microsoft Office Suite Service Pack 2 (SP2)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
2007 Microsoft Office system-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROHYBRIDR /dll OSETUP.DLL
Activation Assistant for the 2007 Microsoft Office suites-->"C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}\Microsoft Office Activation Assistant.exe" REMOVE=TRUE MODIFY=FALSE
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9.3.2 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A93000000001}
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {0A1FAC46-B899-421D-B1A2-470896DC45DB}
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {E68DD413-B834-4923-8181-0A03B7555187}
APEX Save And Restore-->MsiExec.exe /I{E103F4CD-2F5D-434E-8429-6029147DCD65}
CCleaner-->"C:\Program Files (x86)\CCleaner\uninst.exe"
Combined Community Codec Pack 2009-09-09-->"C:\Program Files (x86)\Combined Community Codec Pack\unins000.exe"
FlashGet 1.9.0.1012-->C:\Program Files (x86)\FlashGet\uninst.exe
GOM Player-->"C:\Program Files (x86)\GRETECH\GomPlayer\Uninstall.exe"
ICQ6.5-->"C:\Program Files (x86)\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe" -runfromtemp -l0x0009 -removeonly
LogMeIn-->MsiExec.exe /I{34F93E31-E1A0-421C-8E86-BCF7C4193A91}
Microsoft Office Access MUI (Czech) 2007-->MsiExec.exe /X{90120000-0015-0405-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2007-->MsiExec.exe /X{90120000-0016-0405-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0405-0000-0000000FF1CE} /uninstall {1FC5BC34-0301-40D2-9432-05BA220277B8}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {294B4278-CF7B-40B9-86A1-2D3FF0C2C524}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {A0516415-ED61-419A-981D-93596DA74165}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {10EC59E5-9BCE-4884-BB1A-E28627220232}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-002A-0405-1000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office Language Pack 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0405-0000-0000000FF1CE} /uninstall {E12F9D31-4025-4BC6-B1B2-AB262C5580B0}
Microsoft Office Live Add-in 1.4-->MsiExec.exe /I{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}
Microsoft Office Outlook MUI (Czech) 2007-->MsiExec.exe /X{90120000-001A-0405-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2007-->MsiExec.exe /X{90120000-0018-0405-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Professional Hybrid 2007-->MsiExec.exe /X{91120000-0031-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2007-->MsiExec.exe /X{90120000-002C-0405-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2007-->MsiExec.exe /X{90120000-0019-0405-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2007-->MsiExec.exe /X{90120000-006E-0405-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2007-->MsiExec.exe /X{90120000-001B-0405-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Mozilla Firefox (3.6.3)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MyPhoneExplorer-->C:\Program Files (x86)\MyPhoneExplorer\uninstall.exe
NVIDIA PhysX-->MsiExec.exe /X{54194F60-988C-4D03-B922-C2B00EFDA39A}
OpenVPN 2.1.1-->C:\Program Files (x86)\OpenVPN\Uninstall.exe
PC Suite for Sony Ericsson-->C:\Windows\Installer\{E1252473-6306-4d5d-904D-B06AA7F38161}\Setup.exe /uninstall
PC Suite for Sony Ericsson-->MsiExec.exe /I{0C3AE9EB-2F0A-451E-A5E4-2BF6AFF21FB9}
PowerISO-->"C:\Program Files (x86)\PowerISO\uninstall.exe"
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB978380)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {667A88D1-0369-4070-A62A-70672D68A9BF}
Security Update for Microsoft Office Excel 2007 (KB978382)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {6DE3DABF-0203-426B-B330-7287D1003E86}
Security Update for Microsoft Office Outlook 2007 (KB972363)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office Publisher 2007 (KB980470)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {34573F17-DADE-4D0D-835F-A54A1DE8AC1F}
Security Update for Microsoft Office system 2007 (972581)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {3D019598-7B59-447A-80AE-815B703B84FF}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office system 2007 (KB974234)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {FCD742B9-7A55-44BC-A776-F795F21FEDDC}
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
Sony Ericsson Drivers-->MsiExec.exe /I{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}
Tom Clancy's Splinter Cell Conviction-->"C:\Program Files (x86)\InstallShield Installation Information\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}\setup.exe" -runfromtemp -l0x0005 -removeonly
Total Commander Ultima Prime 4.9.0.0-->"C:\Program Files (x86)\TC UP\un_TC UP.exe"
Ubisoft Game Launcher-->"C:\Program Files (x86)\InstallShield Installation Information\{888F1505-C2B3-4FDE-835D-36353EBD4754}\setup.exe" -runfromtemp -l0x0409 -removeonly
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for 2007 Microsoft Office System (KB981715)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office InfoPath 2007 (KB976416)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {432C5EE4-8096-4FF1-95E1-65219365DFF7}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 (KB974561)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {0CDDBAA2-2111-4A0E-A1B0-76C40C635331}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb981433)-->msiexec /package {91120000-0031-0000-0000-0000000FF1CE} /uninstall {5A6859A6-042D-4DF7-84E2-79F8DEFB5D48}

======System event log======

Computer Name: Michal-PC
Event Code: 14204
Message: Služba WMPNetworkSvc byla spuštěna.
Record Number: 1569
Source Name: Microsoft-Windows-WMPNSS-Service
Time Written: 20100430141725.000000-000
Event Type: Informace
User:

Computer Name: Michal-PC
Event Code: 7036
Message: Stav služby Síťová připojení byl změněn na: Spuštěno
Record Number: 1568
Source Name: Service Control Manager
Time Written: 20100430141724.212600-000
Event Type: Informace
User:

Computer Name: Michal-PC
Event Code: 7036
Message: Stav služby Služba Plánovač multimédií byl změněn na: Spuštěno
Record Number: 1567
Source Name: Service Control Manager
Time Written: 20100430141719.105800-000
Event Type: Informace
User:

Computer Name: Michal-PC
Event Code: 7036
Message: Stav služby Chráněné úložiště byl změněn na: Spuštěno
Record Number: 1566
Source Name: Service Control Manager
Time Written: 20100430141702.663400-000
Event Type: Informace
User:

Computer Name: Michal-PC
Event Code: 104
Message: Byl vymazán soubor protokolu System.
Record Number: 1565
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100430141654.504600-000
Event Type: Informace
User: Michal-PC\Michal

=====Application event log=====

Computer Name: Michal-PC
Event Code: 223
Message: WinMail (1728) WindowsMail0: Začíná zálohování souboru protokolu (rozsah C:\Users\Michal\AppData\Local\Microsoft\Windows Mail\edb00001.log - C:\Users\Michal\AppData\Local\Microsoft\Windows Mail\edb00001.log).
Record Number: 844
Source Name: ESENT
Time Written: 20100430141702.000000-000
Event Type: Informace
User:

Computer Name: Michal-PC
Event Code: 221
Message: WinMail (1728) WindowsMail0: Končí zálohování souboru C:\Users\Michal\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore.
Record Number: 843
Source Name: ESENT
Time Written: 20100430141702.000000-000
Event Type: Informace
User:

Computer Name: Michal-PC
Event Code: 220
Message: WinMail (1728) WindowsMail0: Začíná zálohování souboru C:\Users\Michal\AppData\Local\Microsoft\Windows Mail\WindowsMail.MSMessageStore (velikost 2 Mb).
Record Number: 842
Source Name: ESENT
Time Written: 20100430141702.000000-000
Event Type: Informace
User:

Computer Name: Michal-PC
Event Code: 210
Message: WinMail (1728) WindowsMail0: Probíhá spouštění úplného zálohování.
Record Number: 841
Source Name: ESENT
Time Written: 20100430141702.000000-000
Event Type: Informace
User:

Computer Name: Michal-PC
Event Code: 102
Message: WinMail (1728) WindowsMail0: Databázový stroj (6.01.7600.0000) spustil novou instanci (0).
Record Number: 840
Source Name: ESENT
Time Written: 20100430141701.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: Michal-PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MICHAL-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\SysWOW64\cabview.dll
ID popisovače: 0x618

Informace o procesu:
ID procesu: 0x490
Název procesu: C:\Windows\servicing\TrustedInstaller.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 381
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100430141756.222000-000
Event Type: Úspěšný audit
User:

Computer Name: Michal-PC
Event Code: 4907
Message: Nastavení auditu objektu se změnila.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MICHAL-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Objekt:
Server objektu: Security
Typ objektu: File
Název objektu: C:\Windows\System32\cabview.dll
ID popisovače: 0x610

Informace o procesu:
ID procesu: 0x490
Název procesu: C:\Windows\servicing\TrustedInstaller.exe

Nastavení auditu:
Původní popisovač zabezpečení:
Nový popisovač zabezpečení: S:ARAI(AU;SAFA;DCLCRPCRSDWDWO;;;WD)
Record Number: 380
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100430141756.222000-000
Event Type: Úspěšný audit
User:

Computer Name: Michal-PC
Event Code: 4672
Message: Novému přihlášení byla přiřazena zvláštní oprávnění.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7

Oprávnění: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 379
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100430141731.839200-000
Event Type: Úspěšný audit
User:

Computer Name: Michal-PC
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: MICHAL-PC$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Typ přihlášení: 5

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x208
Název procesu: C:\Windows\System32\services.exe

Informace o síti:
Název pracovní stanice:
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: Advapi
Balíček ověření: Negotiate
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 378
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100430141731.839200-000
Event Type: Úspěšný audit
User:

Computer Name: Michal-PC
Event Code: 1102
Message: Protokol auditu byl vymazán.
Předmět:
ID zabezpečení: S-1-5-21-132761946-1395082400-2933450287-1000
Název účtu: Michal
Název domény: Michal-PC
ID přihlášení: 0x28102f
Record Number: 377
Source Name: Microsoft-Windows-Eventlog
Time Written: 20100430141653.865000-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\TC UP\PLUGINS\Library;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\TC UP\PLUGINS\Library;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\OpenVPN\bin;C:\Program Files (x86)\TC UP\lib\;C:\Program Files (x86)\Common Files\Teleca Shared;C:\Program Files (x86)\Intuwave\Shared\mRouterRuntime;C:\Program Files\Common Files\Teleca Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=4
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"configsetroot"=%SystemRoot%\ConfigSetRoot
"DEFAULT_CA_NR"=CA8

-----------------EOF-----------------

[Caroprd111]

Zdravím

Potřebuji log.txt z RSIT http://www.viry.cz/forum/viewtopic.php?f=13&t=82743

[mozzek]

Omlouvám se, ale ten nesmysl mě z rsit vypadl taky.

Logfile of random's system information tool 1.07 (written by random/random)
Run by Michal at 2010-05-12 14:57:37
Microsoft Windows 7 Professional Service Pack 3
System drive C: has 121 GB (79%) free of 154 GB
Total RAM: 4094 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:57:44, on 12.5.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ICQ6.5\ICQ.exe
C:\Program Files (x86)\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe
C:\Program Files (x86)\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
C:\Program Files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe
C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe
C:\Program Files (x86)\FlashGet\flashget.exe
C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe
C:\PROGRA~2\Symbian\Shared\SYMBIA~1\SYMBIA~1.EXE
C:\PROGRA~2\Symbian\Shared\SYMBIA~1\SCBAL.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Sony Ericsson\Mobile4\Sync Manager\syncindicator.exe
C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
C:\Users\Michal\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ts.fujitsu.com/index2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.flashget.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~2\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [TC UP] "C:\Program Files (x86)\TC UP\TC UP.exe" /wnd=min
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [PC Suite for Smartphones] "C:\Program Files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Flashget] C:\Program Files (x86)\FlashGet\flashget.exe /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ICQ] "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent
O4 - HKCU\..\Run: [mRouterConfig] "C:\Program Files (x86)\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - .DEFAULT User Startup: LaunchCenter.lnk = C:\Program Files\Fujitsu\LaunchCenter\LaunchCenter.exe (User 'Default user')
O4 - Global Startup: UltraMon.lnk = ?
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files (x86)\FlashGet\jc_all.htm
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files (x86)\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://c:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - c:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\FlashGet.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O15 - Trusted Zone: http://software.kuaiche.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Sentinel HASP License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9194 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files (x86)\FlashGet\jccatch.dll [2007-06-29 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files (x86)\FlashGet\getflash.dll [2007-05-16 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
Locked
{E0E899AB-F487-11D5-8D29-0050BA6940E3} - FlashGet Bar - C:\PROGRA~2\FlashGet\fgiebar.dll [2005-06-07 86016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"TC UP"=C:\Program Files (x86)\TC UP\TC UP.exe [2009-09-20 37376]
"PWRISOVM.EXE"=C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [2010-04-12 180224]
"PC Suite for Smartphones"=C:\Program Files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe [2007-12-25 548864]
"Flashget"=C:\Program Files (x86)\FlashGet\flashget.exe [2007-06-29 1990704]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"ICQ"=C:\Program Files (x86)\ICQ6.5\ICQ.exe [2009-11-16 172792]
"mRouterConfig"=C:\Program Files (x86)\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe [2006-03-02 290816]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
UltraMon.lnk - C:\Windows\Installer\{B49673F8-7AB6-4A14-8213-C8A7BE370010}\IcoUltraMon.ico

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=
"NoActiveDesktopChanges"=
"ForceActiveDesktopOn"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe"="C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
shell\AutoRun\command - I:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
shell\AutoRun\command - J:\steambackup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{866228e9-54a1-11df-8b63-806e6f6e6963}]
shell\AutoRun\command - E:\start.exe


======File associations======

.inf - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.inf - install -
.ini - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.txt - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"
.vbs - edit -
.vbs - open - "C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe" "%1"

======List of files/folders created in the last 1 months======

2010-05-12 12:47:48 ----D---- C:\Program Files (x86)\Common Files\Aladdin Shared
2010-05-12 12:45:34 ----D---- C:\hsp
2010-05-12 12:44:57 ----A---- C:\Windows\SysWOW64\UNWISE.EXE
2010-05-12 12:44:57 ----A---- C:\Windows\SysWOW64\hdsuinst.exe
2010-05-12 12:44:50 ----A---- C:\Windows\SysWOW64\haspds_windows.dll
2010-05-12 07:17:39 ----D---- C:\rsit
2010-05-12 07:17:39 ----D---- C:\Program Files (x86)\trend micro
2010-05-12 04:51:19 ----A---- C:\Windows\SysWOW64\inetcomm.dll
2010-05-10 07:43:55 ----D---- C:\Program Files (x86)\Common Files\Adobe
2010-05-10 07:43:55 ----D---- C:\Program Files (x86)\Adobe
2010-05-07 17:25:40 ----D---- C:\ProgramData\Ubisoft
2010-05-07 16:54:01 ----D---- C:\Program Files (x86)\Ubisoft
2010-05-07 16:37:32 ----D---- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
2010-05-07 16:37:30 ----D---- C:\ProgramData\DAEMON Tools Lite
2010-05-05 15:26:01 ----D---- C:\Users\Michal\AppData\Roaming\WinRAR
2010-05-05 15:19:47 ----D---- C:\Program Files (x86)\Sony Ericsson USB
2010-05-05 14:57:19 ----D---- C:\drivers k750
2010-05-05 13:27:15 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2010-05-05 13:17:23 ----D---- C:\Users\Michal\AppData\Roaming\MyPhoneExplorer
2010-05-05 13:17:10 ----D---- C:\Program Files (x86)\MyPhoneExplorer
2010-05-05 12:54:44 ----D---- C:\Program Files (x86)\Intuwave
2010-05-05 12:54:40 ----D---- C:\Program Files (x86)\Common Files\InstallShield
2010-05-05 12:54:39 ----D---- C:\Program Files (x86)\Symbian
2010-05-05 12:54:26 ----D---- C:\ProgramData\Sony Ericsson
2010-05-05 12:54:25 ----D---- C:\Program Files (x86)\Common Files\Sony Ericsson Shared
2010-05-05 12:54:22 ----D---- C:\ProgramData\Teleca
2010-05-05 11:30:40 ----A---- C:\Windows\DelMR.bat
2010-05-04 12:34:41 ----D---- C:\ProgramData\Hewlett-Packard
2010-05-04 12:32:58 ----D---- C:\HP CLJ3600 Driver
2010-05-04 11:18:48 ----D---- C:\Users\Michal\AppData\Roaming\Teleca
2010-05-04 11:12:26 ----D---- C:\Users\Michal\AppData\Roaming\Sony Ericsson
2010-05-04 11:12:03 ----D---- C:\Program Files (x86)\Sony Ericsson
2010-05-04 11:12:03 ----D---- C:\Program Files (x86)\Common Files\Teleca Shared
2010-05-04 11:11:18 ----D---- C:\Windows\Downloaded Installations
2010-05-03 19:22:21 ----D---- C:\Users\Michal\AppData\Roaming\NVIDIA
2010-05-03 19:21:27 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2010-05-03 19:20:20 ----A---- C:\Windows\SysWOW64\XAudio2_6.dll
2010-05-03 19:20:20 ----A---- C:\Windows\SysWOW64\XAPOFX1_4.dll
2010-05-03 19:20:20 ----A---- C:\Windows\SysWOW64\xactengine3_6.dll
2010-05-03 19:20:20 ----A---- C:\Windows\SysWOW64\X3DAudio1_7.dll
2010-05-03 19:20:19 ----A---- C:\Windows\SysWOW64\XAudio2_5.dll
2010-05-03 19:20:18 ----A---- C:\Windows\SysWOW64\xactengine3_5.dll
2010-05-03 19:20:18 ----A---- C:\Windows\SysWOW64\d3dcsx_42.dll
2010-05-03 19:20:18 ----A---- C:\Windows\SysWOW64\D3DCompiler_42.dll
2010-05-03 19:20:17 ----A---- C:\Windows\SysWOW64\d3dx11_42.dll
2010-05-03 19:20:17 ----A---- C:\Windows\SysWOW64\d3dx10_42.dll
2010-05-03 19:20:16 ----A---- C:\Windows\SysWOW64\D3DX9_42.dll
2010-05-03 19:20:16 ----A---- C:\Windows\SysWOW64\D3DX9_41.dll
2010-05-03 19:20:16 ----A---- C:\Windows\SysWOW64\d3dx10_41.dll
2010-05-03 19:20:16 ----A---- C:\Windows\SysWOW64\D3DCompiler_41.dll
2010-05-03 19:20:15 ----A---- C:\Windows\SysWOW64\XAudio2_4.dll
2010-05-03 19:20:15 ----A---- C:\Windows\SysWOW64\XAPOFX1_3.dll
2010-05-03 19:20:15 ----A---- C:\Windows\SysWOW64\xactengine3_4.dll
2010-05-03 19:20:14 ----A---- C:\Windows\SysWOW64\XAudio2_3.dll
2010-05-03 19:20:14 ----A---- C:\Windows\SysWOW64\XAPOFX1_2.dll
2010-05-03 19:20:14 ----A---- C:\Windows\SysWOW64\X3DAudio1_6.dll
2010-05-03 19:20:14 ----A---- C:\Windows\SysWOW64\D3DX9_40.dll
2010-05-03 19:20:14 ----A---- C:\Windows\SysWOW64\d3dx10_40.dll
2010-05-03 19:20:14 ----A---- C:\Windows\SysWOW64\D3DCompiler_40.dll
2010-05-03 19:20:13 ----A---- C:\Windows\SysWOW64\XAudio2_2.dll
2010-05-03 19:20:13 ----A---- C:\Windows\SysWOW64\XAPOFX1_1.dll
2010-05-03 19:20:13 ----A---- C:\Windows\SysWOW64\xactengine3_3.dll
2010-05-03 19:20:13 ----A---- C:\Windows\SysWOW64\X3DAudio1_5.dll
2010-05-03 19:20:12 ----A---- C:\Windows\SysWOW64\xactengine3_2.dll
2010-05-03 19:20:12 ----A---- C:\Windows\SysWOW64\D3DX9_39.dll
2010-05-03 19:20:12 ----A---- C:\Windows\SysWOW64\d3dx10_39.dll
2010-05-03 19:20:12 ----A---- C:\Windows\SysWOW64\D3DCompiler_39.dll
2010-05-03 19:20:11 ----A---- C:\Windows\SysWOW64\XAudio2_1.dll
2010-05-03 19:20:11 ----A---- C:\Windows\SysWOW64\XAPOFX1_0.dll
2010-05-03 19:20:11 ----A---- C:\Windows\SysWOW64\xactengine3_1.dll
2010-05-03 19:20:11 ----A---- C:\Windows\SysWOW64\X3DAudio1_4.dll
2010-05-03 19:20:11 ----A---- C:\Windows\SysWOW64\d3dx10_38.dll
2010-05-03 19:20:11 ----A---- C:\Windows\SysWOW64\D3DCompiler_38.dll
2010-05-03 19:20:10 ----A---- C:\Windows\SysWOW64\XAudio2_0.dll
2010-05-03 19:20:10 ----A---- C:\Windows\SysWOW64\xactengine3_0.dll
2010-05-03 19:20:10 ----A---- C:\Windows\SysWOW64\X3DAudio1_3.dll
2010-05-03 19:20:10 ----A---- C:\Windows\SysWOW64\D3DX9_38.dll
2010-05-03 19:20:09 ----A---- C:\Windows\SysWOW64\xactengine2_10.dll
2010-05-03 19:20:09 ----A---- C:\Windows\SysWOW64\D3DX9_37.dll
2010-05-03 19:20:09 ----A---- C:\Windows\SysWOW64\d3dx10_37.dll
2010-05-03 19:20:09 ----A---- C:\Windows\SysWOW64\D3DCompiler_37.dll
2010-05-03 19:20:08 ----A---- C:\Windows\SysWOW64\xactengine2_9.dll
2010-05-03 19:20:08 ----A---- C:\Windows\SysWOW64\d3dx9_36.dll
2010-05-03 19:20:08 ----A---- C:\Windows\SysWOW64\d3dx10_36.dll
2010-05-03 19:20:08 ----A---- C:\Windows\SysWOW64\D3DCompiler_36.dll
2010-05-03 19:20:07 ----A---- C:\Windows\SysWOW64\xactengine2_8.dll
2010-05-03 19:20:07 ----A---- C:\Windows\SysWOW64\X3DAudio1_2.dll
2010-05-03 19:20:07 ----A---- C:\Windows\SysWOW64\d3dx9_35.dll
2010-05-03 19:20:07 ----A---- C:\Windows\SysWOW64\d3dx10_35.dll
2010-05-03 19:20:07 ----A---- C:\Windows\SysWOW64\d3dx10_34.dll
2010-05-03 19:20:07 ----A---- C:\Windows\SysWOW64\D3DCompiler_35.dll
2010-05-03 19:20:07 ----A---- C:\Windows\SysWOW64\D3DCompiler_34.dll
2010-05-03 19:20:06 ----A---- C:\Windows\SysWOW64\xinput1_3.dll
2010-05-03 19:20:06 ----A---- C:\Windows\SysWOW64\xactengine2_7.dll
2010-05-03 19:20:06 ----A---- C:\Windows\SysWOW64\d3dx9_34.dll
2010-05-03 19:20:06 ----A---- C:\Windows\SysWOW64\d3dx10_33.dll
2010-05-03 19:20:06 ----A---- C:\Windows\SysWOW64\D3DCompiler_33.dll
2010-05-03 19:20:05 ----A---- C:\Windows\SysWOW64\xactengine2_6.dll
2010-05-03 19:20:05 ----A---- C:\Windows\SysWOW64\xactengine2_5.dll
2010-05-03 19:20:05 ----A---- C:\Windows\SysWOW64\d3dx9_33.dll
2010-05-03 19:20:05 ----A---- C:\Windows\SysWOW64\d3dx10.dll
2010-05-03 19:20:04 ----A---- C:\Windows\SysWOW64\x3daudio1_1.dll
2010-05-03 19:20:04 ----A---- C:\Windows\SysWOW64\d3dx9_32.dll
2010-05-03 19:18:39 ----A---- C:\Windows\SysWOW64\xactengine2_4.dll
2010-05-03 19:18:38 ----A---- C:\Windows\SysWOW64\xinput1_2.dll
2010-05-03 19:18:38 ----A---- C:\Windows\SysWOW64\xinput1_1.dll
2010-05-03 19:18:38 ----A---- C:\Windows\SysWOW64\xactengine2_3.dll
2010-05-03 19:18:38 ----A---- C:\Windows\SysWOW64\xactengine2_2.dll
2010-05-03 19:18:38 ----A---- C:\Windows\SysWOW64\d3dx9_31.dll
2010-05-03 19:18:36 ----A---- C:\Windows\SysWOW64\xactengine2_1.dll
2010-05-03 19:18:32 ----A---- C:\Windows\SysWOW64\xactengine2_0.dll
2010-05-03 19:18:32 ----A---- C:\Windows\SysWOW64\x3daudio1_0.dll
2010-05-03 19:18:32 ----A---- C:\Windows\SysWOW64\d3dx9_30.dll
2010-05-03 19:18:31 ----A---- C:\Windows\SysWOW64\d3dx9_29.dll
2010-05-03 19:18:30 ----A---- C:\Windows\SysWOW64\d3dx9_28.dll
2010-05-03 19:18:29 ----A---- C:\Windows\SysWOW64\d3dx9_27.dll
2010-05-03 19:18:28 ----A---- C:\Windows\SysWOW64\d3dx9_26.dll
2010-05-03 19:18:28 ----A---- C:\Windows\SysWOW64\d3dx9_25.dll
2010-05-03 19:18:27 ----A---- C:\Windows\SysWOW64\d3dx9_24.dll
2010-05-03 18:31:26 ----D---- C:\Program Files (x86)\PowerISO
2010-05-03 17:49:05 ----D---- C:\ProgramData\LogMeIn
2010-05-03 17:48:52 ----D---- C:\Program Files (x86)\LogMeIn
2010-05-03 17:37:52 ----D---- C:\Program Files (x86)\APEX gaming technology a.s
2010-05-03 17:25:58 ----A---- C:\Windows\libem.INI
2010-05-03 17:25:52 ----D---- C:\Users\Michal\AppData\Roaming\FlashGet
2010-05-03 17:25:52 ----D---- C:\Users\Michal\AppData\Roaming\BITS
2010-05-03 17:25:46 ----D---- C:\Users\Michal\AppData\Roaming\FlashGetBHO
2010-05-03 16:44:09 ----AD---- C:\ProgramData\TEMP
2010-05-03 16:43:17 ----D---- C:\ProgramData\Logitech
2010-05-03 16:33:26 ----D---- C:\Program Files (x86)\FlashGet
2010-05-03 16:33:19 ----A---- C:\Windows\~GLH0000.TMP
2010-05-03 16:26:41 ----D---- C:\Users\Michal\AppData\Roaming\GRETECH
2010-05-03 16:24:42 ----D---- C:\Program Files (x86)\GRETECH
2010-05-03 16:19:05 ----D---- C:\Program Files (x86)\Combined Community Codec Pack
2010-05-03 13:58:20 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2010-05-03 13:57:39 ----D---- C:\Users\Michal\AppData\Roaming\ICQ
2010-05-03 13:57:13 ----D---- C:\Program Files (x86)\ICQ6.5
2010-05-03 13:51:54 ----D---- C:\Program Files (x86)\Common Files\Windows Live
2010-05-03 13:51:26 ----D---- C:\Program Files (x86)\Microsoft
2010-05-03 13:49:59 ----D---- C:\Windows\pss
2010-05-03 13:42:04 ----D---- C:\Program Files (x86)\OpenVPN
2010-05-03 13:37:23 ----D---- C:\ProgramData\ESET
2010-05-03 13:37:03 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2010-05-03 13:25:20 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2010-05-03 12:53:34 ----D---- C:\ProgramData\Sun
2010-05-03 12:53:23 ----A---- C:\Windows\SysWOW64\deployJava1.dll
2010-05-03 12:51:58 ----D---- C:\Users\Michal\AppData\Roaming\Macromedia
2010-05-03 12:51:54 ----D---- C:\Windows\SysWOW64\Macromed
2010-05-03 11:56:43 ----D---- C:\vltnet
2010-05-03 11:50:03 ----D---- C:\Users\Michal\AppData\Roaming\Realtime Soft
2010-05-03 11:50:00 ----D---- C:\Program Files (x86)\Common Files\Realtime Soft
2010-05-03 11:49:59 ----D---- C:\ProgramData\Realtime Soft
2010-05-03 11:37:17 ----D---- C:\Users\Michal\AppData\Roaming\Adobe
2010-05-03 11:36:33 ----D---- C:\Users\Michal\AppData\Roaming\Google
2010-05-03 11:36:12 ----D---- C:\Program Files (x86)\CCleaner
2010-05-03 11:29:51 ----D---- C:\Users\Michal\AppData\Roaming\HEXelon
2010-05-03 11:29:35 ----D---- C:\Program Files (x86)\TC UP
2010-05-03 11:24:20 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2010-05-03 11:24:20 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2010-05-03 11:24:16 ----A---- C:\Windows\SysWOW64\vbscript.dll
2010-05-03 11:24:13 ----A---- C:\Windows\SysWOW64\wmp.dll
2010-05-03 11:24:12 ----A---- C:\Windows\SysWOW64\wmploc.DLL
2010-05-03 11:24:12 ----A---- C:\Windows\SysWOW64\CertEnroll.dll
2010-05-03 11:23:25 ----A---- C:\Windows\SysWOW64\secproc_ssp_isv.dll
2010-05-03 11:23:25 ----A---- C:\Windows\SysWOW64\secproc_ssp.dll
2010-05-03 11:23:25 ----A---- C:\Windows\SysWOW64\secproc_isv.dll
2010-05-03 11:23:25 ----A---- C:\Windows\SysWOW64\secproc.dll
2010-05-03 11:23:25 ----A---- C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2010-05-03 11:23:25 ----A---- C:\Windows\SysWOW64\RMActivate_ssp.exe
2010-05-03 11:23:25 ----A---- C:\Windows\SysWOW64\RMActivate_isv.exe
2010-05-03 11:23:25 ----A---- C:\Windows\SysWOW64\RMActivate.exe
2010-05-03 11:23:20 ----A---- C:\Windows\SysWOW64\t2embed.dll
2010-05-03 11:23:20 ----A---- C:\Windows\SysWOW64\fontsub.dll
2010-05-03 11:23:20 ----A---- C:\Windows\SysWOW64\atmfd.dll
2010-05-03 11:23:18 ----A---- C:\Windows\SysWOW64\explorer.exe
2010-05-03 11:23:18 ----A---- C:\Windows\explorer.exe
2010-05-03 11:23:12 ----A---- C:\Windows\SysWOW64\wow32.dll
2010-05-03 11:23:12 ----A---- C:\Windows\SysWOW64\user.exe
2010-05-03 11:23:12 ----A---- C:\Windows\SysWOW64\setup16.exe
2010-05-03 11:23:12 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2010-05-03 11:23:12 ----A---- C:\Windows\SysWOW64\instnm.exe
2010-05-03 11:22:46 ----A---- C:\Windows\SysWOW64\mshtml.dll
2010-05-03 11:22:45 ----A---- C:\Windows\SysWOW64\urlmon.dll
2010-05-03 11:22:45 ----A---- C:\Windows\SysWOW64\mstime.dll
2010-05-03 11:22:45 ----A---- C:\Windows\SysWOW64\ieframe.dll
2010-05-03 11:22:45 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2010-05-03 11:22:44 ----A---- C:\Windows\SysWOW64\wininet.dll
2010-05-03 11:22:44 ----A---- C:\Windows\SysWOW64\msfeedsbs.dll
2010-05-03 11:22:29 ----A---- C:\Windows\SysWOW64\tzres.dll
2010-05-03 11:22:25 ----A---- C:\Windows\SysWOW64\tsbyuv.dll
2010-05-03 11:22:25 ----A---- C:\Windows\SysWOW64\quartz.dll
2010-05-03 11:22:25 ----A---- C:\Windows\SysWOW64\msyuv.dll
2010-05-03 11:22:25 ----A---- C:\Windows\SysWOW64\msvidc32.dll
2010-05-03 11:22:25 ----A---- C:\Windows\SysWOW64\msrle32.dll
2010-05-03 11:22:25 ----A---- C:\Windows\SysWOW64\mciavi32.dll
2010-05-03 11:22:25 ----A---- C:\Windows\SysWOW64\iyuv_32.dll
2010-05-03 11:22:25 ----A---- C:\Windows\SysWOW64\avifil32.dll
2010-05-03 11:22:10 ----A---- C:\Windows\SysWOW64\jscript.dll
2010-05-03 11:22:08 ----A---- C:\Windows\SysWOW64\sspicli.dll
2010-05-03 11:22:08 ----A---- C:\Windows\SysWOW64\shell32.dll
2010-05-03 11:22:08 ----A---- C:\Windows\SysWOW64\secur32.dll
2010-05-03 11:21:42 ----A---- C:\Windows\SysWOW64\CPFilters.dll
2010-05-03 11:21:41 ----A---- C:\Windows\SysWOW64\psisdecd.dll
2010-05-03 11:21:12 ----A---- C:\Windows\SysWOW64\msasn1.dll
2010-04-30 23:48:02 ----D---- C:\ProgramData\NVIDIA
2010-04-30 23:47:40 ----D---- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2010-04-30 23:46:16 ----D---- C:\Windows\SysWOW64\RTCOM
2010-04-30 16:50:27 ----D---- C:\Program Files (x86)\Google
2010-04-30 16:27:18 ----D---- C:\Users\Michal\AppData\Roaming\Mozilla
2010-04-30 16:27:15 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-04-30 16:17:02 ----D---- C:\Users\Michal\AppData\Roaming\Identities
2010-04-30 16:16:44 ----D---- C:\ProgramData\Fujitsu
2010-04-30 16:16:27 ----D---- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
2010-04-30 16:16:25 ----D---- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
2010-04-30 16:16:08 ----SD---- C:\Users\Michal\AppData\Roaming\Microsoft
2010-04-30 16:16:08 ----D---- C:\Users\Michal\AppData\Roaming\Media Center Programs
2010-04-30 16:11:43 ----D---- C:\ProgramData\Adobe
2010-04-30 15:00:29 ----A---- C:\Windows\SysWOW64\wintrust.dll
2010-04-30 15:00:28 ----A---- C:\Windows\SysWOW64\cabview.dll
2010-04-30 14:53:03 ----D---- C:\Windows\SoftwareDistribution

======List of files/folders modified in the last 1 months======

2010-05-12 14:57:42 ----D---- C:\Windows\Temp
2010-05-12 14:08:44 ----D---- C:\Windows\Prefetch
2010-05-12 14:03:09 ----D---- C:\Windows
2010-05-12 13:01:42 ----D---- C:\Windows\SysWOW64
2010-05-12 13:01:42 ----D---- C:\Windows\System32
2010-05-12 13:01:42 ----D---- C:\Program Files (x86)\Windows Mail
2010-05-12 13:00:31 ----D---- C:\Windows\debug
2010-05-12 13:00:28 ----SHD---- C:\Windows\Installer
2010-05-12 13:00:27 ----D---- C:\ProgramData\Microsoft Help
2010-05-12 13:00:00 ----D---- C:\System Volume Information
2010-05-12 12:47:48 ----D---- C:\Program Files (x86)\Common Files
2010-05-12 12:47:27 ----D---- C:\Windows\inf
2010-05-12 12:44:58 ----D---- C:\Windows\SysWOW64\Setup
2010-05-12 07:17:39 ----RD---- C:\Program Files (x86)
2010-05-12 04:50:59 ----D---- C:\Windows\winsxs
2010-05-07 17:25:40 ----HD---- C:\ProgramData
2010-05-07 16:53:20 ----RSD---- C:\Windows\assembly
2010-05-05 15:26:21 ----SD---- C:\ProgramData\Microsoft
2010-05-05 15:25:37 ----RD---- C:\Program Files
2010-05-04 11:12:50 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2010-05-03 19:19:29 ----D---- C:\Windows\Logs
2010-05-03 19:18:33 ----D---- C:\Windows\Microsoft.NET
2010-05-03 18:01:34 ----D---- C:\Windows\Downloaded Program Files
2010-05-03 13:52:49 ----D---- C:\Program Files (x86)\Internet Explorer
2010-05-03 13:49:55 ----D---- C:\Windows\rescache
2010-05-03 13:44:55 ----D---- C:\Program Files (x86)\Windows Media Player
2010-05-03 13:44:48 ----D---- C:\Windows\AppPatch
2010-05-03 13:44:47 ----D---- C:\Windows\SysWOW64\cs-CZ
2010-05-03 13:44:45 ----D---- C:\Windows\ehome
2010-05-03 13:44:42 ----D---- C:\Program Files (x86)\Windows Sidebar
2010-05-03 13:44:41 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2010-05-03 13:44:40 ----D---- C:\Windows\SysWOW64\winrm
2010-05-03 13:44:40 ----D---- C:\Windows\SysWOW64\sr-Latn-CS
2010-05-03 13:44:40 ----D---- C:\Windows\SysWOW64\slmgr
2010-05-03 13:44:40 ----D---- C:\Windows\SysWOW64\migwiz
2010-05-03 13:44:40 ----D---- C:\Windows\SysWOW64\en
2010-05-03 13:44:40 ----D---- C:\Windows\servicing
2010-05-03 13:44:40 ----D---- C:\Program Files (x86)\Windows Defender
2010-05-03 13:44:40 ----D---- C:\Program Files (x86)\Common Files\System
2010-05-03 13:44:33 ----D---- C:\Windows\SysWOW64\en-US
2010-05-03 13:44:33 ----D---- C:\Windows\SysWOW64\drivers
2010-05-03 13:44:23 ----D---- C:\Windows\SysWOW64\WCN
2010-05-03 13:44:23 ----D---- C:\Windows\SysWOW64\wbem
2010-05-03 13:44:23 ----D---- C:\Windows\SysWOW64\Printing_Admin_Scripts
2010-05-03 13:44:23 ----D---- C:\Windows\SysWOW64\DriverStore
2010-05-03 13:44:23 ----D---- C:\Windows\SysWOW64\Dism
2010-05-03 13:44:21 ----D---- C:\Windows\PolicyDefinitions
2010-05-03 13:44:21 ----D---- C:\Windows\en-US
2010-05-03 12:35:54 ----D---- C:\Windows\SysWOW64\sl-SI
2010-05-03 12:35:20 ----D---- C:\Windows\SysWOW64\sk-SK
2010-05-03 12:34:34 ----D---- C:\Windows\SysWOW64\XPSViewer
2010-05-03 12:34:34 ----D---- C:\Windows\SysWOW64\MUI
2010-05-03 12:34:34 ----D---- C:\Windows\SysWOW64\migration
2010-05-03 12:34:33 ----D---- C:\Windows\SysWOW64\ru-RU
2010-05-03 12:34:33 ----D---- C:\Windows\SysWOW64\com
2010-05-03 12:34:28 ----D---- C:\Windows\IME
2010-05-03 12:33:41 ----D---- C:\Windows\SysWOW64\ro-RO
2010-05-03 12:32:56 ----D---- C:\Windows\SysWOW64\pl-PL
2010-05-03 12:31:39 ----D---- C:\Windows\SysWOW64\hu-HU
2010-05-03 12:30:28 ----D---- C:\Windows\SysWOW64\hr-HR
2010-05-03 12:29:43 ----D---- C:\Windows\SysWOW64\bg-BG
2010-05-03 12:28:12 ----D---- C:\Windows\Speech
2010-05-03 11:38:38 ----D---- C:\Program Files (x86)\Fujitsu
2010-05-03 11:36:44 ----D---- C:\Windows\Tasks
2010-04-30 23:47:59 ----D---- C:\Windows\Help
2010-04-30 16:17:00 ----SHD---- C:\$Recycle.Bin
2010-04-30 16:16:08 ----RD---- C:\Users
2010-04-30 16:16:01 ----D---- C:\Windows\Panther
2010-04-30 16:14:31 ----A---- C:\Windows\win.ini
2010-04-30 16:13:20 ----D---- C:\Windows\ShellNew
2010-04-30 14:54:23 ----A---- C:\lang.txt

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys []
R1 discache;@%systemroot%\system32\drivers\discache.sys,-102; C:\Windows\System32\drivers\discache.sys []
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
R1 nsiproxy;@%SystemRoot%\system32\drivers\nsiproxy.sys,-2; C:\Windows\system32\drivers\nsiproxy.sys []
R1 RDPENCDD;@%systemroot%\system32\drivers\RDPENCDD.sys,-101; C:\Windows\system32\drivers\rdpencdd.sys []
R1 RDPREFMP;@%systemroot%\system32\drivers\RdpRefMp.sys,-101; C:\Windows\system32\drivers\rdprefmp.sys []
R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys []
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys []
R1 WfpLwf;WFP Lightweight Filter; C:\Windows\system32\DRIVERS\wfplwf.sys []
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys []
R2 aksfridge;Sentinel HASP Fridge; C:\Windows\system32\DRIVERS\aksfridge.sys []
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys []
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys []
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys []
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [2008-08-11 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\Windows\system32\drivers\LMIRfsDriver.sys []
R2 luafv;@%systemroot%\system32\drivers\luafv.sys,-100; C:\Windows\system32\drivers\luafv.sys []
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys []
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys []
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys []
R2 UltraMonUtility;UltraMon Utility Driver; \??\C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [2008-11-14 20512]
R3 bowser;@%systemroot%\system32\browser.dll,-102; C:\Windows\system32\DRIVERS\bowser.sys []
R3 CompositeBus;Composite Bus Enumerator Driver; C:\Windows\system32\DRIVERS\CompositeBus.sys []
R3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys []
R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys []
R3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys []
R3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys []
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\system32\DRIVERS\HDAudBus.sys []
R3 HidBatt;HID UPS Battery Driver; C:\Windows\system32\DRIVERS\HidBatt.sys []
R3 HidUsb;Ovladač třídy standardu HID Microsoft; C:\Windows\system32\DRIVERS\hidusb.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 intelppm;Intel Processor Driver; C:\Windows\system32\DRIVERS\intelppm.sys []
R3 kbdhid;Ovladač klávesnice standardu HID; C:\Windows\system32\DRIVERS\kbdhid.sys []
R3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys []
R3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys []
R3 lmimirr;lmimirr; C:\Windows\system32\DRIVERS\lmimirr.sys []
R3 monitor;Služba ovladače funkce třídy monitorů Microsoft; C:\Windows\system32\DRIVERS\monitor.sys []
R3 mouhid;Ovladač myši standardu HID; C:\Windows\system32\DRIVERS\mouhid.sys []
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys []
R3 mrxsmb10;@%systemroot%\system32\wkssvc.dll,-1004; C:\Windows\system32\DRIVERS\mrxsmb10.sys []
R3 mrxsmb20;@%systemroot%\system32\wkssvc.dll,-1006; C:\Windows\system32\DRIVERS\mrxsmb20.sys []
R3 NativeWifiP;NativeWiFi Filter; C:\Windows\system32\DRIVERS\nwifi.sys []
R3 netr7364;ASUS USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr7364.sys []
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys []
R3 RasAgileVpn;WAN Miniport (IKEv2); C:\Windows\system32\DRIVERS\AgileVpn.sys []
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys []
R3 rdpbus;Remote Desktop Device Redirector Bus Driver; C:\Windows\system32\DRIVERS\rdpbus.sys []
R3 srv2;@%systemroot%\system32\srvsvc.dll,-104; C:\Windows\System32\DRIVERS\srv2.sys []
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys []
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys []
R3 tunnel;Microsoft Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys []
R3 umbus;Ovladač sběrnice UMBus Enumerator; C:\Windows\system32\DRIVERS\umbus.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\Windows\system32\DRIVERS\usbccgp.sys []
R3 usbehci;Ovladač miniportu vylepšeného hostitelského řadiče Microsoft USB 2.0; C:\Windows\system32\DRIVERS\usbehci.sys []
R3 usbhub;Ovladač standardního rozbočovače USB; C:\Windows\system32\DRIVERS\usbhub.sys []
R3 usbohci;Ovladač miniportu otevřeného hostitelského řadiče Microsoft USB; C:\Windows\system32\DRIVERS\usbohci.sys []
R3 vwifibus;Virtual WiFi Bus Driver; C:\Windows\system32\DRIVERS\vwifibus.sys []
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys []
R3 zebrceb;Sony Ericsson Cable Emulation Bus (WDM); C:\Windows\system32\DRIVERS\zebrceb.sys []
S1 VD_FileDisk;VD_FileDisk; C:\Windows\SysWOW64\drivers\VD_FileDisk.sys [2006-01-13 15872]
S3 1394ohci;1394 OHCI Compliant Host Controller; C:\Windows\system32\DRIVERS\1394ohci.sys []
S3 AcpiPmi;ACPI Power Meter Driver; C:\Windows\system32\DRIVERS\acpipmi.sys []
S3 adp94xx;adp94xx; C:\Windows\system32\DRIVERS\adp94xx.sys []
S3 adpahci;adpahci; C:\Windows\system32\DRIVERS\adpahci.sys []
S3 adpu320;adpu320; C:\Windows\system32\DRIVERS\adpu320.sys []
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\DRIVERS\agp440.sys []
S3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys []
S3 akshhl;SafeNet Inc. Sentinel HASP Key; C:\Windows\system32\DRIVERS\akshhl.sys []
S3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys []
S3 amdide;amdide; C:\Windows\system32\DRIVERS\amdide.sys []
S3 AmdK8;AMD K8 Processor Driver; C:\Windows\system32\DRIVERS\amdk8.sys []
S3 AmdPPM;AMD Processor Driver; C:\Windows\system32\DRIVERS\amdppm.sys []
S3 amdsata;amdsata; C:\Windows\system32\DRIVERS\amdsata.sys []
S3 amdsbs;amdsbs; C:\Windows\system32\DRIVERS\amdsbs.sys []
S3 AppID;@%systemroot%\system32\appidsvc.dll,-102; C:\Windows\system32\drivers\appid.sys []
S3 arc;arc; C:\Windows\system32\DRIVERS\arc.sys []
S3 arcsas;arcsas; C:\Windows\system32\DRIVERS\arcsas.sys []
S3 atapi;atapi; C:\Windows\system32\DRIVERS\atapi.sys []
S3 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\DRIVERS\bxvbda.sys []
S3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys []
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\DRIVERS\BrFiltLo.sys []
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\DRIVERS\BrFiltUp.sys []
S3 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\System32\Drivers\Brserid.sys []
S3 BrSerWdm;Brother WDM Serial driver; C:\Windows\System32\Drivers\BrSerWdm.sys []
S3 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\System32\Drivers\BrUsbMdm.sys []
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\System32\Drivers\BrUsbSer.sys []
S3 BTHMODEM;Bluetooth Serial Communications Driver; C:\Windows\system32\DRIVERS\bthmodem.sys []
S3 circlass;Consumer IR Devices; C:\Windows\system32\DRIVERS\circlass.sys []
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys []
S3 ebdrv;Broadcom NetXtreme II 10 GigE VBD; C:\Windows\system32\DRIVERS\evbda.sys []
S3 elxstor;elxstor; C:\Windows\system32\DRIVERS\elxstor.sys []
S3 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\DRIVERS\errdev.sys []
S3 exfat;exFAT File System Driver; C:\Windows\SysWOW64\drivers\exfat.sys []
S3 Filetrace;@%SystemRoot%\system32\drivers\filetrace.sys,-10001; C:\Windows\system32\drivers\filetrace.sys []
S3 FsDepends;@%SystemRoot%\system32\drivers\fsdepends.sys,-10001; C:\Windows\System32\drivers\FsDepends.sys []
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\DRIVERS\gagp30kx.sys []
S3 hcw85cir;Hauppauge Consumer Infrared Receiver; C:\Windows\system32\drivers\hcw85cir.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys []
S3 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\DRIVERS\hidbth.sys []
S3 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\DRIVERS\hidir.sys []
S3 HpSAMD;HpSAMD; C:\Windows\system32\DRIVERS\HpSAMD.sys []
S3 iaStorV;iaStorV; C:\Windows\system32\DRIVERS\iaStorV.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
S3 iirsp;iirsp; C:\Windows\system32\DRIVERS\iirsp.sys []
S3 intelide;intelide; C:\Windows\system32\DRIVERS\intelide.sys []
S3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys []
S3 isapnp;isapnp; C:\Windows\system32\DRIVERS\isapnp.sys []
S3 iScsiPrt;iScsiPort Driver; C:\Windows\system32\DRIVERS\msiscsi.sys []
S3 LSI_FC;LSI_FC; C:\Windows\system32\DRIVERS\lsi_fc.sys []
S3 LSI_SAS;LSI_SAS; C:\Windows\system32\DRIVERS\lsi_sas.sys []
S3 LSI_SAS2;LSI_SAS2; C:\Windows\system32\DRIVERS\lsi_sas2.sys []
S3 LSI_SCSI;LSI_SCSI; C:\Windows\system32\DRIVERS\lsi_scsi.sys []
S3 megasas;megasas; C:\Windows\system32\DRIVERS\megasas.sys []
S3 MegaSR;MegaSR; C:\Windows\system32\DRIVERS\MegaSR.sys []
S3 mpio;mpio; C:\Windows\system32\DRIVERS\mpio.sys []
S3 msahci;msahci; C:\Windows\system32\DRIVERS\msahci.sys []
S3 msdsm;msdsm; C:\Windows\system32\DRIVERS\msdsm.sys []
S3 mshidkmdf;@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100; C:\Windows\System32\drivers\mshidkmdf.sys []
S3 MsRPC;MsRPC; C:\Windows\SysWOW64\drivers\MsRPC.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys []
S3 MTConfig;Microsoft Input Configuration Driver; C:\Windows\system32\DRIVERS\MTConfig.sys []
S3 NdisCap;NDIS Capture LightWeight Filter; C:\Windows\system32\DRIVERS\ndiscap.sys []
S3 nfrd960;nfrd960; C:\Windows\system32\DRIVERS\nfrd960.sys []
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\DRIVERS\nv_agp.sys []
S3 NVNET;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6264.sys []
S3 nvraid;nvraid; C:\Windows\system32\DRIVERS\nvraid.sys []
S3 nvstor;nvstor; C:\Windows\system32\DRIVERS\nvstor.sys []
S3 ohci1394;1394 OHCI Compliant Host Controller (Legacy); C:\Windows\system32\DRIVERS\ohci1394.sys []
S3 ql2300;ql2300; C:\Windows\system32\DRIVERS\ql2300.sys []
S3 ql40xx;ql40xx; C:\Windows\system32\DRIVERS\ql40xx.sys []
S3 QWAVEdrv;@%SystemRoot%\system32\drivers\qwavedrv.sys,-1; C:\Windows\system32\drivers\qwavedrv.sys []
S3 s115bus;Sony Ericsson Device 115 driver (WDM); C:\Windows\system32\DRIVERS\s115bus.sys []
S3 s115mdfl;Sony Ericsson Device 115 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s115mdfl.sys []
S3 s115mdm;Sony Ericsson Device 115 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s115mdm.sys []
S3 s115mgmt;Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s115mgmt.sys []
S3 s115obex;Sony Ericsson Device 115 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s115obex.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys []
S3 s816bus;Sony Ericsson Device 816 driver (WDM); C:\Windows\system32\DRIVERS\s816bus.sys []
S3 s816mdfl;Sony Ericsson Device 816 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s816mdfl.sys []
S3 s816mdm;Sony Ericsson Device 816 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s816mdm.sys []
S3 s816mgmt;Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s816mgmt.sys []
S3 s816nd5;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS); C:\Windows\system32\DRIVERS\s816nd5.sys []
S3 s816obex;Sony Ericsson Device 816 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s816obex.sys []
S3 s816unic;Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM); C:\Windows\system32\DRIVERS\s816unic.sys []
S3 sbp2port;sbp2port; C:\Windows\system32\DRIVERS\sbp2port.sys []
S3 scfilter;@%SystemRoot%\System32\drivers\scfilter.sys,-11; C:\Windows\System32\DRIVERS\scfilter.sys []
S3 sermouse;Serial Mouse Driver; C:\Windows\system32\DRIVERS\sermouse.sys []
S3 sffdisk;Ovladač třídy úložiště SFF; C:\Windows\system32\DRIVERS\sffdisk.sys []
S3 sffp_mmc;Ovladač protokolu úložiště SFF pro konzolu MMC; C:\Windows\system32\DRIVERS\sffp_mmc.sys []
S3 sffp_sd;Ovladač protokolu úložiště SFF pro paměť sběrnici SDBus; C:\Windows\system32\DRIVERS\sffp_sd.sys []
S3 SiSRaid2;SiSRaid2; C:\Windows\system32\DRIVERS\SiSRaid2.sys []
S3 SiSRaid4;SiSRaid4; C:\Windows\system32\DRIVERS\sisraid4.sys []
S3 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys []
S3 stexstor;stexstor; C:\Windows\system32\DRIVERS\stexstor.sys []
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys []
S3 TCPIP6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys []
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys []
S3 tssecsrv;@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101; C:\Windows\System32\DRIVERS\tssecsrv.sys []
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\DRIVERS\uagp35.sys []
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\DRIVERS\uliagpkx.sys []
S3 UmPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys []
S3 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\DRIVERS\usbcir.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\Windows\system32\DRIVERS\usbprint.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS []
S3 usbuhci;Ovladač miniportu univerzálního hostitelského řadiče Microsoft USB; C:\Windows\system32\DRIVERS\usbuhci.sys []
S3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys []
S3 vhdmp;vhdmp; C:\Windows\system32\DRIVERS\vhdmp.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys []
S3 vsmraid;vsmraid; C:\Windows\system32\DRIVERS\vsmraid.sys []
S3 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\DRIVERS\wacompen.sys []
S3 Wd;Wd; C:\Windows\system32\DRIVERS\wd.sys []
S3 WIMMount;WIMMount; C:\Windows\system32\drivers\wimmount.sys [2009-07-14 19008]
S3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys []
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys []
S3 zebrbus;Sony Ericsson Composite Device driver; C:\Windows\system32\DRIVERS\zebrbus.sys []
S3 zebrmdfl;Sony Ericsson Modem Filter; C:\Windows\system32\DRIVERS\zebrmdfl.sys []
S3 zebrmdm;Sony Ericsson Modem Driver; C:\Windows\system32\DRIVERS\zebrmdm.sys []
S3 zebrmdmc;Sony Ericsson mRouter Port (WDM); C:\Windows\system32\DRIVERS\zebrmdmc.sys []
S3 zebrsce;Sony Ericsson PC-Connect Port; C:\Windows\system32\DRIVERS\zebrsce.sys []
S4 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\DRIVERS\crcdisk.sys []
S4 LMIRfsClientNP;LMIRfsClientNP; C:\Windows\SysWOW64\drivers\LMIRfsClientNP.sys []
S4 ws2ifsl;@%systemroot%\System32\drivers\ws2ifsl.sys,-1000; C:\Windows\system32\drivers\ws2ifsl.sys []

[mozzek]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-04-07 810120]
R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 hasplms;Sentinel HASP License Manager; C:\Windows\system32\hasplms.exe -run []
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [2009-09-28 120640]
R2 LogMeIn;LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [2008-08-11 57920]
R2 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe []
R2 PcaSvc;@%SystemRoot%\system32\pcasvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Power;@%SystemRoot%\system32\umpo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 RpcEptMapper;@%windir%\system32\RpcEpMap.dll,-1001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 SysMain;@%SystemRoot%\system32\sysmain.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 WinDefend;@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Wlansvc;@%SystemRoot%\System32\wlansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 2297216]
R2 WSearch;@%systemroot%\system32\SearchIndexer.exe,-103; C:\Windows\system32\SearchIndexer.exe [2009-07-14 428032]
R2 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 HomeGroupProvider;@%SystemRoot%\System32\provsvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe []
R3 netprofm;@%SystemRoot%\system32\netprofm.dll,-202; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R3 WMPNetworkSvc;@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101; C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe []
S2 sppsvc;@%SystemRoot%\system32\sppsvc.exe,-101; C:\Windows\system32\sppsvc.exe []
S3 AppIDSvc;@%systemroot%\system32\appidsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 AxInstSV;@%SystemRoot%\system32\AxInstSV.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BDESVC;@%SystemRoot%\system32\bdesvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 bthserv;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-06-10 66384]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-06-10 89920]
S3 defragsvc;@%SystemRoot%\system32\defragsvc.dll,-101; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 EFS;@%SystemRoot%\system32\efssvc.dll,-100; C:\Windows\System32\lsass.exe []
S3 ehRecvr;@%SystemRoot%\ehome\ehrecvr.exe,-101; C:\Windows\ehome\ehRecvr.exe [2009-07-14 696832]
S3 ehSched;@%SystemRoot%\ehome\ehsched.exe,-101; C:\Windows\ehome\ehsched.exe [2009-07-14 127488]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-04-07 42336]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe []
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2009-06-10 42840]
S3 HomeGroupListener;@%SystemRoot%\System32\ListSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2009-06-10 856384]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OpenVPNService;OpenVPN Service; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [2009-12-12 36352]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 p2pimsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8004; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 p2psvc;@%SystemRoot%\system32\p2psvc.dll,-8006; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2009-07-14 20992]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPAutoReg;@%SystemRoot%\system32\pnrpauto.dll,-8002; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 PNRPsvc;@%SystemRoot%\system32\pnrpsvc.dll,-8000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 QWAVE;@%SystemRoot%\system32\qwave.dll,-1; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SDRSVC;@%SystemRoot%\system32\sdrsvc.dll,-107; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SensrSvc;@%SystemRoot%\System32\sensrsvc.dll,-1000; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe []
S3 sppuinotify;@%SystemRoot%\system32\sppuinotify.dll,-103; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TabletInputService;@%SystemRoot%\system32\TabSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-07-14 194048]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe []
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 VaultSvc;@%SystemRoot%\system32\vaultsvc.dll,-1003; C:\Windows\system32\lsass.exe []
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe []
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe []
S3 WbioSrvc;@%systemroot%\system32\wbiosrvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wcncsvc;@%SystemRoot%\system32\wcncsvc.dll,-3; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WPCSvc;@%SystemRoot%\system32\wpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 WwanSvc;@%SystemRoot%\System32\wwansvc.dll,-257; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 Mcx2Svc;@%SystemRoot%\ehome\ehres.dll,-15501; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetTcpPortSharing;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 116560]

-----------------EOF-----------------

[Caroprd111]

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

• Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe

• Spusťte, poté do spodního políčka vložte následující skript.

Kód: Vybrat vše

 netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys 
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys 
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys 
cdrom.sys 
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav 
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 

• Označte položku Pro všechny uživatele.
• Označte položky Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
• Klikněte na tlačítko Prohledat
• Po dokončení, sem vložte logy OTL.Txt a Extras.txt

[mozzek]

Tak tady to je. Předpokládám, že to nemam delat dvakrat.

OTL logfile created on: 5/13/2010 7:05:50 AM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Michal\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 67.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150.00 Gb Total Space | 118.25 Gb Free Space | 78.83% Space Free | Partition Type: NTFS
Drive D: | 313.75 Gb Total Space | 288.74 Gb Free Space | 92.03% Space Free | Partition Type: NTFS
Drive E: | 539.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 298.09 Gb Total Space | 113.99 Gb Free Space | 38.24% Space Free | Partition Type: NTFS
Drive G: | 50.00 Gb Total Space | 25.02 Gb Free Space | 50.04% Space Free | Partition Type: NTFS
Drive H: | 322.60 Gb Total Space | 118.28 Gb Free Space | 36.66% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: MICHAL-PC
Current User Name: Michal
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - File not found -- C:\Windows\SysWow64\hasplms.exe
PRC - [2010/05/13 07:04:57 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Downloads\OTL.exe
PRC - [2010/04/12 10:40:16 | 000,180,224 | ---- | M] (PowerISO Computing, Inc.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
PRC - [2010/04/07 21:07:24 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010/04/01 19:59:58 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2009/12/21 08:00:50 | 000,081,920 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
PRC - [2009/11/16 17:36:19 | 000,172,792 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ6.5\ICQ.exe
PRC - [2008/03/27 13:30:32 | 000,086,016 | R--- | M] (Popwire AB) -- C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe
PRC - [2007/12/25 15:00:00 | 000,491,520 | R--- | M] (Teleca AB) -- C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe
PRC - [2007/12/25 14:53:20 | 000,548,864 | R--- | M] () -- C:\Program Files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe
PRC - [2007/10/31 14:37:31 | 000,086,016 | ---- | M] (Symbian Software Ltd.) -- C:\Program Files (x86)\Symbian\Shared\SymbianConnectRunTime\SCBAL.exe
PRC - [2007/10/31 14:37:30 | 000,962,560 | ---- | M] (Symbian Software Ltd.) -- C:\Program Files (x86)\Symbian\Shared\SymbianConnectRunTime\SymbianConnectRuntime.exe
PRC - [2006/03/02 11:55:24 | 000,634,947 | ---- | M] (Intuwave Ltd.) -- C:\Program Files (x86)\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe
PRC - [2006/03/02 11:54:16 | 000,290,816 | ---- | M] (Intuwave Ltd.) -- C:\Program Files (x86)\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe


========== Modules (SafeList) ==========

MOD - [2010/05/13 07:04:57 | 000,570,880 | ---- | M] (OldTimer Tools) -- C:\Users\Michal\Downloads\OTL.exe
MOD - [2010/02/14 02:53:56 | 000,210,432 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files\UltraMon\RTSUltraMonHookX32.dll
MOD - [2010/02/14 02:52:06 | 000,325,120 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files\UltraMon\UltraMonResButtons.dll
MOD - [2009/07/14 03:16:18 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\WindowsCodecs.dll
MOD - [2009/07/14 03:15:44 | 002,340,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msi.dll
MOD - [2009/07/14 03:15:07 | 000,486,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\comdlg32.dll
MOD - [2009/07/14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
MOD - [2009/07/14 03:03:50 | 001,624,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/04/07 21:10:42 | 000,042,336 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010/04/07 21:07:24 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2009/12/17 07:10:38 | 003,750,400 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2009/07/14 03:41:59 | 000,229,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2009/07/14 03:41:56 | 000,202,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2009/07/14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009/07/14 03:41:56 | 000,163,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2009/07/14 03:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2009/07/14 03:41:54 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sppuinotify.dll -- (sppuinotify)
SRV:64bit: - [2009/07/14 03:41:54 | 000,029,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2009/07/14 03:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:64bit: - [2009/07/14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2009/07/14 03:41:53 | 000,327,168 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2009/07/14 03:41:53 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2009/07/14 03:41:53 | 000,067,072 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2009/07/14 03:41:53 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:41:18 | 000,231,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2009/07/14 03:40:54 | 001,127,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2009/07/14 03:40:28 | 000,314,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2009/07/14 03:40:28 | 000,291,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2009/07/14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009/07/14 03:40:13 | 000,083,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2009/07/14 03:40:10 | 000,100,864 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2009/07/14 03:40:05 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009/07/14 03:40:01 | 000,032,256 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2009/07/14 03:39:51 | 001,503,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2009/07/14 03:39:28 | 003,524,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2009/07/14 03:39:11 | 000,689,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2009/03/30 17:19:56 | 002,297,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/12/12 01:47:44 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2009/09/28 19:35:04 | 000,120,640 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2009/07/14 05:20:14 | 000,000,000 | ---D | M] [On_Demand | Stopped] -- C:\Windows\Vss -- (VSS)
SRV - [2009/07/14 05:20:14 | 000,000,000 | ---D | M] [Unknown | Stopped] -- C:\Windows\SysWOW64\Msdtc -- (MSDTC) Služba DTC (Distributed Transaction Coordinator)
SRV - [2009/07/14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2009/07/14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2009/07/13 22:30:11 | 000,061,056 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\wbem\vds.mof -- (vds)
SRV - [2009/06/10 22:39:58 | 000,089,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_64)
SRV - [2008/08/11 12:40:58 | 000,057,920 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010/05/06 08:08:41 | 000,845,560 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010/04/12 10:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2010/04/07 21:08:32 | 000,124,760 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010/04/07 21:07:10 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010/04/07 21:03:52 | 000,163,888 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2009/12/17 07:10:48 | 000,130,816 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2009/12/17 07:10:44 | 000,071,040 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2009/12/17 07:10:38 | 000,053,760 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshasp.sys -- (akshasp)
DRV:64bit: - [2009/12/17 07:10:36 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2009/12/17 07:10:34 | 000,025,344 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aksusb.sys -- (aksusb)
DRV:64bit: - [2009/12/17 07:10:32 | 000,056,960 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\akshhl.sys -- (akshhl)
DRV:64bit: - [2009/12/12 01:48:04 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2009/12/11 12:29:27 | 000,153,160 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2009/09/28 19:35:32 | 000,087,384 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2009/09/26 08:20:38 | 000,223,448 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:48:04 | 000,014,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2009/07/14 03:47:49 | 000,055,376 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:56 | 000,022,096 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2009/07/14 03:45:55 | 000,217,680 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2009/07/14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009/07/14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009/07/14 03:45:55 | 000,036,432 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vdrvroot.sys -- (vdrvroot)
DRV:64bit: - [2009/07/14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 03:45:46 | 000,214,096 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2009/07/14 03:45:45 | 000,050,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2009/07/14 03:43:14 | 000,460,504 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2009/07/14 02:17:46 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2009/07/14 02:16:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV:64bit: - [2009/07/14 02:10:24 | 000,060,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV:64bit: - [2009/07/14 02:09:26 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wfplwf.sys -- (WfpLwf)
DRV:64bit: - [2009/07/14 02:08:13 | 000,035,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2009/07/14 02:07:22 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:64bit: - [2009/07/14 02:07:21 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2009/07/14 02:07:13 | 000,227,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\1394ohci.sys -- (1394ohci)
DRV:64bit: - [2009/07/14 02:07:00 | 000,350,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HdAudio.sys -- (HdAudAddService)
DRV:64bit: - [2009/07/14 02:06:52 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\umpass.sys -- (UmPass)
DRV:64bit: - [2009/07/14 02:06:24 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2009/07/14 02:05:37 | 000,112,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2009/07/14 02:02:08 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MTConfig.sys -- (MTConfig)
DRV:64bit: - [2009/07/14 02:00:34 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2009/07/14 02:00:13 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2009/07/14 01:52:39 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2009/07/14 01:50:17 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2009/07/14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009/07/14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009/07/14 01:37:18 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\discache.sys -- (discache)
DRV:64bit: - [2009/07/14 01:31:06 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hidbatt.sys -- (HidBatt)
DRV:64bit: - [2009/07/14 01:31:03 | 000,017,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CmBatt.sys -- (CmBatt)
DRV:64bit: - [2009/07/14 01:27:17 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipmi.sys -- (AcpiPmi)
DRV:64bit: - [2009/07/14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009/07/14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/07/14 01:19:25 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdppm.sys -- (AmdPPM)
DRV:64bit: - [2009/06/10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/19 16:19:38 | 000,339,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009/04/29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2008/08/11 12:40:58 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2008/08/11 12:40:32 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2008/01/15 10:42:24 | 000,120,832 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zebrsce.sys -- (zebrsce)
DRV:64bit: - [2008/01/15 10:42:22 | 000,145,408 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zebrmdmc.sys -- (zebrmdmc) Sony Ericsson mRouter Port (WDM)
DRV:64bit: - [2008/01/15 10:42:22 | 000,145,408 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zebrmdm.sys -- (zebrmdm)
DRV:64bit: - [2008/01/15 10:42:22 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zebrmdfl.sys -- (zebrmdfl)
DRV:64bit: - [2008/01/15 10:42:20 | 000,108,544 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\zebrbus.sys -- (zebrbus)
DRV:64bit: - [2008/01/15 10:42:20 | 000,081,280 | ---- | M] (MCCI) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\zebrceb.sys -- (zebrceb) Sony Ericsson Cable Emulation Bus (WDM)
DRV:64bit: - [2007/06/19 09:50:54 | 000,143,400 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s816mdm.sys -- (s816mdm)
DRV:64bit: - [2007/06/19 09:50:54 | 000,129,064 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s816unic.sys -- (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM)
DRV:64bit: - [2007/06/19 09:50:54 | 000,124,968 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s816mgmt.sys -- (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2007/06/19 09:50:54 | 000,121,896 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s816obex.sys -- (s816obex)
DRV:64bit: - [2007/06/19 09:50:54 | 000,030,248 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s816nd5.sys -- (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS)
DRV:64bit: - [2007/06/19 09:50:48 | 000,018,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s816mdfl.sys -- (s816mdfl)
DRV:64bit: - [2007/06/19 09:50:46 | 000,107,048 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s816bus.sys -- (s816bus) Sony Ericsson Device 816 driver (WDM)
DRV:64bit: - [2007/04/23 16:54:40 | 000,126,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2007/04/23 16:54:40 | 000,123,656 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115obex.sys -- (s115obex)
DRV:64bit: - [2007/04/23 16:54:38 | 000,144,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdm.sys -- (s115mdm)
DRV:64bit: - [2007/04/23 16:54:36 | 000,019,720 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115mdfl.sys -- (s115mdfl)
DRV:64bit: - [2007/04/23 16:54:32 | 000,108,296 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)
DRV - [2009/08/21 00:28:15 | 000,000,000 | ---D | M] [Kernel | System | Running] -- C:\Windows\CSC -- (CSC)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/14 03:16:02 | 000,014,336 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysWOW64\netbios.dll -- (NetBIOS)
DRV - [2009/06/10 23:43:20 | 000,144,862 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\tpm.msc -- (TPM)
DRV - [2009/06/10 23:28:14 | 000,001,088 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\wbem\mpsdrv.mof -- (mpsdrv)
DRV - [2009/06/10 23:15:18 | 000,003,066 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysWOW64\wbem\tcpip.mof -- (Tcpip)
DRV - [2008/11/14 02:11:42 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)
DRV - [2008/08/11 12:41:00 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys -- (LMIInfo)
DRV - [2006/01/13 15:00:52 | 000,015,872 | ---- | M] (Flint Incorporation) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\vd_filedisk.sys -- (VD_FileDisk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-132761946-1395082400-2933450287-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.ts.fujitsu.com/index2
IE - HKU\S-1-5-21-132761946-1395082400-2933450287-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.flashget.com/
IE - HKU\S-1-5-21-132761946-1395082400-2933450287-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz/"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.8
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11
FF - prefs.js..extensions.enabledItems: foxmarks@kei.com:3.6.14
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.4.14.1
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.1.21
FF - prefs.js..extensions.enabledItems: {7b13ec3e-999a-4b70-b9cb-2617b8323822}:2.5.8.6

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010/04/30 16:27:16 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010/05/10 07:44:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010/05/03 13:37:23 | 000,000,000 | ---D | M]

[2010/04/30 16:27:24 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Mozilla\Extensions
[2010/05/12 07:34:17 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\dwcljphz.default\extensions
[2010/05/03 12:59:23 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\dwcljphz.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2010/05/03 16:36:47 | 000,000,000 | ---D | M] (FlashGot) -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\dwcljphz.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2010/05/03 13:04:06 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\dwcljphz.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/05/03 19:57:52 | 000,000,000 | ---D | M] (Zynga Toolbar) -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\dwcljphz.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2010/05/03 12:59:23 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\dwcljphz.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010/05/03 12:59:23 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\dwcljphz.default\extensions\foxmarks@kei.com
[2010/05/03 15:58:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/05/03 12:53:16 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2010/04/01 18:51:34 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010/04/01 18:51:34 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010/04/01 18:51:34 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010/04/01 18:51:34 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010/04/01 18:51:34 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files (x86)\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (Pomocná služba pro přihlášení ke službě Windows Live ID) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files (x86)\FlashGet\getflash.dll (www.flashget.com)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (FlashGet Bar) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\fgiebar.dll (Amaze Soft)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Common Files\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Flashget] C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O4 - HKLM..\Run: [PC Suite for Smartphones] C:\Program Files (x86)\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [PWRISOVM.EXE] C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
O4 - HKLM..\Run: [TC UP] C:\Program Files (x86)\TC UP\TC UP.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-132761946-1395082400-2933450287-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-132761946-1395082400-2933450287-1000..\Run: [mRouterConfig] C:\Program Files (x86)\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe (Intuwave Ltd.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = C:\Program Files (x86)\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LaunchCenter.lnk = C:\Program Files (x86)\Fujitsu\LaunchCenter\LaunchCenter.exe (Fujitsu Technology Solutions)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
O8:64bit: - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
O8:64bit: - Extra context menu item: 使用快车3下载 - C:\Users\Michal\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8:64bit: - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Michal\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O8 - Extra context menu item: &Stáhnout &vše FlashGetem - C:\Program Files (x86)\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Stáhnout FlashGetem - C:\Program Files (x86)\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: 使用快车3下载 - C:\Users\Michal\AppData\Roaming\FlashGetBHO\GetUrl.htm ()
O8 - Extra context menu item: 使用快车3下载全部链接 - C:\Users\Michal\AppData\Roaming\FlashGetBHO\GetAllUrl.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files (x86)\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files (x86)\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-132761946-1395082400-2933450287-1000\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 10.0.1.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/04/11 09:58:56 | 000,000,040 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{866228e9-54a1-11df-8b63-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{866228e9-54a1-11df-8b63-806e6f6e6963}\Shell\AutoRun\command - "" = E:\start.exe -- [2007/08/15 09:19:39 | 000,046,728 | R--- | M] (Teleca AB)
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\autorun.exe -- File not found
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\steambackup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: Ias - C:\Windows\SysNative\ias [2009/07/14 05:20:14 | 000,000,000 | ---D | M]
NetSvcs:64bit: Irmon - C:\Windows\SysNative\irmon.dll (Microsoft Corporation)
NetSvcs:64bit: Wmi - C:\Windows\SysNative\wmi.dll (Microsoft Corporation)
NetSvcs:64bit: Themes - C:\Windows\SysNative\themeservice.dll (Microsoft Corporation)
NetSvcs:64bit: BDESVC - C:\Windows\SysNative\bdesvc.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
NetSvcs: Ias - C:\Windows\SysWOW64\ias.dll (Microsoft Corporation)
NetSvcs: Wmi - C:\Windows\SysWOW64\wmi.dll (Microsoft Corporation)

Drivers32:64bit: aux - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midi - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: midimapper - C:\Windows\SysNative\midimap.dll (Microsoft Corporation)
Drivers32:64bit: mixer - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: msacm.imaadpcm - C:\Windows\SysNative\imaadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.l3acm - C:\Windows\SysNative\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: msacm.msadpcm - C:\Windows\SysNative\msadp32.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msg711 - C:\Windows\SysNative\msg711.acm (Microsoft Corporation)
Drivers32:64bit: msacm.msgsm610 - C:\Windows\SysNative\msgsm32.acm (Microsoft Corporation)
Drivers32:64bit: vidc.i420 - C:\Windows\SysNative\iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.iyuv - C:\Windows\SysNative\iyuv_32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.mrle - C:\Windows\SysNative\msrle32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.msvc - C:\Windows\SysNative\msvidc32.dll (Microsoft Corporation)
Drivers32:64bit: vidc.uyvy - C:\Windows\SysNative\msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yuy2 - C:\Windows\SysNative\msyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvu9 - C:\Windows\SysNative\tsbyuv.dll (Microsoft Corporation)
Drivers32:64bit: vidc.yvyu - C:\Windows\SysNative\msyuv.dll (Microsoft Corporation)
Drivers32:64bit: wave - C:\Windows\SysNative\wdmaud.drv (Microsoft Corporation)
Drivers32:64bit: wavemapper - C:\Windows\SysNative\msacm32.drv (Microsoft Corporation)
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Program Files (x86)\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()

[mozzek]

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010/05/12 12:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Aladdin Shared
[2010/05/12 12:47:47 | 003,750,400 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\hasplms.exe
[2010/05/12 12:45:34 | 000,000,000 | ---D | C] -- C:\hsp
[2010/05/12 12:44:50 | 001,845,243 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysWow64\haspds_windows.dll
[2010/05/12 07:17:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\trend micro
[2010/05/12 07:17:39 | 000,000,000 | ---D | C] -- C:\rsit
[2010/05/10 13:02:39 | 000,000,000 | ---D | C] -- C:\Users\Michal\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C}
[2010/05/10 07:43:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010/05/10 07:43:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2010/05/07 17:26:00 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\storage
[2010/05/07 17:25:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010/05/07 16:54:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2010/05/07 16:37:32 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
[2010/05/07 16:37:30 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010/05/06 07:59:30 | 000,845,560 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2010/05/05 15:26:01 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\WinRAR
[2010/05/05 15:25:37 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010/05/05 15:19:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson USB
[2010/05/05 14:57:19 | 000,000,000 | ---D | C] -- C:\drivers k750
[2010/05/05 13:17:23 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\MyPhoneExplorer
[2010/05/05 13:17:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyPhoneExplorer
[2010/05/05 13:09:47 | 000,030,248 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s816nd5.sys
[2010/05/05 13:09:38 | 000,121,896 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s816obex.sys
[2010/05/05 13:09:19 | 000,018,472 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s816mdfl.sys
[2010/05/05 13:09:18 | 000,143,400 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s816mdm.sys
[2010/05/05 13:09:06 | 000,124,968 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s816mgmt.sys
[2010/05/05 13:09:06 | 000,013,864 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s816cmnt.sys
[2010/05/05 13:09:06 | 000,013,864 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s816cm.sys
[2010/05/05 13:08:53 | 000,129,064 | ---- | C] (MCCI) -- C:\Windows\SysNative\drivers\s816unic.sys
[2010/05/05 13:08:53 | 000,012,840 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s816cr.sys
[2010/05/05 13:08:20 | 000,014,376 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s816whnt.sys
[2010/05/05 13:08:20 | 000,014,376 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s816wh.sys
[2010/05/05 12:55:47 | 000,145,408 | ---- | C] (MCCI) -- C:\Windows\SysNative\drivers\zebrmdm.sys
[2010/05/05 12:55:47 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrcmnt.sys
[2010/05/05 12:55:47 | 000,014,848 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrcm.sys
[2010/05/05 12:55:46 | 000,120,832 | ---- | C] (MCCI) -- C:\Windows\SysNative\drivers\zebrsce.sys
[2010/05/05 12:55:45 | 000,145,408 | ---- | C] (MCCI) -- C:\Windows\SysNative\drivers\zebrmdmc.sys
[2010/05/05 12:55:43 | 000,018,944 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrmdfl.sys
[2010/05/05 12:55:41 | 000,108,544 | ---- | C] (MCCI) -- C:\Windows\SysNative\drivers\zebrbus.sys
[2010/05/05 12:55:41 | 000,081,280 | ---- | C] (MCCI) -- C:\Windows\SysNative\drivers\zebrceb.sys
[2010/05/05 12:55:41 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrwhnt.sys
[2010/05/05 12:55:41 | 000,015,360 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\zebrwh.sys
[2010/05/05 12:55:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Teleca Shared
[2010/05/05 12:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intuwave
[2010/05/05 12:54:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2010/05/05 12:54:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Symbian
[2010/05/05 12:54:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2010/05/05 12:54:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Ericsson Shared
[2010/05/05 12:54:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Teleca
[2010/05/04 12:34:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
[2010/05/04 12:34:35 | 000,145,408 | ---- | C] (Hewlett-Packard Corporation) -- C:\Windows\SysNative\hpcpn6de.dll
[2010/05/04 12:32:58 | 000,000,000 | ---D | C] -- C:\HP CLJ3600 Driver
[2010/05/04 11:18:48 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Teleca
[2010/05/04 11:13:42 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Ericsson
[2010/05/04 11:12:26 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Sony Ericsson
[2010/05/04 11:12:26 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Sony Ericsson
[2010/05/04 11:12:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Teleca Shared
[2010/05/04 11:12:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
[2010/05/04 11:11:18 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010/05/03 19:22:28 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\4A Games
[2010/05/03 19:22:21 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\NVIDIA
[2010/05/03 19:21:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2010/05/03 19:20:20 | 000,530,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_6.dll
[2010/05/03 19:20:20 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_6.dll
[2010/05/03 19:20:20 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_6.dll
[2010/05/03 19:20:20 | 000,176,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_6.dll
[2010/05/03 19:20:20 | 000,078,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_4.dll
[2010/05/03 19:20:20 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_4.dll
[2010/05/03 19:20:20 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_7.dll
[2010/05/03 19:20:20 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_7.dll
[2010/05/03 19:20:19 | 000,517,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_5.dll
[2010/05/03 19:20:19 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010/05/03 19:20:18 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2010/05/03 19:20:18 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2010/05/03 19:20:18 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2010/05/03 19:20:18 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2010/05/03 19:20:18 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_5.dll
[2010/05/03 19:20:18 | 000,176,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_5.dll
[2010/05/03 19:20:17 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010/05/03 19:20:17 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010/05/03 19:20:17 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2010/05/03 19:20:17 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2010/05/03 19:20:16 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010/05/03 19:20:16 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010/05/03 19:20:16 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2010/05/03 19:20:16 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010/05/03 19:20:16 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2010/05/03 19:20:16 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010/05/03 19:20:16 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010/05/03 19:20:16 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010/05/03 19:20:15 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010/05/03 19:20:15 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010/05/03 19:20:15 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010/05/03 19:20:15 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010/05/03 19:20:15 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010/05/03 19:20:15 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010/05/03 19:20:14 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010/05/03 19:20:14 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010/05/03 19:20:14 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010/05/03 19:20:14 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010/05/03 19:20:14 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010/05/03 19:20:14 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010/05/03 19:20:14 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010/05/03 19:20:14 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010/05/03 19:20:14 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010/05/03 19:20:14 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010/05/03 19:20:14 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010/05/03 19:20:14 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010/05/03 19:20:13 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010/05/03 19:20:13 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010/05/03 19:20:13 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010/05/03 19:20:13 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010/05/03 19:20:13 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010/05/03 19:20:13 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010/05/03 19:20:13 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010/05/03 19:20:13 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010/05/03 19:20:12 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010/05/03 19:20:12 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010/05/03 19:20:12 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010/05/03 19:20:12 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010/05/03 19:20:12 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010/05/03 19:20:12 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010/05/03 19:20:12 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010/05/03 19:20:12 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010/05/03 19:20:11 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010/05/03 19:20:11 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010/05/03 19:20:11 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010/05/03 19:20:11 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010/05/03 19:20:11 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010/05/03 19:20:11 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010/05/03 19:20:11 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010/05/03 19:20:11 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010/05/03 19:20:11 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010/05/03 19:20:11 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010/05/03 19:20:11 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010/05/03 19:20:11 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010/05/03 19:20:10 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010/05/03 19:20:10 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010/05/03 19:20:10 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010/05/03 19:20:10 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010/05/03 19:20:10 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010/05/03 19:20:10 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010/05/03 19:20:10 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010/05/03 19:20:10 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010/05/03 19:20:09 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010/05/03 19:20:09 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010/05/03 19:20:09 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010/05/03 19:20:09 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010/05/03 19:20:09 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010/05/03 19:20:09 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010/05/03 19:20:09 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010/05/03 19:20:09 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010/05/03 19:20:08 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010/05/03 19:20:08 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010/05/03 19:20:08 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010/05/03 19:20:08 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010/05/03 19:20:08 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010/05/03 19:20:08 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010/05/03 19:20:08 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010/05/03 19:20:08 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010/05/03 19:20:07 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010/05/03 19:20:07 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010/05/03 19:20:07 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010/05/03 19:20:07 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010/05/03 19:20:07 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010/05/03 19:20:07 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010/05/03 19:20:07 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010/05/03 19:20:07 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010/05/03 19:20:07 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010/05/03 19:20:07 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010/05/03 19:20:07 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010/05/03 19:20:07 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010/05/03 19:20:07 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010/05/03 19:20:07 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010/05/03 19:20:06 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010/05/03 19:20:06 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010/05/03 19:20:06 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010/05/03 19:20:06 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010/05/03 19:20:06 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010/05/03 19:20:06 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010/05/03 19:20:06 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010/05/03 19:20:06 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010/05/03 19:20:06 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010/05/03 19:20:06 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010/05/03 19:20:05 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010/05/03 19:20:05 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010/05/03 19:20:05 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010/05/03 19:20:05 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010/05/03 19:20:05 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010/05/03 19:20:05 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010/05/03 19:20:05 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010/05/03 19:20:05 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010/05/03 19:20:04 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010/05/03 19:20:04 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010/05/03 19:20:04 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010/05/03 19:20:04 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010/05/03 19:18:39 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010/05/03 19:18:39 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010/05/03 19:18:38 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010/05/03 19:18:38 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010/05/03 19:18:38 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010/05/03 19:18:38 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010/05/03 19:18:38 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010/05/03 19:18:38 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010/05/03 19:18:38 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010/05/03 19:18:38 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010/05/03 19:18:38 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010/05/03 19:18:36 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010/05/03 19:18:36 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010/05/03 19:18:32 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010/05/03 19:18:32 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010/05/03 19:18:32 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010/05/03 19:18:32 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010/05/03 19:18:32 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010/05/03 19:18:32 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010/05/03 19:18:31 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010/05/03 19:18:31 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010/05/03 19:18:30 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010/05/03 19:18:30 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010/05/03 19:18:29 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010/05/03 19:18:29 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010/05/03 19:18:28 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010/05/03 19:18:28 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010/05/03 19:18:28 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010/05/03 19:18:28 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010/05/03 19:18:27 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010/05/03 19:18:27 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010/05/03 18:31:26 | 000,091,568 | ---- | C] (PowerISO Computing, Inc.) -- C:\Windows\SysNative\drivers\scdemu.sys
[2010/05/03 18:31:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PowerISO
[2010/05/03 17:49:05 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\LogMeIn
[2010/05/03 17:49:05 | 000,000,000 | ---D | C] -- C:\ProgramData\LogMeIn
[2010/05/03 17:49:03 | 000,029,496 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2010/05/03 17:49:02 | 000,087,384 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2010/05/03 17:49:02 | 000,072,216 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys
[2010/05/03 17:49:00 | 000,080,696 | ---- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2010/05/03 17:48:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn
[2010/05/03 17:37:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\APEX gaming technology a.s
[2010/05/03 17:25:52 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\FlashGet
[2010/05/03 17:25:52 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\BITS
[2010/05/03 17:25:46 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\FlashGetBHO
[2010/05/03 16:44:44 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010/05/03 16:44:20 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\PassMark
[2010/05/03 16:44:10 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\PassMark
[2010/05/03 16:44:09 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010/05/03 16:44:04 | 000,000,000 | ---D | C] -- C:\Program Files\PerformanceTest
[2010/05/03 16:43:23 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Logitech
[2010/05/03 16:43:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2010/05/03 16:43:14 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logitech
[2010/05/03 16:43:13 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2010/05/03 16:33:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FlashGet
[2010/05/03 16:26:41 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\GRETECH
[2010/05/03 16:26:41 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\GomPlayer
[2010/05/03 16:24:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GRETECH
[2010/05/03 16:19:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combined Community Codec Pack
[2010/05/03 16:14:22 | 000,455,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2010/05/03 16:14:22 | 000,182,784 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2010/05/03 16:14:22 | 000,165,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2010/05/03 16:14:22 | 000,165,888 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2010/05/03 16:14:14 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2010/05/03 13:58:20 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2010/05/03 13:57:39 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\ICQ
[2010/05/03 13:57:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6.5
[2010/05/03 13:51:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010/05/03 13:51:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010/05/03 13:49:59 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010/05/03 13:42:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenVPN
[2010/05/03 13:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010/05/03 13:37:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2010/05/03 13:37:23 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/05/03 13:32:30 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2010/05/03 13:25:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010/05/03 12:53:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010/05/03 12:53:23 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010/05/03 12:51:58 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Macromedia
[2010/05/03 12:51:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2010/05/03 11:56:43 | 000,000,000 | ---D | C] -- C:\vltnet
[2010/05/03 11:55:13 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\Square Enix
[2010/05/03 11:55:13 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\Předávací protokol EDP
[2010/05/03 11:55:13 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\BioWare
[2010/05/03 11:55:13 | 000,000,000 | ---D | C] -- C:\Users\Michal\Documents\4A Games
[2010/05/03 11:50:03 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Realtime Soft
[2010/05/03 11:50:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Realtime Soft
[2010/05/03 11:49:59 | 000,000,000 | ---D | C] -- C:\Program Files\UltraMon
[2010/05/03 11:49:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Realtime Soft
[2010/05/03 11:44:01 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Diagnostics
[2010/05/03 11:41:14 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\GHISLER
[2010/05/03 11:37:17 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Adobe
[2010/05/03 11:36:33 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Google
[2010/05/03 11:36:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010/05/03 11:29:51 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\HEXelon
[2010/05/03 11:29:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TC UP
[2010/05/03 11:24:20 | 005,509,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2010/05/03 11:24:20 | 003,954,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2010/05/03 11:24:20 | 003,899,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2010/05/03 11:24:16 | 000,612,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2010/05/03 11:24:16 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\vbscript.dll
[2010/05/03 11:24:15 | 014,629,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010/05/03 11:24:13 | 011,406,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010/05/03 11:24:12 | 012,625,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010/05/03 11:24:12 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010/05/03 11:24:12 | 001,975,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CertEnroll.dll
[2010/05/03 11:24:12 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CertEnroll.dll
[2010/05/03 11:23:25 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2010/05/03 11:23:25 | 000,422,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2010/05/03 11:23:25 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2010/05/03 11:23:25 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2010/05/03 11:23:25 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2010/05/03 11:23:25 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2010/05/03 11:23:25 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2010/05/03 11:23:25 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2010/05/03 11:23:25 | 000,306,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2010/05/03 11:23:25 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2010/05/03 11:23:25 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2010/05/03 11:23:25 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2010/05/03 11:23:25 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2010/05/03 11:23:25 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2010/05/03 11:23:25 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2010/05/03 11:23:25 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2010/05/03 11:23:20 | 000,366,080 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010/05/03 11:23:20 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010/05/03 11:23:20 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/05/03 11:23:20 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010/05/03 11:23:20 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fontsub.dll
[2010/05/03 11:23:20 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fontsub.dll
[2010/05/03 11:23:18 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010/05/03 11:23:18 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2010/05/03 11:23:18 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2010/05/03 11:23:12 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2010/05/03 11:23:12 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2010/05/03 11:23:12 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2010/05/03 11:23:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2010/05/03 11:23:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2010/05/03 11:23:12 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2010/05/03 11:22:45 | 001,192,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wininet.dll
[2010/05/03 11:22:45 | 001,026,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstime.dll
[2010/05/03 11:22:45 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstime.dll
[2010/05/03 11:22:45 | 000,445,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iedkcs32.dll
[2010/05/03 11:22:45 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iedkcs32.dll
[2010/05/03 11:22:44 | 000,977,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wininet.dll
[2010/05/03 11:22:44 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedsbs.dll
[2010/05/03 11:22:44 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedsbs.dll
[2010/05/03 11:22:30 | 000,223,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fvevol.sys
[2010/05/03 11:22:25 | 001,572,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2010/05/03 11:22:25 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2010/05/03 11:22:25 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\avifil32.dll
[2010/05/03 11:22:25 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciavi32.dll
[2010/05/03 11:22:25 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iyuv_32.dll
[2010/05/03 11:22:25 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msvidc32.dll
[2010/05/03 11:22:25 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msyuv.dll
[2010/05/03 11:22:25 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrle32.dll
[2010/05/03 11:22:25 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsbyuv.dll
[2010/05/03 11:22:10 | 000,852,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2010/05/03 11:22:10 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2010/05/03 11:22:08 | 001,446,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2010/05/03 11:22:08 | 000,153,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ksecpkg.sys
[2010/05/03 11:21:42 | 000,960,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\CPFilters.dll
[2010/05/03 11:21:42 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\CPFilters.dll
[2010/05/03 11:21:42 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2010/05/03 11:21:42 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdri.dll
[2010/05/03 11:21:42 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MSNP.ax
[2010/05/03 11:21:42 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSNP.ax
[2010/05/03 11:21:41 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2010/05/03 11:21:12 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msasn1.dll
[2010/04/30 23:49:15 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\PATH_LOGS
[2010/04/30 23:48:02 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010/04/30 23:47:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2010/04/30 23:46:17 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010/04/30 23:46:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2010/04/30 23:45:34 | 000,658,536 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvuninst.exe
[2010/04/30 16:50:30 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2010/04/30 16:50:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010/04/30 16:27:18 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Mozilla
[2010/04/30 16:27:18 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Mozilla
[2010/04/30 16:27:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010/04/30 16:17:10 | 000,000,000 | R--D | C] -- C:\Users\Michal\Searches
[2010/04/30 16:17:02 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Identities
[2010/04/30 16:17:00 | 000,000,000 | R--D | C] -- C:\Users\Michal\Contacts
[2010/04/30 16:16:59 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\VirtualStore
[2010/04/30 16:16:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Fujitsu
[2010/04/30 16:16:27 | 000,000,000 | ---D | C] -- C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[2010/04/30 16:16:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Activation Assistant for the 2007 Microsoft Office suites
[2010/04/30 16:16:22 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Seven Zip
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\AppData\Local\Temporary Internet Files
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Soubory cookie
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\SendTo
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Šablony
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Poslední
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Okolní tiskárny
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Okolní síť
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Documents\Obrázky
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Nabídka Start
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Local Settings
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Documents\Hudba
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\AppData\Local\History
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Documents\Filmy
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Dokumenty
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\Data aplikací
[2010/04/30 16:16:10 | 000,000,000 | -HSD | C] -- C:\Users\Michal\AppData\Local\Data aplikací
[2010/04/30 16:16:08 | 000,000,000 | --SD | C] -- C:\Users\Michal\AppData\Roaming\Microsoft
[2010/04/30 16:16:08 | 000,000,000 | R--D | C] -- C:\Users\Michal\Videos
[2010/04/30 16:16:08 | 000,000,000 | R--D | C] -- C:\Users\Michal\Saved Games
[2010/04/30 16:16:08 | 000,000,000 | R--D | C] -- C:\Users\Michal\Pictures
[2010/04/30 16:16:08 | 000,000,000 | R--D | C] -- C:\Users\Michal\Music
[2010/04/30 16:16:08 | 000,000,000 | R--D | C] -- C:\Users\Michal\Links
[2010/04/30 16:16:08 | 000,000,000 | R--D | C] -- C:\Users\Michal\Favorites
[2010/04/30 16:16:08 | 000,000,000 | R--D | C] -- C:\Users\Michal\Downloads
[2010/04/30 16:16:08 | 000,000,000 | R--D | C] -- C:\Users\Michal\Dokumenty
[2010/04/30 16:16:08 | 000,000,000 | R--D | C] -- C:\Users\Michal\Desktop
[2010/04/30 16:16:08 | 000,000,000 | -H-D | C] -- C:\Users\Michal\AppData
[2010/04/30 16:16:08 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Temp
[2010/04/30 16:16:08 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Microsoft Help
[2010/04/30 16:16:08 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Microsoft
[2010/04/30 16:16:08 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Roaming\Media Center Programs
[2010/04/30 16:16:08 | 000,000,000 | ---D | C] -- C:\Users\Michal\AppData\Local\Adobe
[2010/04/30 16:11:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010/04/30 15:00:29 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2010/04/30 15:00:29 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wintrust.dll
[2010/04/30 15:00:28 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cabview.dll
[2010/04/30 15:00:28 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cabview.dll
[2010/04/30 14:54:24 | 000,608,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\COMCTL32.OCX
[2010/04/30 14:54:24 | 000,164,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\COMCT232.OCX
[2010/04/30 14:53:03 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/05/13 07:06:52 | 001,310,720 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT
[2010/05/13 07:01:49 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010/05/13 07:01:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/05/13 07:01:41 | 3219,984,384 | -HS- | M] () -- C:\hiberfil.sys
[2010/05/12 16:00:43 | 001,129,111 | -H-- | M] () -- C:\Users\Michal\AppData\Local\IconCache.db
[2010/05/12 15:23:52 | 000,001,279 | ---- | M] () -- C:\Users\Michal\Desktop\ID592766207.v2c
[2010/05/12 15:23:49 | 000,001,279 | ---- | M] () -- C:\Users\Michal\Desktop\ID75245982.v2c
[2010/05/12 14:22:03 | 000,001,279 | ---- | M] () -- C:\Users\Michal\Desktop\ID1747821500.v2c
[2010/05/12 14:10:23 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010/05/12 14:10:23 | 000,009,712 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010/05/12 12:52:40 | 000,006,260 | ---- | M] () -- C:\Users\Michal\Desktop\ID592766207.c2v
[2010/05/12 12:51:58 | 000,006,260 | ---- | M] () -- C:\Users\Michal\Desktop\ID1747821500.c2v
[2010/05/12 12:51:25 | 000,006,260 | ---- | M] () -- C:\Users\Michal\Desktop\ID75245982.c2v
[2010/05/12 08:00:57 | 000,001,423 | ---- | M] () -- C:\Users\Michal\Desktop\gu – zástupce.lnk
[2010/05/12 07:03:52 | 000,005,376 | ---- | M] () -- C:\Users\Michal\Documents\cc_20100512_070346.reg
[2010/05/11 11:46:25 | 000,028,160 | ---- | M] () -- C:\Users\Michal\Documents\eurobar.xls
[2010/05/11 11:45:30 | 000,220,160 | ---- | M] () -- C:\Users\Michal\Documents\Vypis madlo.xls
[2010/05/11 09:47:59 | 000,073,781 | ---- | M] () -- C:\Users\Michal\Documents\Vypis madlo.xlsx
[2010/05/11 08:45:52 | 000,579,072 | ---- | M] () -- C:\Users\Michal\Desktop\ROYAL GAMES.xls
[2010/05/11 08:29:13 | 000,425,984 | ---- | M] () -- C:\Users\Michal\Desktop\KAJOT.xls
[2010/05/11 07:30:03 | 001,560,576 | ---- | M] () -- C:\Users\Michal\Desktop\MULTILOTTO 11.12.2009.xls
[2010/05/10 16:21:16 | 001,454,258 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/05/10 16:21:16 | 000,625,676 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010/05/10 16:21:16 | 000,609,896 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/05/10 16:21:16 | 000,119,794 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010/05/10 16:21:16 | 000,104,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/05/10 13:33:42 | 000,016,187 | ---- | M] () -- C:\Users\Michal\Documents\Royal naše verze.xlsx
[2010/05/10 13:33:42 | 000,000,165 | -H-- | M] () -- C:\Users\Michal\Documents\~$Royal naše verze.xlsx
[2010/05/10 13:21:33 | 000,037,888 | ---- | M] () -- C:\Users\Michal\Documents\Royal Vlček verze.xls
[2010/05/10 13:20:36 | 000,024,576 | ---- | M] () -- C:\Users\Michal\Documents\Royal Moučková verze.xls
[2010/05/10 13:20:02 | 000,023,040 | ---- | M] () -- C:\Users\Michal\Documents\Royal Matušík verze.xls
[2010/05/10 13:19:37 | 000,026,624 | ---- | M] () -- C:\Users\Michal\Documents\Royal Mařan verze.xls
[2010/05/10 13:19:10 | 000,025,088 | ---- | M] () -- C:\Users\Michal\Documents\Royal Mach verze.xls
[2010/05/10 13:18:44 | 000,023,040 | ---- | M] () -- C:\Users\Michal\Documents\Royal Buršík verze.xls
[2010/05/10 13:18:15 | 000,025,600 | ---- | M] () -- C:\Users\Michal\Documents\Royal Hajný verze.xls
[2010/05/10 13:17:44 | 000,024,064 | ---- | M] () -- C:\Users\Michal\Documents\Royal Harák verze.xls
[2010/05/10 13:17:09 | 000,027,648 | ---- | M] () -- C:\Users\Michal\Documents\Royal Kombo verze.xls
[2010/05/10 13:16:33 | 000,027,648 | ---- | M] () -- C:\Users\Michal\Documents\Royal Kovařík verze.xls
[2010/05/10 12:43:41 | 000,000,165 | -H-- | M] () -- C:\Users\Michal\Desktop\~$EDP dodane 22.3.2010.xlsx
[2010/05/10 07:44:43 | 000,002,020 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/05/07 12:53:24 | 000,028,160 | ---- | M] () -- C:\Users\Michal\Documents\PAVLICA_A.doc
[2010/05/06 08:08:41 | 000,845,560 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\SysNative\drivers\sptd.sys
[2010/05/05 16:56:46 | 000,001,033 | ---- | M] () -- C:\Users\Michal\Desktop\JustCause2 – zástupce.lnk
[2010/05/05 14:06:49 | 000,001,013 | ---- | M] () -- C:\Users\Michal\Desktop\FlashGet.lnk
[2010/05/05 13:27:15 | 001,470,766 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/05/05 13:17:15 | 000,002,097 | ---- | M] () -- C:\Users\Michal\Desktop\MyPhoneExplorer.lnk
[2010/05/05 11:54:11 | 000,022,094 | ---- | M] () -- C:\Users\Michal\Documents\cc_20100505_115408.reg
[2010/05/05 11:30:40 | 000,000,164 | ---- | M] () -- C:\Windows\DelMR.bat
[2010/05/03 18:31:27 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2010/05/03 17:48:59 | 000,001,024 | ---- | M] () -- C:\.rnd
[2010/05/03 17:37:54 | 000,002,659 | ---- | M] () -- C:\Users\Public\Desktop\APEX Save and Restore.lnk
[2010/05/03 17:26:33 | 000,000,598 | ---- | M] () -- C:\Windows\SysWow64\secushr.dat
[2010/05/03 17:25:58 | 000,000,025 | ---- | M] () -- C:\Windows\libem.INI
[2010/05/03 17:11:01 | 000,064,646 | ---- | M] () -- C:\Users\Michal\Documents\cc_20100503_171056.reg
[2010/05/03 16:24:51 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2010/05/03 16:14:15 | 000,455,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2010/05/03 16:14:15 | 000,182,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2010/05/03 16:14:15 | 000,165,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2010/05/03 16:14:15 | 000,165,888 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2010/05/03 13:46:29 | 000,413,512 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/05/03 13:42:48 | 000,001,131 | ---- | M] () -- C:\Users\Michal\Desktop\OpenVPN GUI.lnk
[2010/05/03 13:05:35 | 000,000,772 | ---- | M] () -- C:\Users\Michal\Desktop\Reader 2.0.5497.lnk
[2010/05/03 12:53:16 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010/05/03 11:50:00 | 000,002,585 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2010/05/03 11:43:09 | 000,000,400 | ---- | M] () -- C:\Users\Michal\Desktop\Připojení k místní síti – zástupce.lnk
[2010/05/03 11:36:12 | 000,001,891 | ---- | M] () -- C:\Users\Michal\Desktop\CCleaner.lnk
[2010/05/03 11:26:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/05/03 07:52:31 | 000,263,680 | ---- | M] () -- C:\Users\Michal\Desktop\MAGIC LOTTO oddělené výrobní čísla Ivka.xls
[2010/04/30 23:50:34 | 000,062,544 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010/04/30 23:50:34 | 000,062,544 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010/04/30 16:35:04 | 000,524,288 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/04/30 16:35:04 | 000,524,288 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/04/30 16:35:04 | 000,065,536 | -HS- | M] () -- C:\Users\Michal\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/04/30 16:34:16 | 000,108,840 | ---- | M] () -- C:\Users\Michal\AppData\Local\GDIPFONTCACHEV1.DAT
[2010/04/30 16:27:17 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/30 16:16:10 | 000,000,020 | -HS- | M] () -- C:\Users\Michal\ntuser.ini
[2010/04/30 16:14:31 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010/04/30 16:11:52 | 000,000,012 | ---- | M] () -- C:\Windows\SysWow64\drivers\10CF_FUJITSU_FTS_ESPRIMO P2550 _PI_FUJITSU _D2950-A1_Version 6.00 R1.05.2950.A1_FSC - 60000_6.00 R1.05.2950.A1 _NVIDIA GeForce 9800 GT .MRK
[2010/04/30 16:11:52 | 000,000,012 | ---- | M] () -- C:\Windows\SysNative\drivers\10CF_FUJITSU_FTS_ESPRIMO P2550 _PI_FUJITSU _D2950-A1_Version 6.00 R1.05.2950.A1_FSC - 60000_6.00 R1.05.2950.A1 _NVIDIA GeForce 9800 GT .MRK
[2010/04/30 12:27:14 | 000,399,360 | ---- | M] () -- C:\Users\Michal\Desktop\APEX.xls
[2010/04/28 08:03:39 | 000,024,022 | ---- | M] () -- C:\Users\Michal\Documents\zavoz ml krijcos.xlsx
[2010/04/27 15:13:52 | 000,013,343 | ---- | M] () -- C:\Users\Michal\Documents\lotto nulove stavy2.xlsx
[2010/04/27 15:13:30 | 000,131,354 | ---- | M] () -- C:\Users\Michal\Documents\lotto nulove stavy.xlsx
[2010/04/27 14:01:31 | 000,012,256 | ---- | M] () -- C:\Users\Michal\Documents\vymena royal kovarik.xlsx
[2010/04/27 13:32:14 | 000,102,545 | ---- | M] () -- C:\Users\Michal\Documents\VYMENA ROYAL HARAK.xlsx
[2010/04/27 08:19:42 | 000,014,264 | ---- | M] () -- C:\Users\Michal\Documents\kovarik prestavba royal.xlsx
[2010/04/26 10:39:50 | 000,012,936 | ---- | M] () -- C:\Users\Michal\Documents\Royal ukonceni.xlsx
[2010/04/26 09:11:50 | 000,005,346 | ---- | M] () -- C:\Users\Michal\Documents\cc_20100426_091144.reg
[2010/04/23 14:10:09 | 000,001,686 | ---- | M] () -- C:\Users\Michal\Documents\cc_20100423_141006.reg
[2010/04/22 10:49:23 | 000,099,231 | ---- | M] () -- C:\Users\Michal\Desktop\EDP dodane 22.3.2010.xlsx
[2010/04/20 15:13:00 | 000,045,860 | ---- | M] () -- C:\Users\Michal\Documents\Evidence_ATG_2.xlsx
[2010/04/14 08:27:00 | 000,045,568 | ---- | M] () -- C:\Users\Michal\Documents\ATT00071.xls
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[mozzek]

========== Files Created - No Company Name ==========

[2010/05/12 15:23:52 | 000,001,279 | ---- | C] () -- C:\Users\Michal\Desktop\ID592766207.v2c
[2010/05/12 15:23:49 | 000,001,279 | ---- | C] () -- C:\Users\Michal\Desktop\ID75245982.v2c
[2010/05/12 14:22:03 | 000,001,279 | ---- | C] () -- C:\Users\Michal\Desktop\ID1747821500.v2c
[2010/05/12 12:52:40 | 000,006,260 | ---- | C] () -- C:\Users\Michal\Desktop\ID592766207.c2v
[2010/05/12 12:51:58 | 000,006,260 | ---- | C] () -- C:\Users\Michal\Desktop\ID1747821500.c2v
[2010/05/12 12:51:25 | 000,006,260 | ---- | C] () -- C:\Users\Michal\Desktop\ID75245982.c2v
[2010/05/12 12:44:57 | 000,164,864 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE
[2010/05/12 12:44:57 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\hdsuinst.exe
[2010/05/12 08:00:57 | 000,001,423 | ---- | C] () -- C:\Users\Michal\Desktop\gu – zástupce.lnk
[2010/05/12 07:03:48 | 000,005,376 | ---- | C] () -- C:\Users\Michal\Documents\cc_20100512_070346.reg
[2010/05/11 11:46:25 | 000,028,160 | ---- | C] () -- C:\Users\Michal\Documents\eurobar.xls
[2010/05/11 11:45:30 | 000,220,160 | ---- | C] () -- C:\Users\Michal\Documents\Vypis madlo.xls
[2010/05/11 09:47:59 | 000,073,781 | ---- | C] () -- C:\Users\Michal\Documents\Vypis madlo.xlsx
[2010/05/10 13:33:42 | 000,000,165 | -H-- | C] () -- C:\Users\Michal\Documents\~$Royal naše verze.xlsx
[2010/05/10 13:33:41 | 000,016,187 | ---- | C] () -- C:\Users\Michal\Documents\Royal naše verze.xlsx
[2010/05/10 13:21:32 | 000,037,888 | ---- | C] () -- C:\Users\Michal\Documents\Royal Vlček verze.xls
[2010/05/10 13:20:35 | 000,024,576 | ---- | C] () -- C:\Users\Michal\Documents\Royal Moučková verze.xls
[2010/05/10 13:20:02 | 000,023,040 | ---- | C] () -- C:\Users\Michal\Documents\Royal Matušík verze.xls
[2010/05/10 13:19:37 | 000,026,624 | ---- | C] () -- C:\Users\Michal\Documents\Royal Mařan verze.xls
[2010/05/10 13:19:10 | 000,025,088 | ---- | C] () -- C:\Users\Michal\Documents\Royal Mach verze.xls
[2010/05/10 13:18:43 | 000,023,040 | ---- | C] () -- C:\Users\Michal\Documents\Royal Buršík verze.xls
[2010/05/10 13:18:15 | 000,025,600 | ---- | C] () -- C:\Users\Michal\Documents\Royal Hajný verze.xls
[2010/05/10 13:17:44 | 000,024,064 | ---- | C] () -- C:\Users\Michal\Documents\Royal Harák verze.xls
[2010/05/10 13:17:09 | 000,027,648 | ---- | C] () -- C:\Users\Michal\Documents\Royal Kombo verze.xls
[2010/05/10 13:16:33 | 000,027,648 | ---- | C] () -- C:\Users\Michal\Documents\Royal Kovařík verze.xls
[2010/05/10 12:43:41 | 000,000,165 | -H-- | C] () -- C:\Users\Michal\Desktop\~$EDP dodane 22.3.2010.xlsx
[2010/05/10 07:44:00 | 000,002,020 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010/05/07 12:53:24 | 000,028,160 | ---- | C] () -- C:\Users\Michal\Documents\PAVLICA_A.doc
[2010/05/05 16:56:46 | 000,001,033 | ---- | C] () -- C:\Users\Michal\Desktop\JustCause2 – zástupce.lnk
[2010/05/05 14:06:49 | 000,001,013 | ---- | C] () -- C:\Users\Michal\Desktop\FlashGet.lnk
[2010/05/05 13:27:15 | 001,470,766 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/05/05 13:17:15 | 000,002,097 | ---- | C] () -- C:\Users\Michal\Desktop\MyPhoneExplorer.lnk
[2010/05/05 12:54:47 | 000,000,288 | ---- | C] () -- C:\Windows\mrinstu.iss
[2010/05/05 11:54:10 | 000,022,094 | ---- | C] () -- C:\Users\Michal\Documents\cc_20100505_115408.reg
[2010/05/05 11:30:40 | 000,000,164 | ---- | C] () -- C:\Windows\DelMR.bat
[2010/05/03 18:31:27 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\PowerISO.lnk
[2010/05/03 17:48:58 | 000,001,024 | ---- | C] () -- C:\.rnd
[2010/05/03 17:37:54 | 000,002,659 | ---- | C] () -- C:\Users\Public\Desktop\APEX Save and Restore.lnk
[2010/05/03 17:26:31 | 000,000,598 | ---- | C] () -- C:\Windows\SysWow64\secushr.dat
[2010/05/03 17:25:58 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI
[2010/05/03 17:10:59 | 000,064,646 | ---- | C] () -- C:\Users\Michal\Documents\cc_20100503_171056.reg
[2010/05/03 16:24:51 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\GOM Player.lnk
[2010/05/03 16:20:37 | 001,560,576 | ---- | C] () -- C:\Users\Michal\Desktop\MULTILOTTO 11.12.2009.xls
[2010/05/03 16:20:37 | 000,579,072 | ---- | C] () -- C:\Users\Michal\Desktop\ROYAL GAMES.xls
[2010/05/03 16:20:36 | 000,425,984 | ---- | C] () -- C:\Users\Michal\Desktop\KAJOT.xls
[2010/05/03 16:20:36 | 000,399,360 | ---- | C] () -- C:\Users\Michal\Desktop\APEX.xls
[2010/05/03 16:20:36 | 000,263,680 | ---- | C] () -- C:\Users\Michal\Desktop\MAGIC LOTTO oddělené výrobní čísla Ivka.xls
[2010/05/03 13:42:48 | 000,001,131 | ---- | C] () -- C:\Users\Michal\Desktop\OpenVPN GUI.lnk
[2010/05/03 13:05:35 | 000,000,772 | ---- | C] () -- C:\Users\Michal\Desktop\Reader 2.0.5497.lnk
[2010/05/03 12:46:04 | 000,358,830 | ---- | C] () -- C:\Users\Michal\Desktop\PROTOKOL O PŘESTAVBĚ HERNÍHO SYSTÉMU.pdf
[2010/05/03 12:46:04 | 000,167,424 | ---- | C] () -- C:\Users\Michal\Desktop\Předávací protokol VLT.doc
[2010/05/03 12:46:04 | 000,099,231 | ---- | C] () -- C:\Users\Michal\Desktop\EDP dodane 22.3.2010.xlsx
[2010/05/03 12:46:04 | 000,005,311 | ---- | C] () -- C:\Users\Michal\Desktop\seznamzasahu.ods
[2010/05/03 11:55:22 | 004,075,060 | ---- | C] () -- C:\Users\Michal\Documents\leden_3.3.2010.xml
[2010/05/03 11:55:22 | 004,071,383 | ---- | C] () -- C:\Users\Michal\Documents\ledenx.xml
[2010/05/03 11:55:22 | 004,071,383 | ---- | C] () -- C:\Users\Michal\Documents\leden.xml
[2010/05/03 11:55:22 | 003,941,878 | ---- | C] () -- C:\Users\Michal\Documents\leden01.xml
[2010/05/03 11:55:22 | 003,687,458 | ---- | C] () -- C:\Users\Michal\Documents\unor_3.3.2010.xml
[2010/05/03 11:55:22 | 003,683,544 | ---- | C] () -- C:\Users\Michal\Documents\unor.xml
[2010/05/03 11:55:22 | 000,720,358 | ---- | C] () -- C:\Users\Michal\Documents\leden3.xml
[2010/05/03 11:55:22 | 000,720,358 | ---- | C] () -- C:\Users\Michal\Documents\leden_1.xml
[2010/05/03 11:55:22 | 000,440,605 | ---- | C] () -- C:\Users\Michal\Documents\seznam Burian.xlsx
[2010/05/03 11:55:22 | 000,431,407 | ---- | C] () -- C:\Users\Michal\Documents\pokus.xlsx
[2010/05/03 11:55:22 | 000,358,830 | ---- | C] () -- C:\Users\Michal\Documents\PROTOKOL O PŘESTAVBĚ HERNÍHO SYSTÉMU.pdf
[2010/05/03 11:55:22 | 000,257,851 | ---- | C] () -- C:\Users\Michal\Documents\royal verze.xlsx
[2010/05/03 11:55:22 | 000,165,376 | ---- | C] () -- C:\Users\Michal\Documents\Protokol o umístění VLT.xls
[2010/05/03 11:55:22 | 000,165,376 | ---- | C] () -- C:\Users\Michal\Documents\Protokol o odvozu VLT.xls
[2010/05/03 11:55:22 | 000,164,812 | ---- | C] () -- C:\Users\Michal\Documents\Lotta bez prohozu.xlsx
[2010/05/03 11:55:22 | 000,154,431 | ---- | C] () -- C:\Users\Michal\Documents\Objednavka update Apex.docx
[2010/05/03 11:55:22 | 000,141,190 | ---- | C] () -- C:\Users\Michal\Documents\videogames stop.xlsx
[2010/05/03 11:55:22 | 000,139,937 | ---- | C] () -- C:\Users\Michal\Documents\egaming_reader_sklad.xlsx
[2010/05/03 11:55:22 | 000,131,354 | ---- | C] () -- C:\Users\Michal\Documents\lotto nulove stavy.xlsx
[2010/05/03 11:55:22 | 000,128,903 | ---- | C] () -- C:\Users\Michal\Documents\ml_s_prohozem.xlsx
[2010/05/03 11:55:22 | 000,118,617 | ---- | C] () -- C:\Users\Michal\Documents\Royal video.xlsx
[2010/05/03 11:55:22 | 000,116,477 | ---- | C] () -- C:\Users\Michal\Documents\royal video komplet.xlsx
[2010/05/03 11:55:22 | 000,107,008 | ---- | C] () -- C:\Users\Michal\Documents\mach.xls
[2010/05/03 11:55:22 | 000,102,545 | ---- | C] () -- C:\Users\Michal\Documents\VYMENA ROYAL HARAK.xlsx
[2010/05/03 11:55:22 | 000,070,207 | ---- | C] () -- C:\Users\Michal\Documents\royal 2009.xlsx
[2010/05/03 11:55:22 | 000,052,736 | ---- | C] () -- C:\Users\Michal\Documents\rep20100226091602.xls
[2010/05/03 11:55:22 | 000,052,734 | ---- | C] () -- C:\Users\Michal\Documents\seznam epi.xlsx
[2010/05/03 11:55:22 | 000,049,664 | ---- | C] () -- C:\Users\Michal\Documents\spouštění EDP1.xls
[2010/05/03 11:55:22 | 000,049,152 | ---- | C] () -- C:\Users\Michal\Documents\Royal Vlček (3)h.xls
[2010/05/03 11:55:22 | 000,048,139 | ---- | C] () -- C:\Users\Michal\Documents\Royal Kombo.xlsx
[2010/05/03 11:55:22 | 000,046,931 | ---- | C] () -- C:\Users\Michal\Documents\Sešit1.xlsx
[2010/05/03 11:55:22 | 000,045,860 | ---- | C] () -- C:\Users\Michal\Documents\Evidence_ATG_2.xlsx
[2010/05/03 11:55:22 | 000,045,056 | ---- | C] () -- C:\Users\Michal\Documents\ono jihlava.xls
[2010/05/03 11:55:22 | 000,039,991 | ---- | C] () -- C:\Users\Michal\Documents\lotto září.xlsx
[2010/05/03 11:55:22 | 000,037,110 | ---- | C] () -- C:\Users\Michal\Documents\hs-list-2010-02-03.ods
[2010/05/03 11:55:22 | 000,036,352 | ---- | C] () -- C:\Users\Michal\Documents\rep20100317075300.xls
[2010/05/03 11:55:22 | 000,033,713 | ---- | C] () -- C:\Users\Michal\Documents\update_zbyvajici.xlsx
[2010/05/03 11:55:22 | 000,032,768 | ---- | C] () -- C:\Users\Michal\Documents\Royal Kovařík.xls
[2010/05/03 11:55:22 | 000,032,256 | ---- | C] () -- C:\Users\Michal\Documents\videoslovak.xls
[2010/05/03 11:55:22 | 000,032,125 | ---- | C] () -- C:\Users\Michal\Documents\Kontakty.rtf
[2010/05/03 11:55:22 | 000,030,208 | ---- | C] () -- C:\Users\Michal\Documents\Royal Mařan.xls
[2010/05/03 11:55:22 | 000,029,184 | ---- | C] () -- C:\Users\Michal\Documents\kajot.xls
[2010/05/03 11:55:22 | 000,028,160 | ---- | C] () -- C:\Users\Michal\Documents\Royal Rozehnal.xls
[2010/05/03 11:55:22 | 000,028,160 | ---- | C] () -- C:\Users\Michal\Documents\Royal Harák.xls
[2010/05/03 11:55:22 | 000,026,624 | ---- | C] () -- C:\Users\Michal\Documents\Royal Kombo odvoz (11).xls
[2010/05/03 11:55:22 | 000,026,112 | ---- | C] () -- C:\Users\Michal\Documents\Royal Kombo odvoz (5).xls
[2010/05/03 11:55:22 | 000,026,112 | ---- | C] () -- C:\Users\Michal\Documents\jihlava.xls
[2010/05/03 11:55:22 | 000,024,090 | ---- | C] () -- C:\Users\Michal\Documents\Kopie - inventura k 10 1 2010.xlsx
[2010/05/03 11:55:22 | 000,024,064 | ---- | C] () -- C:\Users\Michal\Documents\King.xls
[2010/05/03 11:55:22 | 000,024,031 | ---- | C] () -- C:\Users\Michal\Documents\Royal Montág.xlsx
[2010/05/03 11:55:22 | 000,024,022 | ---- | C] () -- C:\Users\Michal\Documents\zavoz ml krijcos.xlsx
[2010/05/03 11:55:22 | 000,022,847 | ---- | C] () -- C:\Users\Michal\Documents\rozhodnuti edp nepovolene.xlsx
[2010/05/03 11:55:22 | 000,022,665 | ---- | C] () -- C:\Users\Michal\Documents\reader cleaner.xlsx
[2010/05/03 11:55:22 | 000,021,116 | ---- | C] () -- C:\Users\Michal\Documents\spouštění EDP_8_2_2010.xlsx
[2010/05/03 11:55:22 | 000,020,972 | ---- | C] () -- C:\Users\Michal\Documents\spouštění EDP_montag_8_2_2010.xlsx
[2010/05/03 11:55:22 | 000,020,648 | ---- | C] () -- C:\Users\Michal\Documents\spouštění EDP.xlsx
[2010/05/03 11:55:22 | 000,020,480 | ---- | C] () -- C:\Users\Michal\Documents\pavov.xls
[2010/05/03 11:55:22 | 000,019,968 | ---- | C] () -- C:\Users\Michal\Documents\video.xls
[2010/05/03 11:55:22 | 000,018,415 | ---- | C] () -- C:\Users\Michal\Documents\Kopie - Royal Vlcek.xlsx
[2010/05/03 11:55:22 | 000,018,323 | ---- | C] () -- C:\Users\Michal\Documents\Michal - tabulka.xlsx
[2010/05/03 11:55:22 | 000,017,486 | ---- | C] () -- C:\Users\Michal\Documents\ono jihlava2.xlsx
[2010/05/03 11:55:22 | 000,015,372 | ---- | C] () -- C:\Users\Michal\Documents\Royal Vlček.xlsx
[2010/05/03 11:55:22 | 000,014,264 | ---- | C] () -- C:\Users\Michal\Documents\kovarik prestavba royal.xlsx
[2010/05/03 11:55:22 | 000,013,343 | ---- | C] () -- C:\Users\Michal\Documents\lotto nulove stavy2.xlsx
[2010/05/03 11:55:22 | 000,012,936 | ---- | C] () -- C:\Users\Michal\Documents\Royal ukonceni.xlsx
[2010/05/03 11:55:22 | 000,012,820 | ---- | C] () -- C:\Users\Michal\Documents\Kopie - edp with pc.xlsx
[2010/05/03 11:55:22 | 000,012,560 | ---- | C] () -- C:\Users\Michal\Documents\Royal Kovařík.xlsx
[2010/05/03 11:55:22 | 000,012,453 | ---- | C] () -- C:\Users\Michal\Documents\Royal Hajný.xlsx
[2010/05/03 11:55:22 | 000,012,256 | ---- | C] () -- C:\Users\Michal\Documents\vymena royal kovarik.xlsx
[2010/05/03 11:55:22 | 000,011,810 | ---- | C] () -- C:\Users\Michal\Documents\Royal software manager.xlsx
[2010/05/03 11:55:22 | 000,011,655 | ---- | C] () -- C:\Users\Michal\Documents\Royal Mařan.xlsx
[2010/05/03 11:55:22 | 000,011,372 | ---- | C] () -- C:\Users\Michal\Documents\Royal Smiešný.xlsx
[2010/05/03 11:55:22 | 000,011,213 | ---- | C] () -- C:\Users\Michal\Documents\Royal Rozehnal.xlsx
[2010/05/03 11:55:22 | 000,011,019 | ---- | C] () -- C:\Users\Michal\Documents\Royal Harák.xlsx
[2010/05/03 11:55:22 | 000,010,800 | ---- | C] () -- C:\Users\Michal\Documents\Royal Mach.xlsx
[2010/05/03 11:55:22 | 000,010,684 | ---- | C] () -- C:\Users\Michal\Documents\inventura nová.xlsx
[2010/05/03 11:55:22 | 000,010,683 | ---- | C] () -- C:\Users\Michal\Documents\Royal Urbánek.xlsx
[2010/05/03 11:55:22 | 000,010,657 | ---- | C] () -- C:\Users\Michal\Documents\Royal Moučková.xlsx
[2010/05/03 11:55:22 | 000,010,589 | ---- | C] () -- C:\Users\Michal\Documents\Royal Buršík.xlsx
[2010/05/03 11:55:22 | 000,010,550 | ---- | C] () -- C:\Users\Michal\Documents\e-gaming 11,12,2009.xlsx
[2010/05/03 11:55:22 | 000,010,461 | ---- | C] () -- C:\Users\Michal\Documents\Royal Zálešák.xlsx
[2010/05/03 11:55:22 | 000,010,407 | ---- | C] () -- C:\Users\Michal\Documents\inventura.xlsx
[2010/05/03 11:55:22 | 000,009,967 | ---- | C] () -- C:\Users\Michal\Documents\Royal Kadeřábek_OK.xlsx
[2010/05/03 11:55:22 | 000,009,700 | ---- | C] () -- C:\Users\Michal\Documents\Royal Čepila.xlsx
[2010/05/03 11:55:22 | 000,008,708 | ---- | C] () -- C:\Users\Michal\Documents\videogames prohoz.xlsx
[2010/05/03 11:55:22 | 000,008,349 | ---- | C] () -- C:\Users\Michal\Documents\Seznam del.xlsx
[2010/05/03 11:55:21 | 003,937,791 | ---- | C] () -- C:\Users\Michal\Documents\brezen_final.xml
[2010/05/03 11:55:21 | 003,925,426 | ---- | C] () -- C:\Users\Michal\Documents\brezen final.xml
[2010/05/03 11:55:21 | 003,605,239 | ---- | C] () -- C:\Users\Michal\Documents\brezen2010.xml
[2010/05/03 11:55:21 | 003,419,911 | ---- | C] () -- C:\Users\Michal\Documents\brezen01.xml
[2010/05/03 11:55:21 | 003,419,911 | ---- | C] () -- C:\Users\Michal\Documents\brezen_new.xml
[2010/05/03 11:55:21 | 000,131,072 | ---- | C] () -- C:\Users\Michal\Documents\AutoGames_CZK.xls
[2010/05/03 11:55:21 | 000,126,837 | ---- | C] () -- C:\Users\Michal\Documents\brezen27.xml
[2010/05/03 11:55:21 | 000,126,638 | ---- | C] () -- C:\Users\Michal\Documents\brezen_30.3.xml
[2010/05/03 11:55:21 | 000,126,561 | ---- | C] () -- C:\Users\Michal\Documents\brezen29.xml
[2010/05/03 11:55:21 | 000,126,561 | ---- | C] () -- C:\Users\Michal\Documents\brezen_29.3.xml
[2010/05/03 11:55:21 | 000,126,558 | ---- | C] () -- C:\Users\Michal\Documents\brezen_31.3.xml
[2010/05/03 11:55:21 | 000,106,496 | ---- | C] () -- C:\Users\Michal\Documents\edp_lm_net.xls
[2010/05/03 11:55:21 | 000,096,768 | ---- | C] () -- C:\Users\Michal\Documents\EDP_spouštění_10.-12.3.2010a.xls
[2010/05/03 11:55:21 | 000,072,059 | ---- | C] () -- C:\Users\Michal\Documents\edp_dodane.xlsx
[2010/05/03 11:55:21 | 000,061,681 | ---- | C] () -- C:\Users\Michal\Documents\EDP_spouštění_23.-25.3.2010.xlsx
[2010/05/03 11:55:21 | 000,059,770 | ---- | C] () -- C:\Users\Michal\Documents\EDP_spouštění_3.-4.2.2010_moje.xlsx
[2010/05/03 11:55:21 | 000,054,442 | ---- | C] () -- C:\Users\Michal\Documents\EDP_spouštění_22.-24_2_2010.xlsx
[2010/05/03 11:55:21 | 000,049,593 | ---- | C] () -- C:\Users\Michal\Documents\EDP_spouštění_1.-2.2.2010.xlsx
[2010/05/03 11:55:21 | 000,048,434 | ---- | C] () -- C:\Users\Michal\Documents\edp_lm_net.xlsx
[2010/05/03 11:55:21 | 000,048,244 | ---- | C] () -- C:\Users\Michal\Documents\EDP_spouštění_3.-4.2.2010.xlsx
[2010/05/03 11:55:21 | 000,048,174 | ---- | C] () -- C:\Users\Michal\Documents\EDP_spouštění_15.-16.3.2010.xlsx
[2010/05/03 11:55:21 | 000,045,568 | ---- | C] () -- C:\Users\Michal\Documents\ATT00071.xls
[2010/05/03 11:55:21 | 000,044,981 | ---- | C] () -- C:\Users\Michal\Documents\EDP_spouštění_10.-12.3.2010.xlsx
[2010/05/03 11:55:21 | 000,044,589 | ---- | C] () -- C:\Users\Michal\Documents\EDP_spouštění_10.-13.3.2010.xlsx
[2010/05/03 11:55:21 | 000,036,864 | ---- | C] () -- C:\Users\Michal\Documents\dzban.xls
[2010/05/03 11:55:21 | 000,033,440 | ---- | C] () -- C:\Users\Michal\Documents\cc_20100128_1521.reg
[2010/05/03 11:55:21 | 000,032,584 | ---- | C] () -- C:\Users\Michal\Documents\cc_20091104_1147.reg
[2010/05/03 11:55:21 | 000,029,696 | ---- | C] () -- C:\Users\Michal\Documents\brno.xls
[2010/05/03 11:55:21 | 000,023,245 | ---- | C] () -- C:\Users\Michal\Documents\EDP praha rozvoz 31.3.2010.xlsx
[2010/05/03 11:55:21 | 000,020,526 | ---- | C] () -- C:\Users\Michal\Documents\apex dzban.xlsx
[2010/05/03 11:55:21 | 000,017,772 | ---- | C] () -- C:\Users\Michal\Documents\edp_zapojene.xlsx
[2010/05/03 11:55:21 | 000,012,371 | ---- | C] () -- C:\Users\Michal\Documents\edp_kombo odvoz 8.3.2010.xlsx
[2010/05/03 11:55:21 | 000,012,174 | ---- | C] () -- C:\Users\Michal\Documents\as
[2010/05/03 11:55:21 | 000,011,740 | ---- | C] () -- C:\Users\Michal\Documents\cc_20091015_1103.reg
[2010/05/03 11:55:21 | 000,009,697 | ---- | C] () -- C:\Users\Michal\Documents\edp with pc.xlsx
[2010/05/03 11:55:21 | 000,006,260 | ---- | C] () -- C:\Users\Michal\Documents\cc_20100408_151517.reg
[2010/05/03 11:55:21 | 000,005,346 | ---- | C] () -- C:\Users\Michal\Documents\cc_20100426_091144.reg
[2010/05/03 11:55:21 | 000,001,780 | ---- | C] () -- C:\Users\Michal\Documents\cc_20100128_1522.reg
[2010/05/03 11:55:21 | 000,001,686 | ---- | C] () -- C:\Users\Michal\Documents\cc_20100423_141006.reg
[2010/05/03 11:55:21 | 000,000,578 | ---- | C] () -- C:\Users\Michal\Documents\cc_20091104_1148.reg
[2010/05/03 11:55:21 | 000,000,102 | ---- | C] () -- C:\Users\Michal\Documents\brezen28.xml
[2010/05/03 11:55:21 | 000,000,102 | ---- | C] () -- C:\Users\Michal\Documents\brezen_28.3.xml
[2010/05/03 11:55:13 | 512,229,376 | ---- | C] () -- C:\Users\Michal\Documents\apex.asar
[2010/05/03 11:55:13 | 004,071,383 | ---- | C] () -- C:\Users\Michal\Documents\a.xml
[2010/05/03 11:55:13 | 000,012,174 | ---- | C] () -- C:\Users\Michal\Documents\ad
[2010/05/03 11:50:00 | 000,002,585 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2010/05/03 11:43:09 | 000,000,400 | ---- | C] () -- C:\Users\Michal\Desktop\Připojení k místní síti – zástupce.lnk
[2010/05/03 11:36:12 | 000,001,891 | ---- | C] () -- C:\Users\Michal\Desktop\CCleaner.lnk
[2010/05/03 11:26:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010/04/30 16:27:17 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010/04/30 16:16:54 | 3219,984,384 | -HS- | C] () -- C:\hiberfil.sys
[2010/04/30 16:16:10 | 000,524,288 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2010/04/30 16:16:10 | 000,524,288 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2010/04/30 16:16:10 | 000,065,536 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010/04/30 16:16:10 | 000,000,020 | -HS- | C] () -- C:\Users\Michal\ntuser.ini
[2010/04/30 16:16:08 | 001,310,720 | -HS- | C] () -- C:\Users\Michal\NTUSER.DAT
[2010/04/30 16:16:08 | 000,262,144 | -HS- | C] () -- C:\Users\Michal\ntuser.dat.LOG1
[2010/04/30 16:16:08 | 000,000,000 | -HS- | C] () -- C:\Users\Michal\ntuser.dat.LOG2
[2010/04/30 16:11:52 | 000,000,012 | ---- | C] () -- C:\Windows\SysWow64\drivers\10CF_FUJITSU_FTS_ESPRIMO P2550 _PI_FUJITSU _D2950-A1_Version 6.00 R1.05.2950.A1_FSC - 60000_6.00 R1.05.2950.A1 _NVIDIA GeForce 9800 GT .MRK
[2010/04/30 16:11:52 | 000,000,012 | ---- | C] () -- C:\Windows\SysNative\drivers\10CF_FUJITSU_FTS_ESPRIMO P2550 _PI_FUJITSU _D2950-A1_Version 6.00 R1.05.2950.A1_FSC - 60000_6.00 R1.05.2950.A1 _NVIDIA GeForce 9800 GT .MRK
[2009/07/30 13:49:22 | 000,040,448 | ---- | C] () -- C:\Windows\REGOBJ.DLL
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010/05/05 11:58:16 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BITS
[2010/05/07 16:37:32 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
[2010/05/03 17:25:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\FlashGet
[2010/05/03 17:25:47 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\FlashGetBHO
[2010/05/03 11:29:51 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\HEXelon
[2010/05/12 16:00:51 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ICQ
[2010/05/05 15:24:27 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\MyPhoneExplorer
[2010/05/05 13:02:07 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Teleca
[2009/07/14 07:08:49 | 000,006,896 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009/07/14 03:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)
"ICQ" = "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent -- [2009/11/16 17:36:19 | 000,172,792 | ---- | M] (ICQ, LLC.)
"mRouterConfig" = "C:\Program Files (x86)\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe" -- [2006/03/02 11:54:16 | 000,290,816 | ---- | M] (Intuwave Ltd.)

< c:\windows\*.* /U >
[1 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010/05/03 12:51:58 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Adobe
[2010/05/05 11:58:16 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\BITS
[2010/05/07 16:37:32 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\DAEMON Tools Lite
[2010/05/03 17:25:52 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\FlashGet
[2010/05/03 17:25:47 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\FlashGetBHO
[2010/05/03 11:36:33 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Google
[2010/05/03 16:26:41 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\GRETECH
[2010/05/03 11:29:51 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\HEXelon
[2010/05/12 16:00:51 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\ICQ
[2010/04/30 16:17:02 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Identities
[2010/05/03 12:51:58 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Macromedia
[2009/07/14 09:45:37 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Media Center Programs
[2010/05/10 13:03:49 | 000,000,000 | --SD | M] -- C:\Users\Michal\AppData\Roaming\Microsoft
[2010/04/30 16:27:24 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Mozilla
[2010/05/05 15:24:27 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\MyPhoneExplorer
[2010/05/03 19:22:21 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\NVIDIA
[2010/05/03 11:50:03 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Realtime Soft
[2010/05/04 11:12:26 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Sony Ericsson
[2010/05/05 13:02:07 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\Teleca
[2010/05/05 15:26:01 | 000,000,000 | ---D | M] -- C:\Users\Michal\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010/05/03 16:36:49 | 000,181,096 | ---- | M] () -- C:\Users\Michal\AppData\Roaming\Mozilla\Firefox\Profiles\dwcljphz.default\FlashGot.exe


< MD5 for: AGP440.SYS >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CDROM.SYS >
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009/07/14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009/07/14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009/07/14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009/10/31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009/08/03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009/10/31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009/10/31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009/08/03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009/07/14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009/07/14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009/07/14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009/07/14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009/07/14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009/07/14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009/07/14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009/07/14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009/07/14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2009/07/14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009/07/14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009/07/14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2010/05/12 12:47:14 | 000,005,093 | ---- | M] () -- C:\Windows\SysWOW64\hdd32.log

========== Alternate Data Streams ==========

@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:6DFF1A8A
< End of report >

[mozzek]

OTL Extras logfile created on: 5/13/2010 7:05:50 AM - Run 1
OTL by OldTimer - Version 3.2.4.1 Folder = C:\Users\Michal\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 67.00% Memory free
8.00 Gb Paging File | 7.00 Gb Available in Paging File | 82.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150.00 Gb Total Space | 118.25 Gb Free Space | 78.83% Space Free | Partition Type: NTFS
Drive D: | 313.75 Gb Total Space | 288.74 Gb Free Space | 92.03% Space Free | Partition Type: NTFS
Drive E: | 539.69 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 298.09 Gb Total Space | 113.99 Gb Free Space | 38.24% Space Free | Partition Type: NTFS
Drive G: | 50.00 Gb Total Space | 25.02 Gb Free Space | 50.04% Space Free | Partition Type: NTFS
Drive H: | 322.60 Gb Total Space | 118.28 Gb Free Space | 36.66% Space Free | Partition Type: NTFS
I: Drive not present or media not loaded

Computer Name: MICHAL-PC
Current User Name: Michal
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.inf[@ = inf] -- C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe (Don HO don.h@free.fr)
.ini[@ = ini] -- C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe (Don HO don.h@free.fr)
.txt[@ = txt] -- C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe (Don HO don.h@free.fr)
.vbs[@ = vbs] -- C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe (Don HO don.h@free.fr)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.inf [@ = inf] -- C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe (Don HO don.h@free.fr)
.ini [@ = ini] -- C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe (Don HO don.h@free.fr)
.txt [@ = txt] -- C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe (Don HO don.h@free.fr)
.vbs [@ = vbs] -- C:\Program Files (x86)\TC UP\PLUGINS\Media\Notepad++\notepad++.exe (Don HO don.h@free.fr)

[HKEY_USERS\S-1-5-21-132761946-1395082400-2933450287-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files (x86)\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- File not found
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3 -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{59427B1F-852F-4AF1-8215-E5B12F966D89}" = Logitech G11 Keyboard Software 1.03
"{68451E5C-0A9C-4D5C-8D06-6E296242E908}" = 64 Bit HP CIO Components Installer
"{87AC40B0-186F-4E38-B66B-1EE3EB9AED54}" = ESET NOD32 Antivirus
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0405-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Czech) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{B0EFB716-085B-4564-8060-212E41F5CE50}" = Pomocník pro přihlášení ke službě Windows Live ID
"{B49673F8-7AB6-4A14-8213-C8A7BE370010}" = UltraMon
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D611B241-28A0-4937-AF86-17565CAF9807}" = PC Suite for Sony Ericsson x64
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"PerformanceTest_is1" = PerformanceTest v6.1 (64-bit)
"Sony Ericsson" = Sony Ericsson Symbian 9 Drivers
"WinRAR archiver" = WinRAR

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0C3AE9EB-2F0A-451E-A5E4-2BF6AFF21FB9}" = PC Suite for Sony Ericsson
"{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0405-0000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2007
"{90120000-0015-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0019-0405-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2007
"{90120000-0019-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{1FC5BC34-0301-40D2-9432-05BA220277B8}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_PROHYBRIDR_{294B4278-CF7B-40B9-86A1-2D3FF0C2C524}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_PROHYBRIDR_{10EC59E5-9BCE-4884-BB1A-E28627220232}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_PROHYBRIDR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0405-1000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_PROHYBRIDR_{E12F9D31-4025-4BC6-B1B2-AB262C5580B0}" = Microsoft Office Language Pack 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.2 - Czech
"{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}" = Microsoft Office Live Add-in 1.4
"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers
"{E103F4CD-2F5D-434E-8429-6029147DCD65}" = APEX Save And Restore
"{E1252473-6306-4d5d-904D-B06AA7F38161}" = PC Suite for Sony Ericsson
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"CCleaner" = CCleaner
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"FlashGet" = FlashGet 1.9.0.1012
"GOM Player" = GOM Player
"HASP HL Device Driver" = HASP HL Device Driver
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"MPE" = MyPhoneExplorer
"OpenVPN" = OpenVPN 2.1.1
"PowerISO" = PowerISO
"PROHYBRIDR" = 2007 Microsoft Office system
"TC UP" = Total Commander Ultima Prime 4.9.0.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 5/3/2010 10:44:21 AM | Computer Name = Michal-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: pt.exe, verze: 6.1.1018.2, časové razítko:
0x48d6dcc2 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x0000000001e98d95 ID chybujícího procesu: 0x21b8
Čas
spuštění chybující aplikace: 0x01caeacf16b6eddc Cesta k chybující aplikaci: C:\Program
Files\PerformanceTest\pt.exe Cesta k chybujícímu modulu: unknown ID zprávy: 5b75781c-56c2-11df-bb36-ff1e3c29194b

Error - 5/3/2010 10:45:40 AM | Computer Name = Michal-PC | Source = Application Error | ID = 1000
Description = Název chybující aplikace: pt.exe, verze: 6.1.1018.2, časové razítko:
0x48d6dcc2 Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód
výjimky: 0xc0000005 Posun chyby: 0x0000000001ccd323 ID chybujícího procesu: 0x2aac
Čas
spuštění chybující aplikace: 0x01caeacf4c65ba1c Cesta k chybující aplikaci: C:\Program
Files\PerformanceTest\pt.exe Cesta k chybujícímu modulu: unknown ID zprávy: 8abda7fc-56c2-11df-bb36-ff1e3c29194b

[ OSession Events ]
Error - 5/4/2010 6:45:37 AM | Computer Name = Michal-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 107
seconds with 60 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 5/7/2010 6:57:53 AM | Computer Name = Michal-PC | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{D1932E94-2328-4B28-B796-88EE9C775749},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 5/7/2010 10:39:37 AM | Computer Name = Michal-PC | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 5/7/2010 10:39:41 AM | Computer Name = Michal-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\VD_FileDisk.SYS bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.

Error - 5/7/2010 10:39:55 AM | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7026
Description = Zavedení následujícího ovladače pro spouštění počítače nebo systému
se nezdařilo: sptd VD_FileDisk

Error - 5/7/2010 11:04:02 AM | Computer Name = Michal-PC | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{D1932E94-2328-4B28-B796-88EE9C775749},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 5/10/2010 9:18:45 AM | Computer Name = Michal-PC | Source = Server | ID = 2505
Description = Server nemohl vytvořit vazbu na přenos \Device\NetBT_Tcpip_{D1932E94-2328-4B28-B796-88EE9C775749},
protože jiný počítač v síti má stejný název. Server nelze spustit.

Error - 5/11/2010 9:13:48 AM | Computer Name = Michal-PC | Source = Service Control Manager | ID = 7009
Description = Při čekání na připojení služby Služba Zasílání zpráv o chybách systému
Windows bylo dosaženo časového limitu (30000 ms).

Error - 5/11/2010 9:22:32 AM | Computer Name = Michal-PC | Source = sptd | ID = 262148
Description = Ovladač zjistil interní chybu ve vlastní struktuře dat u .

Error - 5/11/2010 9:22:46 AM | Computer Name = Michal-PC | Source = EventLog | ID = 6008
Description = Předchozí vypnutí systému (15:21:01, ?11.?5.?2010) bylo neočekávané.

Error - 5/11/2010 9:22:37 AM | Computer Name = Michal-PC | Source = Application Popup | ID = 1060
Description = Načtení \SystemRoot\SysWow64\Drivers\VD_FileDisk.SYS bylo zablokováno
kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru o kompatibilní
verzi ovladače.


< End of report >

[Caroprd111]

Spusťte OTL a do spodního okna vložte následující skript.

Kód: Vybrat vše

:OTL
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-132761946-1395082400-2933450287-1000\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O33 - MountPoints2\{866228e9-54a1-11df-8b63-806e6f6e6963}\Shell - "" = AutoRun
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell - "" = AutoRun
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:6DFF1A8A
[2010/05/12 12:44:57 | 000,164,864 | ---- | C] () -- C:\Windows\SysWow64\UNWISE.EXE

:Commands
[EMPTYTEMP] 
[EMPTYFLASH]
[CLEARALLRESTOREPOINTS]
[CREATERESTOREPOINT]

Poté klikněte na Opravit, PC se restartuje, log vložte sem.


Následující soubor/y otestujte na http://www.virustotal.com/cs/
C:\Program Files (x86)\TC UP\TC UP.exe

(Soubor/y nehledejte, jenom vložíte tučně označenou cestu, v případě hlášky "Soubor již byl testován" dejte otestovat znovu. Výsledek analýzy sem v podobě odkazu vložte.)

[mozzek]

Výsledek virustotal:

Antivirus Verze Poslední aktualizace Výsledek
a-squared 4.5.0.50 2010.05.10 -
AhnLab-V3 2010.05.13.01 2010.05.13 -
AntiVir 8.2.1.242 2010.05.12 -
Antiy-AVL 2.0.3.7 2010.05.13 -
Authentium 5.2.0.5 2010.05.13 -
Avast 4.8.1351.0 2010.05.13 -
Avast5 5.0.332.0 2010.05.13 -
AVG 9.0.0.787 2010.05.13 -
BitDefender 7.2 2010.05.13 -
CAT-QuickHeal 10.00 2010.05.13 -
ClamAV 0.96.0.3-git 2010.05.13 -
Comodo 4832 2010.05.13 -
DrWeb 5.0.2.03300 2010.05.13 -
eSafe 7.0.17.0 2010.05.11 -
eTrust-Vet 35.2.7485 2010.05.13 -
F-Prot 4.5.1.85 2010.05.13 -
F-Secure 9.0.15370.0 2010.05.13 -
Fortinet 4.1.133.0 2010.05.13 -
GData 21 2010.05.13 -
Ikarus T3.1.1.84.0 2010.05.13 -
Jiangmin 13.0.900 2010.05.13 -
Kaspersky 7.0.0.125 2010.05.13 -
McAfee 5.400.0.1158 2010.05.13 -
McAfee-GW-Edition 2010.1 2010.05.13 -
Microsoft 1.5703 2010.05.13 -
NOD32 5112 2010.05.13 -
Norman 6.04.12 2010.05.13 -
nProtect 2010-05-13.01 2010.05.13 -
Panda 10.0.2.7 2010.05.12 -
PCTools 7.0.3.5 2010.05.13 -
Prevx 3.0 2010.05.13 -
Rising 22.47.03.04 2010.05.13 -
Sophos 4.53.0 2010.05.13 -
Sunbelt 6298 2010.05.13 -
Symantec 20101.1.0.89 2010.05.13 -
TheHacker 6.5.2.0.280 2010.05.13 -
TrendMicro 9.120.0.1004 2010.05.13 PAK_Generic.001
TrendMicro-HouseCall 9.120.0.1004 2010.05.13 -
VBA32 3.12.12.4 2010.05.13 -
ViRobot 2010.5.13.2314 2010.05.13 -
VirusBuster 5.0.27.0 2010.05.13 -
Rozšiřující informace
File size: 37376 bytes
MD5...: 33010cb3cd5231b47143ae44dfc8dbd0
SHA1..: 8a2defebc5f7131f77766f9ea010fe4ba32ed2c9
SHA256: f1213b7e318a13215e0a329fbc99a004ceb61330f96ef3531c7b7bf2c8ceaf2a
ssdeep: 768:3uSDchIPNnByWPCRecI2pSgl7M8OSTzLSrX6hxois:eS4GPhJajI2p7dMRST
q6roX
PEiD..: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0xede0
timedatestamp.....: 0x4a3e53ec (Sun Jun 21 15:38:20 2009)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
UPX0 0x1000 0xc000 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
UPX1 0xd000 0x2000 0x2000 7.79 95abc3f6de6a76c1839f275b00afdd9a
.rsrc 0xf000 0x7000 0x6e00 6.23 b3614268198a24eeb59535433e87fff1

( 7 imports )
> KERNEL32.DLL: LoadLibraryA, GetProcAddress, VirtualProtect, VirtualAlloc, VirtualFree, ExitProcess
> ADVAPI32.dll: RegCloseKey
> MSVCP60.dll: _npos@_$basic_string@DU_$char_traits@D@std@@V_$allocator@D@2@@std@@2IB
> MSVCRT.dll: free
> SHELL32.dll: SHFileOperationA
> USER32.dll: CharLowerA
> VERSION.dll: VerQueryValueA

( 0 exports )
RDS...: NSRL Reference Data Set
-
pdfid.: -
trid..: UPX compressed Win32 Executable (39.5%)
Win32 EXE Yoda's Crypter (34.3%)
Win32 Executable Generic (11.0%)
Win32 Dynamic Link Library (generic) (9.8%)
Generic Win/DOS Executable (2.5%)
packers (Kaspersky): PE_Patch.UPX, UPX
packers (F-Prot): UPX
sigcheck:
publisher....:
copyright....: ULTIMA PRIME
product......:
description..: Total Commander Ultima Prime
original name:
internal name:
file version.: 4.9
comments.....:
signers......: -
signing date.: -
verified.....: Unsigned



Log OTE

All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-132761946-1395082400-2933450287-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\kuaiche.com\software\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{314111c7-a502-11d2-bbca-00c04f8ec294}\ not found.
File {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{866228e9-54a1-11df-8b63-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{866228e9-54a1-11df-8b63-806e6f6e6963}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\I\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J\ not found.
File/Folder C:\Windows\*.tmp not found.
Unable to delete ADS C:\ProgramData\TEMP:6DFF1A8A .
File C:\Windows\SysWow64\UNWISE.EXE not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33103 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Michal
->Temp folder emptied: 1813998 bytes
->Temporary Internet Files folder emptied: 443503 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 40272185 bytes
->Flash cache emptied: 20790 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 109918703 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50507 bytes
RecycleBin emptied: 7383398 bytes

Total Files Cleaned = 153.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Michal
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point
Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.4.1 log created on 05132010_150143

Files\Folders moved on Reboot...
C:\Users\Michal\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File\Folder C:\Users\Michal\AppData\Local\Temp\~DF62A25747B82FA642.TMP not found!
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

Registry entries deleted on Reboot...

[Caroprd111]

Odinstalujte všechny emulátory virtuálních mechanik.

Stáhněte SPTD http://www.duplexsecure.com/en/downloads

• Vyberte verzi podle svého operačního systému (64 & 32b). Uložte na plochu a spusťte.
• zvolte možnost Uninstall a restartujte PC.

Stáhněte a spusťte http://www.jpshortstuff.247fixes.com/Defogger.exe

• Klikněte na "Disable" a restartujte PC.

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Klikněte pravým tl. myši na soubor "MBR", zvolte "Vlastnosti" - "Kompatibilita" a zaškrtněte položku "Spustit tento program jako správce" - "OK"

Start > Spustit (Win + R)

• Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\desktop\mbr" -t

• Klikněte na OK

• Vytvoří se log s názvem mbr.log, vložte ho sem.

Dejte log z Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878

[mozzek]

Zdravím

Emulátory odinstalovány.

Instalační SPTD nenašel žádnou nainstalovanou verzi, takže položka uninstal je neaktivní.

mbr se povedlo až napodruhé (a to ještě přes problém najít cestu z odkazu v Kódu, vyřešil jsem to nějak vlastní cestou).

Tady je log:

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net

device: opened successfully
user: error reading MBR
kernel: error reading MBR

Když na to tak koukám tak se asi stejně nepovedl.

a Gmer má provděpodobně problém s přístupem, vyhazuje hned po spuštění, že nemůže nalézt uvedený soubor c:\windows\system21\config\system

[Caroprd111]

Měl jste nastaveno spuštění MBR jako správce

Stáhněte MBR na plochu http://www2.gmer.net/mbr/mbr.exe

Klikněte pravým tl. myši na soubor "MBR", zvolte "Vlastnosti" - "Kompatibilita" a zaškrtněte položku "Spustit tento program jako správce" - "OK"

Start > Spustit (Win + R)

• Vyskočí okénko, zkopírujte do něj:

Kód: Vybrat vše

"%userprofile%\desktop\mbr" -t

• Klikněte na OK

• Vytvoří se log s názvem mbr.log, vložte ho sem.

[mozzek]

Měl, zkoušel jsem i kompatibilitu xp a stale to same