svchost vytezuje hodne pc a zlobi wifi

[lukasv23]

Dobry den,

mam dva problemy, nevim ale, jestli spolu souvisi.

1. Proces svchost.exe cas od casu z niceho nic vyzere jedno cele jadro PC a vezme si treba 1,7GB pameti a tak to si chroupa. S pocitacem se pak neda prakticky pracovat
2. Zacala mi dost zlobit WiFi - obcas se pripoji, obcas ne, kdyz je pripojena, samovolne se odpojuje. Nevim jestli to s tim muze souviset, nebo to muze delat nejaky vir. Ostatni notebooku pripojene k teto wifi jsou v pohode

NOD32 mi zadny vir nenachazi...

W7 Prof-64bit

log z RSIT nize

Predem diky za jakoukoliv radu

Logfile of random's system information tool 1.08 (written by random/random)
Run by lukas.vejman at 2010-08-06 17:37:50
Microsoft Windows 7 Professional
System drive C: has 150 GB (63%) free of 238 GB
Total RAM: 4048 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:37:52, on 6.8.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Fortinet\FortiClient\FortiTray.exe
C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe
C:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exe
C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe
C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe
C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\lukas.vejman.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Mobile Connectivity Suite] "C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.euro.dell.com/systemprof ... emLite.CAB
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Služba Acronis Scheduler2 (AcrSch2Svc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe
O23 - Service: Acronis Nonstop Backup service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FortiClient Service Scheduler (FA_Scheduler) - Fortinet Inc. - C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe
O23 - Service: FortiClient SSL VPN (FortiSslvpnDaemon) - Fortinet Inc. - C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Mobile Broadband Core Service (WMCoreService) - Unknown owner - C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9291 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-05870942-a7f3-4dda-aaed-3530d45c961f -SystemEventPortName:HostProcess-aa6ab4d9-590c-4583-92c8-606cff5ba980 -IoCancelEventPortName:HostProcess-5300c4f1-1279-4f4f-b00c-4e9ca5131097 -NonStateChangingEventPortName:HostProcess-ac669092-8b29-463b-91fd-05610434b07d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:cc5976cd-093b-42b7-8a8f-610176a51fe0
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-97801db3-e5c6-4f92-a328-d04c65675ddb -SystemEventPortName:HostProcess-95cd42e3-477e-4682-b450-66d98114fb04 -IoCancelEventPortName:HostProcess-0b776321-4769-4fbc-8469-545a44503b5f -NonStateChangingEventPortName:HostProcess-a2911b1d-7cf8-4d96-81dd-a4be4ab5fe68 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7c76326c-ee68-48b6-92a3-f57b97df3ad0
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe 2326688
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe"
FCDBLog.exe -s FC_{73EFB30F-1CAD-4a7a-AE2E-150282B6CE25}_000011
fcappdb.exe -s FC_{73EFB30F-1CAD-4a7a-AE2E-150282B6CE25}_000016
"taskhost.exe"
"C:\Program Files (x86)\Fortinet\FortiClient\FCHelper.exe" -Embedding
-s FC_{73EFB30F-1CAD-4a7a-AE2E-150282B6CE25}_000008
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe"
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe" /rep_new
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe" servicemode
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\DellTPad\HidFind.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe" /watchfiles startup
"C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe" /startoptions
"C:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exe" -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe" -Embedding
"C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe" -Embedding
"C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe"
"C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe" -Embedding
"C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe" -Embedding
"C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
FortiProxy.exe -s FC_{73EFB30F-1CAD-4a7a-AE2E-150282B6CE25}_000013
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=2892.9d95f20.1743395612 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" 2892 plugin \\.\pipe\gecko-crash-server-pipe.2892
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe12_ Global\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 504 508 516 65536 512
"C:\Users\lukas.vejman\Downloads\RSITx64.exe"
C:\PROGRA~2\Fortinet\FORTIC~1\FORTIS~1.EXE -Embedding

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 688528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-09 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2010-02-17 375808]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-03-17 166424]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-03-17 390680]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-03-17 410136]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-09 487424]
"Služba Acronis Scheduler2"=C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe [2010-06-03 362872]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 112512]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-07-02 2903688]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
""= []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2010-06-03 5129720]
"NokiaMServer"=C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"Mobile Connectivity Suite"=C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe [2009-11-19 598016]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-01-25 268800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2010-08-06 17:37:51 ----D---- C:\Program Files\trend micro
2010-08-06 17:37:50 ----D---- C:\rsit
2010-08-06 17:19:32 ----D---- C:\Program Files (x86)\HiJack
2010-08-06 14:19:26 ----D---- C:\ProgramData\Spybot - Search & Destroy
2010-08-06 14:19:26 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy
2010-08-05 17:54:40 ----A---- C:\Windows\ntbtlog.txt
2010-08-05 15:08:59 ----D---- C:\Users\lukas.vejman\AppData\Roaming\Teleca
2010-08-05 15:08:06 ----D---- C:\ProgramData\HTC
2010-08-05 15:08:04 ----D---- C:\ProgramData\Teleca
2010-08-05 15:07:20 ----D---- C:\Program Files (x86)\Spirent Communications
2010-08-05 15:07:12 ----D---- C:\Program Files (x86)\HTC
2010-08-05 15:06:06 ----D---- C:\Windows\Downloaded Installations
2010-08-04 12:41:32 ----D---- C:\ProgramData\ESET
2010-08-04 12:41:32 ----D---- C:\Program Files\ESET
2010-08-03 11:04:26 ----A---- C:\Windows\SYSWOW64\shell32.dll
2010-08-03 11:04:26 ----A---- C:\Windows\system32\shell32.dll
2010-08-01 18:20:30 ----D---- C:\Users\lukas.vejman\AppData\Roaming\Sprinx Systems
2010-08-01 18:20:30 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2010-07-27 11:04:40 ----A---- C:\Windows\system32\eST4snm6.dll
2010-07-25 23:41:37 ----D---- C:\Users\lukas.vejman\AppData\Roaming\Winamp
2010-07-25 23:41:37 ----D---- C:\Program Files (x86)\Winamp
2010-07-25 14:41:09 ----A---- C:\Windows\system32\PROUnstl.exe
2010-07-25 14:40:51 ----D---- C:\drvrtmp
2010-07-25 14:40:51 ----A---- C:\Windows\system32\NicInstY.dll
2010-07-25 14:40:51 ----A---- C:\Windows\system32\NicCo36.dll
2010-07-25 14:40:51 ----A---- C:\Windows\system32\e1000msg.dll
2010-07-25 14:40:51 ----A---- C:\Windows\system32\drivers\e1y62x64.sys
2010-07-25 14:37:39 ----D---- C:\DellDrivers
2010-07-22 14:31:38 ----D---- C:\Program Files\Common Files\Fortinet
2010-07-22 14:31:38 ----A---- C:\Windows\system32\drivers\ftvnic.sys
2010-07-22 07:35:00 ----D---- C:\Windows\Minidump
2010-07-20 21:53:48 ----A---- C:\Windows\system32\ssw1ml6.dll
2010-07-20 21:53:48 ----A---- C:\Windows\system32\ssw1mci.exe
2010-07-20 21:53:48 ----A---- C:\Windows\system32\ssw1mci.dll
2010-07-20 21:53:14 ----N---- C:\Windows\system32\drivers\SSPORT.SYS
2010-07-20 21:53:13 ----D---- C:\Program Files (x86)\Samsung
2010-07-20 21:53:11 ----D---- C:\Temp
2010-07-14 09:14:37 ----A---- C:\Windows\system32\cdd.dll
2010-07-13 22:03:27 ----D---- C:\ProgramData\Sports Interactive
2010-07-13 22:02:01 ----D---- C:\Users\lukas.vejman\AppData\Roaming\Sports Interactive
2010-07-13 22:00:47 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2010-07-13 22:00:47 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2010-07-13 22:00:47 ----A---- C:\Windows\system32\d3dx10_41.dll
2010-07-13 22:00:47 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2010-07-13 22:00:46 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2010-07-13 22:00:46 ----A---- C:\Windows\system32\D3DX9_41.dll
2010-07-13 22:00:44 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2010-07-13 22:00:44 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2010-07-13 22:00:44 ----A---- C:\Windows\system32\XAudio2_4.dll
2010-07-13 22:00:44 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2010-07-13 22:00:43 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2010-07-13 22:00:43 ----A---- C:\Windows\system32\xactengine3_4.dll
2010-07-13 22:00:42 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2010-07-13 22:00:42 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2010-07-13 22:00:41 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2010-07-13 22:00:41 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2010-07-13 22:00:41 ----A---- C:\Windows\system32\d3dx10_40.dll
2010-07-13 22:00:41 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2010-07-13 22:00:40 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2010-07-13 22:00:40 ----A---- C:\Windows\system32\D3DX9_40.dll
2010-07-13 22:00:38 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2010-07-13 22:00:38 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2010-07-13 22:00:38 ----A---- C:\Windows\system32\XAudio2_3.dll
2010-07-13 22:00:38 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2010-07-13 22:00:37 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2010-07-13 22:00:37 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2010-07-13 22:00:37 ----A---- C:\Windows\system32\xactengine3_3.dll
2010-07-13 22:00:37 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2010-07-13 22:00:36 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2010-07-13 22:00:36 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2010-07-13 22:00:36 ----A---- C:\Windows\system32\XAudio2_2.dll
2010-07-13 22:00:36 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2010-07-13 22:00:35 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2010-07-13 22:00:35 ----A---- C:\Windows\system32\xactengine3_2.dll
2010-07-13 22:00:34 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2010-07-13 22:00:34 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2010-07-13 22:00:34 ----A---- C:\Windows\system32\d3dx10_39.dll
2010-07-13 22:00:34 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2010-07-13 22:00:32 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2010-07-13 22:00:32 ----A---- C:\Windows\system32\D3DX9_39.dll
2010-07-13 22:00:31 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2010-07-13 22:00:31 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2010-07-13 22:00:31 ----A---- C:\Windows\system32\XAudio2_1.dll
2010-07-13 22:00:31 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2010-07-13 22:00:30 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2010-07-13 22:00:30 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2010-07-13 22:00:30 ----A---- C:\Windows\system32\xactengine3_1.dll
2010-07-13 22:00:30 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2010-07-13 22:00:29 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2010-07-13 22:00:29 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2010-07-13 22:00:29 ----A---- C:\Windows\system32\d3dx10_38.dll
2010-07-13 22:00:29 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2010-07-13 22:00:27 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2010-07-13 22:00:27 ----A---- C:\Windows\system32\D3DX9_38.dll
2010-07-13 22:00:26 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2010-07-13 22:00:26 ----A---- C:\Windows\system32\XAudio2_0.dll
2010-07-13 22:00:25 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2010-07-13 22:00:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2010-07-13 22:00:25 ----A---- C:\Windows\system32\xactengine3_0.dll
2010-07-13 22:00:25 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2010-07-13 22:00:24 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2010-07-13 22:00:24 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2010-07-13 22:00:24 ----A---- C:\Windows\system32\d3dx10_37.dll
2010-07-13 22:00:24 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2010-07-13 22:00:22 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2010-07-13 22:00:22 ----A---- C:\Windows\system32\D3DX9_37.dll
2010-07-13 22:00:21 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2010-07-13 22:00:21 ----A---- C:\Windows\system32\xactengine2_10.dll
2010-07-13 22:00:17 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2010-07-13 22:00:17 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2010-07-13 22:00:17 ----A---- C:\Windows\system32\d3dx10_36.dll
2010-07-13 22:00:17 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2010-07-13 22:00:14 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2010-07-13 22:00:14 ----A---- C:\Windows\system32\d3dx9_36.dll
2010-07-13 22:00:12 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2010-07-13 22:00:12 ----A---- C:\Windows\system32\xactengine2_9.dll
2010-07-13 22:00:11 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2010-07-13 22:00:11 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2010-07-13 22:00:11 ----A---- C:\Windows\system32\d3dx10_35.dll
2010-07-13 22:00:11 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2010-07-13 22:00:09 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2010-07-13 22:00:09 ----A---- C:\Windows\system32\d3dx9_35.dll
2010-07-13 22:00:08 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2010-07-13 22:00:08 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2010-07-13 22:00:08 ----A---- C:\Windows\system32\xactengine2_8.dll
2010-07-13 22:00:08 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2010-07-13 22:00:07 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2010-07-13 22:00:07 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2010-07-13 22:00:07 ----A---- C:\Windows\system32\d3dx10_34.dll
2010-07-13 22:00:07 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2010-07-13 22:00:05 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2010-07-13 22:00:05 ----A---- C:\Windows\system32\d3dx9_34.dll
2010-07-13 22:00:04 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2010-07-13 22:00:04 ----A---- C:\Windows\system32\xinput1_3.dll
2010-07-13 22:00:03 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2010-07-13 22:00:03 ----A---- C:\Windows\system32\xactengine2_7.dll
2010-07-13 22:00:02 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2010-07-13 22:00:02 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2010-07-13 22:00:02 ----A---- C:\Windows\system32\d3dx10_33.dll
2010-07-13 22:00:02 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2010-07-13 22:00:00 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2010-07-13 22:00:00 ----A---- C:\Windows\system32\d3dx9_33.dll
2010-07-13 21:59:58 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2010-07-13 21:59:58 ----A---- C:\Windows\system32\xactengine2_6.dll
2010-07-13 21:59:57 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2010-07-13 21:59:57 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2010-07-13 21:59:57 ----A---- C:\Windows\system32\xactengine2_5.dll
2010-07-13 21:59:57 ----A---- C:\Windows\system32\d3dx10.dll
2010-07-13 21:59:55 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2010-07-13 21:59:55 ----A---- C:\Windows\system32\d3dx9_32.dll
2010-07-13 21:59:54 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2010-07-13 21:59:54 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2010-07-13 21:59:54 ----A---- C:\Windows\system32\xactengine2_4.dll
2010-07-13 21:59:54 ----A---- C:\Windows\system32\x3daudio1_1.dll
2010-07-13 21:59:53 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2010-07-13 21:59:53 ----A---- C:\Windows\system32\d3dx9_31.dll
2010-07-13 21:59:52 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2010-07-13 21:59:52 ----A---- C:\Windows\system32\xactengine2_3.dll
2010-07-13 21:59:51 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2010-07-13 21:59:51 ----A---- C:\Windows\system32\xinput1_2.dll
2010-07-13 21:59:50 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2010-07-13 21:59:50 ----A---- C:\Windows\system32\xactengine2_2.dll
2010-07-13 21:59:49 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2010-07-13 21:59:49 ----A---- C:\Windows\system32\xinput1_1.dll
2010-07-13 21:59:48 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2010-07-13 21:59:48 ----A---- C:\Windows\system32\xactengine2_1.dll
2010-07-13 21:59:40 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2010-07-13 21:59:40 ----A---- C:\Windows\system32\d3dx9_30.dll
2010-07-13 21:59:39 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2010-07-13 21:59:39 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2010-07-13 21:59:39 ----A---- C:\Windows\system32\xactengine2_0.dll
2010-07-13 21:59:39 ----A---- C:\Windows\system32\x3daudio1_0.dll
2010-07-13 21:59:37 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2010-07-13 21:59:37 ----A---- C:\Windows\system32\d3dx9_29.dll
2010-07-13 21:59:34 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2010-07-13 21:59:34 ----A---- C:\Windows\system32\d3dx9_28.dll
2010-07-13 21:59:31 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2010-07-13 21:59:31 ----A---- C:\Windows\system32\d3dx9_27.dll
2010-07-13 21:59:30 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2010-07-13 21:59:30 ----A---- C:\Windows\system32\d3dx9_26.dll
2010-07-13 21:59:27 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2010-07-13 21:59:27 ----A---- C:\Windows\system32\d3dx9_25.dll
2010-07-13 21:59:26 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2010-07-13 21:59:26 ----A---- C:\Windows\system32\d3dx9_24.dll
2010-07-13 21:52:17 ----HD---- C:\Program Files (x86)\Zero G Registry
2010-07-13 21:52:17 ----D---- C:\Program Files (x86)\Sports Interactive
2010-07-12 09:52:47 ----D---- C:\Program Files\Common Files\DESIGNER
2010-07-12 09:40:28 ----D---- C:\ProgramData\Nokia
2010-07-12 09:36:15 ----D---- C:\Users\lukas.vejman\AppData\Roaming\Nokia Ovi Suite
2010-07-12 09:21:42 ----D---- C:\Program Files (x86)\PC Connectivity Solution
2010-07-12 09:21:18 ----D---- C:\Program Files (x86)\Nokia
2010-07-12 09:20:44 ----D---- C:\ProgramData\NokiaInstallerCache
2010-07-12 09:10:31 ----D---- C:\Users\lukas.vejman\AppData\Roaming\PC Suite
2010-07-12 09:10:31 ----D---- C:\Users\lukas.vejman\AppData\Roaming\Nokia
2010-07-12 09:10:29 ----D---- C:\ProgramData\PC Suite
2010-07-12 09:10:10 ----A---- C:\Windows\system32\drivers\pccsmcfdx64.sys
2010-07-12 09:09:46 ----A---- C:\Windows\system32\nmwcdclsx64.dll
2010-07-12 09:08:43 ----D---- C:\ProgramData\Installations
2010-07-09 14:02:55 ----D---- C:\Windows\Sun
2010-07-09 14:02:24 ----A---- C:\Windows\system32\javaws.exe
2010-07-09 14:02:24 ----A---- C:\Windows\system32\javaw.exe
2010-07-09 14:02:24 ----A---- C:\Windows\system32\java.exe
2010-07-09 14:02:24 ----A---- C:\Windows\system32\deployJava1.dll
2010-07-09 14:02:11 ----D---- C:\Program Files\Java
2010-07-08 12:40:43 ----D---- C:\Program Files\RealVNC
2010-07-08 08:20:06 ----D---- C:\Program Files (x86)\RealVNC
2010-07-07 15:41:54 ----D---- C:\Program Files (x86)\MozBackup
2010-07-07 09:30:46 ----A---- C:\Windows\vbaddin.ini

======List of files/folders modified in the last 1 months======

2010-08-06 17:37:52 ----D---- C:\Windows\Temp
2010-08-06 17:37:51 ----RD---- C:\Program Files
2010-08-06 17:31:48 ----D---- C:\Windows\system32\config
2010-08-06 17:19:35 ----RD---- C:\Program Files (x86)
2010-08-06 17:13:37 ----SHD---- C:\System Volume Information
2010-08-06 17:11:57 ----D---- C:\Windows\System32
2010-08-06 17:11:57 ----D---- C:\Windows\inf
2010-08-06 17:11:57 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-06 14:19:26 ----HD---- C:\ProgramData
2010-08-06 12:08:31 ----D---- C:\Windows\system32\catroot
2010-08-06 12:08:20 ----SHD---- C:\Windows\Installer
2010-08-06 11:59:46 ----D---- C:\Program Files (x86)\Mozilla Firefox
2010-08-05 17:54:40 ----D---- C:\Windows
2010-08-05 16:03:03 ----D---- C:\Windows\system32\drivers
2010-08-05 15:08:40 ----D---- C:\Windows\winsxs
2010-08-05 15:08:04 ----D---- C:\Windows\SysWOW64
2010-08-05 15:08:04 ----D---- C:\Program Files (x86)\Common Files
2010-08-05 15:07:28 ----D---- C:\Windows\system32\DriverStore
2010-08-02 18:40:26 ----D---- C:\Windows\system32\catroot2
2010-08-02 09:42:22 ----D---- C:\Windows\system32\wdi
2010-07-27 10:34:46 ----D---- C:\Windows\system32\Tasks
2010-07-26 18:46:27 ----D---- C:\Users\lukas.vejman\AppData\Roaming\VMware
2010-07-25 14:41:36 ----D---- C:\Program Files\Intel
2010-07-25 14:40:48 ----RD---- C:\Users
2010-07-25 14:24:59 ----D---- C:\Windows\Downloaded Program Files
2010-07-22 14:33:16 ----D---- C:\Program Files (x86)\Fortinet
2010-07-22 14:31:38 ----DC---- C:\Windows\system32\DRVSTORE
2010-07-22 14:31:38 ----D---- C:\Program Files\Common Files
2010-07-19 18:28:03 ----D---- C:\Windows\Prefetch
2010-07-18 12:00:52 ----D---- C:\ProgramData\Microsoft Help
2010-07-13 21:59:48 ----RSD---- C:\Windows\assembly
2010-07-13 21:59:43 ----D---- C:\Windows\Microsoft.NET
2010-07-13 21:57:25 ----D---- C:\Windows\Logs
2010-07-13 21:49:55 ----D---- C:\Users\lukas.vejman\AppData\Roaming\DAEMON Tools Lite
2010-07-12 16:23:29 ----D---- C:\Windows\system32\FxsTmp
2010-07-12 12:10:26 ----D---- C:\ProgramData\VMware
2010-07-12 10:09:38 ----A---- C:\Windows\win.ini
2010-07-12 10:09:30 ----D---- C:\Windows\ShellNew
2010-07-12 09:52:58 ----RSD---- C:\Windows\Fonts
2010-07-12 09:52:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-07-12 09:50:16 ----D---- C:\Program Files\Common Files\System
2010-07-12 09:12:52 ----D---- C:\Windows\system32\drivers\UMDF
2010-07-12 09:10:33 ----D---- C:\Program Files\DIFX
2010-07-12 08:59:23 ----D---- C:\Users\lukas.vejman\AppData\Roaming\Download Manager
2010-07-12 08:59:23 ----D---- C:\MS Install
2010-07-08 08:36:01 ----D---- C:\ProgramData\Adobe
2010-07-07 20:46:56 ----SD---- C:\ProgramData\Microsoft
2010-07-07 17:25:34 ----D---- C:\Windows\rescache
2010-07-07 17:22:17 ----D---- C:\Program Files (x86)\Windows Mail
2010-07-07 17:22:16 ----D---- C:\Program Files (x86)\Windows Sidebar
2010-07-07 17:22:16 ----D---- C:\Program Files (x86)\Windows Media Player
2010-07-07 17:22:15 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2010-07-07 17:22:14 ----D---- C:\Windows\servicing
2010-07-07 17:22:14 ----D---- C:\Program Files\Windows Sidebar
2010-07-07 17:22:14 ----D---- C:\Program Files\Windows Photo Viewer
2010-07-07 17:22:14 ----D---- C:\Program Files\Windows Media Player
2010-07-07 17:22:14 ----D---- C:\Program Files\Windows Mail
2010-07-07 17:22:14 ----D---- C:\Program Files\Windows Journal
2010-07-07 17:22:14 ----D---- C:\Program Files\Windows Defender
2010-07-07 17:22:14 ----D---- C:\Program Files\DVD Maker
2010-07-07 17:22:14 ----D---- C:\Program Files (x86)\Windows Defender
2010-07-07 17:22:13 ----D---- C:\Windows\SYSWOW64\winrm
2010-07-07 17:22:13 ----D---- C:\Windows\SYSWOW64\slmgr
2010-07-07 17:22:13 ----D---- C:\Windows\SYSWOW64\migwiz
2010-07-07 17:22:13 ----D---- C:\Windows\SYSWOW64\en-US
2010-07-07 17:22:13 ----D---- C:\Windows\SYSWOW64\en
2010-07-07 17:22:13 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2010-07-07 17:22:08 ----D---- C:\Windows\SYSWOW64\WCN
2010-07-07 17:22:08 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2010-07-07 17:22:08 ----D---- C:\Windows\SYSWOW64\DriverStore
2010-07-07 17:22:08 ----D---- C:\Windows\SYSWOW64\Dism
2010-07-07 17:22:06 ----D---- C:\Windows\en-US
2010-07-07 17:22:05 ----D---- C:\Windows\system32\winrm
2010-07-07 17:22:05 ----D---- C:\Windows\system32\slmgr
2010-07-07 17:22:05 ----D---- C:\Windows\system32\migwiz
2010-07-07 17:22:05 ----D---- C:\Windows\system32\en
2010-07-07 17:22:05 ----D---- C:\Windows\system32\drivers\en-US
2010-07-07 17:22:05 ----D---- C:\Windows\system32\Boot
2010-07-07 17:22:04 ----D---- C:\Windows\system32\en-US
2010-07-07 17:22:00 ----D---- C:\Windows\system32\WCN
2010-07-07 17:22:00 ----D---- C:\Windows\system32\Dism
2010-07-07 17:21:58 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2010-07-07 17:21:58 ----D---- C:\Windows\Speech
2010-07-07 10:09:57 ----SD---- C:\Users\lukas.vejman\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2010-07-04 271456]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-07-03 834544]
R0 tdrpman258;Acronis Try&Decide and Restore Points filter (build 258); C:\Windows\system32\DRIVERS\tdrpm258.sys [2010-07-04 1477728]
R0 timounter;Acronis Backup Archive Explorer; C:\Windows\system32\DRIVERS\timntr.sys [2010-07-04 943712]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-28 139704]
R1 fortiapd;fortiapd; C:\Windows\system32\drivers\fortiapd.sys [2010-05-11 14952]
R1 FortiRdr;FortiRdr; C:\Windows\system32\drivers\FortiRdr2.sys [2010-05-11 43624]
R1 FortiShield;FortiShield; C:\Windows\system32\drivers\FortiShield.sys [2010-05-11 42088]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-06-24 166984]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2010-04-28 124760]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmpx64.sys [2006-11-17 52224]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2007-11-22 11576]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2010-07-04 252512]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-03-10 300592]
R3 d554gps;Dell Wireless HSPA Mini-Card GPS Port; C:\Windows\system32\DRIVERS\d554gps64.sys [2009-07-10 96296]
R3 d557bus;Dell Wireless 5540 HSPA Mini-Card Device (Win7); C:\Windows\system32\DRIVERS\d557bus.sys [2009-06-29 328704]
R3 d557mdfl;Dell Wireless 5540 HSPA Mini-Card Modem Filter (Win7); C:\Windows\system32\DRIVERS\d557mdfl.sys [2009-06-29 19456]
R3 d557mdm;Dell Wireless 5540 HSPA Mini-Card Modem (Win7); C:\Windows\system32\DRIVERS\d557mdm.sys [2009-06-29 432128]
R3 d557mgmt;Dell Wireless 5540 HSPA Mini-Card Device Management (Win7); C:\Windows\system32\DRIVERS\d557mgmt.sys [2009-06-29 376320]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y62x64.sys [2009-06-12 287960]
R3 ecnssndis;Service for enabling selective suspend to NDIS device; C:\Windows\System32\Drivers\wwuss64.sys [2009-09-22 12800]
R3 ecnssndisfltr;SSNDIS filter service; C:\Windows\System32\Drivers\wwussf64.sys [2009-09-22 17408]
R3 Fortidrv2;Fortinet Fortinet Packet Filter Service; C:\Windows\system32\DRIVERS\fortidrv.sys [2010-01-04 28264]
R3 ft_vnic;Fortinet network virtual adapter; C:\Windows\system32\DRIVERS\ftvnic.sys [2009-02-16 16928]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-01-25 7842272]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2009-12-14 144896]
R3 NETw5s64;Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys [2010-03-17 7680512]
R3 pppop;PPPoP WAN Adapter; C:\Windows\system32\DRIVERS\pppop64.sys [2009-07-21 42528]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-09 505856]
R3 WinUsb;Ovladač WinUSB; C:\Windows\system32\DRIVERS\WinUSB.sys [2009-07-14 40448]
R3 WwanUsbServ;Ericsson WWAN Wireless Module Device Driver; C:\Windows\system32\DRIVERS\WwanUsbMp64.sys [2009-09-22 255016]
S1 Fortips;Fortips; C:\Windows\system32\drivers\fortips.sys [2010-05-11 128104]
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S3 a6ce3y0l;a6ce3y0l; C:\Windows\system32\drivers\a6ce3y0l.sys []
S3 acpials;Filtr zařízení ALS Sensor; C:\Windows\system32\DRIVERS\acpials.sys [2009-07-14 9728]
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-11-09 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2009-11-09 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-11-09 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-11-09 21160]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-10-26 32768]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2008-08-28 25600]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Služba Acronis Scheduler2; C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe [2010-06-03 1055200]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe [2009-03-03 89600]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-08-11 864032]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2010-07-02 810144]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2010-03-05 1425168]
R2 FA_Scheduler;FortiClient Service Scheduler; C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe [2010-05-11 61458]
R2 FortiSslvpnDaemon;FortiClient SSL VPN; C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe [2010-03-22 703080]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2010-03-05 831760]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\STacSV64.exe [2010-03-09 244736]
R2 WMCoreService;Mobile Broadband Core Service; C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe [2009-09-24 430080]
R3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 afcdpsrv;Acronis Nonstop Backup service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2010-07-04 2480048]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-07-02 42360]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-07-03 1255736]

-----------------EOF-----------------

[motji]

Hezký večer

Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.

[lukasv23]

Dobry den,

takze tady to je:

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4408

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

9.8.2010 7:41:03
mbam-log-2010-08-09 (07-41-03).txt

Typ skenu: Úplný sken (C:\|)
Skenované objekty: 238545
Uplynulý čas: 34 minuta(y), 40 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 0
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)


A pak info.txt

info.txt logfile of random's system information tool 1.08 2010-08-06 17:38:03

======Uninstall list======

-->MsiExec.exe /I{71B7840D-BB4D-409C-87A2-9EFD10BC0C3D}
-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Acronis True Image Home-->MsiExec.exe /X{BEF1942C-FF3A-4FCB-AB49-3E6F9363F538}
Adobe Flash Player 10 ActiveX-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Reader 9.3.3 - Czech-->MsiExec.exe /I{AC76BA86-7AD7-1029-7B44-A93000000001}
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\F4092DA208C2C970\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfdx6_8A3BAB842294F8D9255C3CF2A3B1CECAEEB8EA7E\pccsmcfdx64.inf
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{F1BD5C54-EF7A-4EC7-9ABF-2B3286305834}" "1033" "0"
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-003B-0000-1000-0000000FF1CE}" "{F1BD5C54-EF7A-4EC7-9ABF-2B3286305834}" "1029" "0"
Definition update for Microsoft Office 2010 (KB982726)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0057-0000-1000-0000000FF1CE}" "{F1BD5C54-EF7A-4EC7-9ABF-2B3286305834}" "1029" "0"
Dell Touchpad-->C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
Dell Wireless HSPA Mini-Card Drivers-->MsiExec.exe /X{D32F6B1F-0FD0-46DA-B821-8D876070F20C}
Football Manager 2010-->"C:\Program Files (x86)\Sports Interactive\Football Manager 2010\Uninstall_Football Manager 2010\Uninstall Football Manager 2010.exe"
FortiClient Endpoint Security-->MsiExec.exe /I{34D6AD5A-C03D-45FF-AA8A-8B306E01B96D}
FortiClient SSL VPN v4.0.2082-->MsiExec.exe /I{A34DCE59-0004-0000-2082-3F8A9926B752}
HijackThis 2.0.2-->"C:\Program Files (x86)\HiJack\HijackThis.exe" /uninstall
HTC Driver Installer-->MsiExec.exe /X{6D6664A9-3342-4948-9B7E-034EFE366F0F}
HTC Sync-->MsiExec.exe /I{BC4174D1-7970-40E6-AC57-F095F961FB08}
IDT Audio-->"C:\Program Files (x86)\InstallShield Installation Information\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}\setup.exe" -remove -removeonly
Intel PROSet Wireless-->Intel PROSet Wireless
Intel(R) Graphics Media Accelerator Driver-->C:\Program Files (x86)\Intel\Intel(R) Graphics Media Accelerator Driver\Uninstall\setup.exe -uninstall
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\SysWOW64\igxpun.exe -uninstall
Intel(R) Network Connections 14.6.9.0-->MsiExec.exe /i{CCC68887-6E07-4438-A035-7C22EFBDC15E} ARPREMOVE=1
Intel(R) Network Connections 14.6.9.0-->MsiExec.exe /i{CCC68887-6E07-4438-A035-7C22EFBDC15E} ARPREMOVE=1
Java(TM) 6 Update 20 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416020FF}
Microsoft Office Access MUI (Czech) 2010-->MsiExec.exe /X{90140000-0015-0405-1000-0000000FF1CE}
Microsoft Office Access MUI (English) 2010-->MsiExec.exe /X{90140000-0015-0409-1000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0117-0409-1000-0000000FF1CE}
Microsoft Office Excel MUI (Czech) 2010-->MsiExec.exe /X{90140000-0016-0405-1000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-1000-0000000FF1CE}
Microsoft Office Groove MUI (Czech) 2010-->MsiExec.exe /X{90140000-00BA-0405-1000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2010-->MsiExec.exe /X{90140000-00BA-0409-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (Czech) 2010-->MsiExec.exe /X{90140000-0044-0405-1000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2010-->MsiExec.exe /X{90140000-0044-0409-1000-0000000FF1CE}
Microsoft Office Office 32-bit Components 2010-->MsiExec.exe /X{90140000-0043-0000-1000-0000000FF1CE}
Microsoft Office OneNote MUI (Czech) 2010-->MsiExec.exe /X{90140000-00A1-0405-1000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-1000-0000000FF1CE}
Microsoft Office Outlook MUI (Czech) 2010-->MsiExec.exe /X{90140000-001A-0405-1000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Czech) 2010-->MsiExec.exe /X{90140000-0018-0405-1000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-1000-0000000FF1CE}
Microsoft Office Professional Plus 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PROPLUSR /dll OSETUP.DLL
Microsoft Office Professional Plus 2010-->MsiExec.exe /X{91140000-0011-0000-1000-0000000FF1CE}
Microsoft Office Project MUI (Czech) 2010-->MsiExec.exe /X{90140000-00B4-0405-1000-0000000FF1CE}
Microsoft Office Project Professional 2010-->MsiExec.exe /X{91140000-003B-0000-1000-0000000FF1CE}
Microsoft Office Proof (Czech) 2010-->MsiExec.exe /X{90140000-001F-0405-1000-0000000FF1CE}
Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-1000-0000000FF1CE}
Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-1000-0000000FF1CE}
Microsoft Office Proof (German) 2010-->MsiExec.exe /X{90140000-001F-0407-1000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2010-->MsiExec.exe /X{90140000-001F-041B-1000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-1000-0000000FF1CE}
Microsoft Office Proofing (Czech) 2010-->MsiExec.exe /X{90140000-002C-0405-1000-0000000FF1CE}
Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-1000-0000000FF1CE}
Microsoft Office Publisher MUI (Czech) 2010-->MsiExec.exe /X{90140000-0019-0405-1000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (Czech) 2010-->MsiExec.exe /X{90140000-0043-0405-1000-0000000FF1CE}
Microsoft Office Shared 32-bit MUI (English) 2010-->MsiExec.exe /X{90140000-0043-0409-1000-0000000FF1CE}
Microsoft Office Shared MUI (Czech) 2010-->MsiExec.exe /X{90140000-006E-0405-1000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-1000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-1000-0000000FF1CE}
Microsoft Office Visio 2010-->MsiExec.exe /X{91140000-0057-0000-1000-0000000FF1CE}
Microsoft Office Visio MUI (Czech) 2010-->MsiExec.exe /X{90140000-0054-0405-1000-0000000FF1CE}
Microsoft Office Word MUI (Czech) 2010-->MsiExec.exe /X{90140000-001B-0405-1000-0000000FF1CE}
Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-1000-0000000FF1CE}
Microsoft Project Professional 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall PRJPROR /dll OSETUP.DLL
Microsoft Visio Professional 2010-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall VISIOR /dll OSETUP.DLL
Microsoft Visual J# 2.0 Redistributable Package - SE (x64)-->C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)\install.exe
MozBackup 1.4.10-->C:\Program Files (x86)\MozBackup\Uninstall.exe
Mozilla Firefox (3.6.6)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
MSVC80_x64_v2-->MsiExec.exe /I{4D668D4F-FAA2-4726-834C-31F4614F312E}
MSVC80_x86_v2-->MsiExec.exe /I{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}
MSVC90_x64-->MsiExec.exe /I{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}
MSVC90_x86-->MsiExec.exe /I{AF111648-99A1-453E-81DD-80DBBF6DAD0D}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nokia Connectivity Cable Driver-->MsiExec.exe /I{F1FDAA01-988C-423F-AC12-0D8F333943FD}
Nokia Ovi Suite Software Updater-->MsiExec.exe /X{A0D65C73-F2C5-432F-8788-90F8A2E99B98}
Nokia Ovi Suite-->C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\Installer.exe
Nokia Ovi Suite-->MsiExec.exe /X{8070452B-15D6-4169-B9B9-FCC3B54588AD}
Ovi Desktop Sync Engine-->MsiExec.exe /X{2D10FC46-1D96-44C4-8855-85F21B9B011E}
OviMPlatform-->MsiExec.exe /I{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}
PC Connectivity Solution-->MsiExec.exe /I{29F563F4-8807-4496-8463-441EAA0E96AB}
Samsung SCX-4500W Series-->C:\Program Files (x86)\Samsung\Samsung SCX-4500W Series\Install\Setup.exe /R
Software Bluetooth WIDCOMM-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
Software Intel(R) PROSet/Wireless WiFi-->MsiExec /I{1A8BA6CE-822D-4888-89E2-ACBF4308F271}
Spybot - Search & Destroy-->"C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe"
Update for Microsoft Outlook Social Connector (KB983403)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-1000-0000000FF1CE}" "{2803A83E-B761-47FB-9879-BCC3E29F259B}" "1033" "0"
Update for Microsoft Outlook Social Connector (KB983403)-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{91140000-0011-0000-1000-0000000FF1CE}" "{E12DFBFF-1369-41E2-A47C-29ABE0BB3942}" "1033" "0"
VMware vSphere Client 4.0-->MsiExec.exe /X{C40698F9-A861-4531-9F8C-FA7F8961375B}
VMware vSphere Host Update Utility 4.0-->MsiExec.exe /X{9BC51C0F-DA8E-4370-9997-899B3435A647}
VNC Free Edition 4.1.3-->"C:\Program Files (x86)\RealVNC\VNC4\unins000.exe"
Winamp-->"C:\Program Files (x86)\Winamp\UninstWA.exe"
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-win7x64-brcm.inf_amd64_neutral_9f61c0dbf5607025\bcbtums-win7x64-brcm.inf
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-vistax64-brcm.inf_amd64_neutral_669857059b361c7a\bcbtums-vistax64-brcm.inf
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======System event log======

Computer Name: lukas-NB
Event Code: 15
Message: Zařízení \Device\Harddisk1\DR1 ještě není připraveno pro přístup.
Record Number: 115205
Source Name: Disk
Time Written: 20100711195709.008516-000
Event Type: Chyba
User:

Computer Name: lukas-NB
Event Code: 15
Message: Zařízení \Device\Harddisk1\DR1 ještě není připraveno pro přístup.
Record Number: 115204
Source Name: Disk
Time Written: 20100711195709.008516-000
Event Type: Chyba
User:

Computer Name: lukas-NB
Event Code: 15
Message: Zařízení \Device\Harddisk1\DR1 ještě není připraveno pro přístup.
Record Number: 115203
Source Name: Disk
Time Written: 20100711195709.008516-000
Event Type: Chyba
User:

Computer Name: lukas-NB
Event Code: 15
Message: Zařízení \Device\Harddisk1\DR1 ještě není připraveno pro přístup.
Record Number: 115202
Source Name: Disk
Time Written: 20100711195709.008516-000
Event Type: Chyba
User:

Computer Name: lukas-NB
Event Code: 15
Message: Zařízení \Device\Harddisk1\DR1 ještě není připraveno pro přístup.
Record Number: 115201
Source Name: Disk
Time Written: 20100711195709.008516-000
Event Type: Chyba
User:

=====Application event log=====

Computer Name: 37L4247E29-32
Event Code: 1001
Message: Chybný blok , typ 0
Název události: PnPDriverNotFound
Reakce: Není k dispozici
ID souboru CAB: 0

Podpis problému:
P1: x64
P2: PCI\VEN_1180&DEV_0843&SUBSYS_024D1028&REV_12
P3:
P4:
P5:
P6:
P7:
P8:
P9:
P10:

Připojené soubory:
C:\Windows\Temp\DMI7703.tmp.log.xml

Tyto soubory mohou být k dispozici zde:
C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_8872b411d085345b4ccf7ffc99fae2045d8446c_cab_05da77be

Symbol analýzy:
Opětovné hledání řešení: 0
ID hlášení: 4436ae71-86e0-11df-acdd-c5428c7114c7
Stav hlášení: 6
Record Number: 5
Source Name: Windows Error Reporting
Time Written: 20100703201923.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5617
Message: Windows Management Instrumentation Service subsystems initialized successfully
Record Number: 4
Source Name: Microsoft-Windows-WMI
Time Written: 20100703201739.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 5615
Message: Windows Management Instrumentation Service started sucessfully
Record Number: 3
Source Name: Microsoft-Windows-WMI
Time Written: 20100703201736.000000-000
Event Type: Informace
User:

Computer Name: 37L4247E29-32
Event Code: 1531
Message: Služba Profil uživatele byla úspěšně spuštěna.


Record Number: 2
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20100703201731.860084-000
Event Type: Informace
User: NT AUTHORITY\SYSTEM

Computer Name: 37L4247E29-32
Event Code: 4625
Message: Subsystém EventSystem zabraňuje vytváření duplicitních záznamů v protokolu událostí po dobu 86400 sekund. Tuto dobu lze změnit pomocí hodnoty REG_DWORD s názvem SuppressDuplicateDuration v následujícím klíči registru: HKLM\Software\Microsoft\EventSystem\EventLog.
Record Number: 1
Source Name: Microsoft-Windows-EventSystem
Time Written: 20100703201732.000000-000
Event Type: Informace
User:

=====Security event log=====

Computer Name: 37L4247E29-32
Event Code: 4735
Message: Byla změněna zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Změněné atributy:
Název účtu SAM: -
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 5
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100703201709.910846-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4731
Message: Byla vytvořena zabezpečená místní skupina.

Předmět:
ID zabezpečení: S-1-5-18
Název účtu: 37L4247E29-32$
Doména účtu: WORKGROUP
ID přihlášení: 0x3e7

Nová skupina:
ID zabezpečení: S-1-5-32-551
Název skupiny: Backup Operators
Doména skupiny: Builtin

Atributy:
Název účtu SAM: Backup Operators
Historie identifikátoru zabezpečení: -

Další informace:
Oprávnění: -
Record Number: 4
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100703201709.864046-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4902
Message: Tabulka zásad auditu pro jednotlivé uživatele byla vytvořena.

Počet prvků: 0
ID zásady: 0x33dc3
Record Number: 3
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100703201709.598845-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4624
Message: Účet byl úspěšně přihlášen.

Předmět:
ID zabezpečení: S-1-0-0
Název účtu: -
Doména účtu: -
ID přihlášení: 0x0

Typ přihlášení: 0

Nové přihlášení:
ID zabezpečení: S-1-5-18
Název účtu: SYSTEM
Doména účtu: NT AUTHORITY
ID přihlášení: 0x3e7
GUID přihlášení: {00000000-0000-0000-0000-000000000000}

Informace o procesu:
ID procesu: 0x4
Název procesu:

Informace o síti:
Název pracovní stanice: -
Adresa zdrojové sítě -
Zdrojový port: -

Podrobné informace o ověření:
Proces přihlášení: -
Balíček ověření: -
Přenosové služby: -
Název balíčku (pouze NTLM): -
Délka klíče: 0

Tato událost je generována po vytvoření relace přihlášení. Je generována v počítači, ke kterému byl získán přístup.

Pole s předmětem označují účet v místním systému, který požadoval přihlášení. Jedná se nejčastěji o službu, například službu serveru nebo místní proces, například Winlogon.exe nebo Services.exe.

Pole Typ přihlášení označuje, k jakému typu přihlášení došlo. Nejběžnější typy jsou 2 (interaktivní) a 3 (síť).

Pole Nové přihlášení označují účet, pro který bylo nové přihlášení vytvořeno, tj. účet, který byl přihlášen.

Pole Síť označují původ požadavku na vzdálené přihlášení. Název pracovní stanice není vždy k dispozici a v některých případech může být toto pole prázdné.

Pole s informacemi o ověření poskytují podrobné informace o tomto konkrétním požadavku na přihlášení.
- GUID přihlášení je jednoznačný identifikátor, který je možné použít ke spojení této události s událostí KDC.
- Přenosové služby označují, které pomocné služby se podílely na tomto požadavku na přihlášení.
- Název balíčku označuje, který dílčí protokol z protokolů NTLM byl použit.
- Délka klíče označuje délku generovaného klíče relace. Tato hodnota bude 0, pokud nebyl požadován žádný klíč relace.
Record Number: 2
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100703201708.179243-000
Event Type: Úspěšný audit
User:

Computer Name: 37L4247E29-32
Event Code: 4608
Message: Spouští se systém Windows.

Tato událost je zaznamenána při spuštění procesu LSASS.EXE a inicializaci kontrolního podsystému.
Record Number: 1
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20100703201708.132443-000
Event Type: Úspěšný audit
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files (x86)\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\Program Files (x86)\Common Files\Acronis\SnapAPI\;C:\Program Files\Intel\DMIX;C:\Program Files (x86)\Common Files\Teleca Shared
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=AMD64
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a

-----------------EOF-----------------

[motji]

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT 

- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde

[lukasv23]

OTL logfile created on: 9.8.2010 20:25:47 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\lukas.vejman\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 42,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 146,04 Gb Free Space | 62,74% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LUKAS-NB
Current User Name: lukas.vejman
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2010.08.09 14:46:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\lukas.vejman\Downloads\OTL.exe
PRC - [2010.07.02 12:43:40 | 000,810,144 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
PRC - [2010.06.26 10:43:15 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010.06.26 10:43:15 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
PRC - [2010.06.09 01:47:48 | 001,531,904 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe
PRC - [2010.06.03 12:27:26 | 000,362,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe
PRC - [2010.06.03 12:25:56 | 005,129,720 | ---- | M] () -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2010.05.11 14:30:20 | 003,312,256 | ---- | M] (Fortinet Inc.) -- C:\Program Files (x86)\Fortinet\FortiClient\FortiTray.exe
PRC - [2010.05.11 14:27:58 | 000,081,938 | ---- | M] (Fortinet Inc.) -- C:\Program Files (x86)\Fortinet\FortiClient\fcappdb.exe
PRC - [2010.05.11 14:23:28 | 000,364,562 | ---- | M] (Fortinet Inc.) -- C:\Program Files (x86)\Fortinet\FortiClient\FortiProxy.exe
PRC - [2010.05.11 14:19:22 | 000,143,378 | ---- | M] (Fortinet Inc.) -- C:\Program Files (x86)\Fortinet\FortiClient\FCDBLog.exe
PRC - [2010.05.11 14:12:56 | 000,061,458 | ---- | M] (Fortinet Inc.) -- C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe
PRC - [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2010.03.30 15:13:06 | 000,389,120 | R--- | M] (Teleca) -- C:\Program Files (x86)\HTC\HTC Sync\ClientInitiatedStarter\ClientInitiatedStarter.exe
PRC - [2010.03.22 10:38:02 | 000,703,080 | ---- | M] (Fortinet Inc.) -- C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe
PRC - [2010.03.17 16:22:52 | 001,019,904 | R--- | M] (Teleca Sweden AB) -- C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\epmworker.exe
PRC - [2010.03.17 16:08:22 | 000,253,952 | R--- | M] (TODO: <Company name>) -- C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\FsynSrvStarter.exe
PRC - [2010.03.17 16:08:04 | 000,462,848 | R--- | M] (Teleca AB) -- C:\Program Files (x86)\HTC\HTC Sync\Mobile Phone Monitor\HTCVBTServer.exe
PRC - [2009.12.11 15:50:34 | 000,557,056 | R--- | M] (Teleca AB) -- C:\Program Files (x86)\Common Files\Teleca Shared\Generic.exe
PRC - [2009.11.19 17:19:48 | 000,598,016 | R--- | M] (Teleca Sweden AB) -- C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe
PRC - [2009.09.24 10:54:36 | 000,430,080 | R--- | M] () -- C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe
PRC - [2009.06.03 10:25:16 | 000,106,496 | R--- | M] (Popwire AB) -- C:\Program Files (x86)\Common Files\Teleca Shared\logger.exe
PRC - [2009.04.14 13:14:26 | 000,139,264 | ---- | M] (Teleca Sweden AB) -- C:\Program Files (x86)\Common Files\Teleca Shared\CapabilityManager.exe


========== Modules (SafeList) ==========

MOD - [2010.08.09 14:46:34 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\lukas.vejman\Downloads\OTL.exe
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010.07.02 12:44:10 | 000,042,360 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
SRV:64bit: - [2010.07.02 12:43:40 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2010.03.09 23:56:02 | 000,244,736 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\stacsv64.exe -- (STacSV)
SRV:64bit: - [2010.03.05 10:26:38 | 001,425,168 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010.03.05 10:06:22 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2010.01.09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV:64bit: - [2009.08.11 16:59:38 | 000,864,032 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.14 03:41:56 | 000,195,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2009.07.14 03:41:54 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:64bit: - [2009.07.14 03:41:53 | 001,361,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:24 | 000,689,152 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2009.03.03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_e085d3cd5b474ba6\AESTSr64.exe -- (AESTFilters)
SRV - [2010.07.04 00:18:57 | 002,480,048 | ---- | M] (Acronis) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.06.03 12:29:22 | 001,055,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Plán2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010.05.11 14:12:56 | 000,061,458 | ---- | M] (Fortinet Inc.) [Auto | Running] -- C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe -- (FA_Scheduler)
SRV - [2010.03.22 10:38:02 | 000,703,080 | ---- | M] (Fortinet Inc.) [Auto | Running] -- C:\Windows\SysWOW64\FortiSSLVPNdaemon.exe -- (FortiSslvpnDaemon)
SRV - [2009.09.24 10:54:36 | 000,430,080 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Dell\Dell WWAN\WMCore\mini_WMCore.exe -- (WMCoreService)


========== Driver Services (SafeList) ==========

DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Windows\SysNative\Drivers\DgiVecp.sys -- (DgiVecp)
DRV:64bit: - [2010.07.04 00:18:58 | 000,252,512 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2010.07.04 00:18:55 | 001,477,728 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm258.sys -- (tdrpman258) Acronis Try&Decide and Restore Points filter (build 258)
DRV:64bit: - [2010.07.04 00:18:51 | 000,943,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2010.07.04 00:18:45 | 000,271,456 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010.07.03 23:45:11 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.06.24 09:04:14 | 000,166,984 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2010.05.11 14:40:18 | 000,043,624 | ---- | M] (Fortinet Inc) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FortiRdr2.sys -- (FortiRdr)
DRV:64bit: - [2010.05.11 14:40:04 | 000,042,088 | ---- | M] (Fortinet Inc) [File_System | System | Running] -- C:\Windows\SysNative\drivers\FortiShield.sys -- (FortiShield)
DRV:64bit: - [2010.05.11 14:40:00 | 000,128,104 | ---- | M] (Fortinet Inc) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\fortips.sys -- (Fortips)
DRV:64bit: - [2010.05.11 14:39:56 | 000,014,952 | ---- | M] (Fortinet Inc) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\fortiapd.sys -- (fortiapd)
DRV:64bit: - [2010.04.28 08:17:46 | 000,139,704 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2010.04.28 08:17:46 | 000,124,760 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
DRV:64bit: - [2010.03.17 22:21:58 | 007,680,512 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Ovladač adaptéru řady Intel(R)
DRV:64bit: - [2010.03.10 18:23:48 | 000,300,592 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2010.03.09 23:56:02 | 000,505,856 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.01.25 20:51:04 | 007,842,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.01.04 12:36:32 | 000,028,264 | ---- | M] (Fortinet Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fortidrv.sys -- (Fortidrv2)
DRV:64bit: - [2009.12.14 10:13:14 | 000,144,896 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV:64bit: - [2009.11.09 10:46:40 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.11.09 10:46:40 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.11.09 10:46:40 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.11.09 10:46:38 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.10.26 16:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)
DRV:64bit: - [2009.10.10 04:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.09.22 15:47:42 | 000,255,016 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WwanUsbMp64.sys -- (WwanUsbServ)
DRV:64bit: - [2009.09.22 10:10:56 | 000,017,408 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wwussf64.sys -- (ecnssndisfltr)
DRV:64bit: - [2009.09.22 10:10:56 | 000,012,800 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wwuss64.sys -- (ecnssndis)
DRV:64bit: - [2009.07.21 17:53:06 | 000,042,528 | ---- | M] (Fortinet Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pppop64.sys -- (pppop)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,200,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbus.sys -- (vmbus)
DRV:64bit: - [2009.07.14 03:45:55 | 000,046,672 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmstorfl.sys -- (storflt)
DRV:64bit: - [2009.07.14 03:45:55 | 000,034,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsc.sys -- (storvsc)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:00:24 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpials.sys -- (acpials)
DRV:64bit: - [2009.07.14 01:42:58 | 000,006,656 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vms3cap.sys -- (s3cap)
DRV:64bit: - [2009.07.14 01:42:44 | 000,021,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusHID.sys -- (VMBusHID)
DRV:64bit: - [2009.07.14 01:24:27 | 000,514,048 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2009.07.10 15:53:22 | 000,096,296 | ---- | M] (Ericsson AB) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\d554gps64.sys -- (d554gps)
DRV:64bit: - [2009.06.29 09:42:10 | 000,432,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\d557mdm.sys -- (d557mdm) Dell Wireless 5540 HSPA Mini-Card Modem (Win7)
DRV:64bit: - [2009.06.29 09:42:10 | 000,376,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\d557mgmt.sys -- (d557mgmt) Dell Wireless 5540 HSPA Mini-Card Device Management (Win7)
DRV:64bit: - [2009.06.29 09:42:10 | 000,328,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\d557bus.sys -- (d557bus) Dell Wireless 5540 HSPA Mini-Card Device (Win7)
DRV:64bit: - [2009.06.29 09:42:10 | 000,019,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\d557mdfl.sys -- (d557mdfl) Dell Wireless 5540 HSPA Mini-Card Modem Filter (Win7)
DRV:64bit: - [2009.06.12 17:19:58 | 000,287,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1y62x64.sys -- (e1yexpress) Intel(R)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.02.16 15:23:26 | 000,016,928 | ---- | M] (Fortinet Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ftvnic.sys -- (ft_vnic)
DRV:64bit: - [2008.08.28 12:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2007.11.22 02:45:36 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2006.11.17 17:49:52 | 000,052,224 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm






IE - HKU\S-1-5-21-3909975518-2640716433-405113056-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8A 54 89 0E 5D 31 CB 01 [binary data]
IE - HKU\S-1-5-21-3909975518-2640716433-405113056-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: xmlfiller@software602.cz:3.16.1
FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.13
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..network.proxy.http: "proxy01.tpca.cz"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, 192.168.1.113"
FF - prefs.js..network.proxy.type: 4

FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.07.12 09:21:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.03 23:22:35 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.25 14:24:59 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.07.12 09:21:51 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010.08.05 16:02:37 | 000,000,000 | ---D | M]

[2010.07.03 23:25:39 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Mozilla\Extensions
[2010.08.09 07:01:56 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Mozilla\Firefox\Profiles\jxcnmia9.default\extensions
[2010.07.19 18:39:34 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\lukas.vejman\AppData\Roaming\Mozilla\Firefox\Profiles\jxcnmia9.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.07.07 15:42:37 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\lukas.vejman\AppData\Roaming\Mozilla\Firefox\Profiles\jxcnmia9.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2010.07.19 18:39:34 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\lukas.vejman\AppData\Roaming\Mozilla\Firefox\Profiles\jxcnmia9.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2010.07.07 15:42:37 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Mozilla\Firefox\Profiles\jxcnmia9.default\extensions\xmlfiller@software602.cz
[2010.07.03 23:22:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010.06.26 10:27:08 | 000,000,638 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.06.26 10:27:08 | 000,001,687 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.06.26 10:27:08 | 000,001,367 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.06.26 10:27:08 | 000,000,654 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.06.26 10:27:08 | 000,001,179 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\wikipedia-cz.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Služba Acronis Scheduler2] C:\Program Files (x86)\Common Files\Acronis\Plán2\schedhlp.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [Mobile Connectivity Suite] C:\Program Files (x86)\HTC\HTC Sync\Application Launcher\Application Launcher.exe (Teleca Sweden AB)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3909975518-2640716433-405113056-1000..\Run: [] File not found
O4 - HKU\S-1-5-21-3909975518-2640716433-405113056-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\SysWow64\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\S-1-5-21-3909975518-2640716433-405113056-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Odeslat do zařízení Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Odeslat do zařízení &Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/v ... .2.5.4.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.euro.dell.com/systemprof ... emLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 194.228.41.113 160.218.161.54
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5eefe514-86ec-11df-bfcd-5063138c56d0}\Shell - "" = AutoRun
O33 - MountPoints2\{5eefe514-86ec-11df-bfcd-5063138c56d0}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2010.08.09 07:05:12 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\AppData\Roaming\Malwarebytes
[2010.08.09 07:05:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.08.09 07:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.08.09 07:05:00 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.08.09 07:05:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.08.06 17:37:51 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2010.08.06 17:37:50 | 000,000,000 | ---D | C] -- C:\rsit
[2010.08.06 17:19:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HiJack
[2010.08.06 14:19:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.08.06 14:19:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.08.05 16:07:57 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\AppData\Local\ESET
[2010.08.05 15:08:59 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\AppData\Roaming\Teleca
[2010.08.05 15:08:59 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\AppData\Local\HTC
[2010.08.05 15:08:06 | 000,000,000 | ---D | C] -- C:\ProgramData\HTC
[2010.08.05 15:08:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Teleca Shared
[2010.08.05 15:08:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Teleca
[2010.08.05 15:07:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spirent Communications
[2010.08.05 15:07:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HTC
[2010.08.05 15:06:06 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2010.08.04 12:41:32 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
[2010.08.04 12:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010.08.01 18:20:30 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\AppData\Roaming\Sprinx Systems
[2010.08.01 18:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2010.07.28 17:54:27 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\Desktop\Dokumenty
[2010.07.27 11:07:39 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\TOSHIBA
[2010.07.25 23:41:37 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\AppData\Roaming\Winamp
[2010.07.25 23:41:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2010.07.25 23:33:20 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\Desktop\FLAC_Music
[2010.07.25 14:41:09 | 000,345,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\PROUnstl.exe
[2010.07.25 14:40:51 | 000,287,960 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\e1y62x64.sys
[2010.07.25 14:40:51 | 000,121,440 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\e1000msg.dll
[2010.07.25 14:40:51 | 000,078,016 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicInstY.dll
[2010.07.25 14:40:51 | 000,036,472 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\NicCo36.dll
[2010.07.25 14:40:51 | 000,000,000 | ---D | C] -- C:\drvrtmp
[2010.07.25 14:37:39 | 000,000,000 | ---D | C] -- C:\DellDrivers
[2010.07.22 14:31:38 | 000,016,928 | ---- | C] (Fortinet Inc.) -- C:\Windows\SysNative\drivers\ftvnic.sys
[2010.07.22 14:31:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Fortinet
[2010.07.22 07:35:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.07.20 21:53:48 | 000,151,552 | ---- | C] (SS) -- C:\Windows\SysNative\ssw1mci.exe
[2010.07.20 21:53:48 | 000,089,600 | ---- | C] (SS) -- C:\Windows\SysNative\ssw1mci.dll
[2010.07.20 21:53:14 | 000,011,576 | ---- | C] (Samsung Electronics) -- C:\Windows\SysNative\drivers\SSPORT.SYS
[2010.07.20 21:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2010.07.20 21:53:11 | 000,000,000 | ---D | C] -- C:\Temp
[2010.07.16 10:27:29 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\Desktop\Hovory_kampan
[2010.07.14 09:14:37 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2010.07.13 22:03:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Sports Interactive
[2010.07.13 22:02:05 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sports Interactive
[2010.07.13 22:02:05 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\Documents\Sports Interactive
[2010.07.13 22:02:01 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\AppData\Roaming\Sports Interactive
[2010.07.13 22:00:47 | 002,430,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_41.dll
[2010.07.13 22:00:47 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_41.dll
[2010.07.13 22:00:47 | 000,520,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_41.dll
[2010.07.13 22:00:47 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_41.dll
[2010.07.13 22:00:46 | 005,425,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_41.dll
[2010.07.13 22:00:46 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2010.07.13 22:00:44 | 000,521,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_4.dll
[2010.07.13 22:00:44 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2010.07.13 22:00:44 | 000,073,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_3.dll
[2010.07.13 22:00:44 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010.07.13 22:00:43 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_4.dll
[2010.07.13 22:00:43 | 000,174,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_4.dll
[2010.07.13 22:00:42 | 000,024,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_6.dll
[2010.07.13 22:00:42 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2010.07.13 22:00:41 | 002,605,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_40.dll
[2010.07.13 22:00:41 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_40.dll
[2010.07.13 22:00:41 | 000,519,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_40.dll
[2010.07.13 22:00:41 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_40.dll
[2010.07.13 22:00:40 | 005,631,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_40.dll
[2010.07.13 22:00:40 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_40.dll
[2010.07.13 22:00:38 | 000,518,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_3.dll
[2010.07.13 22:00:38 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_3.dll
[2010.07.13 22:00:38 | 000,074,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_2.dll
[2010.07.13 22:00:38 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_2.dll
[2010.07.13 22:00:37 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_3.dll
[2010.07.13 22:00:37 | 000,175,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_3.dll
[2010.07.13 22:00:37 | 000,025,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_5.dll
[2010.07.13 22:00:37 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_5.dll
[2010.07.13 22:00:36 | 000,513,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_2.dll
[2010.07.13 22:00:36 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_2.dll
[2010.07.13 22:00:36 | 000,072,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_1.dll
[2010.07.13 22:00:36 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_1.dll
[2010.07.13 22:00:35 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_2.dll
[2010.07.13 22:00:35 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_2.dll
[2010.07.13 22:00:34 | 001,942,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_39.dll
[2010.07.13 22:00:34 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_39.dll
[2010.07.13 22:00:34 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_39.dll
[2010.07.13 22:00:34 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_39.dll
[2010.07.13 22:00:32 | 004,992,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_39.dll
[2010.07.13 22:00:32 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_39.dll
[2010.07.13 22:00:31 | 000,511,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_1.dll
[2010.07.13 22:00:31 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_1.dll
[2010.07.13 22:00:31 | 000,068,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAPOFX1_0.dll
[2010.07.13 22:00:31 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_0.dll
[2010.07.13 22:00:30 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_1.dll
[2010.07.13 22:00:30 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_1.dll
[2010.07.13 22:00:30 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_4.dll
[2010.07.13 22:00:30 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_4.dll
[2010.07.13 22:00:29 | 001,941,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_38.dll
[2010.07.13 22:00:29 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_38.dll
[2010.07.13 22:00:29 | 000,540,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_38.dll
[2010.07.13 22:00:29 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_38.dll
[2010.07.13 22:00:27 | 004,991,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_38.dll
[2010.07.13 22:00:27 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_38.dll
[2010.07.13 22:00:26 | 000,489,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XAudio2_0.dll
[2010.07.13 22:00:26 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_0.dll
[2010.07.13 22:00:25 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine3_0.dll
[2010.07.13 22:00:25 | 000,177,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine3_0.dll
[2010.07.13 22:00:25 | 000,028,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_3.dll
[2010.07.13 22:00:25 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_3.dll
[2010.07.13 22:00:24 | 001,860,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_37.dll
[2010.07.13 22:00:24 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_37.dll
[2010.07.13 22:00:24 | 000,529,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_37.dll
[2010.07.13 22:00:24 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_37.dll
[2010.07.13 22:00:22 | 004,910,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_37.dll
[2010.07.13 22:00:22 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_37.dll
[2010.07.13 22:00:21 | 000,411,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_10.dll
[2010.07.13 22:00:21 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_10.dll
[2010.07.13 22:00:17 | 002,006,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_36.dll
[2010.07.13 22:00:17 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_36.dll
[2010.07.13 22:00:17 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_36.dll
[2010.07.13 22:00:17 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_36.dll
[2010.07.13 22:00:14 | 005,081,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_36.dll
[2010.07.13 22:00:14 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_36.dll
[2010.07.13 22:00:12 | 000,411,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_9.dll
[2010.07.13 22:00:12 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_9.dll
[2010.07.13 22:00:11 | 001,985,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_35.dll
[2010.07.13 22:00:11 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_35.dll
[2010.07.13 22:00:11 | 000,508,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_35.dll
[2010.07.13 22:00:11 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_35.dll
[2010.07.13 22:00:09 | 005,073,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_35.dll
[2010.07.13 22:00:09 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_35.dll
[2010.07.13 22:00:08 | 000,409,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_8.dll
[2010.07.13 22:00:08 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_8.dll
[2010.07.13 22:00:08 | 000,021,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\X3DAudio1_2.dll
[2010.07.13 22:00:08 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_2.dll
[2010.07.13 22:00:07 | 001,401,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_34.dll
[2010.07.13 22:00:07 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_34.dll
[2010.07.13 22:00:07 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_34.dll
[2010.07.13 22:00:07 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_34.dll
[2010.07.13 22:00:05 | 004,496,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_34.dll
[2010.07.13 22:00:05 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_34.dll
[2010.07.13 22:00:04 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2010.07.13 22:00:04 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2010.07.13 22:00:03 | 000,403,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_7.dll
[2010.07.13 22:00:03 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_7.dll
[2010.07.13 22:00:02 | 001,400,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_33.dll
[2010.07.13 22:00:02 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_33.dll
[2010.07.13 22:00:02 | 000,506,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_33.dll
[2010.07.13 22:00:02 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_33.dll
[2010.07.13 22:00:00 | 004,494,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_33.dll
[2010.07.13 22:00:00 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_33.dll
[2010.07.13 21:59:58 | 000,393,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_6.dll
[2010.07.13 21:59:58 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_6.dll
[2010.07.13 21:59:57 | 000,469,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10.dll
[2010.07.13 21:59:57 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10.dll
[2010.07.13 21:59:57 | 000,390,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_5.dll
[2010.07.13 21:59:57 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_5.dll
[2010.07.13 21:59:55 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010.07.13 21:59:55 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010.07.13 21:59:54 | 000,364,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_4.dll
[2010.07.13 21:59:54 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_4.dll
[2010.07.13 21:59:54 | 000,017,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_1.dll
[2010.07.13 21:59:54 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_1.dll
[2010.07.13 21:59:53 | 003,977,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_31.dll
[2010.07.13 21:59:53 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2010.07.13 21:59:52 | 000,363,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_3.dll
[2010.07.13 21:59:52 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_3.dll
[2010.07.13 21:59:51 | 000,083,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_2.dll
[2010.07.13 21:59:51 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_2.dll
[2010.07.13 21:59:50 | 000,354,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_2.dll
[2010.07.13 21:59:50 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_2.dll
[2010.07.13 21:59:49 | 000,083,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_1.dll
[2010.07.13 21:59:49 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_1.dll
[2010.07.13 21:59:48 | 000,352,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_1.dll
[2010.07.13 21:59:48 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_1.dll
[2010.07.13 21:59:40 | 003,927,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_30.dll
[2010.07.13 21:59:40 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_30.dll
[2010.07.13 21:59:39 | 000,355,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xactengine2_0.dll
[2010.07.13 21:59:39 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xactengine2_0.dll
[2010.07.13 21:59:39 | 000,016,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\x3daudio1_0.dll
[2010.07.13 21:59:39 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\x3daudio1_0.dll
[2010.07.13 21:59:37 | 003,830,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_29.dll
[2010.07.13 21:59:37 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_29.dll
[2010.07.13 21:59:34 | 003,815,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_28.dll
[2010.07.13 21:59:34 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_28.dll
[2010.07.13 21:59:31 | 003,807,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_27.dll
[2010.07.13 21:59:31 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_27.dll
[2010.07.13 21:59:30 | 003,767,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_26.dll
[2010.07.13 21:59:30 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_26.dll
[2010.07.13 21:59:27 | 003,823,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_25.dll
[2010.07.13 21:59:27 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_25.dll
[2010.07.13 21:59:26 | 003,544,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_24.dll
[2010.07.13 21:59:26 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_24.dll
[2010.07.13 21:52:17 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Zero G Registry
[2010.07.13 21:52:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sports Interactive
[2010.07.13 21:51:15 | 000,000,000 | -H-D | C] -- C:\Users\lukas.vejman\InstallAnywhere
[2010.07.12 12:41:45 | 000,000,000 | --SD | C] -- C:\Users\lukas.vejman\Documents\Obrazce
[2010.07.12 09:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2010.07.12 09:40:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2010.07.12 09:36:15 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\AppData\Roaming\Nokia Ovi Suite
[2010.07.12 09:34:41 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\AppData\Local\NokiaAccount
[2010.07.12 09:34:34 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\AppData\Local\Nokia
[2010.07.12 09:22:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nokia
[2010.07.12 09:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Connectivity Solution
[2010.07.12 09:21:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2010.07.12 09:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2010.07.12 09:10:31 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\AppData\Roaming\PC Suite
[2010.07.12 09:10:31 | 000,000,000 | ---D | C] -- C:\Users\lukas.vejman\AppData\Roaming\Nokia
[2010.07.12 09:10:29 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2010.07.12 09:10:10 | 000,025,600 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2010.07.12 09:09:46 | 000,069,120 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsx64.dll
[2010.07.12 09:08:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Installations

========== Files - Modified Within 30 Days ==========

[2010.08.09 20:26:13 | 003,145,728 | -HS- | M] () -- C:\Users\lukas.vejman\NTUSER.DAT
[2010.08.09 19:35:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.08.09 14:48:47 | 001,453,562 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.08.09 14:48:47 | 000,625,564 | ---- | M] () -- C:\Windows\SysNative\perfh005.dat
[2010.08.09 14:48:47 | 000,610,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.08.09 14:48:47 | 000,119,654 | ---- | M] () -- C:\Windows\SysNative\perfc005.dat
[2010.08.09 14:48:47 | 000,104,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.08.09 07:05:05 | 000,001,009 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.06 17:15:39 | 000,014,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.08.06 17:15:39 | 000,014,256 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.08.06 17:06:43 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.08.06 17:06:28 | 3183,398,912 | -HS- | M] () -- C:\hiberfil.sys
[2010.08.06 17:05:44 | 001,139,729 | -H-- | M] () -- C:\Users\lukas.vejman\AppData\Local\IconCache.db
[2010.08.05 16:10:52 | 000,181,791 | ---- | M] () -- C:\Users\lukas.vejman\Desktop\FortinetMatrix.pdf
[2010.08.01 19:13:37 | 000,002,002 | -H-- | M] () -- C:\Users\lukas.vejman\Documents\Default.rdp
[2010.08.01 17:18:04 | 454,799,758 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.07.30 15:54:22 | 002,022,912 | ---- | M] () -- C:\Users\lukas.vejman\Desktop\Prodej_Fortinet_EUR_Q3_2010.xls
[2010.07.27 19:55:55 | 000,112,640 | ---- | M] () -- C:\Users\lukas.vejman\Desktop\Servisní smlouva_outsourcing_správy_vzor.doc
[2010.07.27 19:55:55 | 000,000,162 | -H-- | M] () -- C:\Users\lukas.vejman\Desktop\~$rvisní smlouva_outsourcing_správy_vzor.doc
[2010.07.25 23:41:41 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.07.22 14:32:03 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\FortiClient.lnk
[2010.07.20 21:54:18 | 000,000,138 | ---- | M] () -- C:\Users\Public\Desktop\SAMSUNG Dr.Printer.url
[2010.07.16 10:59:09 | 001,898,496 | ---- | M] () -- C:\Users\lukas.vejman\Desktop\Databáze_final.xls
[2010.07.14 15:18:44 | 000,000,600 | ---- | M] () -- C:\Users\lukas.vejman\AppData\Local\PUTTY.RND
[2010.07.13 22:07:53 | 000,001,790 | ---- | M] () -- C:\Users\lukas.vejman\Desktop\fm – zástupce.lnk
[2010.07.12 12:57:26 | 000,141,824 | ---- | M] () -- C:\Users\lukas.vejman\Desktop\Výkres1.vsd
[2010.07.12 12:57:17 | 000,088,809 | ---- | M] () -- C:\Users\lukas.vejman\Desktop\Schema_site.jpg
[2010.07.12 10:09:38 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010.07.12 09:58:07 | 000,084,512 | ---- | M] () -- C:\Users\lukas.vejman\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.12 09:57:07 | 000,339,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.07.12 09:12:55 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf

========== Files Created - No Company Name ==========

[2010.08.09 07:05:05 | 000,001,009 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.08.05 16:10:52 | 000,181,791 | ---- | C] () -- C:\Users\lukas.vejman\Desktop\FortinetMatrix.pdf
[2010.07.30 15:54:21 | 002,022,912 | ---- | C] () -- C:\Users\lukas.vejman\Desktop\Prodej_Fortinet_EUR_Q3_2010.xls
[2010.07.27 19:55:55 | 000,000,162 | -H-- | C] () -- C:\Users\lukas.vejman\Desktop\~$rvisní smlouva_outsourcing_správy_vzor.doc
[2010.07.27 19:55:54 | 000,112,640 | ---- | C] () -- C:\Users\lukas.vejman\Desktop\Servisní smlouva_outsourcing_správy_vzor.doc
[2010.07.27 11:04:40 | 000,562,176 | ---- | C] () -- C:\Windows\SysNative\eST4snm6.dll
[2010.07.25 23:41:41 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.07.25 14:41:09 | 000,001,904 | ---- | C] () -- C:\Windows\SysNative\SetupBD.din
[2010.07.25 14:40:51 | 000,003,315 | ---- | C] () -- C:\Windows\SysNative\e1y62x64.din
[2010.07.22 14:32:03 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\FortiClient.lnk
[2010.07.22 07:34:58 | 454,799,758 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.07.20 21:54:18 | 000,000,138 | ---- | C] () -- C:\Users\Public\Desktop\SAMSUNG Dr.Printer.url
[2010.07.20 21:53:49 | 000,011,502 | ---- | C] () -- C:\Windows\Dr. Printer Icon.ico
[2010.07.20 21:53:48 | 000,022,016 | ---- | C] () -- C:\Windows\SysNative\ssw1ml6.dll
[2010.07.20 21:53:48 | 000,000,514 | ---- | C] () -- C:\Windows\SysNative\ssw1ml6.smt
[2010.07.16 10:59:09 | 001,898,496 | ---- | C] () -- C:\Users\lukas.vejman\Desktop\Databáze_final.xls
[2010.07.14 14:55:15 | 000,000,600 | ---- | C] () -- C:\Users\lukas.vejman\AppData\Local\PUTTY.RND
[2010.07.13 22:07:53 | 000,001,790 | ---- | C] () -- C:\Users\lukas.vejman\Desktop\fm – zástupce.lnk
[2010.07.12 12:57:26 | 000,141,824 | ---- | C] () -- C:\Users\lukas.vejman\Desktop\Výkres1.vsd
[2010.07.12 12:57:05 | 000,088,809 | ---- | C] () -- C:\Users\lukas.vejman\Desktop\Schema_site.jpg
[2010.07.12 09:12:55 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
[2010.07.03 23:31:53 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.07.03 23:31:53 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010.07.13 21:49:55 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\DAEMON Tools Lite
[2010.07.12 09:39:59 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Nokia
[2010.07.12 09:36:15 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Nokia Ovi Suite
[2010.07.13 16:05:33 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\PC Suite
[2010.07.13 22:02:01 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Sports Interactive
[2010.08.01 18:20:30 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Sprinx Systems
[2010.08.05 15:44:37 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Teleca
[2009.07.14 07:08:49 | 000,010,670 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

[lukasv23]

========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"DAEMON Tools Lite" = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun -- [2010.04.01 11:16:20 | 000,357,696 | ---- | M] (DT Soft Ltd)
"" =
"Sidebar" = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun -- [2009.07.14 03:39:41 | 001,475,072 | ---- | M] (Microsoft Corporation)

< c:\windows\*.* /U >

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.07.04 23:58:08 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Adobe
[2010.07.13 21:49:55 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\DAEMON Tools Lite
[2010.07.12 08:59:23 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Download Manager
[2010.07.03 22:24:18 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Identities
[2010.07.03 23:35:20 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Intel
[2010.07.03 23:59:26 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Macromedia
[2010.08.09 07:05:12 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Malwarebytes
[2009.07.14 09:45:37 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Media Center Programs
[2010.07.07 10:09:57 | 000,000,000 | --SD | M] -- C:\Users\lukas.vejman\AppData\Roaming\Microsoft
[2010.07.03 23:25:39 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Mozilla
[2010.07.12 09:39:59 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Nokia
[2010.07.12 09:36:15 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Nokia Ovi Suite
[2010.07.13 16:05:33 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\PC Suite
[2010.07.13 22:02:01 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Sports Interactive
[2010.08.01 18:20:30 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Sprinx Systems
[2010.08.05 15:44:37 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Teleca
[2010.07.26 18:46:27 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\VMware
[2010.07.25 23:45:35 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\Winamp
[2010.07.04 00:10:21 | 000,000,000 | ---D | M] -- C:\Users\lukas.vejman\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >


< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CDROM.SYS >
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\SysWow64\DriverStore\FileRepository\cdrom.inf_amd64_neutral_8363d00ecae4322d\cdrom.sys
[2009.07.14 01:19:54 | 000,147,456 | ---- | M] (Microsoft Corporation) MD5=83D2D75E1EFB81B3450C18131443F7DB -- C:\Windows\winsxs\amd64_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_bb9e4d89bd7870f1\cdrom.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: CRYPTSVC.DLL >
[2009.07.14 03:40:24 | 000,175,104 | ---- | M] (Microsoft Corporation) MD5=8C57411B66282C01533CB776F98AD384 -- C:\Windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_d1f48b0bb4805490\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\SysWOW64\cryptsvc.dll
[2009.07.14 03:15:07 | 000,135,680 | ---- | M] (Microsoft Corporation) MD5=9C231178CE4FB385F4B54B0A9080B8A4 -- C:\Windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7600.16385_none_75d5ef87fc22e35a\cryptsvc.dll

< MD5 for: EXPLORER.EXE >
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\SysWOW64\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

< MD5 for: HAL.DLL >
[2009.07.14 03:47:48 | 000,263,232 | ---- | M] (Microsoft Corporation) MD5=C0A6F6E05E14FBCAEDE7796C8590B7AC -- C:\Windows\winsxs\amd64_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_071de44b735b3dfc\hal.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: ISAPNP.SYS >
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\isapnp.sys
[2009.07.14 03:48:04 | 000,020,544 | ---- | M] (Microsoft Corporation) MD5=2F7B28DC3E1183E5EB418DF55C204F38 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\isapnp.sys

< MD5 for: LSASS.EXE >
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16385_none_023f7c69767c3edd\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.16484_none_023e7e05767d22ad\lsass.exe
[2009.07.14 03:39:16 | 000,031,232 | ---- | M] (Microsoft Corporation) MD5=0793F40B9B8A1BDD266296409DBD91EA -- C:\Windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7600.20594_none_02bd4ae48fa2de68\lsass.exe

< MD5 for: NDIS.SYS >
[2009.07.14 03:48:27 | 000,947,776 | ---- | M] (Microsoft Corporation) MD5=CAD515DBD07D082BB317D9928CE8962C -- C:\Windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7600.16385_none_03bc1d6e35c013bf\ndis.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVRAID.SYS >
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvraid.sys
[2009.07.14 03:48:27 | 000,149,056 | ---- | M] (NVIDIA Corporation) MD5=3E38712941E9BB4DDBEE00AFFE3FED3D -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvraid.sys

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: SMSS.EXE >
[2009.07.14 03:39:41 | 000,112,640 | ---- | M] (Microsoft Corporation) MD5=1911A3356FA3F77CCC825CCBAC038C2A -- C:\Windows\winsxs\amd64_microsoft-windows-smss_31bf3856ad364e35_6.1.7600.16385_none_082f99a432e2a661\smss.exe

< MD5 for: SVCHOST.EXE >
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\SysWOW64\svchost.exe
[2009.07.14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2009.07.14 03:39:46 | 000,027,136 | ---- | M] (Microsoft Corporation) MD5=C78655BC80301D76ED4FEF1C1EA40A7D -- C:\Windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe

< MD5 for: TCPIP.SYS >
[2009.07.14 03:45:55 | 001,898,576 | ---- | M] (Microsoft Corporation) MD5=912107716BAB424C7870E8E6AF5E07E1 -- C:\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_0f1303f98017479d\tcpip.sys

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2_32.DLL >
[2009.07.14 03:41:58 | 000,296,448 | ---- | M] (Microsoft Corporation) MD5=7083F463788CB34FCC42F565D56F89E8 -- C:\Windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_4eaca269e8070c6b\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\SysWOW64\ws2_32.dll
[2009.07.14 03:16:20 | 000,206,336 | ---- | M] (Microsoft Corporation) MD5=DAAE8A9B8C0ACC7F858454132553C30D -- C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7600.16385_none_f28e06e62fa99b35\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs

< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\System32\svchost.exe -k netsvcs

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
< End of report >




OTL Extras logfile created on: 9.8.2010 20:25:47 - Run 1
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\lukas.vejman\Downloads
64bit- An unknown product (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 42,00% Memory free
8,00 Gb Paging File | 5,00 Gb Available in Paging File | 66,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 232,79 Gb Total Space | 146,04 Gb Free Space | 62,74% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: LUKAS-NB
Current User Name: lukas.vejman
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Include 64bit Scans
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3909975518-2640716433-405113056-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1A8BA6CE-822D-4888-89E2-ACBF4308F271}" = Software Intel(R) PROSet/Wireless WiFi
"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java(TM) 6 Update 20 (64-bit)
"{34D6AD5A-C03D-45FF-AA8A-8B306E01B96D}" = FortiClient Endpoint Security
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{852CD00B-1467-4906-B3B4-8FDFFABA42EE}" = ESET NOD32 Antivirus
"{90140000-0015-0405-1000-0000000FF1CE}" = Microsoft Office Access MUI (Czech) 2010
"{90140000-0015-0409-1000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0405-1000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2010
"{90140000-0016-0409-1000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0405-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2010
"{90140000-0018-0409-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0405-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (Czech) 2010
"{90140000-0019-0409-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0405-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2010
"{90140000-001A-0409-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0405-1000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2010
"{90140000-001B-0409-1000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0405-1000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-041B-1000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2010
"{90140000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0405-1000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2010
"{90140000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0405-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (Czech) 2010
"{90140000-0043-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2010
"{90140000-0044-0405-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Czech) 2010
"{90140000-0044-0409-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0054-0405-1000-0000000FF1CE}" = Microsoft Office Visio MUI (Czech) 2010
"{90140000-006E-0405-1000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2010
"{90140000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0405-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (Czech) 2010
"{90140000-00A1-0409-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00B4-0405-1000-0000000FF1CE}" = Microsoft Office Project MUI (Czech) 2010
"{90140000-00BA-0405-1000-0000000FF1CE}" = Microsoft Office Groove MUI (Czech) 2010
"{90140000-00BA-0409-1000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-1000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{91140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-003B-0000-1000-0000000FF1CE}" = Microsoft Office Project Professional 2010
"{91140000-0057-0000-1000-0000000FF1CE}" = Microsoft Office Visio 2010
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Software Bluetooth WIDCOMM
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{B0A5A6EE-F8BA-48B1-BB32-BAC17E96C2B4}" = Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
"{CCC68887-6E07-4438-A035-7C22EFBDC15E}" = Intel(R) Network Connections 14.6.9.0
"{D32F6B1F-0FD0-46DA-B821-8D876070F20C}" = Dell Wireless HSPA Mini-Card Drivers
"6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"6B8550A319DDC8B17F35F4A89988705E4592349B" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Microsoft Visual J# 2.0 Redistributable Package - SE (x64)" = Microsoft Visual J# 2.0 Redistributable Package - SE (x64)
"Office14.PRJPROR" = Microsoft Project Professional 2010
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Office14.VISIOR" = Microsoft Visio Professional 2010
"ProInst" = Intel PROSet Wireless
"PROSetDX" = Intel(R) Network Connections 14.6.9.0
"WinRAR archiver" = WinRAR archiver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{9BC51C0F-DA8E-4370-9997-899B3435A647}" = VMware vSphere Host Update Utility 4.0
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A34DCE59-0004-0000-2082-3F8A9926B752}" = FortiClient SSL VPN v4.0.2082
"{AC76BA86-7AD7-1029-7B44-A93000000001}" = Adobe Reader 9.3.3 - Czech
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BC4174D1-7970-40E6-AC57-F095F961FB08}" = HTC Sync
"{BEF1942C-FF3A-4FCB-AB49-3E6F9363F538}" = Acronis True Image Home
"{C40698F9-A861-4531-9F8C-FA7F8961375B}" = VMware vSphere Client 4.0
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Football Manager 2010" = Football Manager 2010
"HijackThis" = HijackThis 2.0.2
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MozBackup" = MozBackup 1.4.10
"Mozilla Firefox (3.6.6)" = Mozilla Firefox (3.6.6)
"Nokia Ovi Suite" = Nokia Ovi Suite
"RealVNC_is1" = VNC Free Edition 4.1.3
"Samsung SCX-4500W Series" = Samsung SCX-4500W Series
"Winamp" = Winamp

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3909975518-2640716433-405113056-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 13.7.2010 10:10:12 | Computer Name = lukas-NB | Source = OviSuite | ID = 1
Description =

Error - 13.7.2010 10:10:31 | Computer Name = lukas-NB | Source = OviSuite | ID = 1
Description =

Error - 13.7.2010 10:10:35 | Computer Name = lukas-NB | Source = OviSuite | ID = 1
Description =

Error - 13.7.2010 10:10:35 | Computer Name = lukas-NB | Source = OviSuite | ID = 1
Description =

Error - 19.7.2010 15:07:07 | Computer Name = lukas-NB | Source = Application Hang | ID = 1002
Description = Program Explorer.EXE verze 6.1.7600.16450 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: ff4 Čas spuštění: 01cb275fe5de3ea0 Čas ukončení: 15 Cesta k aplikaci: C:\Windows\Explorer.EXE

ID
hlášení: cf8143c2-9368-11df-99d9-028037ec0200

Error - 19.7.2010 15:15:22 | Computer Name = lukas-NB | Source = Application Hang | ID = 1002
Description = Program explorer.exe verze 6.1.7600.16450 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1590 Čas spuštění: 01cb277594e3dd9b Čas ukončení: 78 Cesta k aplikaci: C:\Windows\explorer.exe

ID
hlášení: f80ffa9c-9369-11df-99d9-028037ec0200

Error - 19.7.2010 15:18:23 | Computer Name = lukas-NB | Source = Application Hang | ID = 1002
Description = Program explorer.exe verze 6.1.7600.16450 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 1188 Čas spuštění: 01cb2776bbc87e24 Čas ukončení: 46 Cesta k aplikaci: C:\Windows\explorer.exe

ID
hlášení: 63e88523-936a-11df-99d9-028037ec0200

Error - 19.7.2010 15:24:07 | Computer Name = lukas-NB | Source = Application Hang | ID = 1002
Description = Program explorer.exe verze 6.1.7600.16450 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 10c0 Čas spuštění: 01cb277727b1b24d Čas ukončení: 78 Cesta k aplikaci: C:\Windows\explorer.exe

ID
hlášení: 317ab00b-936b-11df-99d9-028037ec0200

Error - 28.7.2010 11:01:48 | Computer Name = lukas-NB | Source = Microsoft Office 14 | ID = 2001
Description = Microsoft Outlook: Rejected Safe Mode action : Poslední spuštění aplikace
Outlook se nezdařilo. Spuštěním Outlook v nouzovém režimu můžete odstranit nebo
zjistit problém a dosáhnout tak úspěšného spuštění aplikace. Některé funkce nebudou
pravděpodobně v tomto režimu k dispozici. Chcete aplikaci Outlook spustit v nouzovém
režimu?.

Error - 6.8.2010 11:19:09 | Computer Name = lukas-NB | Source = Application Hang | ID = 1002
Description = Program NOTEPAD.EXE verze 6.1.7600.16385 přestal spolupracovat se
systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací
o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID
procesu: 16cc Čas spuštění: 01cb357a1a09d7bc Čas ukončení: 16 Cesta k aplikaci: C:\Windows\system32\NOTEPAD.EXE

ID
hlášení: f30369be-a16d-11df-a0a1-028037ec0200

[ System Events ]
Error - 9.8.2010 2:49:29 | Computer Name = lukas-NB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby upnphost bylo dosaženo časového
limitu (30000 ms).

Error - 9.8.2010 2:50:06 | Computer Name = lukas-NB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby FDResPub bylo dosaženo časového
limitu (30000 ms).

Error - 9.8.2010 2:50:36 | Computer Name = lukas-NB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby upnphost bylo dosaženo časového
limitu (30000 ms).

Error - 9.8.2010 2:53:14 | Computer Name = lukas-NB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby FDResPub bylo dosaženo časového
limitu (30000 ms).

Error - 9.8.2010 2:53:44 | Computer Name = lukas-NB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby upnphost bylo dosaženo časového
limitu (30000 ms).

Error - 9.8.2010 8:44:38 | Computer Name = lukas-NB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby FDResPub bylo dosaženo časového
limitu (30000 ms).

Error - 9.8.2010 8:45:08 | Computer Name = lukas-NB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby upnphost bylo dosaženo časového
limitu (30000 ms).

Error - 9.8.2010 8:45:38 | Computer Name = lukas-NB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby FDResPub bylo dosaženo časového
limitu (30000 ms).

Error - 9.8.2010 8:46:08 | Computer Name = lukas-NB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby upnphost bylo dosaženo časového
limitu (30000 ms).

Error - 9.8.2010 8:46:41 | Computer Name = lukas-NB | Source = Service Control Manager | ID = 7011
Description = Při čekání na odezvu transakce služby BFE bylo dosaženo časového limitu
(30000 ms).


< End of report >

[motji]

Nikde nic nevidím

Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky