Prosím o kontrolu

[JaCub]

Prosím o kontrolu HijackThis.
Při kontrole na Spyware Terminator mi detekoval špatné položky :

<W32.Vimes-5> : C:\Program Files\Messenger\msmsgsin.exe
<Trojan.Rootkit-2660> : C:\WINDOWS\ServicePackFiles\i386\atapi.sys
<Trojan.Rootkit-2660> : C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
<Trojan.Rootkit-2660> : C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

Ale při testování těchto položek na http://www.virustotal.com/cs/ je ostatní programy nedetekovali.Pouze Sp.Terminátor.
Tak nevím zda to není mylná detekce,protože jsem přeinstalovával bezdrátovou klávesnici s myší po zamrznutí klávesnice.
Děkuji za pomoc.

----------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:56:54, on 7.4.2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
C:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Silvercrest MTS2218 driver\KMWDSrv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\defragActivityMonitor.exe
D:\PLAY,RW,COPY\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Brother\BRAgent\BRAgtSrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Silvercrest MTS2218 driver\StartAutorun.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Silvercrest MTS2218 driver\KMConfig.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Browser PS2 mouse\mouse32a.exe
C:\Program Files\Multimedia keyboard utility\1.3\KbdAp32A.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
C:\Program Files\Silvercrest MTS2218 driver\KMProcess.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
C:\WINDOWS\system32\RAMASST.exe
E:\Free Download Manager\fdm.exe
D:\Pr.SYSTEM Clear,FrireWALL\ViryWARforum\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Data aplikací\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Silvercrest MTS2218 driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [FLMK08KB] C:\Program Files\Multimedia keyboard utility\1.3\MMKEYBD.EXE
O4 - HKLM\..\Run: [FLMBROWSEMOUSE] C:\Program Files\Browser PS2 mouse\mouse32a.exe
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NOD32] C:\Program Files\ESET\nod32kui.exe
O4 - HKCU\..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Ashampoo Magical Defrag.lnk = C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Add to AMV Converter... - D:\PLAY,RW,COPY\ReVolt MP4\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\KANCEL~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file - D:\PLAY,RW,COPY\ReVolt MP4\MP3 Player Utilities 4.15\MediaManager\grab.html
O8 - Extra context menu item: Stáhnout Free Download Managerem - file://E:\Free Download Manager\dllink.htm
O8 - Extra context menu item: Stáhnout video Free Download Managerem - file://E:\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - file://E:\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - file://E:\Free Download Manager\dlall.htm
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} (Ovi maps browser plugin) - http://static.s2g.gate5.de/ovi_maps/Ovi ... 3.37.6.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AshampooDefragService - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
O23 - Service: Brother BRAdminPro Scheduler (BRA_Scheduler) - Unknown owner - C:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Silvercrest MTS2218 driver\KMWDSrv.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\PLAY,RW,COPY\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Brother BRAgent (WBA_Agent_Client) - Unknown owner - C:\Program Files\Brother\BRAgent\BRAgtSrv.exe

--
End of file - 9334 bytes

[motji]

Hezké dopoledne

Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
- otevře se okno, v něm zaškrtněte Scan All Users ,
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
/md5stop
%systemroot%\*. /mp /s
CREATERESTOREPOINT
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c

-klikněte na tlačítko Run scan.
-proběhne sken a objeví se dva logy, obsah obou vložte zde


Stáhněte Gmer http://www.viry.cz/forum/viewtopic.php?f=29&t=62878
- rozbalte a spusťte
-proběhne sken, po skončení se otevře okno s výsledky, klikněte na Save a tím si uložíte log,který sem vložíte

[JaCub]

.......v něm zaškrtněte Scan All Users....
raději se ptám , je to v češtině takže mám u všeho co tam je zaškrtnout "vše" (procesy,moduly,služby,ovladače,registry,vytvořené soubory,modifikované soubory,atd??).

[motji]

Já se omlouvám, ještě jsem si neopravila návod , zapoměla jsem, že kolegové zapracovali na češtině .

Ano, tak jak to píšete

[JaCub]

Opravdu jsem měl všude zaškrtnout "vše"? Ty logy jsou dost dlouhý a budu je sem muset dát postupně.Nemá být u "Vytvořených souborů" a "Modifikovaných souborů" zaškrtnuto "stáří souborů" což je přednastaveno na 30 dnů?

[JaCub]

OTL logfile created on: 7.4.2010 14:28:58 - Run 3
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\KUBA\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 511,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 4,63 Gb Free Space | 31,64% Space Free | Partition Type: NTFS
Drive D: | 41,24 Gb Total Space | 7,80 Gb Free Space | 18,92% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 259,08 Gb Free Space | 55,63% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JAKUB
Current User Name: KUBA
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (All) ==========

PRC - [2010.04.07 11:37:33 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\KUBA\Plocha\OTL.exe
PRC - [2010.04.05 14:23:23 | 000,360,448 | ---- | M] () -- C:\Program Files\Browser PS2 mouse\mouse32a.exe
PRC - [2010.04.05 14:22:46 | 000,371,200 | ---- | M] () -- C:\Program Files\Multimedia keyboard utility\1.3\KBDAP32A.EXE
PRC - [2010.02.18 12:43:18 | 000,248,040 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
PRC - [2009.12.26 00:01:52 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2009.12.17 18:14:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009.05.29 11:13:40 | 000,729,600 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Silvercrest MTS2218 driver\KMCONFIG.exe
PRC - [2009.02.23 10:57:04 | 003,508,568 | ---- | M] (ashampoo GmbH & Co. KG) -- C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe
PRC - [2009.01.27 18:39:44 | 000,086,016 | ---- | M] () -- C:\Program Files\Brother\BRAgent\BRAgtSrv.exe
PRC - [2009.01.21 15:00:54 | 000,065,536 | ---- | M] () -- C:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
PRC - [2008.08.21 15:15:58 | 000,348,160 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Silvercrest MTS2218 driver\KMProcess.exe
PRC - [2008.05.30 02:17:38 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Silvercrest MTS2218 driver\StartAutorun.exe
PRC - [2008.05.30 02:17:38 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Silvercrest MTS2218 driver\KMWDSrv.exe
PRC - [2008.04.03 19:37:36 | 000,835,584 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
PRC - [2008.02.19 08:22:08 | 001,089,536 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
PRC - [2008.01.31 17:29:06 | 000,196,608 | R--- | M] (Brother Industries, Ltd.) -- C:\Program Files\Brother\Brmfcmon\BrMfcMon.exe
PRC - [2007.12.22 20:47:48 | 000,917,504 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32kui.exe
PRC - [2007.12.22 20:47:48 | 000,495,616 | ---- | M] (Eset ) -- C:\Program Files\ESET\nod32krn.exe
PRC - [2007.12.05 02:41:00 | 000,155,716 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvsvc32.exe
PRC - [2007.10.11 19:03:10 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- D:\PLAY,RW,COPY\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2007.02.23 16:20:10 | 000,078,008 | ---- | M] () -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\defragActivityMonitor.exe
PRC - [2007.02.23 16:20:06 | 004,538,672 | ---- | M] ( ) -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
PRC - [2007.02.23 16:20:06 | 001,687,856 | ---- | M] ( ) -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
PRC - [2006.03.02 01:22:04 | 000,577,536 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2005.02.16 16:15:20 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
PRC - [2004.08.17 16:49:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wscntfy.exe
PRC - [2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2004.08.17 16:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2004.08.17 16:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2004.08.17 16:49:28 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rundll32.exe
PRC - [2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [WUDFSERVICEGROUP]
PRC - [2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [RPCSS]
PRC - [2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETWORKSERVICE]
PRC - [2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [NETSVCS]
PRC - [2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [LOCALSERVICE]
PRC - [2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [IMGSVC]
PRC - [2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [HTTPFILTER]
PRC - [2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe [DCOMLAUNCH]
PRC - [2004.08.17 16:49:26 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\notepad.exe
PRC - [2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2004.08.17 16:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2004.08.17 16:49:24 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2004.08.17 16:49:22 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2003.05.23 06:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2003.03.14 04:38:12 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2002.04.12 00:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSVC01A.EXE
PRC - [2001.12.13 00:01:00 | 000,045,056 | ---- | M] (brother Industries Ltd) -- C:\WINDOWS\system32\BRSS01A.EXE

[JaCub]

========== Modules (All) ==========

MOD - [2010.04.07 11:37:33 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\KUBA\Plocha\OTL.exe
MOD - [2010.04.05 14:23:23 | 000,057,344 | ---- | M] () -- C:\Program Files\Browser PS2 mouse\mouDL32A.dll
MOD - [2009.04.11 02:12:31 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2007.12.05 02:41:00 | 001,474,560 | ---- | M] () -- C:\WINDOWS\system32\nview.dll
MOD - [2007.12.05 02:41:00 | 000,286,720 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwrscs.dll
MOD - [2007.12.05 02:41:00 | 000,081,920 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\system32\nvwddi.dll
MOD - [2004.08.17 16:49:30 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2004.08.17 16:49:22 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2004.08.17 16:49:22 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2004.08.17 16:49:20 | 000,726,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2004.08.17 16:49:20 | 000,577,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2004.08.17 16:49:20 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2004.08.17 16:49:20 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2004.08.17 16:49:18 | 008,388,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2004.08.17 16:49:18 | 000,990,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2004.08.17 16:49:18 | 000,581,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2004.08.17 16:49:18 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2004.08.17 16:49:18 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2004.08.17 16:49:18 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2004.08.17 16:49:16 | 001,281,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2004.08.17 16:49:16 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2004.08.17 16:49:16 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2004.08.17 16:49:16 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2004.08.17 16:49:16 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2004.08.17 16:49:14 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2004.08.17 16:49:12 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2004.08.17 16:49:10 | 000,982,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2004.08.17 16:49:08 | 000,278,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2004.08.17 16:49:08 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2004.08.17 16:49:04 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2004.08.17 16:49:02 | 000,683,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2004.08.17 16:48:58 | 000,702,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2004.08.17 16:48:02 | 001,050,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll


========== Win32 Services (All) ==========

SRV - [2010.01.26 13:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.12.26 00:01:52 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2009.12.17 18:14:11 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) [Auto | Running] -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2010 Advanced\Dfsdks.exe -- (DfSdkS)
SRV - [2009.01.27 18:39:44 | 000,086,016 | ---- | M] () [Auto | Running] -- C:\Program Files\Brother\BRAgent\BRAgtSrv.exe -- (WBA_Agent_Client)
SRV - [2009.01.21 15:00:54 | 000,065,536 | ---- | M] () [Auto | Running] -- C:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe -- (BRA_Scheduler)
SRV - [2008.05.30 02:17:38 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Silvercrest MTS2218 driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2008.05.19 02:57:42 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008.01.19 01:37:14 | 000,055,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\WudfSvc.dll -- (WudfSvc)
SRV - [2007.12.22 20:47:48 | 000,495,616 | ---- | M] (Eset ) [Auto | Running] -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn)
SRV - [2007.12.05 02:41:00 | 000,155,716 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- D:\PLAY,RW,COPY\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007.02.23 16:20:06 | 001,687,856 | ---- | M] ( ) [Auto | Running] -- C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe -- (AshampooDefragService)
SRV - [2006.10.18 22:47:16 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2005.09.23 07:28:56 | 000,066,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2005.09.23 07:28:32 | 000,029,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004.08.17 16:49:28 | 000,290,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2004.08.17 16:49:28 | 000,141,312 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2004.08.17 16:49:28 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2004.08.17 16:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2004.08.17 16:49:28 | 000,108,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2004.08.17 16:49:28 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2004.08.17 16:49:28 | 000,090,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2004.08.17 16:49:28 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2004.08.17 16:49:28 | 000,057,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2004.08.17 16:49:28 | 000,018,432 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS) Nepřerušitelný zdroj napájení (UPS)
SRV - [2004.08.17 16:49:26 | 000,111,616 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2004.08.17 16:49:26 | 000,111,616 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2004.08.17 16:49:26 | 000,032,768 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2004.08.17 16:49:26 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2004.08.17 16:49:24 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2004.08.17 16:49:24 | 000,150,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService) Služba modelu COM pro zápis na disk CD (IMAPI)
SRV - [2004.08.17 16:49:24 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator) Lokátor vzdáleného volání procedur (RPC)
SRV - [2004.08.17 16:49:24 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2004.08.17 16:49:24 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (cisvc)
SRV - [2004.08.17 16:49:24 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2004.08.17 16:49:24 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2004.08.17 16:49:22 | 000,359,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2004.08.17 16:49:22 | 000,144,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2004.08.17 16:49:22 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2004.08.17 16:49:22 | 000,129,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2004.08.17 16:49:22 | 000,081,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2004.08.17 16:49:22 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2004.08.17 16:49:22 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2004.08.17 16:49:20 | 000,333,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Načítání obrázků (WIA)
SRV - [2004.08.17 16:49:20 | 000,295,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2004.08.17 16:49:20 | 000,246,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2004.08.17 16:49:20 | 000,185,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2004.08.17 16:49:20 | 000,176,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2004.08.17 16:49:20 | 000,170,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2004.08.17 16:49:20 | 000,096,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2004.08.17 16:49:20 | 000,090,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2004.08.17 16:49:20 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2004.08.17 16:49:20 | 000,067,584 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2004.08.17 16:49:20 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2004.08.17 16:49:18 | 000,395,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Vzdálené volání procedur (RPC)
SRV - [2004.08.17 16:49:18 | 000,395,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2004.08.17 16:49:18 | 000,190,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2004.08.17 16:49:18 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2004.08.17 16:49:18 | 000,134,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2004.08.17 16:49:18 | 000,134,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2004.08.17 16:49:18 | 000,059,904 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2004.08.17 16:49:18 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2004.08.17 16:49:18 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2004.08.17 16:49:16 | 000,435,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2004.08.17 16:49:16 | 000,382,464 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qmgr.dll -- (BITS) Služba inteligentního přenosu na pozadí (BITS)
SRV - [2004.08.17 16:49:16 | 000,174,080 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2004.08.17 16:49:16 | 000,089,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2004.08.17 16:49:16 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll -- (helpsvc)
SRV - [2004.08.17 16:49:14 | 000,247,296 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) Sledování umístění v síti (NLA)
SRV - [2004.08.17 16:49:14 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2004.08.17 16:49:12 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2004.08.17 16:49:10 | 000,330,240 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess) Brána Firewall / Sdílení připojení k Internetu (ICS)
SRV - [2004.08.17 16:49:10 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2004.08.17 16:49:08 | 000,243,200 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2004.08.17 16:49:08 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2004.08.17 16:49:08 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2004.08.17 16:49:06 | 000,110,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2004.08.17 16:49:06 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2004.08.17 16:49:06 | 000,024,064 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2004.08.17 16:49:04 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2004.08.17 16:49:04 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2004.08.17 16:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2004.08.17 16:49:04 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2004.08.17 16:49:02 | 000,683,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2004.08.17 16:49:02 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2003.05.23 06:38:26 | 000,106,496 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [2002.04.12 00:00:00 | 000,057,344 | ---- | M] (brother Industries Ltd) [Auto | Running] -- C:\WINDOWS\system32\BRSVC01A.EXE -- (Brother XP spl Service)
SRV - [2001.10.25 14:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2001.10.25 14:00:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)

[JaCub]

========== Driver Services (All) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | Auto | Stopped] -- -- (OMSCAN)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpt3xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (GMSIPCI)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (ASFWHide)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)
DRV - [2010.01.21 15:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.12.30 12:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.12.30 12:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.12.30 12:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.11.06 11:39:32 | 000,047,360 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pcouffin.sys -- (pcouffin)
DRV - [2009.10.18 12:33:24 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009.01.21 20:43:03 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2008.12.17 14:42:50 | 000,018,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KMWDFilter.SYS -- (KMWDFilter)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.20 19:58:58 | 000,044,944 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2008.03.27 16:27:46 | 000,503,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000)
DRV - [2008.02.03 17:40:07 | 000,025,280 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.01.18 23:53:06 | 000,083,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2008.01.18 23:52:52 | 000,077,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\WudfPf.sys -- (WudfPf)
DRV - [2008.01.13 03:55:21 | 000,163,644 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008.01.07 23:29:05 | 000,020,520 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2008.01.07 23:29:05 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2007.12.22 20:47:49 | 000,502,208 | ---- | M] (Eset ) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON)
DRV - [2007.12.05 02:41:00 | 007,435,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006.12.12 11:28:26 | 000,052,224 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2006.11.10 10:47:18 | 000,090,800 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se2Bunic.sys -- (se2Bunic) Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM)
DRV - [2006.11.10 10:47:10 | 000,086,560 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Bobex.sys -- (SE2Bobex)
DRV - [2006.11.10 10:47:08 | 000,018,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se2Bnd5.sys -- (se2Bnd5) Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS)
DRV - [2006.11.10 10:47:06 | 000,088,688 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Bmgmt.sys -- (SE2Bmgmt) Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM)
DRV - [2006.11.10 10:47:00 | 000,097,184 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Bmdm.sys -- (SE2Bmdm)
DRV - [2006.11.10 10:46:58 | 000,009,360 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Bmdfl.sys -- (SE2Bmdfl)
DRV - [2006.11.10 10:46:52 | 000,061,600 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SE2Bbus.sys -- (SE2Bbus) Sony Ericsson Device 043 Driver driver (WDM)
DRV - [2006.10.18 21:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2006.09.24 15:28:46 | 000,005,248 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2006.09.03 09:53:54 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2006.05.19 09:44:52 | 003,965,056 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2005.12.06 17:11:18 | 000,035,328 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfsync03.sys -- (sfsync03) StarForce Protection Synchronization Driver (version 3.x)
DRV - [2005.08.18 11:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\nvata.sys -- (nvata)
DRV - [2005.05.16 15:20:39 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005.04.05 21:22:30 | 000,012,928 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.04.05 21:22:28 | 000,033,536 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005.03.09 08:53:00 | 000,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.01.31 10:30:00 | 000,141,246 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\NVCAP.SYS -- (nvcap) nVidia WDM Video Capture (universal)
DRV - [2005.01.31 10:30:00 | 000,016,176 | ---- | M] (NVIDIA Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\NVXBAR.SYS -- (NVXBAR)
DRV - [2004.10.15 12:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb)
DRV - [2004.08.17 16:49:38 | 000,139,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2004.08.17 16:49:38 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2004.08.17 16:49:38 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2004.08.17 16:49:38 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2004.08.17 16:45:48 | 000,073,344 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\sr.sys -- (sr)
DRV - [2004.08.17 16:45:06 | 000,153,856 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmio.sys -- (dmio)
DRV - [2004.08.17 16:45:04 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2004.08.17 16:45:00 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2004.08.17 16:45:00 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2004.08.17 16:44:22 | 000,052,480 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\volsnap.sys -- (VolSnap)
DRV - [2004.08.17 16:44:16 | 000,064,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2004.08.17 16:44:12 | 000,052,352 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2004.08.17 16:43:52 | 000,058,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2004.08.17 16:43:34 | 000,039,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2004.08.17 16:43:24 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2004.08.17 16:43:22 | 000,030,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\modem.sys -- (Modem)
DRV - [2004.08.17 16:43:14 | 000,119,808 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2004.08.17 16:43:12 | 000,188,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ACPI.sys -- (ACPI)
DRV - [2004.08.17 16:43:12 | 000,068,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\pci.sys -- (PCI)
DRV - [2004.08.17 16:43:10 | 000,080,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2004.08.04 00:20:08 | 000,176,512 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2004.08.04 00:15:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2004.08.04 00:15:22 | 000,107,904 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\mup.sys -- (Mup)
DRV - [2004.08.04 00:15:18 | 000,451,456 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2004.08.04 00:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\ntfs.sys -- (Ntfs)
DRV - [2004.08.04 00:15:06 | 000,082,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2004.08.04 00:14:46 | 000,336,256 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2004.08.04 00:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2004.08.04 00:14:38 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2004.08.04 00:14:32 | 000,091,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ndis.sys -- (NDIS)
DRV - [2004.08.04 00:14:30 | 000,074,752 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2004.08.04 00:14:28 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN Miniport (PPTP)
DRV - [2004.08.04 00:14:24 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN Miniport (L2TP)
DRV - [2004.08.04 00:14:18 | 000,143,360 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\fastfat.sys -- (Fastfat)
DRV - [2004.08.04 00:14:16 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2004.08.04 00:14:12 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\cdfs.sys -- (Cdfs)
DRV - [2004.08.04 00:10:30 | 000,085,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC)
DRV - [2004.08.04 00:10:22 | 000,019,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC)
DRV - [2004.08.04 00:10:18 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE)
DRV - [2004.08.04 00:10:18 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP)
DRV - [2004.08.04 00:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip)
DRV - [2004.08.04 00:10:14 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP)
DRV - [2004.08.04 00:10:10 | 000,061,056 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ohci1394.sys -- (ohci1394)
DRV - [2004.08.04 00:08:48 | 000,026,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2004.08.04 00:08:44 | 000,057,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2004.08.04 00:08:38 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2004.08.04 00:08:38 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci)
DRV - [2004.08.04 00:07:58 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2004.08.04 00:07:50 | 000,171,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2004.08.04 00:07:48 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2004.08.04 00:07:48 | 000,006,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2004.08.04 00:07:40 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
DRV - [2004.08.04 00:07:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2004.08.04 00:05:08 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2004.08.04 00:05:04 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2004.08.04 00:04:58 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2004.08.04 00:04:52 | 000,134,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2004.08.04 00:04:46 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2004.08.04 00:04:20 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2004.08.04 00:04:14 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2004.08.04 00:03:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2004.08.04 00:03:14 | 000,012,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2004.08.04 00:01:26 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2004.08.04 00:01:20 | 000,124,800 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2004.08.04 00:01:16 | 000,196,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2004.08.04 00:00:58 | 000,181,248 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2004.08.04 00:00:48 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2004.08.04 00:00:44 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\npfs.sys -- (Npfs)
DRV - [2004.08.04 00:00:42 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\msfs.sys -- (Msfs)
DRV - [2004.08.04 00:00:32 | 000,066,176 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\udfs.sys -- (Udfs)
DRV - [2004.08.04 00:00:16 | 000,041,856 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2004.08.04 00:00:14 | 000,263,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2004.08.04 00:00:08 | 000,029,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (ip6fw)
DRV - [2004.08.03 23:59:56 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\disk.sys -- (Disk)
DRV - [2004.08.03 23:59:56 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2004.08.03 23:59:54 | 000,049,536 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2004.08.03 23:59:48 | 000,092,032 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\atapi.sys -- (atapi)
DRV - [2004.08.03 23:59:28 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2004.08.03 23:59:28 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2004.08.03 23:59:08 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2004.08.03 23:58:46 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2004.08.03 23:58:42 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV)
DRV - [2004.08.03 23:58:42 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM)
DRV - [2004.08.03 23:58:42 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2004.08.03 23:58:40 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
DRV - [2004.08.03 23:58:40 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK)
DRV - [2004.08.03 23:58:34 | 000,209,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2004.08.03 23:58:32 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2004.08.03 23:58:32 | 000,042,240 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2004.08.03 23:58:30 | 000,061,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nic1394.sys -- (NIC1394)
DRV - [2004.08.03 23:58:30 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\arp1394.sys -- (Arp1394)
DRV - [2004.08.03 23:39:38 | 000,142,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2004.08.03 23:08:48 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2004.08.03 23:08:44 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser)
DRV - [2004.05.02 10:47:08 | 000,023,040 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2004.04.08 12:06:08 | 000,070,400 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.04.08 10:46:50 | 000,054,272 | ---- | M] (Protection Technology) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2004.01.15 07:20:38 | 000,090,534 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbVM31b.sys -- (ZSMC301b)
DRV - [2003.12.04 09:10:00 | 000,067,584 | ---- | M] (WIBU-SYSTEMS AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Wibukey.sys -- (WIBUKEY)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\prosync1.sys -- (prosync1)
DRV - [2003.01.31 10:45:56 | 000,090,416 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2001.10.25 14:00:00 | 000,125,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ftdisk.sys -- (Ftdisk)
DRV - [2001.10.25 14:00:00 | 000,038,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2001.10.25 14:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\isapnp.sys -- (isapnp)
DRV - [2001.10.25 14:00:00 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fips.sys -- (Fips)
DRV - [2001.10.25 14:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2001.10.25 14:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2001.10.25 14:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\partmgr.sys -- (PartMgr)
DRV - [2001.10.25 14:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2001.10.25 14:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2001.10.25 14:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2001.10.25 14:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2001.10.25 14:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2001.10.25 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2001.10.25 14:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2001.10.25 14:00:00 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2001.10.25 14:00:00 | 000,009,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
DRV - [2001.10.25 14:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2001.10.25 14:00:00 | 000,006,784 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\parvdm.sys -- (ParVdm)
DRV - [2001.10.25 14:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\dmload.sys -- (dmload)
DRV - [2001.10.25 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2001.10.25 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2001.10.25 14:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\beep.sys -- (Beep)
DRV - [2001.10.25 14:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\pciide.sys -- (PCIIde)
DRV - [2001.10.25 14:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\null.sys -- (Null)
DRV - [2001.10.24 12:54:32 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001.08.17 23:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001.08.17 23:00:52 | 000,054,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2000.07.24 01:01:00 | 000,019,537 | ---- | M] (Brother Industries Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\BrPar.sys -- (BrPar)
DRV - [1996.04.03 21:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)

[JaCub]

========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/ ... chasst.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Ask"
FF - prefs.js..browser.search.defaultthis.engineName: "Ashampoo US Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.as ... earchTerms}"
FF - prefs.js..browser.search.order.1: "Ask"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.seznam.cz"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.11
FF - prefs.js..extensions.enabledItems: {ca0849e8-2c76-42ae-9abe-34e14d337acf}:1.91
FF - prefs.js..extensions.enabledItems: {3474c305-9dad-11d8-9207-00055d74c2e4}:0.4.10
FF - prefs.js..extensions.enabledItems: {ba243cb0-b824-4a26-9418-73ee795d9b9d}:1.0.3
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.3
FF - prefs.js..extensions.enabledItems: piclens@cooliris.com:1.11.6
FF - prefs.js..extensions.enabledItems: cs@dictionaries.addons.mozilla.org:1.0.1
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.6.7
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a66}:0.6.1.14
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.80
FF - prefs.js..extensions.enabledItems: {1280606b-2510-4fe0-97ef-9b5a22eafe41}:1.0.9
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.0.3
FF - prefs.js..extensions.enabledItems: {d37dc5d0-431d-44e5-8c91-49419370caa1}:2.5.46
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.3
FF - prefs.js..extensions.enabledItems: {44d0a1b4-9c90-4f86-ac92-8680b5d6549e}:0.6.4.1
FF - prefs.js..extensions.enabledItems: {3112ca9c-de6d-4884-a869-9855de68056c}:6.1.20091216W
FF - prefs.js..extensions.enabledItems: cfxHelper@Triton:1.0
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.4
FF - prefs.js..extensions.enabledItems: {3f0da09b-c1ab-40c5-8d7f-53f475ac3fe8}:0.10.3
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {f13b157f-b174-47e7-a34d-4815ddfdfeb8}:0.9.87.4
FF - prefs.js..extensions.enabledItems: {398e77b8-2304-11dc-8314-0800200c9a66}:0.3.13
FF - prefs.js..extensions.enabledItems: {37E4D8EA-8BDA-4831-8EA1-89053939A250}:3.0.0.1
FF - prefs.js..extensions.enabledItems: CompactMenuCE@Merci.chao:4.3.2
FF - prefs.js..extensions.enabledItems: {EF522540-89F5-46b9-B6FE-1829E2B572C6}:4.2
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.2
FF - prefs.js..extensions.enabledItems: {003D3EDC-99B9-4a34-9C20-60CB94F7E829}:2007.30
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20091028
FF - prefs.js..extensions.enabledItems: {124d001a-bdcb-472f-aa59-bbe7e4bc3204}:2.5.6.0
FF - prefs.js..extensions.enabledItems: {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.7
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:0.9.10.2
FF - prefs.js..extensions.enabledItems: ietab@ip.cn:1.83.20100316
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.22
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18
FF - prefs.js..extensions.enabledItems: {cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}:0.4.5
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.3
FF - prefs.js..extensions.enabledItems: {e213bb8f-8ebd-11db-96b7-005056c00008}:3.0.0.90
FF - prefs.js..extensions.enabledItems: {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.90

FF - user.js..browser.search.openintab: false

FF - HKLM\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: D:\Programy\Nokia JK\Nokia PC Suite 7\Nokia PC Suite 7\bkmrksync\ [2009.11.24 00:01:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.02.19 17:13:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009.03.29 01:22:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.05 15:07:11 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.04.02 20:49:04 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.02.19 17:13:21 | 000,000,000 | ---D | M]

[2008.06.30 09:20:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Extensions
[2008.06.30 09:20:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2010.04.07 09:16:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions
[2008.03.01 22:55:31 | 000,000,000 | ---D | M] (WebTran) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
[2010.02.08 12:27:17 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010.02.28 00:46:29 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}
[2010.03.14 20:33:59 | 000,000,000 | ---D | M] (Vista-aero) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}
[2010.01.19 10:42:42 | 000,000,000 | ---D | M] (All-in-One Sidebar) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2009.10.27 23:22:45 | 000,000,000 | ---D | M] (FireShot) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010.03.16 09:04:54 | 000,000,000 | ---D | M] (Flagfox) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2010.01.24 17:14:21 | 000,000,000 | ---D | M] (Ashampoo US Toolbar) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{124d001a-bdcb-472f-aa59-bbe7e4bc3204}
[2009.05.18 08:41:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe41}
[2010.02.10 23:59:24 | 000,000,000 | ---D | M] (Image Zoom) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}
[2009.12.21 14:36:29 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.02.11 00:19:14 | 000,000,000 | ---D | M] (Bookmark Backup) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{3474c305-9dad-11d8-9207-00055d74c2e4}
[2009.10.15 22:25:55 | 000,000,000 | ---D | M] (PDF Download) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009.07.23 22:16:17 | 000,000,000 | ---D | M] (Minimap Addon) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{398e77b8-2304-11dc-8314-0800200c9a66}
[2010.01.11 22:00:44 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{3f0da09b-c1ab-40c5-8d7f-53f475ac3fe8}
[2010.01.26 23:50:17 | 000,000,000 | ---D | M] (Favicon Picker 2) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a66}
[2009.09.30 17:20:15 | 000,000,000 | ---D | M] (Gmail Notifier) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{44d0a1b4-9c90-4f86-ac92-8680b5d6549e}
[2010.03.17 22:43:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{989e9382-d540-4189-88d1-fc54a949a387}
[2009.11.06 03:08:40 | 000,000,000 | ---D | M] (WOT) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010.03.05 02:10:24 | 000,000,000 | ---D | M] (Bookmark Duplicate Detector) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{ba243cb0-b824-4a26-9418-73ee795d9b9d}
[2009.10.20 12:03:34 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{ca0849e8-2c76-42ae-9abe-34e14d337acf}
[2010.03.17 22:07:28 | 000,000,000 | ---D | M] (Google Redesigned) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{cc85cd4e-5a5b-4eda-a25c-bdaffa93b406}
[2010.01.07 22:44:24 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.01.27 10:23:36 | 000,000,000 | ---D | M] (FoxClocks) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
[2010.01.29 21:49:20 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2009.10.12 17:26:19 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
[2010.03.14 20:34:12 | 000,000,000 | ---D | M] (myFireFox) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}
[2010.03.31 11:44:47 | 000,000,000 | ---D | M] (Seznam lištiÄŤka) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[2010.01.24 01:18:29 | 000,000,000 | ---D | M] (FoxTab) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}
[2010.03.31 11:44:48 | 000,000,000 | ---D | M] (SearchPreview) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{EF522540-89F5-46b9-B6FE-1829E2B572C6}
[2008.06.20 19:11:55 | 000,000,000 | ---D | M] (JavaScript Debugger) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}
[2010.03.17 22:44:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\cfxe@Triton
[2010.03.17 22:32:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\cfxHelper@Triton
[2010.03.31 11:44:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\CompactMenuCE@Merci.chao
[2008.10.07 10:46:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\cs@dictionaries.addons.mozilla.org
[2010.03.24 22:45:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\ietab@ip.cn
[2010.03.17 22:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\opera10skin@firefox.theme
[2010.01.07 22:44:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\piclens@cooliris.com
[2010.03.17 22:44:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\Strata40@SpewBoy.au
[2010.03.17 22:30:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\tron@trionic.net
[2010.03.14 20:33:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{07b2a769-ed19-4483-87ce-c643914c81bb}\chrome\mozapps\extensions
[2010.03.14 20:34:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\extensions\{e213bb8f-8ebd-11db-96b7-005056c00008}\chrome\mozapps\extensions
[2010.04.05 22:26:32 | 000,001,243 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\a9.xml
[2008.01.14 14:19:25 | 000,000,624 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\abzcz.xml
[2010.04.07 09:16:09 | 000,001,207 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\alavecz.xml
[2008.10.16 11:27:27 | 000,001,714 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\aol-search.xml
[2008.06.20 23:05:38 | 000,001,712 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\askcom.xml
[2008.05.30 02:42:19 | 000,001,340 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\bbc-news.xml
[2008.03.19 08:43:27 | 000,007,917 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\businesscom.xml
[2009.12.14 16:30:25 | 000,001,210 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\cesky-kutilcz.xml
[2010.01.20 13:20:00 | 000,000,925 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\conduit.xml
[2009.03.08 03:00:30 | 000,002,455 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\cz-downloadchipeu.xml
[2009.03.15 13:55:05 | 000,000,855 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\delicious-tag.xml
[2008.01.17 18:25:38 | 000,001,349 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\encyklopedie.xml
[2009.07.02 11:57:27 | 000,002,248 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\espn.xml
[2008.03.19 08:43:30 | 000,008,027 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\expediacom.xml
[2010.04.05 22:26:34 | 000,002,311 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\filmova-databaze-fdbcz.xml
[2008.03.24 18:09:56 | 000,001,122 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\firmycz.xml
[2010.04.05 22:26:33 | 000,002,125 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\flickr-tags.xml
[2010.04.07 09:16:13 | 000,002,178 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\hledejcenycz.xml
[2008.01.14 13:52:48 | 000,001,340 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\hollywoodcom.xml
[2010.04.05 22:26:34 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\icqplugin-1.xml
[2008.02.03 20:47:36 | 000,000,950 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\icqplugin.xml
[2008.06.20 23:05:44 | 000,000,908 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\imdb.xml
[2010.04.07 09:16:10 | 000,000,880 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\kinomolcz.xml
[2010.03.31 15:23:59 | 000,001,085 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\knizni-web.xml
[2010.04.05 22:26:35 | 000,001,445 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\koupiscz.xml
[2010.04.05 22:26:34 | 000,005,216 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\linkedin.xml
[2008.05.30 02:42:26 | 000,001,944 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\live-search.xml
[2008.05.30 02:42:25 | 000,001,071 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\lonely-planet-online.xml
[2010.01.26 08:41:30 | 000,002,044 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\mapycz.xml
[2010.04.05 22:26:33 | 000,002,143 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\marketwatch.xml
[2010.03.11 19:16:01 | 000,001,092 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\maxdorf---velky-lekarsky-slovnik.xml
[2008.08.28 07:38:08 | 000,008,741 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\mmcomputercz.xml
[2010.04.07 09:16:10 | 000,001,464 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\morfeo.xml
[2010.04.07 09:16:13 | 000,013,194 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\mozcestnik.xml
[2010.04.07 09:16:09 | 000,001,932 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\naakupcz.xml
[2010.04.07 09:16:13 | 000,013,174 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\navrcholucz.xml
[2008.01.14 14:21:25 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\obchodni-rejstrik.xml
[2008.01.14 14:21:17 | 000,001,928 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\obchody-mall.xml
[2010.04.05 22:26:34 | 000,000,956 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\opensubtitlesorg.xml
[2009.11.01 12:08:35 | 000,001,436 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\os.xml
[2008.01.14 14:20:17 | 000,001,984 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\pegasoftcz-cz.xml
[2010.04.07 09:16:13 | 000,013,180 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\penguin.xml
[2010.04.07 09:16:11 | 000,001,727 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\portal-abc-linuxu.xml
[2010.04.07 09:16:09 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\rockmagcz.xml
[2010.04.07 09:16:10 | 000,001,426 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\rootcz.xml
[2010.04.05 22:26:34 | 000,001,578 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\rychlostcz---hledani-pripojeni.xml
[2008.01.17 18:25:38 | 000,001,335 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\seznam-zbozi.xml
[2008.01.28 19:17:09 | 000,000,992 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\slovnik-cizich-slov-uzdroje.xml
[2010.04.05 22:26:36 | 000,013,187 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\srovnamecz.xml
[2010.04.07 09:16:09 | 000,001,507 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\srovnanicencz.xml
[2010.04.07 09:16:11 | 000,000,996 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\stahujcz---svet-software.xml
[2008.06.06 11:54:25 | 000,001,961 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\technorati.xml
[2010.04.07 09:16:11 | 000,005,699 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\titulky.xml
[2010.04.07 09:16:13 | 000,013,217 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\toplistcz.xml
[2010.04.07 09:16:12 | 000,013,165 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\underground.xml
[2008.03.19 08:43:32 | 000,008,049 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\usatodaycom.xml
[2010.03.11 19:16:01 | 000,001,185 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\velky-zpevnik.xml
[2010.04.05 15:19:53 | 000,013,280 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\vltavacz.xml
[2010.04.05 22:26:33 | 000,001,837 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\weathercom.xml
[2008.01.14 14:18:31 | 000,000,831 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\webdotcz.xml
[2008.06.19 11:32:05 | 000,000,681 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\webster.xml
[2010.04.05 22:26:34 | 000,001,058 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\wikipedia---czech.xml
[2008.06.20 23:05:41 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\wikipedia-en.xml
[2010.03.11 19:16:03 | 000,013,432 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\wikiubuntucz.xml
[2008.07.19 14:49:22 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\winamp-search.xml
[2008.01.14 14:18:47 | 000,001,047 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\xchat-profil-nicku.xml
[2010.04.05 22:26:34 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\xxxczineu.xml
[2008.01.14 13:53:05 | 000,001,437 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\yahoo-answers.xml
[2010.04.05 22:26:33 | 000,002,216 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\yahooligans.xml
[2010.04.05 22:26:35 | 000,001,518 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\zacatek---inzerce.xml
[2010.01.26 08:41:30 | 000,002,186 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\zbocz.xml
[2010.03.24 22:42:07 | 000,001,247 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\zdarmaorg.xml
[2010.04.07 09:16:13 | 000,013,174 | ---- | M] () -- C:\Documents and Settings\KUBA\Data aplikací\Mozilla\Firefox\Profiles\lm2hac5q.default\searchplugins\zoohoo.xml
[2010.04.07 09:16:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.04.02 20:49:04 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010.03.12 00:22:01 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[2010.04.02 20:48:50 | 000,023,000 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll
[2010.04.02 20:48:50 | 000,138,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll
[2009.12.17 18:14:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
[2009.01.18 19:08:58 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll
[2010.04.02 20:48:56 | 000,064,984 | ---- | M] (mozilla.org) -- C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
[2009.02.13 22:49:34 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
[2009.02.13 22:49:34 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
[2009.02.13 22:49:34 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
[2009.02.13 22:49:34 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
[2009.02.13 22:49:34 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
[2009.02.13 22:49:34 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
[2009.02.13 22:49:34 | 000,143,360 | ---- | M] (Apple Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
[2010.01.14 00:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2009.09.21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml
[2010.04.02 20:48:58 | 000,002,371 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\google.xml
[2010.04.02 20:48:58 | 000,000,638 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\jyxo-cz.xml
[2010.04.02 20:48:58 | 000,001,687 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\mall-cz.xml
[2010.04.02 20:48:58 | 000,001,367 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\seznam-cz.xml
[2010.04.02 20:48:58 | 000,000,654 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\slunecnice-cz.xml
[2010.04.02 20:48:58 | 000,001,179 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-cz.xml

[JaCub]

O1 HOSTS File: ([2008.05.13 10:59:38 | 000,000,686 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - E:\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\ShellBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (&Adresa) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O3 - HKCU\..\Toolbar\WebBrowser: (&Odkazy) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [FLMBROWSEMOUSE] C:\Program Files\Browser PS2 mouse\mouse32a.exe ()
O4 - HKLM..\Run: [FLMK08KB] C:\Program Files\Multimedia keyboard utility\1.3\MMKEYBD.EXE ()
O4 - HKLM..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Silvercrest MTS2218 driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKCU..\Run: [fsm] File not found
O4 - HKCU..\Run: [NOD32] C:\Program Files\ESET\nod32kui.exe (Eset )
O4 - HKCU..\Run: [UIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo GmbH & Co. KG)
O4 - HKCU..\Run: [WEBTRAN] File not found
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\Ashampoo Magical Defrag.lnk = C:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe ( )
O4 - Startup: C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ShutdownWithoutLogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClearRecentDocsOnExit = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - D:\Kancelář\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Stáhnout Free Download Managerem - E:\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Stáhnout video Free Download Managerem - E:\Free Download Manager\dlfvideo.htm ()
O8 - Extra context menu item: Stáhnout vše Free Download Managerem - E:\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: Stáhnout vybrané Free Download Managerem - E:\Free Download Manager\dlselected.htm ()
O9 - Extra 'Tools' menuitem : &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O16 - DPF: {4FEE6316-7B6F-4A6C-BD4E-4157C59A9E9D} http://static.s2g.gate5.de/ovi_maps/Ovi ... 3.37.6.cab (Ovi maps browser plugin)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/pub/sh ... wflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\lid {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Proces mezipaměti kategorií součástí - C:\WINDOWS\system32\browseui.dll (Společnost Microsoft)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Nebe.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\KUBA\Data aplikací\Ashampoo Photo Commander 6\Ashampoo Photo Commander 5 Wallpaper.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2007.12.22 18:20:13 | 000,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

[JaCub]

Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (55745600305496064)

========== Files/Folders - Created Within 30 Days ==========

[2010.04.07 12:35:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\KUBA\Recent
[2010.04.07 11:37:05 | 000,561,664 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\KUBA\Plocha\OTL.exe
[2010.04.05 14:23:35 | 000,000,000 | ---D | C] -- C:\Program Files\Browser PS2 mouse
[2010.04.05 14:23:03 | 000,000,000 | ---D | C] -- C:\Program Files\Multimedia keyboard utility
[2010.03.16 10:36:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\KUBA\Data aplikací\GHISLER
[2010.03.12 00:22:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Sun
[2010.03.12 00:21:59 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe
[2010.03.12 00:21:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe
[2010.03.12 00:21:58 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe
[2010.02.19 17:24:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Microsoft
[2009.03.28 01:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Mozilla
[2009.01.21 04:32:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\NVIDIA Corporation
[2008.09.06 11:35:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Data aplikací\Adobe
[2008.06.04 07:48:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\Mozilla
[2008.04.05 18:31:08 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Data aplikací\Microsoft
[2008.01.12 21:05:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Apple
[2007.12.23 03:20:00 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\KUBA\Data aplikací\pcouffin.sys
[2007.12.22 18:24:25 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Data aplikací\Microsoft
[2007.12.22 18:24:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Data aplikací\Microsoft
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.04.07 14:13:49 | 000,002,414 | ---- | M] () -- C:\WINDOWS\MAILTRAN.INI
[2010.04.07 11:37:33 | 000,561,664 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\KUBA\Plocha\OTL.exe
[2010.04.07 08:34:34 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.04.07 08:34:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.04.07 02:14:03 | 014,942,208 | -H-- | M] () -- C:\Documents and Settings\KUBA\NTUSER.DAT
[2010.04.07 02:14:03 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\KUBA\ntuser.ini
[2010.04.06 12:20:46 | 000,000,825 | ---- | M] () -- C:\WINDOWS\BRWMARK.INI
[2010.04.03 17:01:50 | 000,029,184 | ---- | M] () -- C:\Documents and Settings\KUBA\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.04.03 15:10:14 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.04.01 23:09:35 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.04.01 14:38:33 | 000,002,283 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Skype.lnk
[2010.04.01 11:23:18 | 000,000,435 | ---- | M] () -- C:\WINDOWS\system.ini
[2010.04.01 08:17:33 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.03.28 14:47:54 | 000,392,296 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.03.28 14:47:53 | 000,920,954 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.03.28 14:47:53 | 000,389,664 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2010.03.28 14:47:53 | 000,068,736 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2010.03.28 14:47:53 | 000,058,596 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.03.25 20:41:11 | 000,000,111 | ---- | M] () -- C:\WINDOWS\System32\everest_cpl.ini
[2010.03.22 20:16:02 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.03.19 22:59:26 | 000,060,416 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\ALCFDRTM.VER
[2010.03.19 22:39:17 | 000,000,104 | ---- | M] () -- C:\WINDOWS\System32\BRAgent.dat
[2010.03.15 22:08:10 | 000,064,978 | ---- | M] () -- C:\Documents and Settings\KUBA\.recently-used.xbel
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.03.22 20:16:02 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
[2010.03.16 10:36:36 | 000,000,545 | ---- | C] () -- C:\WINDOWS\UC.PIF
[2010.03.16 10:36:36 | 000,000,545 | ---- | C] () -- C:\WINDOWS\RAR.PIF
[2010.03.16 10:36:36 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKZIP.PIF
[2010.03.16 10:36:36 | 000,000,545 | ---- | C] () -- C:\WINDOWS\PKUNZIP.PIF
[2010.03.16 10:36:36 | 000,000,545 | ---- | C] () -- C:\WINDOWS\NOCLOSE.PIF
[2010.03.16 10:36:36 | 000,000,545 | ---- | C] () -- C:\WINDOWS\LHA.PIF
[2010.03.16 10:36:36 | 000,000,545 | ---- | C] () -- C:\WINDOWS\ARJ.PIF
[2010.03.15 22:08:10 | 000,064,978 | ---- | C] () -- C:\Documents and Settings\KUBA\.recently-used.xbel
[2010.03.02 03:48:01 | 000,000,135 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2009.11.14 02:43:03 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2009.11.06 11:18:37 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\KUBA\Data aplikací\inst.exe
[2009.10.19 21:41:56 | 000,000,034 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2009.10.18 12:33:23 | 000,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys
[2009.08.26 09:54:21 | 000,000,030 | ---- | C] () -- C:\WINDOWS\System32\brss01a.ini
[2009.08.10 03:28:32 | 000,000,086 | ---- | C] () -- C:\WINDOWS\Brfaxrx.ini
[2009.08.09 20:54:29 | 000,000,245 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2009.08.09 20:54:29 | 000,000,094 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2009.08.09 20:54:09 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2009.08.09 20:35:53 | 000,031,567 | ---- | C] () -- C:\WINDOWS\maxlink.ini
[2009.07.28 16:46:40 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll
[2009.07.27 21:41:17 | 000,000,313 | ---- | C] () -- C:\WINDOWS\BRDIAG.INI
[2009.07.27 21:41:17 | 000,000,209 | ---- | C] () -- C:\WINDOWS\Brownie.ini
[2009.07.27 21:41:17 | 000,000,145 | ---- | C] () -- C:\WINDOWS\BRVIDEO.INI
[2009.07.27 21:41:11 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC32.DLL
[2009.07.27 21:41:11 | 000,004,608 | ---- | C] () -- C:\WINDOWS\System32\BRGSRC16.DLL
[2009.07.27 21:41:09 | 000,008,975 | ---- | C] () -- C:\WINDOWS\HL-2030.INI
[2009.07.27 21:40:38 | 000,000,825 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2009.07.02 16:05:18 | 000,000,000 | ---- | C] () -- C:\WINDOWS\lgfwup.ini
[2009.03.22 22:54:50 | 000,000,074 | ---- | C] () -- C:\WINDOWS\MediaManager.INI
[2009.01.22 01:58:44 | 000,000,309 | ---- | C] () -- C:\WINDOWS\doom3.ini
[2009.01.21 13:21:36 | 000,019,039 | ---- | C] () -- C:\WINDOWS\System32\drivers\GVTDrv.sys
[2009.01.21 02:14:47 | 000,000,111 | ---- | C] () -- C:\WINDOWS\System32\everest_cpl.ini
[2009.01.03 02:17:03 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009.01.03 02:16:54 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009.01.03 02:16:54 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009.01.03 02:16:54 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009.01.03 02:16:47 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009.01.03 02:16:47 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008.12.24 23:37:13 | 000,000,022 | ---- | C] () -- C:\Documents and Settings\KUBA\Local Settings\Data aplikací\kodakpcd.ini
[2008.07.18 17:57:07 | 000,000,114 | ---- | C] () -- C:\Documents and Settings\KUBA\.jalbum-recent-projects.properties
[2008.06.05 20:44:54 | 000,000,620 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2008.05.17 17:42:08 | 000,142,592 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2008.04.28 12:11:16 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008.04.28 12:11:16 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008.04.28 12:11:16 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008.04.28 12:11:16 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008.04.28 12:11:16 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008.04.28 12:11:16 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008.04.28 12:11:16 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008.04.28 12:11:16 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008.04.28 12:11:16 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008.03.19 15:30:49 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2008.03.01 22:49:03 | 000,000,047 | ---- | C] () -- C:\WINDOWS\WTRDCTM.INI
[2008.03.01 22:47:46 | 000,003,681 | ---- | C] () -- C:\WINDOWS\UN32P.INI
[2008.03.01 22:47:17 | 000,002,414 | ---- | C] () -- C:\WINDOWS\MAILTRAN.INI
[2008.03.01 22:47:16 | 000,003,295 | ---- | C] () -- C:\WINDOWS\TRNCOM.INI
[2008.03.01 22:47:06 | 000,004,192 | ---- | C] () -- C:\WINDOWS\WTRAN32.INI
[2008.03.01 22:47:06 | 000,001,581 | ---- | C] () -- C:\WINDOWS\WDICT32.INI
[2008.03.01 22:21:13 | 000,491,520 | ---- | C] () -- C:\WINDOWS\WebIE.dll
[2008.03.01 22:21:12 | 000,200,704 | ---- | C] () -- C:\WINDOWS\TRNOET.DLL
[2008.03.01 22:21:12 | 000,045,056 | ---- | C] () -- C:\WINDOWS\TRNOEH.DLL
[2008.02.19 02:49:26 | 000,000,290 | ---- | C] () -- C:\WINDOWS\game.ini
[2008.01.19 13:14:49 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\QTSBandwidthCache
[2008.01.01 18:25:36 | 000,000,908 | ---- | C] () -- C:\WINDOWS\level.ini
[2007.12.31 19:23:21 | 000,000,891 | ---- | C] () -- C:\WINDOWS\TeVeoLive.ini
[2007.12.31 19:23:21 | 000,000,092 | ---- | C] () -- C:\WINDOWS\ClipstoreOEM.ini
[2007.12.31 19:16:12 | 000,000,045 | ---- | C] () -- C:\WINDOWS\Twacker.ini
[2007.12.31 19:16:07 | 000,000,058 | ---- | C] () -- C:\WINDOWS\lifeview.ini
[2007.12.25 00:00:17 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007.12.25 00:00:13 | 000,029,184 | ---- | C] () -- C:\Documents and Settings\KUBA\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.23 03:20:23 | 000,000,034 | ---- | C] () -- C:\Documents and Settings\KUBA\Data aplikací\pcouffin.log
[2007.12.23 03:20:00 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\KUBA\Data aplikací\pcouffin.cat
[2007.12.23 03:20:00 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\KUBA\Data aplikací\pcouffin.inf
[2007.12.23 02:25:27 | 000,000,032 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
[2007.12.22 21:13:53 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007.12.22 19:53:20 | 000,004,366 | ---- | C] () -- C:\WINDOWS\hpdj5100.ini
[2007.12.22 19:25:21 | 000,023,040 | ---- | C] () -- C:\WINDOWS\System32\drivers\GVCplDrv.sys
[2007.12.22 19:22:34 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007.12.22 19:10:48 | 000,000,258 | ---- | C] () -- C:\WINDOWS\System32\raidmgmt.ini
[2007.12.22 18:55:44 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007.12.22 18:42:41 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2007.12.22 18:27:39 | 000,380,928 | -H-- | C] () -- C:\Documents and Settings\KUBA\ntuser.dat.LOG
[2007.12.22 18:27:39 | 000,000,272 | -HS- | C] () -- C:\Documents and Settings\KUBA\ntuser.ini
[2007.12.22 18:27:38 | 014,942,208 | -H-- | C] () -- C:\Documents and Settings\KUBA\NTUSER.DAT
[2006.06.01 11:22:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006.06.01 11:22:00 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006.06.01 11:22:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006.06.01 11:22:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.06.01 11:22:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006.06.01 11:22:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

========== Custom Scans ==========


< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\ctfmon.exe -- [2004.08.17 16:49:24 | 000,015,360 | ---- | M] (Microsoft Corporation)
"NOD32" = C:\Program Files\ESET\nod32kui.exe -- [2007.12.22 20:47:48 | 000,917,504 | ---- | M] (Eset )
"WEBTRAN" =
"fsm" =
"UIWatcher" = C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe -- [2009.02.23 10:57:04 | 003,508,568 | ---- | M] (ashampoo GmbH & Co. KG)
"" =
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\not active]
"winwamp" = D:\PLAY,RW,COPY\Winamp\winamp.exe -- [2010.01.14 00:45:58 | 001,552,736 | ---- | M] (Nullsoft, Inc.)
"NVIDIA nTune" = "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear -- File not found
"AlcoholAutomount" = "D:\PLAY,RW,COPY\Alcohol 120\axcmd.exe" /automount -- [2007.08.01 20:17:21 | 000,222,592 | ---- | M] (Alcohol Soft Development Team)
"NBJ" = "D:\PLAY_R~1\Ahead NERO 6\Nero BackItUp\NBJ.exe" -- [2004.11.30 13:36:56 | 001,945,600 | ---- | M] (Ahead Software AG)
"OEXPRESS" = C:\Documents and Settings\KUBA\Data aplikací\LangSoft\OETRN.EXE -- [2008.03.01 22:54:53 | 000,026,624 | ---- | M] ()

< c:\windows\*.* /U >
[3 c:\windows\*.tmp files -> c:\windows\*.tmp -> ]

[JaCub]

< MD5 for: AGP440.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2004.08.04 00:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2001.10.25 14:00:00 | 000,086,656 | ---- | M] (Microsoft Corporation) MD5=A64013E98426E1877CB653685C5C0009 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys
[2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2004.08.17 16:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
[2001.10.25 14:00:00 | 000,047,616 | ---- | M] (Microsoft Corporation) MD5=8DAEFE31BA545A98E07A976F7435CC5B -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: EXPLORER.EXE >
[2001.10.25 14:00:00 | 001,001,472 | ---- | M] (Microsoft Corporation) MD5=0348A56A9E9A658AE3AD15B42026498E -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 16:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

< MD5 for: HAL.DLL >
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 16:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:hal.dll
[2001.10.25 14:00:00 | 000,128,768 | ---- | M] (Microsoft Corporation) MD5=AF609C7C513B3857107FF875B26A57F2 -- C:\WINDOWS\$NtServicePackUninstall$\hal.dll
[2004.08.03 23:59:20 | 000,105,472 | ---- | M] (Microsoft Corporation) MD5=C321C95318495909A0066FB0EDC97287 -- C:\WINDOWS\ServicePackFiles\i386\hal.dll
[2004.08.03 23:59:10 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\HAL.DLL

< MD5 for: LSASS.EXE >
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\ServicePackFiles\i386\lsass.exe
[2004.08.17 16:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
[2001.10.25 14:00:00 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=F80A83B21434C30A788EB8991E6A61ED -- C:\WINDOWS\$NtServicePackUninstall$\lsass.exe

< MD5 for: NDIS.SYS >
[2001.10.25 14:00:00 | 000,161,536 | ---- | M] (Microsoft Corporation) MD5=3EFD4F59BA0A340DE0A3AB984001DBF7 -- C:\WINDOWS\$NtServicePackUninstall$\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\ServicePackFiles\i386\ndis.sys
[2004.08.04 00:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys

< MD5 for: NETLOGON.DLL >
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2004.08.17 16:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
[2001.10.25 14:00:00 | 000,397,824 | ---- | M] (Microsoft Corporation) MD5=606FAB9689DA902468D0D150B90D93A9 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVATA.SYS >
[2005.08.18 11:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\WINDOWS\system32\drivers\nvata.sys

< MD5 for: SCECLI.DLL >
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2004.08.17 16:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
[2001.10.25 14:00:00 | 000,178,688 | ---- | M] (Microsoft Corporation) MD5=88CA7CD14736FAC776C2F0EAC14CC269 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

< MD5 for: SMSS.EXE >
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\ServicePackFiles\i386\smss.exe
[2004.08.17 16:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2004.08.17 16:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
[2001.10.25 14:00:00 | 000,045,568 | ---- | M] (Microsoft Corporation) MD5=ED12D92A7B26E99E3A5BF4B043F7314E -- C:\WINDOWS\$NtServicePackUninstall$\smss.exe

< MD5 for: SVCHOST.EXE >
[2001.10.25 14:00:00 | 000,012,800 | ---- | M] (Microsoft Corporation) MD5=329945887A0C684C38A4845330BC9100 -- C:\WINDOWS\$NtServicePackUninstall$\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\ServicePackFiles\i386\svchost.exe
[2004.08.17 16:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe

< MD5 for: USERINIT.EXE >
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2004.08.17 16:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
[2001.10.25 14:00:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=95C5E6E59DF2B91E8A5CD181B1C96174 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

< MD5 for: WINLOGON.EXE >
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2004.08.17 16:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2001.10.25 14:00:00 | 000,430,080 | ---- | M] (Microsoft Corporation) MD5=674D88B0BE536B5FF62F5C3D71A177A4 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

< MD5 for: WS2_32.DLL >
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\ServicePackFiles\i386\ws2_32.dll
[2004.08.17 16:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
[2001.10.25 14:00:00 | 000,075,264 | ---- | M] (Microsoft Corporation) MD5=748494B94A871A828C64D1D5C738D2B7 -- C:\WINDOWS\$NtServicePackUninstall$\ws2_32.dll

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< End of report >

[JaCub]

OTL Extras logfile created on: 7.4.2010 14:28:58 - Run 3
OTL by OldTimer - Version 3.2.1.0 Folder = C:\Documents and Settings\KUBA\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy

1 023,00 Mb Total Physical Memory | 511,00 Mb Available Physical Memory | 50,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 14,65 Gb Total Space | 4,63 Gb Free Space | 31,64% Space Free | Partition Type: NTFS
Drive D: | 41,24 Gb Total Space | 7,80 Gb Free Space | 18,92% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 259,08 Gb Free Space | 55,63% Space Free | Partition Type: NTFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: JAKUB
Current User Name: KUBA
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (All) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\shdocvw.dll (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\System32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "D:\Kancelář\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe shdocvw.dll,OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- rundll32.exe %SystemRoot%\System32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\PLAY,RW,COPY\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\PLAY,RW,COPY\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\PLAY,RW,COPY\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"FirewallDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"43436:TCP" = 43436:TCP:*:Enabled:emule TCP
"46800:UDP" = 46800:UDP:*:Enabled:emule UPD

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ6\ICQ.exe" = C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6 -- File not found
"D:\Digi K o d a k\Kodak EasyShare software\bin\EasyShare.exe" = D:\Digi K o d a k\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Spyware Terminator\SpywareTerminator.Exe" = C:\Program Files\Spyware Terminator\SpywareTerminator.Exe:*:Enabled:Spyware Terminator -- (Crawler.com)
"D:\eMULE JK\eMule\emule.exe" = D:\eMULE JK\eMule\emule.exe:*:Enabled:eMule -- (http://www.emule-project.net)
"C:\Program Files\Brother\BRAgent\BRAgtSrv.exe" = C:\Program Files\Brother\BRAgent\BRAgtSrv.exe:*:Enabled:BRAgent -- ()
"C:\Program Files\ICQ6.5\ICQ.exe" = C:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6 -- (ICQ, LLC.)
"C:\Program Files\Brother\BRAdmin Professional 3\discover.exe" = C:\Program Files\Brother\BRAdmin Professional 3\discover.exe:*:Enabled:BRAdmin Professional 3 -- ()
"C:\Program Files\Brother\BRAdmin Professional 3\AuditorServer.exe" = C:\Program Files\Brother\BRAdmin Professional 3\AuditorServer.exe:*:Enabled:BRAdmin Professional 3 -- ()
"C:\Program Files\Brother\BRAdmin Professional 3\bradminv3.exe" = C:\Program Files\Brother\BRAdmin Professional 3\bradminv3.exe:*:Enabled:BRAdmin Professional 3 -- (Brother Industries, Ltd.)
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe" = C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater -- (Nokia Corporation)
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe" = C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process -- (Nokia Corporation)
"E:\Free Download Manager\fdm.exe" = E:\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager -- (FreeDownloadManager.ORG)
"D:\Hry\Truck_Racing_By_Renault_Trucks\Bin\RTR.exe" = D:\Hry\Truck_Racing_By_Renault_Trucks\Bin\RTR.exe:*:Enabled:Truck Racing by Renault Trucks -- File not found
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"E:\GAME\Tom Clancy's H.A.W.X\HAWX.exe" = E:\GAME\Tom Clancy's H.A.W.X\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X -- ()
"E:\GAME\Tom Clancy's H.A.W.X\HAWX_dx10.exe" = E:\GAME\Tom Clancy's H.A.W.X\HAWX_dx10.exe:*:Enabled:Tom Clancy's H.A.W.X -- ()
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" = C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2 -- (Nokia)
"C:\Program Files\Java\jre6\bin\javaw.exe" = C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe" = C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe:*:Enabled:Menu -- ()
"E:\Free Download Manager\fdmwi.exe" = E:\Free Download Manager\fdmwi.exe:*:Enabled:fdmwi -- ()
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00060000-0000-1004-8002-0000C06B5161}" = WIBU-KEY Setup (WIBU-KEY Remove)
"{001FFFFF-FF08-FF01-FF11-01F00F02F000}" = ArchiCAD 8.1 CZE
"{01B4AC8E-6D83-44B3-958D-2AFE57BE54DB}" = Brother MFL-Pro Suite MFC-6490CW
"{03EDED24-8375-407D-A721-4643D9768BE1}" = kgchlwn
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{0D005F09-A5F4-473B-A901-5735C6AF5628}" = Silent Hunter 4 Wolves of the Pacific
"{11F3F858-4131-4FFA-A560-3FE282933B6E}" = kgchday
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}" = Skype™ 4.0
"{268535E0-5F7C-435F-B9B9-10B03479E32D}" = Stropy BSK
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 18
"{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2F2B569E-2024-48B8-867B-DB1BF2338F38}" = Silvercrest MTS2218 driver
"{3248F0A8-6813-11D6-A77B-00B0D0160030}" = Java(TM) 6 Update 3
"{350C97C4-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED8B97-897C-4BD1-AEAE-6FD3404BA082}" = Ovi Desktop Sync Engine
"{3BB4403C-F235-412B-BE42-6D015857566B}" = Brother HL-2030
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{481C9A00-91AC-4065-870C-BD4E28186E5A}" = PC Connectivity Solution
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C911A61-39EA-41CC-AB3C-FE3BFFDB5F78}" = Nokia Software Updater
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{590D4F8F-98FE-47FA-AC2B-3F22FDCF7C09}" = ShareIns
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{608D2A3C-6889-4C11-9B54-A42F45ACBFDB}" = fflink
"{60DE4033-9503-48D1-A483-7846BD217CA9}" = ICQ6.5
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{693C08A7-9E76-43FF-B11E-9A58175474C4}" = kgckids
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E36A172-06FB-4BC8-B7FC-D30D219E6776}" = Tom Clancy's H.A.W.X
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{74224F8D-4A17-4816-9EDB-7BB854DE532C}" = NVIDIA PhysX v8.04.25
"{74EC78BC-B379-4E29-9006-8F161DCAABA6}" = Apple Software Update
"{75C885D4-C758-4896-A3B4-90DA34B44C31}" = BRAdmin Professional 3
"{79922699-7614-4033-884B-B40E3807B3B3}" = TeVeo VIDiO Suite
"{7A8FF745-BBC5-482B-88E4-18D3178249A9}" = ScanSoft PaperPort 11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{85906B1C-FD0E-417A-BE43-C3A4E10CFAA0}" = Adobe Illustrator 10 CE
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8A8664E1-84C8-4936-891C-BC1F07797549}" = kgcvday
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{90280405-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional s aplikací FrontPage
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{9249D7E7-33E7-4CC8-BB0B-3DF3C3CB2568}" = Nokia PC Suite
"{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}" = Nokia Ovi Suite
"{9390DEE7-32CF-4A2E-A47B-30270D624AA1}" = Brother BRAgent 1.32.0000
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BD54685-1496-46A5-AB62-357CD140ED8B}" = kgcinvt
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{A1588373-1D86-4D44-86C9-78ABD190F9CC}" = kgcmove
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A8361CC1-6B90-4525-B04C-E2F58078A366}" = Camera Plus
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B023185F-F1EF-4F97-B0BD-AE6D802226D1}" = NVIDIA WDM Drivers
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B48F9C44-C904-4FA3-984D-F65AE4C49745}" = Zoner Media Explorer 5
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{BA63348B-143D-4CAC-A355-3879402ED781}" = Nokia Ovi Suite Software Updater
"{BF9BA346-27AA-4EE0-8333-FEA5400D2AA0}" = 18 WoS Across America
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Software Kodak EasyShare
"{D560A981-FEB3-42F0-A61A-13E9528E0C51}_is1" = GTR 2 1.0.0.0
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{DBC3FDEC-D5F4-439C-9A18-EF454A74E3DE}_is1" = NOD32 FiX v1.9
"{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}" = Command & Conquer 3
"{E18B549C-5D15-45DA-8D8F-8FD2BD946344}" = kgcbaby
"{E22DFF40-C8CA-11D3-8636-0000B48041BA}" = Statický výpočet POROTHERM stropu
"{E303B395-E0C1-42E6-9EF9-F3BC23DEF2D7}" = Remote Printer Console
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FACF203E-0F4D-489A-B80C-D185253C8FCB}" = Autodesk Design Review 2008
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Balíček ovladače systému Windows - Nokia Modem (10/05/2009 4.2)
"18 Wheels of Steel: Haulin'" = 18 Wheels of Steel: Haulin'
"504244733D18C8F63FF584AEB290E3904E791693" = Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Balíček ovladače systému Windows - Nokia Modem (06/01/2009 7.01.0.4)
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Photoshop 7.0 CE" = Adobe Photoshop 7.0 CE
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"AOL Toolbar for Firefox" = AOL Toolbar for Firefox
"Ashampoo Burning Studio 2009 Advanced_is1" = Ashampoo Burning Studio 2009 Advanced
"Ashampoo ClipFinder HD_is1" = Ashampoo ClipFinder HD 2.06
"Ashampoo Magical Defrag" = Ashampoo Magical Defrag
"Ashampoo Photo Commander 6_is1" = Ashampoo Photo Commander 6.40
"Ashampoo UnInstaller 3_is1" = Ashampoo UnInstaller 3.12
"Ashampoo WinOptimizer 2010 Advanced_is1" = Ashampoo WinOptimizer 2010 Advanced
"Browser PS2 mouse" = Browser PS2 mouse
"CCleaner" = CCleaner
"CDex" = CDex extraction audio
"DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5_is1" = DVDFab (Platinum/Gold/HD Decrypter) (Option: Mobile) 5.1.1.0
"DVDFab 6_is1" = DVDFab 6.1.2.5 (27/10/2009)
"eMule" = eMule
"EssentialPIM" = EssentialPIM
"FINE Wberger 3.0" = Zdivo POROTHERM (pouze odstranit)
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Free Download Manager_is1" = Free Download Manager 3.0
"GIGABYTE VGA Utility Manager" = GIGABYTE VGA Utility Manager
"GridVista" = Acer GridVista
"Haulin Czech 1.04-06 R1" = Haulin Czech 1.04-06 R1
"HijackThis" = HijackThis 2.0.2
"IL-2 Sturmovik" = IL-2 Sturmovik
"Inkscape" = Inkscape 0.45.1
"InstallShield_{2F2B569E-2024-48B8-867B-DB1BF2338F38}" = Silvercrest MTS2218 driver
"InstallShield_{BF9BA346-27AA-4EE0-8333-FEA5400D2AA0}" = 18 WoS Across America
"InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A}" = Doom 3
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.5 (Full)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Mozilla Firefox (3.6.3)" = Mozilla Firefox (3.6.3)
"Multimedia keyboard utility 1.3" = Multimedia keyboard utility 1.3
"Nero - Burning Rom!UninstallKey" = Nero 6 Ultra Edition
"NOD32" = Antivirový systém NOD32
"Nokia Maps Updater_is1" = Nokia Maps Updater 1.0.12
"Nokia Ovi Suite" = Nokia Ovi Suite
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PC Translator" = PC Translator
"Projekty 1.1_is1" = Projekty 1.1
"RACE 07 Offline_1.0_is1" = RACE 07 Offline
"SHOUTcastDSP" = SHOUTcast Source DSP 1.9.1 (remove only)
"Software Informer_is1" = Software Informer 1.0 BETA
"SpeedFan" = SpeedFan (remove only)
"Spyware Terminator_is1" = Spyware Terminator
"STLFR_eng_is1" = 'Steel Fury - Kharkov 1942'
"SystemRequirementsLab" = System Requirements Lab
"Totalcmd" = Total Commander (Remove or Repair)
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"WIC" = Windows Imaging Component
"Winamp" = Winamp
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows XP Service Pack" = Windows XP Service Pack 2
"WinGimp-2.0_is1" = GIMP 2.4.0
"WinGTK-2_is1" = GTK+ 2.10.13 runtime environment
"WinRAR archiver" = WinRAR
"WMFDist11" = Windows Media Format 11 runtime
"woh2_eng" = Wings of Honour - Battles of the Red Baron
"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7
"Yahoo! Toolbar" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"PhotoFiltre" = PhotoFiltre
"Winamp Detect" = Winamp Application Detect

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4.4.2010 20:11:00 | Computer Name = JAKUB | Source = nview_info | ID = 11141121
Description =

Error - 4.4.2010 20:11:00 | Computer Name = JAKUB | Source = nview_info | ID = 11141121
Description =

Error - 4.4.2010 20:11:00 | Computer Name = JAKUB | Source = nview_info | ID = 11141121
Description =

Error - 4.4.2010 20:11:00 | Computer Name = JAKUB | Source = nview_info | ID = 11141121
Description =

Error - 4.4.2010 20:11:00 | Computer Name = JAKUB | Source = nview_info | ID = 11141121
Description =

Error - 4.4.2010 20:11:00 | Computer Name = JAKUB | Source = nview_info | ID = 11141121
Description =

Error - 4.4.2010 20:11:00 | Computer Name = JAKUB | Source = nview_info | ID = 11141121
Description =

Error - 4.4.2010 20:11:03 | Computer Name = JAKUB | Source = nview_info | ID = 11141121
Description =

Error - 4.4.2010 20:11:04 | Computer Name = JAKUB | Source = nview_info | ID = 11141121
Description =

Error - 5.4.2010 7:44:05 | Computer Name = JAKUB | Source = nview_info | ID = 11141121
Description =

[ System Events ]
Error - 5.4.2010 7:46:51 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 5.4.2010 7:50:25 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 5.4.2010 8:01:41 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 5.4.2010 8:08:48 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 5.4.2010 8:25:30 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 5.4.2010 8:40:49 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 5.4.2010 8:58:03 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 5.4.2010 22:19:21 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 6.4.2010 17:39:44 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2

Error - 7.4.2010 2:34:45 | Computer Name = JAKUB | Source = Service Control Manager | ID = 7000
Description = Služba OMSCAN neuspěla při spuštění v důsledku následující chyby:
%%2


< End of report >

[JaCub]

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-04-07 15:00:35
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\KUBA\LOCALS~1\Temp\kxtdypob.sys


---- System - GMER 1.0.15 ----

SSDT sptd.sys ZwEnumerateKey [0xF72A2FB2]
SSDT sptd.sys ZwEnumerateValueKey [0xF72A3340]

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 865681E8

AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )

---- EOF - GMER 1.0.15 ----
-------------------------------------
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-07 15:15:04
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\KUBA\LOCALS~1\Temp\kxtdypob.sys


---- System - GMER 1.0.15 ----

SSDT sptd.sys ZwCreateKey [0xF729D0D0]
SSDT sptd.sys ZwEnumerateKey [0xF72A2FB2]
SSDT sptd.sys ZwEnumerateValueKey [0xF72A3340]
SSDT sptd.sys ZwOpenKey [0xF729D0B0]
SSDT sptd.sys ZwQueryKey [0xF72A3418]
SSDT sptd.sys ZwQueryValueKey [0xF72A3298]
SSDT sptd.sys ZwSetValueKey [0xF72A34AA]

---- Kernel code sections - GMER 1.0.15 ----

? C:\WINDOWS\system32\drivers\sptd.sys Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
.sfreloc˙˙˙˙sfsync03unknown last section [0xF74D4000, 0xA20, 0x40000040] C:\WINDOWS\system32\drivers\sfsync03.sys unknown last section [0xF74D4000, 0xA20, 0x40000040]
.text USBPORT.SYS!DllUnload F6FFE62C 5 Bytes JMP 860B23A0
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF644B380, 0x346307, 0xE8000020]
? System32\Drivers\adyno73h.SYS Systém nemůže nalézt uvedenou cestu. !
pnidata C:\WINDOWS\System32\DRIVERS\secdrv.sys unknown last section [0xBAAB4F00, 0x24000, 0x48000000]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F729DAD4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F729DC1A] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F729DB9C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F729E748] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F729E61E] sptd.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\user32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\advapi32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 865681E8

AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )

Device \FileSystem\Udfs \UdfsCdRom 858691E8
Device \FileSystem\Udfs \UdfsDisk 858691E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{8331DD02-AC99-419C-A4EF-03B872E07D69} 858AD1E8
Device \Driver\usbohci \Device\USBPDO-0 860AF5A8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8656A1E8
Device \Driver\dmio \Device\DmControl\DmConfig 8656A1E8
Device \Driver\dmio \Device\DmControl\DmPnP 8656A1E8
Device \Driver\dmio \Device\DmControl\DmInfo 8656A1E8
Device \Driver\usbehci \Device\USBPDO-1 860A21E8
Device \Driver\PCI_NTPNP2450 \Device\00000053 sptd.sys
Device \Driver\prodrv06 \Device\ProDrv06 E167DA30
Device \Driver\Ftdisk \Device\HarddiskVolume1 865D81E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 865D81E8
Device \Driver\Cdrom \Device\CdRom0 8608E5D0
Device \Driver\Ftdisk \Device\HarddiskVolume3 865D81E8
Device \Driver\Cdrom \Device\CdRom1 8608E5D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 865D71E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 865D71E8
Device \Driver\atapi \Device\Ide\IdePort0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 865D71E8
Device \Driver\atapi \Device\Ide\IdePort1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\prohlp02 \Device\ProHlp02 E1574230
Device \Driver\USBSTOR \Device\00000090 857EB1E8
Device \Driver\USBSTOR \Device\00000090 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\NetBT \Device\NetBt_Wins_Export 858AD1E8
Device \Driver\nvata \Device\00000078 865691E8
Device \Driver\nvata \Device\00000078 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\nvata \Device\00000079 865691E8
Device \Driver\nvata \Device\00000079 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\NetBT \Device\NetbiosSmb 858AD1E8
Device \Driver\USBSTOR \Device\00000089 857EB1E8
Device \Driver\USBSTOR \Device\00000089 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\usbohci \Device\USBFDO-0 860AF5A8
Device \Driver\usbehci \Device\USBFDO-1 860A21E8
Device \Driver\nvata \Device\NvAta0 865691E8
Device \Driver\nvata \Device\NvAta0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 85835790
Device \Driver\nvata \Device\NvAta1 865691E8
Device \Driver\nvata \Device\NvAta1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\MRxSmb \Device\LanmanRedirector 85835790
Device \Driver\Ftdisk \Device\FtControl 865D81E8
Device \Driver\adyno73h \Device\Scsi\adyno73h1Port4Path0Target0Lun0 86144790
Device \Driver\adyno73h \Device\Scsi\adyno73h1Port4Path0Target0Lun0 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\adyno73h \Device\Scsi\adyno73h1 86144790
Device \Driver\adyno73h \Device\Scsi\adyno73h1 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\Cdfs \Cdfs 857C01E8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x24 0xB9 0x0F 0x4D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 D:\PLAY,RW,COPY\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x68 0xD6 0x2F 0x3E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x6B 0xDA 0x7E 0x3D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x24 0xB9 0x0F 0x4D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 D:\PLAY,RW,COPY\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x68 0xD6 0x2F 0x3E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x6B 0xDA 0x7E 0x3D ...

---- EOF - GMER 1.0.15 ----

[JaCub]

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-04-07 15:00:35
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\KUBA\LOCALS~1\Temp\kxtdypob.sys


---- System - GMER 1.0.15 ----

SSDT sptd.sys ZwEnumerateKey [0xF72A2FB2]
SSDT sptd.sys ZwEnumerateValueKey [0xF72A3340]

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 865681E8

AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )

---- EOF - GMER 1.0.15 ----
----------------------------------------------------------------------
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-07 15:15:04
Windows 5.1.2600 Service Pack 2
Running: gmer.exe; Driver: C:\DOCUME~1\KUBA\LOCALS~1\Temp\kxtdypob.sys


---- System - GMER 1.0.15 ----

SSDT sptd.sys ZwCreateKey [0xF729D0D0]
SSDT sptd.sys ZwEnumerateKey [0xF72A2FB2]
SSDT sptd.sys ZwEnumerateValueKey [0xF72A3340]
SSDT sptd.sys ZwOpenKey [0xF729D0B0]
SSDT sptd.sys ZwQueryKey [0xF72A3418]
SSDT sptd.sys ZwQueryValueKey [0xF72A3298]
SSDT sptd.sys ZwSetValueKey [0xF72A34AA]

---- Kernel code sections - GMER 1.0.15 ----

? C:\WINDOWS\system32\drivers\sptd.sys Proces nemá přístup k souboru, neboť jej právě využívá jiný proces.
.sfreloc˙˙˙˙sfsync03unknown last section [0xF74D4000, 0xA20, 0x40000040] C:\WINDOWS\system32\drivers\sfsync03.sys unknown last section [0xF74D4000, 0xA20, 0x40000040]
.text USBPORT.SYS!DllUnload F6FFE62C 5 Bytes JMP 860B23A0
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xF644B380, 0x346307, 0xE8000020]
? System32\Drivers\adyno73h.SYS Systém nemůže nalézt uvedenou cestu. !
pnidata C:\WINDOWS\System32\DRIVERS\secdrv.sys unknown last section [0xBAAB4F00, 0x24000, 0x48000000]

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F729DAD4] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F729DC1A] sptd.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F729DB9C] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F729E748] sptd.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F729E61E] sptd.sys

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\user32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\advapi32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\msvcrt.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\shell32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)
IAT C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe[2756] @ C:\WINDOWS\system32\CRYPT32.dll [KERNEL32.dll!CreateThread] [0042F858] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe (ashampoo UnInstaller Watcher/ashampoo GmbH & Co. KG)

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs 865681E8

AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )

Device \FileSystem\Udfs \UdfsCdRom 858691E8
Device \FileSystem\Udfs \UdfsDisk 858691E8
Device \Driver\NetBT \Device\NetBT_Tcpip_{8331DD02-AC99-419C-A4EF-03B872E07D69} 858AD1E8
Device \Driver\usbohci \Device\USBPDO-0 860AF5A8
Device \Driver\dmio \Device\DmControl\DmIoDaemon 8656A1E8
Device \Driver\dmio \Device\DmControl\DmConfig 8656A1E8
Device \Driver\dmio \Device\DmControl\DmPnP 8656A1E8
Device \Driver\dmio \Device\DmControl\DmInfo 8656A1E8
Device \Driver\usbehci \Device\USBPDO-1 860A21E8
Device \Driver\PCI_NTPNP2450 \Device\00000053 sptd.sys
Device \Driver\prodrv06 \Device\ProDrv06 E167DA30
Device \Driver\Ftdisk \Device\HarddiskVolume1 865D81E8
Device \Driver\Ftdisk \Device\HarddiskVolume2 865D81E8
Device \Driver\Cdrom \Device\CdRom0 8608E5D0
Device \Driver\Ftdisk \Device\HarddiskVolume3 865D81E8
Device \Driver\Cdrom \Device\CdRom1 8608E5D0
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 865D71E8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort0 865D71E8
Device \Driver\atapi \Device\Ide\IdePort0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\atapi \Device\Ide\IdePort1 865D71E8
Device \Driver\atapi \Device\Ide\IdePort1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\prohlp02 \Device\ProHlp02 E1574230
Device \Driver\USBSTOR \Device\00000090 857EB1E8
Device \Driver\USBSTOR \Device\00000090 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\NetBT \Device\NetBt_Wins_Export 858AD1E8
Device \Driver\nvata \Device\00000078 865691E8
Device \Driver\nvata \Device\00000078 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\nvata \Device\00000079 865691E8
Device \Driver\nvata \Device\00000079 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\NetBT \Device\NetbiosSmb 858AD1E8
Device \Driver\USBSTOR \Device\00000089 857EB1E8
Device \Driver\USBSTOR \Device\00000089 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\usbohci \Device\USBFDO-0 860AF5A8
Device \Driver\usbehci \Device\USBFDO-1 860A21E8
Device \Driver\nvata \Device\NvAta0 865691E8
Device \Driver\nvata \Device\NvAta0 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 85835790
Device \Driver\nvata \Device\NvAta1 865691E8
Device \Driver\nvata \Device\NvAta1 prosync1.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\MRxSmb \Device\LanmanRedirector 85835790
Device \Driver\Ftdisk \Device\FtControl 865D81E8
Device \Driver\adyno73h \Device\Scsi\adyno73h1Port4Path0Target0Lun0 86144790
Device \Driver\adyno73h \Device\Scsi\adyno73h1Port4Path0Target0Lun0 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \Driver\adyno73h \Device\Scsi\adyno73h1 86144790
Device \Driver\adyno73h \Device\Scsi\adyno73h1 sfsync03.sys (StarForce Protection Synchronization Driver/Protection Technology)
Device \FileSystem\Cdfs \Cdfs 857C01E8

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x24 0xB9 0x0F 0x4D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 D:\PLAY,RW,COPY\Alcohol 120\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x68 0xD6 0x2F 0x3E ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x6B 0xDA 0x7E 0x3D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0x24 0xB9 0x0F 0x4D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 D:\PLAY,RW,COPY\Alcohol 120\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x68 0xD6 0x2F 0x3E ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0x6B 0xDA 0x7E 0x3D ...

---- EOF - GMER 1.0.15 ----