zasekané a zpomalené pc, prosím o kontrolu logu díky
Napsal: 17 led 2012 20:09
Logfile of random's system information tool 1.09 (written by random/random)
Run by Jose Madeira at 2012-01-17 20:02:09
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 52 GB (67%) free of 78 GB
Total RAM: 1023 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:02:16, on 17.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Keyboard Driver\OEMDriver.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Jose Madeira\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jose Madeira\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jose Madeira\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jose Madeira\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jose Madeira\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Jose Madeira.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [KBDriver] C:\Program Files\Keyboard Driver\OEMDriver.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jose Madeira\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9253538484
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
--
End of file - 4973 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-117609710-861567501-1547161642-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-117609710-861567501-1547161642-1004UA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Jose Madeira\Data aplikací\Mozilla\Firefox\Profiles\cadm9p2p.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.14"
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat
C:\Program Files\Mozilla Firefox\plugins\
npnul32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"KBDriver"=C:\Program Files\Keyboard Driver\OEMDriver.exe [2004-08-25 151552]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Google Update"=C:\Documents and Settings\Jose Madeira\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-01-09 136176]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=253
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
======List of files/folders created in the last 1 month======
2012-01-17 20:02:10 ----D---- C:\Program Files\trend micro
2012-01-17 20:02:09 ----D---- C:\rsit
2012-01-17 01:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-17 01:12:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-17 01:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-17 01:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-17 01:10:14 ----A---- C:\WINDOWS\imsins.BAK
2012-01-17 01:10:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-09 20:53:19 ----D---- C:\Documents and Settings\Jose Madeira\Data aplikací\Macromedia
2012-01-09 20:53:18 ----D---- C:\Documents and Settings\Jose Madeira\Data aplikací\Adobe
2012-01-09 19:30:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2012-01-09 19:30:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2012-01-09 19:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2012-01-09 19:30:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2012-01-09 19:30:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2012-01-09 19:29:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2012-01-09 19:29:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2012-01-09 19:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2012-01-09 19:26:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2012-01-09 19:26:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2012-01-09 19:26:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2012-01-09 19:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2012-01-09 19:25:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2012-01-09 19:25:09 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2012-01-09 19:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2012-01-09 19:22:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2012-01-09 19:22:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2012-01-09 19:22:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2012-01-09 19:22:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2012-01-09 19:22:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2012-01-09 19:21:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2012-01-09 19:21:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2012-01-09 19:21:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2012-01-09 19:21:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2012-01-09 19:21:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2012-01-09 19:21:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2012-01-09 19:21:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2012-01-09 19:20:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2012-01-09 19:20:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2012-01-09 17:29:30 ----D---- C:\Program Files\MSXML 4.0
2012-01-09 17:29:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
======List of files/folders modified in the last 1 month======
2012-01-17 20:02:10 ----RD---- C:\Program Files
2012-01-17 17:19:32 ----SD---- C:\WINDOWS\Tasks
2012-01-17 17:16:05 ----D---- C:\WINDOWS\Temp
2012-01-17 17:15:19 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-17 15:58:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-17 12:25:47 ----D---- C:\WINDOWS
2012-01-17 12:25:16 ----D---- C:\WINDOWS\system32
2012-01-17 01:12:17 ----HD---- C:\WINDOWS\inf
2012-01-17 01:12:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-17 01:10:54 ----D---- C:\WINDOWS\Debug
2012-01-17 01:10:52 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-17 01:10:19 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-16 20:53:30 ----D---- C:\Program Files\Mozilla Firefox
2012-01-16 20:52:23 ----D---- C:\WINDOWS\Minidump
2012-01-10 20:58:54 ----D---- C:\WINDOWS\Prefetch
2012-01-10 20:34:45 ----D---- C:\ARCHIV - INSTALACE
2012-01-09 20:16:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-01-09 19:33:21 ----D---- C:\Program Files\Microsoft Security Client
2012-01-09 19:30:04 ----D---- C:\WINDOWS\system32\drivers
2012-01-09 19:29:58 ----SHD---- C:\WINDOWS\Installer
2012-01-09 19:29:57 ----D---- C:\WINDOWS\WinSxS
2012-01-09 19:29:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-01-09 19:26:04 ----D---- C:\Program Files\Internet Explorer
2011-12-22 21:23:38 ----A---- C:\WINDOWS\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKslf3fb4553;MpKslf3fb4553; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E9DCCE70-2BBD-4B2B-9E1C-39C59800B4F7}\MpKslf3fb4553.sys []
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2006-03-02 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2006-03-02 55936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2008-04-14 606556]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 MpKsl80f00809;MpKsl80f00809; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{585B2793-B696-4EA5-9795-D61FB3181327}\MpKsl80f00809.sys []
S1 MpKsld01b9159;MpKsld01b9159; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{585B2793-B696-4EA5-9795-D61FB3181327}\MpKsld01b9159.sys []
S1 MpKsleee95390;MpKsleee95390; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{585B2793-B696-4EA5-9795-D61FB3181327}\MpKsleee95390.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
-----------------EOF-----------------
Run by Jose Madeira at 2012-01-17 20:02:09
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 52 GB (67%) free of 78 GB
Total RAM: 1023 MB (47% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:02:16, on 17.1.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Keyboard Driver\OEMDriver.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Jose Madeira\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jose Madeira\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jose Madeira\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jose Madeira\Local Settings\Data aplikací\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Jose Madeira\Dokumenty\Downloads\RSIT.exe
C:\Program Files\trend micro\Jose Madeira.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [KBDriver] C:\Program Files\Keyboard Driver\OEMDriver.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Jose Madeira\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user')
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 9253538484
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
--
End of file - 4973 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-117609710-861567501-1547161642-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-117609710-861567501-1547161642-1004UA.job
C:\WINDOWS\tasks\MP Scheduled Scan.job
=========Mozilla firefox=========
ProfilePath - C:\Documents and Settings\Jose Madeira\Data aplikací\Mozilla\Firefox\Profiles\cadm9p2p.default
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz"
prefs.js - "extensions.enabledItems" - "{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.14"
C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
compreg.dat
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js
xpti.dat
C:\Program Files\Mozilla Firefox\plugins\
npnul32.dll
C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\WINDOWS\SOUNDMAN.EXE [2006-11-17 577536]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 997920]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"KBDriver"=C:\Program Files\Keyboard Driver\OEMDriver.exe [2004-08-25 151552]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"Google Update"=C:\Documents and Settings\Jose Madeira\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe [2012-01-09 136176]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=253
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
======List of files/folders created in the last 1 month======
2012-01-17 20:02:10 ----D---- C:\Program Files\trend micro
2012-01-17 20:02:09 ----D---- C:\rsit
2012-01-17 01:12:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-17 01:12:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-17 01:10:33 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-17 01:10:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$
2012-01-17 01:10:14 ----A---- C:\WINDOWS\imsins.BAK
2012-01-17 01:10:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-09 20:53:19 ----D---- C:\Documents and Settings\Jose Madeira\Data aplikací\Macromedia
2012-01-09 20:53:18 ----D---- C:\Documents and Settings\Jose Madeira\Data aplikací\Adobe
2012-01-09 19:30:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$
2012-01-09 19:30:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2567680$
2012-01-09 19:30:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$
2012-01-09 19:30:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$
2012-01-09 19:30:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$
2012-01-09 19:29:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2639417$
2012-01-09 19:29:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$
2012-01-09 19:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$
2012-01-09 19:26:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$
2012-01-09 19:26:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2012-01-09 19:26:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690$
2012-01-09 19:26:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$
2012-01-09 19:25:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$
2012-01-09 19:25:09 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2012-01-09 19:24:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2570222$
2012-01-09 19:22:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2012-01-09 19:22:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2412687$
2012-01-09 19:22:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$
2012-01-09 19:22:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2507618$
2012-01-09 19:22:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$
2012-01-09 19:21:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$
2012-01-09 19:21:49 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$
2012-01-09 19:21:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2633952$
2012-01-09 19:21:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$
2012-01-09 19:21:29 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$
2012-01-09 19:21:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$
2012-01-09 19:21:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2012-01-09 19:20:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$
2012-01-09 19:20:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$
2012-01-09 17:29:30 ----D---- C:\Program Files\MSXML 4.0
2012-01-09 17:29:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$
======List of files/folders modified in the last 1 month======
2012-01-17 20:02:10 ----RD---- C:\Program Files
2012-01-17 17:19:32 ----SD---- C:\WINDOWS\Tasks
2012-01-17 17:16:05 ----D---- C:\WINDOWS\Temp
2012-01-17 17:15:19 ----D---- C:\WINDOWS\system32\CatRoot2
2012-01-17 15:58:12 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-01-17 12:25:47 ----D---- C:\WINDOWS
2012-01-17 12:25:16 ----D---- C:\WINDOWS\system32
2012-01-17 01:12:17 ----HD---- C:\WINDOWS\inf
2012-01-17 01:12:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-01-17 01:10:54 ----D---- C:\WINDOWS\Debug
2012-01-17 01:10:52 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-17 01:10:19 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-16 20:53:30 ----D---- C:\Program Files\Mozilla Firefox
2012-01-16 20:52:23 ----D---- C:\WINDOWS\Minidump
2012-01-10 20:58:54 ----D---- C:\WINDOWS\Prefetch
2012-01-10 20:34:45 ----D---- C:\ARCHIV - INSTALACE
2012-01-09 20:16:16 ----SD---- C:\Documents and Settings\All Users\Data aplikací\Microsoft
2012-01-09 19:33:21 ----D---- C:\Program Files\Microsoft Security Client
2012-01-09 19:30:04 ----D---- C:\WINDOWS\system32\drivers
2012-01-09 19:29:58 ----SHD---- C:\WINDOWS\Installer
2012-01-09 19:29:57 ----D---- C:\WINDOWS\WinSxS
2012-01-09 19:29:55 ----D---- C:\Program Files\Common Files\Microsoft Shared
2012-01-09 19:26:04 ----D---- C:\Program Files\Internet Explorer
2011-12-22 21:23:38 ----A---- C:\WINDOWS\NeroDigital.ini
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2008-04-14 42368]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2011-04-18 165648]
R1 MpKslf3fb4553;MpKslf3fb4553; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{E9DCCE70-2BBD-4B2B-9E1C-39C59800B4F7}\MpKslf3fb4553.sys []
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-13 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2006-03-02 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2006-03-02 55936]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2007-03-08 4027840]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 ltmodem5;LT Modem Driver; C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys [2008-04-14 606556]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-04-13 1897408]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2008-04-13 20992]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S1 MpKsl80f00809;MpKsl80f00809; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{585B2793-B696-4EA5-9795-D61FB3181327}\MpKsl80f00809.sys []
S1 MpKsld01b9159;MpKsld01b9159; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{585B2793-B696-4EA5-9795-D61FB3181327}\MpKsld01b9159.sys []
S1 MpKsleee95390;MpKsleee95390; \??\c:\Documents and Settings\All Users\Data aplikací\Microsoft\Microsoft Antimalware\Definition Updates\{585B2793-B696-4EA5-9795-D61FB3181327}\MpKsleee95390.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 usbaudio;Ovladač zvukové karty USB (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 11736]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-04-13 792112]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-05-16 271920]
-----------------EOF-----------------