Pekne odpoledne. Mam problem se svojim pracovnim notebookem. Instaloval jsem par freeware behem poslednich dvou tydnu a jsem si jist ze nejaky byl infikovany. Objevila se u mne dneska modra obrazovka, a vse se zacalo chovat od te doby divne. Prosim o kontrolu.
Logfile of random's system information tool 1.09 (written by random/random)
Run by c_danhel_t at 2012-12-13 14:44:47
Microsoft Windows 7 Enterprise
System drive C: has 201 GB (84%) free of 238 GB
Total RAM: 1958 MB (20% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:45:09, on 13/12/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16450)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\taskhost.exe
C:\WINDOWS\system32\Dwm.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Microsoft Office Communicator\communicator.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\SAP\SapSetup\setup\Updater\NwSapSetupUserNotificationTool.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\SppClient.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\RescueTime\RescueTime.exe
C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files\Password Safe\pwsafe.exe
C:\Program Files\Toggl\TogglDesktop\TogglDesktop.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Toggl\TogglDesktop\TogglDesktop.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod\7.9_0\plugin\ClickClean.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\c_danhel_t\Downloads\RSIT.exe
C:\Program Files\trend micro\c_danhel_t.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vitalo2/Pages/Default.aspx
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://vitalo2/Pages/Default.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by O2 Ireland. Dublin Privileged User
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.26.11.47:80
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 172.*;192.*;*.digifone.com;bsap*;https://ient*;http://ient*;http://intra-dub2;http://lim_intranet;http://remprod;http://dubwrk1918*;http://remote.o2.ie;remote.o2.ie;http://ieo2*;https://epsc.*;http://epsc.*;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: LsiBrowserHook Class - {2E5E4BAC-FEC7-4DD6-AFAF-F4139B1B9FB6} - C:\Program Files\SysTrack\LsiAgent\Utilities\browserHook.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome\Application\24.0.1312.40\npchrome_frame.dll
O4 - HKLM\..\Run: [Communicator] "C:\Program Files\Microsoft Office Communicator\communicator.exe" /fromrunkey
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SAP_WUS_UNT] "C:\Program Files\SAP\SAPsetup\setup\Updater\NwSapSetupUserNotificationTool.exe"
O4 - HKLM\..\Run: [Specops Password Client] C:\WINDOWS\system32\SppClient.exe
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_07EE1F5935B7CF4FB43B4A3E926B0260] "C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: EvernoteClipper.lnk = C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
O4 - Startup: Password Safe.lnk = C:\Program Files\Password Safe\pwsafe.exe
O4 - Startup: TogglDesktop.lnk = C:\Program Files\Toggl\TogglDesktop\TogglDesktop.exe
O4 - Global Startup: RescueTime.lnk = C:\Program Files\RescueTime\RescueTime.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ie.pri.o2.com
O17 - HKLM\Software\..\Telephony: DomainName = ie.pri.o2.com
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ie.pri.o2.com
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ie.pri.o2.com
O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome\Application\24.0.1312.40\npchrome_frame.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: lsihok32.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\WINDOWS\system32\Hpservice.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Engine Service (McAfeeEngineService) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\WINDOWS\system32\mfevtps.exe
O23 - Service: SAPSetup Automatic Workstation Update Service (NWSAPAutoWorkstationUpdateSvc) - SAP AG - C:\Program Files\SAP\SAPsetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe
O23 - Service: @%SystemRoot%\system32\stlang.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: Cisco AnyConnect VPN Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files\Cisco\Anyconnect VPN Client_2.2.0140\vpnagent.exe
--
End of file - 14785 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1957994488-725345543-500141Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-854245398-1957994488-725345543-500141UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E5E4BAC-FEC7-4DD6-AFAF-F4139B1B9FB6}]
LsiBrowserHook Class - C:\Program Files\SysTrack\LsiAgent\Utilities\browserHook.dll [2012-06-19 105312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-25 449512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan Enterprise\scriptsn.dll [2010-01-06 67120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-25 155384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7}]
ChromeFrame BHO - C:\Program Files\Google\Chrome\Application\24.0.1312.40\npchrome_frame.dll [2012-12-12 1886824]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Communicator"=C:\Program Files\Microsoft Office Communicator\communicator.exe [2009-06-29 5071200]
"ShStatEXE"=C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE [2010-01-06 124240]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2011-05-27 1138783]
"QLBController"=C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-05-13 318520]
"NUSB3MON"=C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2011-04-05 143384]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2011-04-05 176664]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2011-04-05 178200]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-04-18 2209064]
"SAP_WUS_UNT"=C:\Program Files\SAP\SAPsetup\setup\Updater\NwSapSetupUserNotificationTool.exe [2009-06-17 212992]
"Specops Password Client"=C:\WINDOWS\system32\SppClient.exe [2011-06-17 865880]
"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2011-06-08 333120]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]
"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
"SwitchBoard"=C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS6ServiceManager"=C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_07EE1F5935B7CF4FB43B4A3E926B0260"=C:\Users\c_danhel_t\AppData\Local\Google\Chrome\Application\chrome.exe [2012-12-05 1242728]
"AdobeBridge"= []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04 446392]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\c_danhel_t\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-12 116648]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2011-03-25 840992]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^c_danhel_t^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Trillian.lnk]
C:\PROGRA~1\Trillian\trillian.exe [2012-07-26 2380752]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
RescueTime.lnk - C:\Program Files\RescueTime\RescueTime.exe
C:\Users\c_danhel_t\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
EvernoteClipper.lnk - C:\Program Files\Evernote\Evernote\EvernoteClipper.exe
Password Safe.lnk - C:\Program Files\Password Safe\pwsafe.exe
TogglDesktop.lnk - C:\Program Files\Toggl\TogglDesktop\TogglDesktop.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="lsihok32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2011-03-26 288768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\McAfeeEngineService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=1
"shutdownwithoutlogon"=0
"undockwithoutlogon"=1
"dontdisplaylockeduserid"=1
"legalnoticecaption"=Warning
"legalnoticetext"=Warning - You have accessed a computer operated by O2 .To use this computer you require written authorisation from O2 and are strictly limited in your system usage as documented in the employee handbook. Unauthorised access or misuse of this system is forbidden and will constitute an offence under the Criminal Damage Act 1991.Please be aware all e-mail and internet usage is monitored as outlined in the employee handbook.If you are not sure you are authorised to use this computer log out immediately.
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
"NoStartMenuMyGames"=1
"ForceRunOnStartMenu"=1
"NoUserFolderInStartMenu"=1
"DontSetAutoplayCheckbox"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux3"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux4"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux5"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux6"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux7"=wdmaud.drv
======File associations======
.js - edit - "C:\Program Files\Macromedia\Dreamweaver 8\dreamweaver.exe" "%1"
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2012-12-13 14:44:48 ----D---- C:\Program Files\trend micro
2012-12-13 14:44:47 ----D---- C:\rsit
2012-12-13 09:16:38 ----A---- C:\WINDOWS\system32\WindowsAccessBridge.dll
2012-12-13 09:16:38 ----A---- C:\WINDOWS\system32\javaw.exe
2012-12-13 09:16:38 ----A---- C:\WINDOWS\system32\java.exe
2012-12-13 08:58:02 ----D---- C:\ProgramData\Freemake
2012-12-11 11:09:48 ----D---- C:\Users\c_danhel_t\AppData\Roaming\Downloaded Installations
2012-12-04 08:35:52 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2012-11-30 09:19:15 ----D---- C:\Users\c_danhel_t\AppData\Roaming\Pavtube
2012-11-30 09:13:08 ----D---- C:\Users\c_danhel_t\AppData\Roaming\uTorrent
2012-11-29 09:00:01 ----D---- C:\Users\c_danhel_t\AppData\Roaming\Publish Providers
2012-11-29 08:55:21 ----D---- C:\ProgramData\Sony
2012-11-29 08:55:21 ----D---- C:\Program Files\Sony
2012-11-29 08:53:58 ----D---- C:\Users\c_danhel_t\AppData\Roaming\Sony
2012-11-27 10:15:13 ----D---- C:\Users\c_danhel_t\AppData\Roaming\ASAP Utilities
2012-11-27 10:15:13 ----D---- C:\Program Files\ASAP Utilities
2012-11-22 17:36:49 ----D---- C:\Program Files\Toggl
2012-11-22 16:26:10 ----D---- C:\Program Files\RescueTime
2012-11-21 13:31:07 ----AH---- C:\WINDOWS\system32\mlfcache.dat
2012-11-20 08:47:11 ----D---- C:\Users\c_danhel_t\AppData\Roaming\Opera
2012-11-20 08:46:55 ----D---- C:\Program Files\Opera
2012-11-19 10:18:50 ----D---- C:\ProgramData\BeGraphic
2012-11-19 10:18:43 ----D---- C:\Users\c_danhel_t\AppData\Roaming\BeGraphic
2012-11-19 10:18:43 ----A---- C:\Users\c_danhel_t\AppData\Roaming\RegFree.ini
2012-11-19 10:17:49 ----D---- C:\Program Files\BeGraphic
2012-11-14 16:31:43 ----D---- C:\Users\c_danhel_t\AppData\Roaming\TuneUp Software
2012-11-14 16:29:33 ----D---- C:\ProgramData\TuneUp Software
2012-11-14 16:29:17 ----SHD---- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2012-11-14 16:29:15 ----HD---- C:\ProgramData\Common Files
======List of files/folders modified in the last 1 month======
2012-12-13 14:45:01 ----D---- C:\WINDOWS\Prefetch
2012-12-13 14:44:48 ----RD---- C:\Program Files
2012-12-13 14:44:33 ----D---- C:\WINDOWS\Temp
2012-12-13 14:42:54 ----D---- C:\WINDOWS\Minidump
2012-12-13 14:42:54 ----D---- C:\WINDOWS\inf
2012-12-13 14:42:54 ----D---- C:\Windows
2012-12-13 14:41:33 ----A---- C:\WINDOWS\SMSCFG.INI
2012-12-13 14:40:04 ----D---- C:\WINDOWS\system32\config
2012-12-13 14:36:53 ----D---- C:\WINDOWS\system32\CCM
2012-12-13 14:30:54 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2012-12-13 11:57:31 ----D---- C:\WINDOWS\System32
2012-12-13 11:57:31 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2012-12-13 11:16:05 ----D---- C:\WINDOWS\LiveKernelReports
2012-12-13 09:18:04 ----SHD---- C:\WINDOWS\Installer
2012-12-13 09:16:37 ----D---- C:\Program Files\Java
2012-12-13 09:14:33 ----SHD---- C:\System Volume Information
2012-12-13 08:58:02 ----HD---- C:\ProgramData
2012-12-12 08:42:05 ----D---- C:\Program Files\Adobe
2012-12-12 08:41:15 ----RSD---- C:\WINDOWS\Fonts
2012-12-12 08:41:07 ----D---- C:\Program Files\Common Files\Adobe
2012-12-12 08:39:25 ----D---- C:\Users\c_danhel_t\AppData\Roaming\Adobe
2012-12-12 08:39:25 ----D---- C:\ProgramData\Adobe
2012-12-12 08:31:12 ----D---- C:\Temporary
2012-12-04 08:38:40 ----D---- C:\WINDOWS\system32\drivers
2012-12-04 08:31:02 ----D---- C:\WINDOWS\system32\Tasks
2012-12-04 08:29:48 ----D---- C:\Program Files\Trillian
2012-12-04 08:25:20 ----D---- C:\WINDOWS\panther
2012-12-04 08:25:20 ----D---- C:\WINDOWS\Logs
2012-12-04 08:25:20 ----D---- C:\WINDOWS\debug
2012-12-03 17:35:17 ----D---- C:\Users\c_danhel_t\AppData\Roaming\Mozilla
2012-12-03 08:51:14 ----D---- C:\WINDOWS\winsxs
2012-12-03 08:51:02 ----D---- C:\Program Files\DVD Maker
2012-12-03 08:42:17 ----SD---- C:\Users\c_danhel_t\AppData\Roaming\Microsoft
2012-11-30 15:21:42 ----SD---- C:\ProgramData\Microsoft
2012-11-30 08:30:52 ----D---- C:\WINDOWS\system32\NDF
2012-11-26 14:30:12 ----D---- C:\Program Files\MSECache
2012-11-23 08:19:17 ----D---- C:\WINDOWS\system32\catroot2
2012-11-21 13:29:24 ----D---- C:\Users\c_danhel_t\AppData\Roaming\Apple Computer
2012-11-19 10:58:44 ----D---- C:\WINDOWS\Microsoft.NET
2012-11-19 10:57:48 ----RSD---- C:\WINDOWS\assembly
2012-11-19 10:06:46 ----D---- C:\Program Files\Common Files\microsoft shared
2012-11-14 16:33:31 ----D---- C:\Program Files\Windows Sidebar
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\WINDOWS\system32\DRIVERS\hpdskflt.sys [2008-04-07 25448]
R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2010-01-06 343920]
R0 rdyboost;ReadyBoost; C:\WINDOWS\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\WINDOWS\system32\drivers\csc.sys [2009-07-13 387584]
R1 mfetdik;McAfee Inc. mfetdik; C:\WINDOWS\system32\drivers\mfetdik.sys [2010-01-06 64208]
R1 vwififlt;Virtual WiFi Filter Driver; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
R2 Parvdm;Parvdm; C:\WINDOWS\system32\DRIVERS\parvdm.sys [2009-07-13 8704]
R3 Accelerometer;HP Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [2008-04-07 34664]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\WINDOWS\system32\DRIVERS\e1c6232.sys [2010-12-21 238760]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\WINDOWS\system32\DRIVERS\HpqKbFiltr.sys [2011-05-13 21560]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd32.sys [2011-03-26 10542080]
R3 IntcDAud;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2010-10-15 269824]
R3 JMCR;JMCR; C:\WINDOWS\system32\DRIVERS\jmcr.sys [2011-03-08 144984]
R3 johci;JMicron 1394 Filter Driver; C:\WINDOWS\system32\DRIVERS\johci.sys [2011-02-09 23640]
R3 MEI;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\HECI.sys [2010-10-19 41088]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2010-01-06 75704]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2010-01-06 91832]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2010-01-06 43288]
R3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit; C:\WINDOWS\system32\DRIVERS\NETwNs32.sys [2011-01-04 7435264]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\WINDOWS\system32\DRIVERS\nusb3hub.sys [2010-12-10 62336]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\WINDOWS\system32\DRIVERS\nusb3xhc.sys [2010-12-10 141440]
R3 prepdrvr;SMS Process Event Driver; \??\C:\WINDOWS\system32\CCM\prepdrv.sys [2009-09-18 20848]
R3 RDPDR;Terminal Server Device Redirector Driver; C:\WINDOWS\System32\drivers\rdpdr.sys [2009-07-14 133120]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [2011-04-07 1784192]
R3 STHDA;@%SystemRoot%\system32\stlang.dll,-10301; C:\WINDOWS\system32\DRIVERS\stwrt.sys [2011-05-27 441856]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2011-04-18 1329072]
R3 TPM;TPM; C:\WINDOWS\system32\drivers\tpm.sys [2009-07-13 30720]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]
S3 aic78xx;aic78xx; C:\WINDOWS\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\WINDOWS\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\WINDOWS\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BthEnum;Bluetooth Request Block Driver; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2009-07-13 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2009-07-13 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2009-07-13 392704]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2009-07-13 58880]
S3 BTWAMPFL;btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [2011-03-25 302120]
S3 btwaudio;Bluetooth Audio Device Service; C:\WINDOWS\system32\drivers\btwaudio.sys [2011-03-25 93224]
S3 btwavdt;Bluetooth AVDT Service; C:\WINDOWS\system32\DRIVERS\btwavdt.sys [2011-03-25 114728]
S3 btwl2cap;Bluetooth L2CAP Service; C:\WINDOWS\system32\DRIVERS\btwl2cap.sys [2011-03-25 33832]
S3 btwrchid;btwrchid; C:\WINDOWS\system32\DRIVERS\btwrchid.sys [2011-03-25 18728]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\WINDOWS\system32\DRIVERS\E1G60I32.sys [2009-07-13 118784]
S3 HBtnKey;HBtnKey; C:\WINDOWS\system32\DRIVERS\cpqbttn.sys [2009-04-20 9344]
S3 HECI;Intel(R) Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2010-10-19 41088]
S3 iaStor;iaStor; C:\WINDOWS\system32\DRIVERS\iaStor.sys [2009-06-05 330264]
S3 Impcd;Impcd; C:\WINDOWS\system32\DRIVERS\Impcd.sys [2010-01-07 132352]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys [2012-12-13 40776]
S3 mferkdet;McAfee Inc. mferkdet; C:\WINDOWS\system32\drivers\mferkdet.sys [2010-01-06 66600]
S3 pciide;pciide; C:\WINDOWS\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2009-07-13 129536]
S3 rimmptsk;rimmptsk; C:\WINDOWS\system32\DRIVERS\rimmptsk.sys [2008-06-24 47104]
S3 s3cap;s3cap; C:\WINDOWS\system32\DRIVERS\vms3cap.sys [2009-07-13 5632]
S3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2009-07-13 84992]
S3 sisagp;SIS AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\WINDOWS\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2012-07-09 44032]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\WINDOWS\system32\DRIVERS\viac7.sys [2009-07-13 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\WINDOWS\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\WINDOWS\system32\DRIVERS\VMBusHID.sys [2009-07-13 17920]
S3 vpnva;Cisco AnyConnect VPN Virtual Miniport Adapter for Windows; C:\WINDOWS\system32\DRIVERS\vpnva.sys [2008-08-21 20152]
S3 wacommousefilter;Wacom Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\wacommousefilter.sys [2007-02-16 11312]
S3 wacomvhid;Wacom Virtual Hid Driver; C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2009-09-21 14120]
S3 WacomVTHid;Virtual Touch Driver; C:\WINDOWS\system32\DRIVERS\WacomVTHid.sys [2009-07-09 13480]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-03-25 660768]
R2 CcmExec;SMS Agent Host; C:\WINDOWS\system32\CCM\CcmExec.exe [2009-09-18 764768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2009-07-14 20992]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-05-13 317496]
R2 hpsrv;HP Service; C:\WINDOWS\system32\Hpservice.exe [2008-04-07 24936]
R2 McAfeeEngineService;McAfee Engine Service; C:\Program Files\McAfee\VirusScan Enterprise\engineserver.exe [2010-01-06 22816]
R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2011-06-08 132416]
R2 McShield;McAfee McShield; C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe [2010-01-06 147472]
R2 McTaskManager;McAfee Task Manager; C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe [2010-01-06 66896]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\WINDOWS\system32\mfevtps.exe [2010-01-06 70728]
R2 NWSAPAutoWorkstationUpdateSvc;SAPSetup Automatic Workstation Update Service; C:\Program Files\SAP\SAPsetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe [2009-06-17 253952]
R2 STacSV;@%SystemRoot%\system32\stlang.dll,-10101; C:\Program Files\IDT\WDM\STacSV.exe [2011-05-27 282709]
R2 vpnagent;Cisco AnyConnect VPN Agent; C:\Program Files\Cisco\Anyconnect VPN Client_2.2.0140\vpnagent.exe [2008-08-21 370872]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\WINDOWS\System32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-17 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-13 250808]
S3 AppMgmt;@appmgmts.dll,-3250; C:\WINDOWS\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-10-17 116648]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 821648]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\WINDOWS\System32\svchost.exe [2009-07-14 20992]
S3 smstsmgr;SMS Task Sequence Agent; C:\WINDOWS\system32\CCM\TSManager.exe [2009-09-18 246624]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2009-07-14 20992]
S3 SwitchBoard;Adobe SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetMsmqActivator;@C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vim ze tam nekde neco je.
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Vim ze tam nekde neco je.
Zdravim 
Podle pravidel fora se zde pracovnimi pc nezabyvame. http://forum.viry.cz/viewtopic.php?f=12&t=5601
Pak je tu jeste tato moznost https://obchod.viry.cz/index.php?kat=111
Podle pravidel fora se zde pracovnimi pc nezabyvame. http://forum.viry.cz/viewtopic.php?f=12&t=5601
6. Fórum viry.cz se nezabývá odvirováním firemních PC - na toto jsou ve firmách placení (a někdy až hodně nadstandardně) IT technici, případně si je firma může najmou. My jsme tu zdarma a ve svém volném čase, nehodláme dělat práci za někoho jiného, kdo si pak jen slízne smetánku a plat. Taktéž ani neposkytujeme poradenství v oblasti zabezpečení firemních sítí či nastavení firemních sítí. Zkrátka a jednoduše, naše fórum poskytuje podporu domácím uživatelům.
Pak je tu jeste tato moznost https://obchod.viry.cz/index.php?kat=111
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?