Přikládám ještě LOG z RSIT:
Logfile of random's system information tool 1.08 (written by random/random)
Run by administrator at 2010-08-10 21:37:22
Microsoft(R) Windows(R) Server 2003, Standard Edition Service Pack 2
System drive C: has 4 GB (31%) free of 12 GB
Total RAM: 1023 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:37:31, on 10.8.2010
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\VMware\VMware Tools\vmacthlp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\bedbg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\Program Files\VMware\VMware Tools\VMwareService.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\TeamViewer\Version5\TeamViewer.exe
C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\beremote.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\VMware\VMware Tools\VMwareTray.exe
C:\Program Files\VMware\VMware Tools\VMwareUser.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Symantec\Backup Exec\RAWS\vxmon.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\SavUI.exe
C:\Program Files\Symantec\Symantec Endpoint Protection\DWHWizrd.exe
C:\Documents and Settings\Administrator.CEE\Desktop\RSIT.exe
C:\Program Files\trend micro\administrator.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/softAdmin.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/softAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft.com/fwlink/?LinkId=74005
O4 - HKLM\..\Run: [VMware Tools] C:\Program Files\VMware\VMware Tools\VMwareTray.exe
O4 - HKLM\..\Run: [VMware User Process] C:\Program Files\VMware\VMware Tools\VMwareUser.exe
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [VxBeMon] "C:\Program Files\Symantec\Backup Exec\RAWS\vxmon.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O15 - ESC Trusted Zone:
http://runonce.msn.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.microsoft.com/microso ... 0348253265
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microso ... 0348246906
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = cee.kingspan.net
O17 - HKLM\Software\..\Telephony: DomainName = cee.kingspan.net
O17 - HKLM\System\CCS\Services\Tcpip\..\{740F9941-51BC-4BF0-920A-ED07B1CDFA1B}: NameServer = 192.168.92.17,192.168.92.15
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = cee.kingspan.net
O17 - HKLM\System\CS1\Services\Tcpip\..\{740F9941-51BC-4BF0-920A-ED07B1CDFA1B}: NameServer = 192.168.92.17,192.168.92.15
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = cee.kingspan.net
O17 - HKLM\System\CS2\Services\Tcpip\..\{740F9941-51BC-4BF0-920A-ED07B1CDFA1B}: NameServer = 192.168.92.17,192.168.92.15
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Backup Exec Remote Agent for Windows Systems (BackupExecAgentAccelerator) - Symantec Corporation - C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\beremote.exe
O23 - Service: Backup Exec VSS Provider (BackupExecVSSProvider) - Symantec Corporation - C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\VSS Provider\bevssprovider.exe
O23 - Service: Backup Exec Error Recording Service (bedbg) - Symantec Corporation - C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\bedbg.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Backup Exec PureDisk Filesystem Service (PDVFSService) - Unknown owner - C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\PDVFSService.exe
O23 - Service: Symantec Management Client (SmcService) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
O23 - Service: Symantec Network Access Control (SNAC) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
O23 - Service: Symantec Endpoint Protection (Symantec AntiVirus) - Symantec Corporation - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: VMware Tools Service (VMTools) - VMware, Inc. - C:\Program Files\VMware\VMware Tools\VMwareService.exe
O23 - Service: VMware Physical Disk Helper Service - Unknown owner - C:\Program Files\VMware\VMware Tools\vmacthlp.exe
O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
--
End of file - 7004 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VMware Tools"=C:\Program Files\VMware\VMware Tools\VMwareTray.exe [2008-08-13 100912]
"VMware User Process"=C:\Program Files\VMware\VMware Tools\VMwareUser.exe [2008-08-13 350768]
"WinVNC"=C:\Program Files\UltraVNC\WinVNC.exe [2006-06-18 712704]
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2009-07-23 115560]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2007-02-17 15360]
"VxBeMon"=C:\Program Files\Symantec\Backup Exec\RAWS\vxmon.exe [2009-12-01 1351496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
C:\WINDOWS\system32\crypt32.dll [2007-02-17 595456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
C:\WINDOWS\system32\cryptnet.dll [2007-02-17 62464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
C:\WINDOWS\system32\cscdll.dll [2007-02-17 101888]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
C:\WINDOWS\system32\dimsntfy.dll [2007-02-17 19456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
C:\WINDOWS\system32\wlnotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
C:\WINDOWS\system32\wlnotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
C:\WINDOWS\system32\sclgntfy.dll [2005-11-30 19968]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
C:\WINDOWS\system32\WlNotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
C:\WINDOWS\system32\wlnotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
C:\WINDOWS\system32\wlnotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll [2010-07-27 8361984]
CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll [2010-07-27 8361984]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll [2009-03-08 236544]
SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll [2007-02-17 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll [2007-02-17 1033216]
Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll [2007-02-17 1033216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=C:\WINDOWS\system32\shell32.dll [2010-07-27 8361984]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=RASSFM
KDCSVC
WDIGEST
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccEvtMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ccSetMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmadmin]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmboot.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmload.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmserver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ip6fw.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NtLmSsp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpcdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpwd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SmcService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Symantec Antvirus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdpipe.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdtcp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\termservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WZCSVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"disablecad"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=0
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ShowSuperHidden"=1
"HonorAutoRunSetting"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\beremote.exe"="C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\beremote.exe:*:Enabled:Backup Exec Remote Agent for Windows Systems"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\beremote.exe"="C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\beremote.exe:*:Enabled:Backup Exec Remote Agent for Windows Systems"
======List of files/folders created in the last 1 months======
2010-08-10 21:37:22 ----D---- C:\rsit
2010-08-10 21:37:22 ----D---- C:\Program Files\trend micro
2010-08-10 20:11:33 ----D---- C:\Program Files\CCleaner
2010-08-10 08:35:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-08-10 08:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-08-10 08:34:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979907$
2010-08-10 08:33:34 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-08-10 08:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-08-10 08:25:54 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-08-10 08:25:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-08-10 08:24:42 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-08-10 08:24:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$
2010-08-10 08:23:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978695$
2010-08-10 08:22:27 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-07-27 08:25:36 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-13 11:26:48 ----D---- C:\Documents and Settings\Administrator.CEE\Application Data\TeamViewer
2010-07-13 11:26:42 ----D---- C:\Program Files\TeamViewer
======List of files/folders modified in the last 1 months======
2010-08-10 21:37:22 ----RD---- C:\Program Files
2010-08-10 21:35:29 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-10 21:35:18 ----D---- C:\WINDOWS\Temp
2010-08-10 20:14:24 ----D---- C:\WINDOWS\Debug
2010-08-10 20:14:24 ----D---- C:\WINDOWS
2010-08-10 17:14:21 ----D---- C:\WINDOWS\security
2010-08-10 08:41:33 ----D---- C:\WINDOWS\system32
2010-08-10 08:41:33 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-08-10 08:37:13 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-10 08:35:47 ----D---- C:\WINDOWS\inf
2010-08-10 08:35:16 ----D---- C:\Program Files\Outlook Express
2010-08-10 08:33:57 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-10 08:30:05 ----SHD---- C:\Config.Msi
2010-08-10 08:21:33 ----D---- C:\Program Files\Internet Explorer
2010-08-10 08:21:20 ----D---- C:\WINDOWS\ie8updates
2010-07-26 02:13:25 ----SHD---- C:\System Volume Information
2010-07-23 19:31:14 ----D---- C:\INSTALL
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ACPI;Microsoft ACPI Driver; C:\WINDOWS\system32\DRIVERS\ACPI.sys [2007-02-17 194048]
R0 agp440;Intel AGP Bus Filter; C:\WINDOWS\system32\DRIVERS\agp440.sys [2007-02-17 44032]
R0 atapi;Standard IDE/ESDI Hard Disk Controller; C:\WINDOWS\system32\DRIVERS\atapi.sys [2007-02-17 96768]
R0 Compbatt;Microsoft Composite Battery Driver; C:\WINDOWS\system32\DRIVERS\compbatt.sys [2007-02-17 10624]
R0 crcdisk;CRC Disk Filter Driver; C:\WINDOWS\system32\DRIVERS\crcdisk.sys [2007-02-17 17920]
R0 DfsDriver;DfsDriver; C:\WINDOWS\system32\drivers\Dfs.sys [2007-02-17 34816]
R0 Disk;Disk Driver; C:\WINDOWS\system32\DRIVERS\disk.sys [2007-02-17 39936]
R0 dmio;Logical Disk Manager Driver; C:\WINDOWS\System32\drivers\dmio.sys [2007-02-17 150528]
R0 dmload;dmload; C:\WINDOWS\System32\drivers\dmload.sys [2005-11-30 7680]
R0 FltMgr;FltMgr; C:\WINDOWS\system32\drivers\fltmgr.sys [2007-02-17 130560]
R0 Ftdisk;Volume Manager Driver; C:\WINDOWS\system32\DRIVERS\ftdisk.sys [2007-02-17 137216]
R0 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2007-02-17 7680]
R0 isapnp;PnP ISA/EISA Bus Driver; C:\WINDOWS\system32\DRIVERS\isapnp.sys [2007-02-17 38912]
R0 KSecDD;KSecDD; C:\WINDOWS\system32\drivers\KSecDD.sys [2009-06-15 134656]
R0 MountMgr;Mount Point Manager; C:\WINDOWS\system32\drivers\MountMgr.sys [2007-02-17 46592]
R0 Mup;Mup; C:\WINDOWS\system32\drivers\Mup.sys [2007-02-17 103424]
R0 NDIS;NDIS System Driver; C:\WINDOWS\system32\drivers\NDIS.sys [2007-02-17 210432]
R0 PartMgr;Partition Manager; C:\WINDOWS\system32\drivers\PartMgr.sys [2007-02-17 25088]
R0 PCI;PCI Bus Driver; C:\WINDOWS\system32\DRIVERS\pci.sys [2007-02-17 74752]
R0 symmpi;symmpi; C:\WINDOWS\system32\DRIVERS\symmpi.sys [2005-11-30 49664]
R0 VolSnap;Storage volumes; C:\WINDOWS\system32\DRIVERS\volsnap.sys [2007-02-17 153600]
R1 AFD;AFD; C:\WINDOWS\System32\drivers\afd.sys [2008-08-14 150528]
R1 Beep;Beep; C:\WINDOWS\system32\drivers\Beep.sys [2005-11-30 6144]
R1 Cdrom;CD-ROM Driver; C:\WINDOWS\system32\DRIVERS\cdrom.sys [2007-02-17 52224]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 Fips;Fips; C:\WINDOWS\system32\drivers\Fips.sys [2007-02-17 45568]
R1 i8042prt;i8042 Keyboard and PS/2 Mouse Port Driver; C:\WINDOWS\system32\DRIVERS\i8042prt.sys [2007-02-17 55808]
R1 IPSec;IPSEC driver; C:\WINDOWS\system32\DRIVERS\ipsec.sys [2007-02-17 82432]
R1 Kbdclass;Keyboard Class Driver; C:\WINDOWS\system32\DRIVERS\kbdclass.sys [2007-02-17 25600]
R1 mnmdd;mnmdd; C:\WINDOWS\system32\drivers\mnmdd.sys [2005-11-30 6144]
R1 Mouclass;Mouse Class Driver; C:\WINDOWS\system32\DRIVERS\mouclass.sys [2003-03-24 23040]
R1 MRxSmb;MRXSMB; C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [2010-02-24 438784]
R1 Msfs;Msfs; C:\WINDOWS\system32\drivers\Msfs.sys [2007-02-17 21504]
R1 NetBIOS;NetBIOS Interface; C:\WINDOWS\system32\DRIVERS\netbios.sys [2007-02-17 34816]
R1 NetBT;NetBios over Tcpip; C:\WINDOWS\system32\DRIVERS\netbt.sys [2007-02-17 180224]
R1 Npfs;Npfs; C:\WINDOWS\system32\drivers\Npfs.sys [2007-02-17 32256]
R1 Null;Null; C:\WINDOWS\system32\drivers\Null.sys [2005-11-30 4608]
R1 PDVFSDriver;PDVFSDriver; C:\WINDOWS\system32\drivers\pdfsd.sys [2009-10-16 56416]
R1 RasAcd;Remote Access Auto Connection Driver; C:\WINDOWS\system32\DRIVERS\rasacd.sys [2005-11-30 10752]
R1 Rdbss;Rdbss; C:\WINDOWS\system32\DRIVERS\rdbss.sys [2010-02-24 177664]
R1 RDPCDD;RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [2005-11-30 6144]
R1 redbook;Digital CD Audio Playback Filter Driver; C:\WINDOWS\system32\DRIVERS\redbook.sys [2007-02-17 60928]
R1 Serial;Serial port driver; C:\WINDOWS\system32\DRIVERS\serial.sys [2007-02-17 65536]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2009-07-23 280112]
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2009-07-23 43824]
R1 Tcpip;TCP/IP Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip.sys [2009-08-15 393216]
R1 TermDD;Terminal Device Driver; C:\WINDOWS\system32\DRIVERS\termdd.sys [2007-02-17 41608]
R1 VgaSave;VGA Display Controller.; C:\WINDOWS\System32\drivers\vga.sys [2007-02-17 23552]
R2 LGTO_Sync;Sync Driver; \??\C:\WINDOWS\system32\Drivers\lgtosync.sys []
R2 Parvdm;Parvdm; C:\WINDOWS\system32\DRIVERS\parvdm.sys [2005-11-30 8704]
R2 VMMEMCTL;VMware server memory controller; \??\C:\Program Files\VMware\VMware Tools\Drivers\memctl\vmmemctl.sys []
R2 vnccom;vnccom; C:\WINDOWS\System32\Drivers\vnccom.SYS [2004-06-26 6016]
R2 WGX;Extend WG Protocol Driver; C:\WINDOWS\System32\Drivers\WGX.SYS [2009-07-23 38056]
R3 audstub;Audio Stub Driver; C:\WINDOWS\system32\DRIVERS\audstub.sys [2003-03-25 5120]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2007-02-17 14080]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 Fdc;Floppy Disk Controller Driver; C:\WINDOWS\system32\DRIVERS\fdc.sys [2007-02-17 24576]
R3 Flpydisk;Floppy Disk Driver; C:\WINDOWS\system32\DRIVERS\flpydisk.sys [2005-11-30 18432]
R3 Gpc;Generic Packet Classifier; C:\WINDOWS\system32\DRIVERS\msgpc.sys [2007-02-17 39424]
R3 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2007-02-17 36864]
R3 mssmbios;Microsoft System Management BIOS Driver; C:\WINDOWS\system32\DRIVERS\mssmbios.sys [2007-02-17 19968]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100810.002\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20100810.002\NAVEX15.SYS []
R3 NdisTapi;Remote Access NDIS TAPI Driver; C:\WINDOWS\system32\DRIVERS\ndistapi.sys [2007-02-17 12288]
R3 Ndisuio;NDIS Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\ndisuio.sys [2007-02-17 16384]
R3 NdisWan;Remote Access NDIS WAN Driver; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2007-02-17 89600]
R3 NDProxy;NDIS Proxy; C:\WINDOWS\system32\drivers\NDProxy.sys [2007-02-17 40960]
R3 Parport;Parallel port driver; C:\WINDOWS\system32\DRIVERS\parport.sys [2007-02-17 81408]
R3 PptpMiniport;WAN Miniport (PPTP); C:\WINDOWS\system32\DRIVERS\raspptp.sys [2007-02-17 59904]
R3 Ptilink;Direct Parallel Link Driver; C:\WINDOWS\system32\DRIVERS\ptilink.sys [2007-02-17 20480]
R3 Rasl2tp;WAN Miniport (L2TP); C:\WINDOWS\system32\DRIVERS\rasl2tp.sys [2007-02-17 65536]
R3 RasPppoe;Remote Access PPPOE Driver; C:\WINDOWS\system32\DRIVERS\raspppoe.sys [2007-02-17 40960]
R3 Raspti;Direct Parallel; C:\WINDOWS\system32\DRIVERS\raspti.sys [2007-02-17 19968]
R3 rdpdr;Terminal Server Device Redirector Driver; C:\WINDOWS\system32\DRIVERS\rdpdr.sys [2007-02-17 200192]
R3 RDPWD;RDPWD; C:\WINDOWS\system32\drivers\RDPWD.sys [2007-02-17 152200]
R3 serenum;Serenum Filter Driver; C:\WINDOWS\system32\DRIVERS\serenum.sys [2007-02-17 17920]
R3 Srv;Srv; C:\WINDOWS\system32\DRIVERS\srv.sys [2009-12-10 376832]
R3 swenum;Software Bus Driver; C:\WINDOWS\system32\DRIVERS\swenum.sys [2007-02-17 4736]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 TDTCP;TDTCP; C:\WINDOWS\system32\drivers\TDTCP.sys [2007-02-17 24200]
R3 Update;Microcode Update Driver; C:\WINDOWS\system32\DRIVERS\update.sys [2007-05-28 365056]
R3 VirtFile;VirtFile; C:\WINDOWS\system32\DRIVERS\VirtFile.sys [2009-11-24 67376]
R3 vmmouse;VMware Pointing Device; C:\WINDOWS\system32\DRIVERS\vmmouse.sys [2008-08-13 11696]
R3 vmx_svga;vmx_svga; C:\WINDOWS\system32\DRIVERS\vmx_svga.sys [2008-08-13 63024]
R3 vmxnet;VMware Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmxnet.sys [2008-08-13 36016]
R3 vncdrv;vncdrv; C:\WINDOWS\system32\DRIVERS\vncdrv.sys [2004-06-26 4736]
R3 Wanarp;Remote Access IP ARP Driver; C:\WINDOWS\system32\DRIVERS\wanarp.sys [2007-02-17 36352]
R4 Cdfs;Cdfs; C:\WINDOWS\system32\drivers\Cdfs.sys [2007-02-17 65536]
R4 Fastfat;Fastfat; C:\WINDOWS\system32\drivers\Fastfat.sys [2007-02-17 151040]
R4 Ntfs;Ntfs; C:\WINDOWS\system32\drivers\Ntfs.sys [2007-02-17 589824]
S1 Changer;Changer; C:\WINDOWS\system32\drivers\Changer.sys []
S1 i2omgmt;i2omgmt; C:\WINDOWS\system32\drivers\i2omgmt.sys []
S1 imapi;CD-Burning Filter Driver; C:\WINDOWS\system32\DRIVERS\imapi.sys [2007-02-17 43520]
S1 Sfloppy;Sfloppy; C:\WINDOWS\system32\drivers\Sfloppy.sys [2005-11-30 12288]
S3 AsyncMac;RAS Asynchronous Media Driver; C:\WINDOWS\system32\DRIVERS\asyncmac.sys [2005-11-30 16384]
S3 Atmarpc;ATM ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\atmarpc.sys [2007-02-17 59392]
S3 HTTP;HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [2009-10-20 292864]
S3 Ip6Fw;IPv6 Windows Firewall Driver; C:\WINDOWS\system32\drivers\ip6fw.sys [2007-02-17 36352]
S3 IpFilterDriver;IP Traffic Filter Driver; C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [2007-02-17 32768]
S3 IpInIp;IP in IP Tunnel Driver; C:\WINDOWS\system32\DRIVERS\ipinip.sys []
S3 IpNat;IP Network Address Translator; C:\WINDOWS\system32\DRIVERS\ipnat.sys [2007-02-17 119296]
S3 IRENUM;IR Enumerator Service; C:\WINDOWS\system32\DRIVERS\irenum.sys [2007-02-17 12800]
S3 Modem;Modem; C:\WINDOWS\system32\drivers\Modem.sys [2007-02-17 31232]
S3 MRxDAV;WebDav Client Redirector; C:\WINDOWS\system32\DRIVERS\mrxdav.sys [2007-12-17 188928]
S3 PCnet;AMD PCNET Compatable Adapter Driver; C:\WINDOWS\system32\DRIVERS\pcntpci5.sys [2003-03-24 35328]
S3 PDCOMP;PDCOMP; C:\WINDOWS\system32\drivers\PDCOMP.sys []
S3 PDFRAME;PDFRAME; C:\WINDOWS\system32\drivers\PDFRAME.sys []
S3 PDRELI;PDRELI; C:\WINDOWS\system32\drivers\PDRELI.sys []
S3 PDRFRAME;PDRFRAME; C:\WINDOWS\system32\drivers\PDRFRAME.sys []
S3 Secdrv;Secdrv; C:\WINDOWS\system32\DRIVERS\secdrv.sys [2007-11-13 20480]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2009-07-23 319920]
S3 TDPIPE;TDPIPE; C:\WINDOWS\system32\drivers\TDPIPE.sys [2007-02-17 12936]
S3 vga;vga; C:\WINDOWS\system32\DRIVERS\vgapnp.sys [2007-02-17 24064]
S3 WDICA;WDICA; C:\WINDOWS\system32\drivers\WDICA.sys []
S3 WLBS;Network Load Balancing; C:\WINDOWS\system32\DRIVERS\wlbs.sys [2007-02-17 169984]
S4 Abiosdsk;Abiosdsk; C:\WINDOWS\system32\drivers\Abiosdsk.sys []
S4 ACPIEC;ACPIEC; C:\WINDOWS\system32\drivers\ACPIEC.sys [2005-11-30 12800]
S4 adpu160m;adpu160m; C:\WINDOWS\system32\drivers\adpu160m.sys []
S4 adpu320;adpu320; C:\WINDOWS\system32\drivers\adpu320.sys []
S4 afcnt;afcnt; C:\WINDOWS\system32\drivers\afcnt.sys []
S4 aic78u2;aic78u2; C:\WINDOWS\system32\drivers\aic78u2.sys []
S4 aic78xx;aic78xx; C:\WINDOWS\system32\drivers\aic78xx.sys []
S4 AliIde;AliIde; C:\WINDOWS\system32\drivers\AliIde.sys []
S4 AmdIde;AmdIde; C:\WINDOWS\system32\drivers\AmdIde.sys [2007-02-17 7680]
S4 arc;arc; C:\WINDOWS\system32\drivers\arc.sys [2007-02-17 43520]
S4 Atdisk;Atdisk; C:\WINDOWS\system32\drivers\Atdisk.sys []
S4 cbidf2k;cbidf2k; C:\WINDOWS\system32\drivers\cbidf2k.sys [2005-11-30 15360]
S4 cd20xrnt;cd20xrnt; C:\WINDOWS\system32\drivers\cd20xrnt.sys []
S4 ClusDisk;Cluster Disk Driver; C:\WINDOWS\system32\DRIVERS\ClusDisk.sys [2007-02-17 69120]
S4 CmdIde;CmdIde; C:\WINDOWS\system32\drivers\CmdIde.sys []
S4 Cpqarray;Cpqarray; C:\WINDOWS\system32\drivers\Cpqarray.sys []
S4 cpqarry2;cpqarry2; C:\WINDOWS\system32\drivers\cpqarry2.sys []
S4 cpqcissm;cpqcissm; C:\WINDOWS\system32\drivers\cpqcissm.sys []
S4 cpqfcalm;cpqfcalm; C:\WINDOWS\system32\drivers\cpqfcalm.sys []
S4 dac2w2k;dac2w2k; C:\WINDOWS\system32\drivers\dac2w2k.sys []
S4 dac960nt;dac960nt; C:\WINDOWS\system32\drivers\dac960nt.sys []
S4 dellcerc;dellcerc; C:\WINDOWS\system32\drivers\dellcerc.sys []
S4 dmboot;dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [2007-02-17 268288]
S4 dpti2o;dpti2o; C:\WINDOWS\system32\drivers\dpti2o.sys []
S4 elxstor;elxstor; C:\WINDOWS\system32\drivers\elxstor.sys []
S4 hpcisss;hpcisss; C:\WINDOWS\system32\drivers\hpcisss.sys [2007-02-17 23552]
S4 hpn;hpn; C:\WINDOWS\system32\drivers\hpn.sys []
S4 hpt3xx;hpt3xx; C:\WINDOWS\system32\drivers\hpt3xx.sys []
S4 i2omp;i2omp; C:\WINDOWS\system32\drivers\i2omp.sys []
S4 iirsp;iirsp; C:\WINDOWS\system32\drivers\iirsp.sys []
S4 ipsraidn;ipsraidn; C:\WINDOWS\system32\drivers\ipsraidn.sys []
S4 lp6nds35;lp6nds35; C:\WINDOWS\system32\drivers\lp6nds35.sys []
S4 mraid35x;mraid35x; C:\WINDOWS\system32\drivers\mraid35x.sys []
S4 nfrd960;nfrd960; C:\WINDOWS\system32\drivers\nfrd960.sys []
S4 PCIIde;PCIIde; C:\WINDOWS\system32\drivers\PCIIde.sys []
S4 Pcmcia;Pcmcia; C:\WINDOWS\system32\drivers\Pcmcia.sys [2007-02-17 121856]
S4 PDVFSNP;PDVFSNetworkProvider; C:\WINDOWS\system32\drivers\PDVFSNP.sys []
S4 perc2;perc2; C:\WINDOWS\system32\drivers\perc2.sys []
S4 perc2hib;perc2hib; C:\WINDOWS\system32\drivers\perc2hib.sys []
S4 ql1080;ql1080; C:\WINDOWS\system32\drivers\ql1080.sys []
S4 Ql10wnt;Ql10wnt; C:\WINDOWS\system32\drivers\Ql10wnt.sys []
S4 ql12160;ql12160; C:\WINDOWS\system32\drivers\ql12160.sys []
S4 ql1240;ql1240; C:\WINDOWS\system32\drivers\ql1240.sys []
S4 ql1280;ql1280; C:\WINDOWS\system32\drivers\ql1280.sys []
S4 ql2100;ql2100; C:\WINDOWS\system32\drivers\ql2100.sys []
S4 ql2200;ql2200; C:\WINDOWS\system32\drivers\ql2200.sys []
S4 ql2300;ql2300; C:\WINDOWS\system32\drivers\ql2300.sys []
S4 Simbad;Simbad; C:\WINDOWS\system32\drivers\Simbad.sys []
S4 sym_hi;sym_hi; C:\WINDOWS\system32\drivers\sym_hi.sys []
S4 sym_u3;sym_u3; C:\WINDOWS\system32\drivers\sym_u3.sys []
S4 symc810;symc810; C:\WINDOWS\system32\drivers\symc810.sys []
S4 symc8xx;symc8xx; C:\WINDOWS\system32\drivers\symc8xx.sys []
S4 TosIde;TosIde; C:\WINDOWS\system32\drivers\TosIde.sys []
S4 Udfs;Udfs; C:\WINDOWS\system32\drivers\Udfs.sys [2007-02-17 67584]
S4 ultra;ultra; C:\WINDOWS\system32\drivers\ultra.sys []
S4 ViaIde;ViaIde; C:\WINDOWS\system32\drivers\ViaIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AeLookupSvc;Application Experience Lookup Service; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 Alerter;Alerter; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 AudioSrv;Windows Audio; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 BackupExecAgentAccelerator;Backup Exec Remote Agent for Windows Systems; C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\beremote.exe [2009-12-03 1213256]
R2 bedbg;Backup Exec Error Recording Service; C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\bedbg.exe [2009-11-25 201032]
R2 Browser;Computer Browser; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2009-07-23 108392]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2009-07-23 108392]
R2 CryptSvc;Cryptographic Services; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 DcomLaunch;DCOM Server Process Launcher; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 Dhcp;DHCP Client; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 dmserver;Logical Disk Manager; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 Dnscache;DNS Client; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 ERSvc;Error Reporting Service; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 Eventlog;Event Log; C:\WINDOWS\system32\services.exe [2009-02-03 113152]
R2 EventSystem;COM+ Event System; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 helpsvc;Help and Support; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 lanmanserver;Server; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 lanmanworkstation;Workstation; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 LmHosts;TCP/IP NetBIOS Helper; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 MSDTC;Distributed Transaction Coordinator; C:\WINDOWS\system32\msdtc.exe [2008-07-23 6144]
R2 MSSQL$PMP;SQL Server (PMP); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-09-06 29180768]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 Netlogon;Net Logon; C:\WINDOWS\system32\lsass.exe [2005-11-30 13312]
R2 PlugPlay;Plug and Play; C:\WINDOWS\system32\services.exe [2009-02-03 113152]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 PolicyAgent;IPSEC Services; C:\WINDOWS\system32\lsass.exe [2005-11-30 13312]
R2 ProtectedStorage;Protected Storage; C:\WINDOWS\system32\lsass.exe [2005-11-30 13312]
R2 RemoteRegistry;Remote Registry; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 RpcSs;Remote Procedure Call (RPC); C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 SamSs;Security Accounts Manager; C:\WINDOWS\system32\lsass.exe [2005-11-30 13312]
R2 seclogon;Secondary Logon; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 SENS;System Event Notification; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 ShellHWDetection;Shell Hardware Detection; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 Schedule;Task Scheduler; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 SmcService;Symantec Management Client; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [2009-07-23 1803592]
R2 Spooler;Print Spooler; C:\WINDOWS\system32\spoolsv.exe [2007-02-17 57856]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 Symantec AntiVirus;Symantec Endpoint Protection; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [2009-07-23 2440632]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-07-06 173352]
R2 TrkWks;Distributed Link Tracking Client; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 VMTools;VMware Tools Service; C:\Program Files\VMware\VMware Tools\VMwareService.exe [2008-08-13 264752]
R2 VMware Physical Disk Helper Service;VMware Physical Disk Helper Service; C:\Program Files\VMware\VMware Tools\vmacthlp.exe [2008-08-13 178736]
R2 W32Time;Windows Time; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 winmgmt;Windows Management Instrumentation; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 winvnc;VNC Server; C:\Program Files\UltraVNC\WinVNC.exe [2006-06-18 712704]
R2 wuauserv;Automatic Updates; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 WZCSVC;Wireless Configuration; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R3 Netman;Network Connections; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R3 Nla;Network Location Awareness (NLA); C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R3 RasMan;Remote Access Connection Manager; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R3 TapiSrv;Telephony; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R3 TermService;Terminal Services; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S2 SysmonLog;Performance Logs and Alerts; C:\WINDOWS\system32\smlogsvc.exe [2007-02-17 96256]
S3 ALG;Application Layer Gateway Service; C:\WINDOWS\System32\alg.exe [2007-02-17 45056]
S3 AppMgmt;Application Management; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 BackupExecVSSProvider;Backup Exec VSS Provider; C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\VSS Provider\bevssprovider.exe [2009-12-01 113992]
S3 BITS;Background Intelligent Transfer Service; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 COMSysApp;COM+ System Application; C:\WINDOWS\system32\dllhost.exe [2007-02-17 5632]
S3 Dfs;Distributed File System; C:\WINDOWS\system32\Dfssvc.exe [2007-02-17 164864]
S3 dmadmin;Logical Disk Manager Administrative Service; C:\WINDOWS\System32\dmadmin.exe [2007-02-17 234496]
S3 HTTPFilter;HTTP SSL; C:\WINDOWS\System32\lsass.exe [2005-11-30 13312]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2009-03-20 3093880]
S3 MSIServer;Windows Installer; C:\WINDOWS\system32\msiexec.exe [2007-02-17 78848]
S3 NtFrs;File Replication; C:\WINDOWS\system32\ntfrs.exe [2007-02-17 792064]
S3 NtLmSsp;NT LM Security Support Provider; C:\WINDOWS\system32\lsass.exe [2005-11-30 13312]
S3 NtmsSvc;Removable Storage; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 PDVFSService;Backup Exec PureDisk Filesystem Service; C:\Program Files\SYMANTEC\BACKUP EXEC\RAWS\PDVFSService.exe [2009-12-02 185688]
S3 RasAuto;Remote Access Auto Connection Manager; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 RDSessMgr;Remote Desktop Help Session Manager; C:\WINDOWS\system32\sessmgr.exe [2007-02-17 124928]
S3 RpcLocator;Remote Procedure Call (RPC) Locator; C:\WINDOWS\system32\locator.exe [2005-11-30 71680]
S3 RSoPProv;Resultant Set of Policy Provider; C:\WINDOWS\system32\RSoPProv.exe [2007-02-17 67072]
S3 sacsvr;Special Administration Console Helper; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 SCardSvr;Smart Card; C:\WINDOWS\System32\SCardSvr.exe [2007-02-17 90112]
S3 SNAC;Symantec Network Access Control; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [2009-07-23 320840]
S3 swprv;Microsoft Software Shadow Copy Provider; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2007-02-17 39424]
S3 UPS;Uninterruptible Power Supply; C:\WINDOWS\System32\ups.exe [2005-11-30 16896]
S3 vds;Virtual Disk Service; C:\WINDOWS\System32\vds.exe [2007-02-17 352768]
S3 VSS;Volume Shadow Copy; C:\WINDOWS\System32\vssvc.exe [2007-02-17 836096]
S3 WinHttpAutoProxySvc;WinHTTP Web Proxy Auto-Discovery Service; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 WmdmPmSN;Portable Media Serial Number Service; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 Wmi;Windows Management Instrumentation Driver Extensions; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 WmiApSrv;WMI Performance Adapter; C:\WINDOWS\system32\wbem\wmiapsrv.exe [2007-02-17 127488]
S3 xmlprov;Network Provisioning Service; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S4 CiSvc;Indexing Service; C:\WINDOWS\system32\cisvc.exe [2007-02-17 6656]
S4 ClipSrv;ClipBook; C:\WINDOWS\system32\clipsrv.exe [2005-11-30 32256]
S4 HidServ;Human Interface Device Access; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S4 ImapiService;IMAPI CD-Burning COM Service; C:\WINDOWS\system32\imapi.exe [2007-02-17 157184]
S4 IsmServ;Intersite Messaging; C:\WINDOWS\System32\ismserv.exe [2007-02-17 40448]
S4 kdc;Kerberos Key Distribution Center; C:\WINDOWS\System32\lsass.exe [2005-11-30 13312]
S4 LicenseService;License Logging; C:\WINDOWS\System32\llssrv.exe [2007-02-17 94720]
S4 Messenger;Messenger; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 mnmsrvc;NetMeeting Remote Desktop Sharing; C:\WINDOWS\system32\mnmsrvc.exe [2007-02-17 32768]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 NetDDE;Network DDE; C:\WINDOWS\system32\netdde.exe [2007-02-17 110080]
S4 NetDDEdsdm;Network DDE DSDM; C:\WINDOWS\system32\netdde.exe [2007-02-17 110080]
S4 RemoteAccess;Routing and Remote Access; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 SharedAccess;Windows Firewall/Internet Connection Sharing (ICS); C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 stisvc;Windows Image Acquisition (WIA); C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 Themes;Themes; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S4 TlntSvr;Telnet; C:\WINDOWS\system32\tlntsvr.exe [2007-02-17 75776]
S4 TrkSvr;Distributed Link Tracking Server; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 Tssdis;Terminal Services Session Directory; C:\WINDOWS\System32\tssdis.exe [2007-02-17 71168]
S4 WebClient;WebClient; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
-----------------EOF-----------------
Firemni ci jakou 
Omlouvam se za mou ostrou reakci, ale uz je to tu opravdu cim dal castejsi...