Prosím o kontrolu logu, podezření na zavirovaný PC
Napsal: 27 srp 2010 09:23
Dobrý den, prosím o kontrolu logu. Mám podezření na W32.downadup.
Logfile of random's system information tool 1.08 (written by random/random)
Run by viktorh at 2010-08-27 09:47:52
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 11 GB (15%) free of 71 GB
Total RAM: 3326 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:47:59, on 27.8.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\PSM Watcher\psm_watcher.exe
C:\Program Files\PopTray\PopTray.exe
C:\Program Files\Svátky a narozeniny\SaN.exe
C:\Program Files\WD\WD Anywhere Backup\MemeoBackup.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\r2 Studios\Tonic\Tonic.exe
C:\Users\viktorh\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\NOTEPAD.EXE
D:\Program install\Antiviry\RSIT.exe
C:\Program Files\trend micro\viktorh.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tvd-server2/default.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.1.150;192.168.1.151;192.168.1.152;192.168.1.153;192.168.1.154;192.168.1.155;192.168.1.156;192.168.1.157;192.168.1.5:9080;192.168.1.5:10080;192.168.1.5:11080;192.168.1.196;192.168.1.139;192.168.1.157;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Tonic] "C:\Program Files\r2 Studios\Tonic\Tonic.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [WD Anywhere Backup] C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe --silent
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [googletalk] C:\Users\viktorh\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
O4 - Startup: Svátky a narozeniny.lnk = ?
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: PSM Watcher.lnk = C:\Program Files\PSM Watcher\psm_watcher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
O16 - DPF: {A8449522-F7C6-11D4-8022-0060082AE372} (XceedBinaryEncoding ActiveX) - https://portal.vzp.cz/http://u-por2e.op ... eedBen.dll
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://portal.vzp.cz/http://u-por2e.op ... apicom.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://192.168.1.154/activex/AMC.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = tvdslav.local
O17 - HKLM\Software\..\Telephony: DomainName = tvdslav.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{15ED0787-2B8E-4C0C-8C64-3E6B88753107}: NameServer = 192.168.1.2
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = tvdslav.local
O17 - HKLM\System\CS1\Services\Tcpip\..\{15ED0787-2B8E-4C0C-8C64-3E6B88753107}: NameServer = 192.168.1.2
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = tvdslav.local
O17 - HKLM\System\CS2\Services\Tcpip\..\{15ED0787-2B8E-4C0C-8C64-3E6B88753107}: NameServer = 192.168.1.2
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll,avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Evidence počítačů - Agent (ALCEpRemoteAgent) - ALC - C:\Program Files\Ep\Bin\agsvc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID.EXE
O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI6506.tmp
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
--
End of file - 11158 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
C:\Windows\tasks\User_Feed_Synchronization-{0F52DBDE-AF33-4590-B8F1-D8F858EE23FC}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{259F616C-A300-44F5-B04A-ED001A26C85C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-08-25 1619296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-17 6111232]
"Tonic"=C:\Program Files\r2 Studios\Tonic\Tonic.exe [2006-09-04 840192]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-03-27 36352]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-08-25 2065760]
"WD Anywhere Backup"=C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe [2008-11-07 197856]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2006-10-23 620152]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"googletalk"=C:\Users\viktorh\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-11-17 171464]
"OEXPRESS"= []
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-07-02 671608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ6\ICQ.exe silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1029-0000-7760-000000000003}\_SC_Acrobat.exe
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
PSM Watcher.lnk - C:\Program Files\PSM Watcher\psm_watcher.exe
C:\Users\viktorh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
PopTray.lnk - C:\Program Files\PopTray\PopTray.exe
Svátky a narozeniny.lnk - C:\Program Files\Svátky a narozeniny\SaN.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\avgrsstx.dll,avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=255
"DontSetAutoplayCheckbox"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2010-08-27 09:47:52 ----D---- C:\rsit
2010-08-27 09:47:52 ----D---- C:\Program Files\trend micro
2010-08-26 13:00:01 ----A---- C:\Windows\system32\0350D.tmp
2010-08-26 10:11:49 ----D---- C:\Program Files\W32detect
2010-08-25 12:00:06 ----A---- C:\Windows\system32\0A566.tmp
2010-08-25 08:50:17 ----A---- C:\Windows\system32\avgrsstx.dll
2010-08-25 08:31:36 ----A---- C:\Windows\system32\drivers\avgfwd6x.sys
2010-08-25 07:10:42 ----D---- C:\Users\viktorh\AppData\Roaming\Malwarebytes
2010-08-25 07:10:39 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-08-25 07:10:38 ----D---- C:\ProgramData\Malwarebytes
2010-08-25 07:10:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-25 07:10:38 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-08-24 10:06:42 ----D---- C:\Users\viktorh\AppData\Roaming\BitDefender Deployment Tool
2010-08-24 10:06:15 ----D---- C:\Program Files\BitDefender
2010-08-24 10:05:50 ----D---- C:\Program Files\Common Files\BitDefender
2010-08-24 07:10:46 ----D---- C:\Program Files\Fedmich
2010-08-20 10:23:18 ----SHD---- C:\$RECYCLE.BIN
2010-08-20 10:23:17 ----D---- C:\Windows\temp
2010-08-20 10:23:16 ----A---- C:\ComboFix.txt
2010-08-20 10:12:53 ----A---- C:\Windows\zip.exe
2010-08-20 10:12:53 ----A---- C:\Windows\SWSC.exe
2010-08-20 10:12:53 ----A---- C:\Windows\SWREG.exe
2010-08-20 10:12:53 ----A---- C:\Windows\sed.exe
2010-08-20 10:12:53 ----A---- C:\Windows\PEV.exe
2010-08-20 10:12:53 ----A---- C:\Windows\NIRCMD.exe
2010-08-20 10:12:53 ----A---- C:\Windows\MBR.exe
2010-08-20 10:12:53 ----A---- C:\Windows\grep.exe
2010-08-20 10:12:45 ----D---- C:\Windows\ERDNT
2010-08-20 10:11:25 ----D---- C:\ComboFix
2010-08-20 10:11:09 ----D---- C:\Qoobox
2010-08-20 10:10:53 ----A---- C:\Windows\SWXCACLS.exe
2010-08-19 11:27:11 ----D---- C:\wwwroot
2010-08-19 11:23:19 ----A---- C:\Windows\system32\jit.dll
2010-08-19 11:23:19 ----A---- C:\Windows\system32\javaee.dll
2010-08-19 11:23:19 ----A---- C:\Windows\system32\dx3j.dll
2010-08-19 11:23:19 ----A---- C:\Windows\setdebug.exe
2010-08-19 11:23:17 ----D---- C:\Windows\Java
2010-08-19 11:23:16 ----A---- C:\Windows\system32\wjview.exe
2010-08-19 11:23:16 ----A---- C:\Windows\system32\vmhelper.dll
2010-08-19 11:23:16 ----A---- C:\Windows\system32\msjdbc10.dll
2010-08-19 11:23:16 ----A---- C:\Windows\system32\msjava.dll
2010-08-19 11:23:16 ----A---- C:\Windows\system32\msawt.dll
2010-08-19 11:23:16 ----A---- C:\Windows\system32\jview.exe
2010-08-19 11:23:16 ----A---- C:\Windows\system32\jdbgmgr.exe
2010-08-19 11:23:16 ----A---- C:\Windows\system32\javart.dll
2010-08-19 11:23:16 ----A---- C:\Windows\system32\javaprxy.dll
2010-08-19 11:23:16 ----A---- C:\Windows\system32\javacypt.dll
2010-08-19 11:23:15 ----A---- C:\Windows\system32\clspack.exe
2010-08-19 08:14:25 ----D---- C:\Program Files\Common Files\Business Objects
2010-08-19 08:14:25 ----D---- C:\Program Files\Business Objects
2010-08-19 08:11:39 ----A---- C:\Windows\system32\WINSKFR.DLL
2010-08-19 08:11:39 ----A---- C:\Windows\system32\VB6STKIT.DLL
2010-08-19 08:11:39 ----A---- C:\Windows\system32\VB5DB.DLL
2010-08-19 08:11:39 ----A---- C:\Windows\system32\tishare8.dll
2010-08-19 08:11:39 ----A---- C:\Windows\system32\tibase6.dll
2010-08-19 08:11:39 ----A---- C:\Windows\system32\ssr2c.dll
2010-08-19 08:11:39 ----A---- C:\Windows\system32\ssprn32.dll
2010-08-19 08:11:39 ----A---- C:\Windows\system32\ssmedt32.dll
2010-08-19 08:11:39 ----A---- C:\Windows\system32\SSCSDK80.DLL
2010-08-19 08:11:39 ----A---- C:\Windows\system32\PG32CONV.DLL
2010-08-19 08:11:38 ----A---- C:\Windows\system32\PEGRP32C.DLL
2010-08-19 08:11:38 ----A---- C:\Windows\system32\p3smnfr.dll
2010-08-19 08:11:38 ----A---- C:\Windows\system32\p2sodbc.dll
2010-08-19 08:11:38 ----A---- C:\Windows\system32\P2smon.dll
2010-08-19 08:11:38 ----A---- C:\Windows\system32\msjro.dll
2010-08-19 08:10:58 ----A---- C:\Windows\system32\MSCMCFR.DLL
2010-08-19 08:10:58 ----A---- C:\Windows\system32\Implode.dll
2010-08-19 08:10:58 ----A---- C:\Windows\system32\dao360.dll
2010-08-19 08:10:58 ----A---- C:\Windows\system32\crviewer.dll
2010-08-19 08:10:58 ----A---- C:\Windows\system32\Crpaig80.dll
2010-08-19 08:10:57 ----D---- C:\psm_log
2010-08-19 08:10:57 ----A---- C:\Windows\system32\craxdrt.dll
2010-08-19 08:10:57 ----A---- C:\Windows\system32\craxddrt_res_fr.dll
2010-08-19 08:10:57 ----A---- C:\Windows\system32\craxddrt.dll
2010-08-11 09:50:49 ----A---- C:\Windows\ConverterCore.INI
2010-08-11 09:46:59 ----A---- C:\Windows\system32\solidlocalui.dll
2010-08-11 09:46:59 ----A---- C:\Windows\system32\solidlocalmon.dll
2010-08-11 09:46:55 ----D---- C:\Program Files\SolidDocuments
2010-08-11 03:04:17 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 03:04:17 ----A---- C:\Windows\system32\iertutil.dll
2010-08-11 03:04:16 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 03:04:15 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 03:04:15 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 03:04:15 ----A---- C:\Windows\system32\msfeeds.dll
2010-08-11 03:04:15 ----A---- C:\Windows\system32\ie4uinit.exe
2010-08-11 03:04:14 ----A---- C:\Windows\system32\occache.dll
2010-08-11 03:04:14 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 03:04:14 ----A---- C:\Windows\system32\ieUnatt.exe
2010-08-11 03:04:14 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 03:04:14 ----A---- C:\Windows\system32\iesysprep.dll
2010-08-11 03:04:14 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 03:04:14 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 03:04:13 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 03:04:13 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 03:04:13 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 03:04:13 ----A---- C:\Windows\system32\iesetup.dll
2010-08-11 03:04:13 ----A---- C:\Windows\system32\iernonce.dll
2010-08-11 03:04:12 ----A---- C:\Windows\system32\iccvid.dll
2010-08-11 03:04:11 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 03:04:03 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 03:04:01 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 03:03:53 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 03:03:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 03:03:50 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-11 03:03:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 03:03:48 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 03:03:45 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-06 09:29:22 ----D---- C:\Program Files\PDF Compress
2010-08-03 07:46:18 ----A---- C:\Windows\system32\shell32.dll
2010-07-29 12:48:48 ----D---- C:\ProgramData\Nokia
2010-07-29 11:54:44 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-07-29 11:50:40 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-29 11:18:05 ----D---- C:\ProgramData\NokiaInstallerCache
2010-07-28 07:33:20 ----D---- C:\ProgramData\Hewlett-Packard
2010-07-28 07:32:46 ----A---- C:\Windows\system32\hpcpn5r1.dll
2010-07-28 07:13:31 ----D---- C:\Program Files\PSM Watcher
======List of files/folders modified in the last 1 months======
2010-08-27 09:47:59 ----D---- C:\Windows\Prefetch
2010-08-27 09:47:52 ----RD---- C:\Program Files
2010-08-27 08:54:53 ----D---- C:\Windows\System32
2010-08-27 08:54:53 ----D---- C:\Windows\inf
2010-08-27 08:54:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-27 08:02:30 ----D---- C:\Users\viktorh\AppData\Roaming\SolidDocuments
2010-08-27 07:11:50 ----A---- C:\Windows\wincmd.ini
2010-08-27 00:00:08 ----SHD---- C:\System Volume Information
2010-08-26 23:13:26 ----D---- C:\Windows\system32\drivers\Avg
2010-08-26 12:54:06 ----D---- C:\Windows\Tasks
2010-08-26 12:54:06 ----D---- C:\Windows\system32\Tasks
2010-08-26 10:24:21 ----SHD---- C:\Windows\Installer
2010-08-26 07:05:40 ----RSD---- C:\Windows\assembly
2010-08-26 07:05:40 ----D---- C:\Windows\Microsoft.NET
2010-08-26 07:01:11 ----D---- C:\Windows\system32\cs-CZ
2010-08-26 06:59:16 ----D---- C:\Windows\system32\en-US
2010-08-26 06:59:15 ----D---- C:\Program Files\Microsoft.NET
2010-08-26 05:55:35 ----A---- C:\Windows\win.ini
2010-08-25 09:07:00 ----A---- C:\Windows\PwrPlay.INI
2010-08-25 08:50:27 ----D---- C:\Windows\system32\drivers
2010-08-25 08:39:52 ----D---- C:\Windows
2010-08-25 08:38:22 ----D---- C:\$AVG
2010-08-25 08:34:37 ----D---- C:\ProgramData\avg9
2010-08-25 08:34:37 ----D---- C:\ProgramData
2010-08-25 08:31:48 ----D---- C:\Windows\system32\catroot
2010-08-24 10:06:28 ----D---- C:\Windows\winsxs
2010-08-24 10:05:50 ----D---- C:\Program Files\Common Files
2010-08-21 08:02:06 ----D---- C:\Windows\system32\FxsTmp
2010-08-20 10:21:53 ----A---- C:\Windows\system.ini
2010-08-20 10:21:49 ----D---- C:\Windows\system32\drivers\etc
2010-08-20 10:19:14 ----D---- C:\Windows\AppPatch
2010-08-19 11:23:21 ----SD---- C:\Windows\Downloaded Program Files
2010-08-19 11:23:21 ----D---- C:\Windows\Help
2010-08-19 08:13:04 ----D---- C:\Windows\system32\catroot2
2010-08-19 08:11:39 ----D---- C:\Program Files\PSM
2010-08-17 13:39:08 ----D---- C:\ProgramData\Microsoft Help
2010-08-17 09:08:58 ----D---- C:\Program Files\The KMPlayer
2010-08-16 14:06:21 ----A---- C:\Windows\wcx_ftp.ini
2010-08-12 03:16:55 ----D---- C:\Windows\system32\migration
2010-08-12 03:16:55 ----D---- C:\Program Files\Internet Explorer
2010-08-12 03:16:54 ----D---- C:\Program Files\Movie Maker
2010-08-12 03:00:46 ----D---- C:\Program Files\Windows Mail
2010-08-10 13:22:25 ----A---- C:\Windows\pdf2word.INI
2010-08-10 12:23:48 ----D---- C:\Program Files\MSECache
2010-08-10 07:40:24 ----D---- C:\Users\viktorh\AppData\Roaming\PC Suite
2010-08-06 13:16:19 ----D---- C:\Windows\system32\drivers\UMDF
2010-08-04 13:47:36 ----D---- C:\Program Files\VeryPDF PDF2Word v3.0
2010-08-03 20:09:31 ----A---- C:\Windows\system32\mrt.exe
2010-07-30 10:51:16 ----D---- C:\ProgramData\Corel
2010-07-29 12:42:15 ----D---- C:\Users\viktorh\AppData\Roaming\Nokia
2010-07-29 12:17:41 ----D---- C:\Windows\rescache
2010-07-29 11:55:27 ----D---- C:\Program Files\Common Files\Nokia
2010-07-29 11:54:52 ----D---- C:\Program Files\Nokia
2010-07-29 11:54:44 ----DC---- C:\Windows\system32\DRVSTORE
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2010-08-25 52872]
R0 symsnap;Symantec Volume Snap Shot Driver; C:\Windows\system32\DRIVERS\symsnap.sys [2007-12-20 136416]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2010-08-25 24856]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-08-25 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-08-25 29584]
R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-08-25 243024]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\elrawdsk.sys [2008-04-17 12800]
R1 NetworkX;NetworkX; C:\Windows\system32\ckldrv.sys [2006-01-10 31846]
R2 v2imount;Symantec V2i Mount Driver; C:\Windows\system32\DRIVERS\v2imount.sys [2008-01-19 38112]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2007-12-20 46592]
R3 GEARAspiWDM;GearAspiWDM; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-01-19 15664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-17 2098904]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S3 catchme;catchme; \??\C:\Users\viktorh\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-05-23 47360]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-01-18 131000]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 dwshd;dwshd; C:\Windows\System32\drivers\dwshd.sys []
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-07-16 685816]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ALCEpRemoteAgent;Evidence počítačů - Agent; C:\Program Files\Ep\Bin\agsvc.exe [2007-03-22 20480]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-08-25 308136]
R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2010-08-25 2331032]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2006-03-01 69632]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R2 MSSQL$SQLVIKI;SQL Server (SQLVIKI); C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool; C:\Windows\Installer\MSI6506.tmp [2010-08-11 189760]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-06-21 173352]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-01 654848]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-12 136176]
S2 MemeoBackgroundService;MemeoBackgroundService; C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe [2008-11-07 25824]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 HP Port Resolver;HP Port Resolver; C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID.EXE [2004-10-16 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2010-05-10 79360]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
-----------------EOF-----------------
Logfile of random's system information tool 1.08 (written by random/random)
Run by viktorh at 2010-08-27 09:47:52
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 11 GB (15%) free of 71 GB
Total RAM: 3326 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:47:59, on 27.8.2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\PSM Watcher\psm_watcher.exe
C:\Program Files\PopTray\PopTray.exe
C:\Program Files\Svátky a narozeniny\SaN.exe
C:\Program Files\WD\WD Anywhere Backup\MemeoBackup.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\r2 Studios\Tonic\Tonic.exe
C:\Users\viktorh\AppData\Roaming\Google\Google Talk\googletalk.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\NOTEPAD.EXE
D:\Program install\Antiviry\RSIT.exe
C:\Program Files\trend micro\viktorh.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://tvd-server2/default.aspx
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1:3128
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.1.150;192.168.1.151;192.168.1.152;192.168.1.153;192.168.1.154;192.168.1.155;192.168.1.156;192.168.1.157;192.168.1.5:9080;192.168.1.5:10080;192.168.1.5:11080;192.168.1.196;192.168.1.139;192.168.1.157;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {259F616C-A300-44F5-B04A-ED001A26C85C} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Tonic] "C:\Program Files\r2 Studios\Tonic\Tonic.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [WD Anywhere Backup] C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe --silent
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [googletalk] C:\Users\viktorh\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - Startup: PopTray.lnk = C:\Program Files\PopTray\PopTray.exe
O4 - Startup: Svátky a narozeniny.lnk = ?
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: PSM Watcher.lnk = C:\Program Files\PSM Watcher\psm_watcher.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést vybrané vazby do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést vybrané vazby do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést výběr do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Převést výběr do existujícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {672EE252-D813-4F5E-81BB-5DD163DD4FA5} (Active602XMLFiller Control) - https://www.mojedatovaschranka.cz/stati ... ?3,16,13,0
O16 - DPF: {A8449522-F7C6-11D4-8022-0060082AE372} (XceedBinaryEncoding ActiveX) - https://portal.vzp.cz/http://u-por2e.op ... eedBen.dll
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://portal.vzp.cz/http://u-por2e.op ... apicom.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://192.168.1.154/activex/AMC.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = tvdslav.local
O17 - HKLM\Software\..\Telephony: DomainName = tvdslav.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{15ED0787-2B8E-4C0C-8C64-3E6B88753107}: NameServer = 192.168.1.2
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = tvdslav.local
O17 - HKLM\System\CS1\Services\Tcpip\..\{15ED0787-2B8E-4C0C-8C64-3E6B88753107}: NameServer = 192.168.1.2
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = tvdslav.local
O17 - HKLM\System\CS2\Services\Tcpip\..\{15ED0787-2B8E-4C0C-8C64-3E6B88753107}: NameServer = 192.168.1.2
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll,avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Evidence počítačů - Agent (ALCEpRemoteAgent) - ALC - C:\Program Files\Ep\Bin\agsvc.exe
O23 - Service: AVG WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: AVG Firewall (avgfws9) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgfws9.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\Windows\SYSTEM32\crypserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID.EXE
O23 - Service: MemeoBackgroundService - Memeo - C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: SolidConverterPDFReadSpool (SCPDFReadSpool) - Solid Documents, LLC - C:\Windows\Installer\MSI6506.tmp
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
--
End of file - 11158 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ParetoLogic Registration3.job
C:\Windows\tasks\ParetoLogic Update Version3.job
C:\Windows\tasks\User_Feed_Synchronization-{0F52DBDE-AF33-4590-B8F1-D8F858EE23FC}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{259F616C-A300-44F5-B04A-ED001A26C85C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-08-25 1619296]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
AVG Security Toolbar BHO - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - AVG Security Toolbar - C:\Program Files\AVG\AVG9\Toolbar\IEToolbar.dll [2009-11-25 1230080]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-11 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-11 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-11 133656]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-17 6111232]
"Tonic"=C:\Program Files\r2 Studios\Tonic\Tonic.exe [2006-09-04 840192]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2008-03-27 36352]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-08-25 2065760]
"WD Anywhere Backup"=C:\Program Files\WD\WD Anywhere Backup\MemeoLauncher2.exe [2008-11-07 197856]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2006-10-23 620152]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-17 13580832]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-17 92704]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-03-18 207360]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2009-09-10 1312080]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"googletalk"=C:\Users\viktorh\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
"DAEMON Tools"=C:\Program Files\DAEMON Tools\daemon.exe [2007-11-17 171464]
"OEXPRESS"= []
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2010-07-02 671608]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ6\ICQ.exe silent []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Acrobat Speed Launcher.lnk - C:\Windows\Installer\{AC76BA86-1029-0000-7760-000000000003}\_SC_Acrobat.exe
Adobe Acrobat Synchronizer.lnk - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
PSM Watcher.lnk - C:\Program Files\PSM Watcher\psm_watcher.exe
C:\Users\viktorh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
PopTray.lnk - C:\Program Files\PopTray\PopTray.exe
Svátky a narozeniny.lnk - C:\Program Files\Svátky a narozeniny\SaN.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\System32\avgrsstx.dll,avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0
"NoDriveTypeAutoRun"=255
"DontSetAutoplayCheckbox"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 1 months======
2010-08-27 09:47:52 ----D---- C:\rsit
2010-08-27 09:47:52 ----D---- C:\Program Files\trend micro
2010-08-26 13:00:01 ----A---- C:\Windows\system32\0350D.tmp
2010-08-26 10:11:49 ----D---- C:\Program Files\W32detect
2010-08-25 12:00:06 ----A---- C:\Windows\system32\0A566.tmp
2010-08-25 08:50:17 ----A---- C:\Windows\system32\avgrsstx.dll
2010-08-25 08:31:36 ----A---- C:\Windows\system32\drivers\avgfwd6x.sys
2010-08-25 07:10:42 ----D---- C:\Users\viktorh\AppData\Roaming\Malwarebytes
2010-08-25 07:10:39 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2010-08-25 07:10:38 ----D---- C:\ProgramData\Malwarebytes
2010-08-25 07:10:38 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-08-25 07:10:38 ----A---- C:\Windows\system32\drivers\mbam.sys
2010-08-24 10:06:42 ----D---- C:\Users\viktorh\AppData\Roaming\BitDefender Deployment Tool
2010-08-24 10:06:15 ----D---- C:\Program Files\BitDefender
2010-08-24 10:05:50 ----D---- C:\Program Files\Common Files\BitDefender
2010-08-24 07:10:46 ----D---- C:\Program Files\Fedmich
2010-08-20 10:23:18 ----SHD---- C:\$RECYCLE.BIN
2010-08-20 10:23:17 ----D---- C:\Windows\temp
2010-08-20 10:23:16 ----A---- C:\ComboFix.txt
2010-08-20 10:12:53 ----A---- C:\Windows\zip.exe
2010-08-20 10:12:53 ----A---- C:\Windows\SWSC.exe
2010-08-20 10:12:53 ----A---- C:\Windows\SWREG.exe
2010-08-20 10:12:53 ----A---- C:\Windows\sed.exe
2010-08-20 10:12:53 ----A---- C:\Windows\PEV.exe
2010-08-20 10:12:53 ----A---- C:\Windows\NIRCMD.exe
2010-08-20 10:12:53 ----A---- C:\Windows\MBR.exe
2010-08-20 10:12:53 ----A---- C:\Windows\grep.exe
2010-08-20 10:12:45 ----D---- C:\Windows\ERDNT
2010-08-20 10:11:25 ----D---- C:\ComboFix
2010-08-20 10:11:09 ----D---- C:\Qoobox
2010-08-20 10:10:53 ----A---- C:\Windows\SWXCACLS.exe
2010-08-19 11:27:11 ----D---- C:\wwwroot
2010-08-19 11:23:19 ----A---- C:\Windows\system32\jit.dll
2010-08-19 11:23:19 ----A---- C:\Windows\system32\javaee.dll
2010-08-19 11:23:19 ----A---- C:\Windows\system32\dx3j.dll
2010-08-19 11:23:19 ----A---- C:\Windows\setdebug.exe
2010-08-19 11:23:17 ----D---- C:\Windows\Java
2010-08-19 11:23:16 ----A---- C:\Windows\system32\wjview.exe
2010-08-19 11:23:16 ----A---- C:\Windows\system32\vmhelper.dll
2010-08-19 11:23:16 ----A---- C:\Windows\system32\msjdbc10.dll
2010-08-19 11:23:16 ----A---- C:\Windows\system32\msjava.dll
2010-08-19 11:23:16 ----A---- C:\Windows\system32\msawt.dll
2010-08-19 11:23:16 ----A---- C:\Windows\system32\jview.exe
2010-08-19 11:23:16 ----A---- C:\Windows\system32\jdbgmgr.exe
2010-08-19 11:23:16 ----A---- C:\Windows\system32\javart.dll
2010-08-19 11:23:16 ----A---- C:\Windows\system32\javaprxy.dll
2010-08-19 11:23:16 ----A---- C:\Windows\system32\javacypt.dll
2010-08-19 11:23:15 ----A---- C:\Windows\system32\clspack.exe
2010-08-19 08:14:25 ----D---- C:\Program Files\Common Files\Business Objects
2010-08-19 08:14:25 ----D---- C:\Program Files\Business Objects
2010-08-19 08:11:39 ----A---- C:\Windows\system32\WINSKFR.DLL
2010-08-19 08:11:39 ----A---- C:\Windows\system32\VB6STKIT.DLL
2010-08-19 08:11:39 ----A---- C:\Windows\system32\VB5DB.DLL
2010-08-19 08:11:39 ----A---- C:\Windows\system32\tishare8.dll
2010-08-19 08:11:39 ----A---- C:\Windows\system32\tibase6.dll
2010-08-19 08:11:39 ----A---- C:\Windows\system32\ssr2c.dll
2010-08-19 08:11:39 ----A---- C:\Windows\system32\ssprn32.dll
2010-08-19 08:11:39 ----A---- C:\Windows\system32\ssmedt32.dll
2010-08-19 08:11:39 ----A---- C:\Windows\system32\SSCSDK80.DLL
2010-08-19 08:11:39 ----A---- C:\Windows\system32\PG32CONV.DLL
2010-08-19 08:11:38 ----A---- C:\Windows\system32\PEGRP32C.DLL
2010-08-19 08:11:38 ----A---- C:\Windows\system32\p3smnfr.dll
2010-08-19 08:11:38 ----A---- C:\Windows\system32\p2sodbc.dll
2010-08-19 08:11:38 ----A---- C:\Windows\system32\P2smon.dll
2010-08-19 08:11:38 ----A---- C:\Windows\system32\msjro.dll
2010-08-19 08:10:58 ----A---- C:\Windows\system32\MSCMCFR.DLL
2010-08-19 08:10:58 ----A---- C:\Windows\system32\Implode.dll
2010-08-19 08:10:58 ----A---- C:\Windows\system32\dao360.dll
2010-08-19 08:10:58 ----A---- C:\Windows\system32\crviewer.dll
2010-08-19 08:10:58 ----A---- C:\Windows\system32\Crpaig80.dll
2010-08-19 08:10:57 ----D---- C:\psm_log
2010-08-19 08:10:57 ----A---- C:\Windows\system32\craxdrt.dll
2010-08-19 08:10:57 ----A---- C:\Windows\system32\craxddrt_res_fr.dll
2010-08-19 08:10:57 ----A---- C:\Windows\system32\craxddrt.dll
2010-08-11 09:50:49 ----A---- C:\Windows\ConverterCore.INI
2010-08-11 09:46:59 ----A---- C:\Windows\system32\solidlocalui.dll
2010-08-11 09:46:59 ----A---- C:\Windows\system32\solidlocalmon.dll
2010-08-11 09:46:55 ----D---- C:\Program Files\SolidDocuments
2010-08-11 03:04:17 ----A---- C:\Windows\system32\mshtml.dll
2010-08-11 03:04:17 ----A---- C:\Windows\system32\iertutil.dll
2010-08-11 03:04:16 ----A---- C:\Windows\system32\ieframe.dll
2010-08-11 03:04:15 ----A---- C:\Windows\system32\wininet.dll
2010-08-11 03:04:15 ----A---- C:\Windows\system32\urlmon.dll
2010-08-11 03:04:15 ----A---- C:\Windows\system32\msfeeds.dll
2010-08-11 03:04:15 ----A---- C:\Windows\system32\ie4uinit.exe
2010-08-11 03:04:14 ----A---- C:\Windows\system32\occache.dll
2010-08-11 03:04:14 ----A---- C:\Windows\system32\mstime.dll
2010-08-11 03:04:14 ----A---- C:\Windows\system32\ieUnatt.exe
2010-08-11 03:04:14 ----A---- C:\Windows\system32\ieui.dll
2010-08-11 03:04:14 ----A---- C:\Windows\system32\iesysprep.dll
2010-08-11 03:04:14 ----A---- C:\Windows\system32\iepeers.dll
2010-08-11 03:04:14 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-11 03:04:13 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-11 03:04:13 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-11 03:04:13 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-11 03:04:13 ----A---- C:\Windows\system32\iesetup.dll
2010-08-11 03:04:13 ----A---- C:\Windows\system32\iernonce.dll
2010-08-11 03:04:12 ----A---- C:\Windows\system32\iccvid.dll
2010-08-11 03:04:11 ----A---- C:\Windows\system32\schannel.dll
2010-08-11 03:04:03 ----A---- C:\Windows\system32\win32k.sys
2010-08-11 03:04:01 ----A---- C:\Windows\system32\rtutils.dll
2010-08-11 03:03:53 ----A---- C:\Windows\system32\msxml3.dll
2010-08-11 03:03:50 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-11 03:03:50 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-11 03:03:48 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-11 03:03:48 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-11 03:03:45 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-06 09:29:22 ----D---- C:\Program Files\PDF Compress
2010-08-03 07:46:18 ----A---- C:\Windows\system32\shell32.dll
2010-07-29 12:48:48 ----D---- C:\ProgramData\Nokia
2010-07-29 11:54:44 ----A---- C:\Windows\system32\drivers\pccsmcfd.sys
2010-07-29 11:50:40 ----D---- C:\Program Files\PC Connectivity Solution
2010-07-29 11:18:05 ----D---- C:\ProgramData\NokiaInstallerCache
2010-07-28 07:33:20 ----D---- C:\ProgramData\Hewlett-Packard
2010-07-28 07:32:46 ----A---- C:\Windows\system32\hpcpn5r1.dll
2010-07-28 07:13:31 ----D---- C:\Program Files\PSM Watcher
======List of files/folders modified in the last 1 months======
2010-08-27 09:47:59 ----D---- C:\Windows\Prefetch
2010-08-27 09:47:52 ----RD---- C:\Program Files
2010-08-27 08:54:53 ----D---- C:\Windows\System32
2010-08-27 08:54:53 ----D---- C:\Windows\inf
2010-08-27 08:54:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-08-27 08:02:30 ----D---- C:\Users\viktorh\AppData\Roaming\SolidDocuments
2010-08-27 07:11:50 ----A---- C:\Windows\wincmd.ini
2010-08-27 00:00:08 ----SHD---- C:\System Volume Information
2010-08-26 23:13:26 ----D---- C:\Windows\system32\drivers\Avg
2010-08-26 12:54:06 ----D---- C:\Windows\Tasks
2010-08-26 12:54:06 ----D---- C:\Windows\system32\Tasks
2010-08-26 10:24:21 ----SHD---- C:\Windows\Installer
2010-08-26 07:05:40 ----RSD---- C:\Windows\assembly
2010-08-26 07:05:40 ----D---- C:\Windows\Microsoft.NET
2010-08-26 07:01:11 ----D---- C:\Windows\system32\cs-CZ
2010-08-26 06:59:16 ----D---- C:\Windows\system32\en-US
2010-08-26 06:59:15 ----D---- C:\Program Files\Microsoft.NET
2010-08-26 05:55:35 ----A---- C:\Windows\win.ini
2010-08-25 09:07:00 ----A---- C:\Windows\PwrPlay.INI
2010-08-25 08:50:27 ----D---- C:\Windows\system32\drivers
2010-08-25 08:39:52 ----D---- C:\Windows
2010-08-25 08:38:22 ----D---- C:\$AVG
2010-08-25 08:34:37 ----D---- C:\ProgramData\avg9
2010-08-25 08:34:37 ----D---- C:\ProgramData
2010-08-25 08:31:48 ----D---- C:\Windows\system32\catroot
2010-08-24 10:06:28 ----D---- C:\Windows\winsxs
2010-08-24 10:05:50 ----D---- C:\Program Files\Common Files
2010-08-21 08:02:06 ----D---- C:\Windows\system32\FxsTmp
2010-08-20 10:21:53 ----A---- C:\Windows\system.ini
2010-08-20 10:21:49 ----D---- C:\Windows\system32\drivers\etc
2010-08-20 10:19:14 ----D---- C:\Windows\AppPatch
2010-08-19 11:23:21 ----SD---- C:\Windows\Downloaded Program Files
2010-08-19 11:23:21 ----D---- C:\Windows\Help
2010-08-19 08:13:04 ----D---- C:\Windows\system32\catroot2
2010-08-19 08:11:39 ----D---- C:\Program Files\PSM
2010-08-17 13:39:08 ----D---- C:\ProgramData\Microsoft Help
2010-08-17 09:08:58 ----D---- C:\Program Files\The KMPlayer
2010-08-16 14:06:21 ----A---- C:\Windows\wcx_ftp.ini
2010-08-12 03:16:55 ----D---- C:\Windows\system32\migration
2010-08-12 03:16:55 ----D---- C:\Program Files\Internet Explorer
2010-08-12 03:16:54 ----D---- C:\Program Files\Movie Maker
2010-08-12 03:00:46 ----D---- C:\Program Files\Windows Mail
2010-08-10 13:22:25 ----A---- C:\Windows\pdf2word.INI
2010-08-10 12:23:48 ----D---- C:\Program Files\MSECache
2010-08-10 07:40:24 ----D---- C:\Users\viktorh\AppData\Roaming\PC Suite
2010-08-06 13:16:19 ----D---- C:\Windows\system32\drivers\UMDF
2010-08-04 13:47:36 ----D---- C:\Program Files\VeryPDF PDF2Word v3.0
2010-08-03 20:09:31 ----A---- C:\Windows\system32\mrt.exe
2010-07-30 10:51:16 ----D---- C:\ProgramData\Corel
2010-07-29 12:42:15 ----D---- C:\Users\viktorh\AppData\Roaming\Nokia
2010-07-29 12:17:41 ----D---- C:\Windows\rescache
2010-07-29 11:55:27 ----D---- C:\Program Files\Common Files\Nokia
2010-07-29 11:54:52 ----D---- C:\Program Files\Nokia
2010-07-29 11:54:44 ----DC---- C:\Windows\system32\DRVSTORE
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AvgRkx86;avgrkx86.sys; C:\Windows\System32\Drivers\avgrkx86.sys [2010-08-25 52872]
R0 symsnap;Symantec Volume Snap Shot Driver; C:\Windows\system32\DRIVERS\symsnap.sys [2007-12-20 136416]
R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2010-08-25 24856]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-08-25 216400]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2010-08-25 29584]
R1 AvgTdiX;AVG Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-08-25 243024]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\elrawdsk.sys [2008-04-17 12800]
R1 NetworkX;NetworkX; C:\Windows\system32\ckldrv.sys [2006-01-10 31846]
R2 v2imount;Symantec V2i Mount Driver; C:\Windows\system32\DRIVERS\v2imount.sys [2008-01-19 38112]
R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller; C:\Windows\system32\DRIVERS\l160x86.sys [2007-12-20 46592]
R3 GEARAspiWDM;GearAspiWDM; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-01-19 15664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-17 2098904]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-17 7379872]
R3 WudfPf;User Mode Driver Frameworks Platform Driver; C:\Windows\system32\drivers\WudfPf.sys [2009-07-14 92672]
S3 catchme;catchme; \??\C:\Users\viktorh\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-05-23 47360]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-18 35328]
S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-01-18 131000]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2009-07-14 132224]
S4 dwshd;dwshd; C:\Windows\System32\drivers\dwshd.sys []
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2008-07-16 685816]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files\Common Files\soft602\602updsvc\602updsvc.exe [2010-04-14 73728]
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 ALCEpRemoteAgent;Evidence počítačů - Agent; C:\Program Files\Ep\Bin\agsvc.exe [2007-03-22 20480]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R2 avg9wd;AVG WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-08-25 308136]
R2 avgfws9;AVG Firewall; C:\Program Files\AVG\AVG9\avgfws9.exe [2010-08-25 2331032]
R2 Crypkey License;Crypkey License; C:\Windows\system32\crypserv.exe [2006-03-01 69632]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R2 MSSQL$SQLVIKI;SQL Server (SQLVIKI); C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2009-05-27 29262680]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-24 935208]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-17 196608]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-18 21504]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-10 189728]
R2 SCPDFReadSpool;SolidConverterPDFReadSpool; C:\Windows\Installer\MSI6506.tmp [2010-08-11 189760]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-06-21 173352]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2008-01-18 21504]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-06-01 654848]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-05-12 136176]
S2 MemeoBackgroundService;MemeoBackgroundService; C:\Program Files\WD\WD Anywhere Backup\MemeoBackgroundService.exe [2008-11-07 25824]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-18 21504]
S3 HP Port Resolver;HP Port Resolver; C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBPRO.EXE [2005-05-20 81920]
S3 HP Status Server;HP Status Server; C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPBOID.EXE [2004-10-16 73728]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2010-05-10 79360]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
-----------------EOF-----------------