prosim o kontrolu logu
Napsal: 12 úno 2011 22:29
môj počítač je brutálne spomalený, nejde internet. eset našiel vírus. no nevie ho odstrániť
vírus sa volá Java/TrojanDownloader.OpenStream.NBF
prosím o pomoc. tu je log :
Logfile of random's system information tool 1.08 (written by random/random)
Run by Samuel at 2011-02-12 22:06:26
Microsoft Windows 7 Ultimate
System drive C: has 24 GB (38%) free of 63 GB
Total RAM: 1471 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:06:56, on 12. 2. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Zend\Apache2\bin\httpd.exe
C:\Windows\system32\svchost.exe
C:\Prey\platform\windows\cronsvc.exe
C:\Program Files\IBM\SQLLIB\BIN\db2mgmtsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Soluto\soluto.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Game Booster\gbtray.exe
C:\Windows\system32\PrintIsolationHost.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Sticky Password\stpass.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files\ICQ7.4\ICQ.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Zend\Apache2\bin\ApacheMonitor.exe
C:\Program Files\DynDNS Updater\DynTray.exe
C:\Program Files\Zend\ZendServer\bin\zendcontroller.exe
C:\Program Files\No-IP\DUC30.exe
C:\Program Files\Java\jre6\launch4j-tmp\android-notifier-desktop.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files\Zend\Apache2\bin\httpd.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Zend\MySQL51\bin\mysqld.exe
C:\Windows\System32\svchost.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Zend\ZendServer\bin\php-cgi.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\tcpsvcs.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 10\firefox.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Program Files\Opera 11.00 beta\opera.exe
C:\Program Files\Zend\ZendServer\bin\php-cgi.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Zend\ZendServer\bin\php-cgi.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Windows\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Zend\ZendServer\bin\JavaServer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Zend\ZendServer\bin\jqd.exe
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
C:\Program Files\Zend\ZendServer\bin\MonitorNode.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\Zend\ZendServer\bin\ZendSessionManager.exe
C:\Program Files\DynDNS Updater\DynUpSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Hide My IP\HideMyIpSrv.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\TeamViewer\Version6\tv_w32.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\No-IP\DUC30.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Samuel\Downloads\RSIT.exe
C:\Windows\System32\svchost.exe
C:\Program Files\trend micro\Samuel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/xmas/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: InnoGames International Toolbar - {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - C:\Program Files\InnoGames_International\tbInno.dll
F2 - REG:system.ini: UserInit=userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: InnoGames International Toolbar - {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - C:\Program Files\InnoGames_International\tbInno.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: InnoGames International Toolbar - {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - C:\Program Files\InnoGames_International\tbInno.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [StickyPassword] C:\Program Files\Sticky Password\stpass.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: android-notifier-desktop.lnk = ?
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC30.exe
O4 - Global Startup: android-notifier-desktop.lnk = ?
O4 - Global Startup: Apache Web Server Monitor.lnk = C:\Program Files\Zend\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe
O4 - Global Startup: Zend Controller.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Apache2.2-Zend - Apache Software Foundation - C:\Program Files\Zend\Apache2\bin\httpd.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: DB2 Management Service (DB2COPY1) (DB2MGMTSVC_DB2COPY1) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2mgmtsvc.exe
O23 - Service: DroidExplorer Service (DroidExplorerService) - Ryan Conrad - C:\Program Files\Droid Explorer\DroidExplorer.Service.exe
O23 - Service: DynDNS Updater - Dynamic Network Services, Inc. - C:\Program Files\DynDNS Updater\DynUpSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HideMyIpSRV - HideMyIP - C:\Program Files\Hide My IP\HideMyIpSrv.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (file missing)
O23 - Service: MySQL_ZendServer51 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: No-IP DUC Service (NoIPDUCService3) - Unknown owner - C:\Program Files\No-IP\DUC30.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: Zend Java Bridge (ZendJavaBridge) - Zend Technologies Ltd. - C:\Program Files\Zend\ZendServer\bin\JavaServer.exe
O23 - Service: Zend Job Queue (ZendJobQueue) - Zend Technologies Ltd. - C:\Program Files\Zend\ZendServer\bin\jqd.exe
O23 - Service: Zend Monitor (ZendMonitor) - Zend Technologies Ltd. - C:\Program Files\Zend\ZendServer\bin\MonitorNode.exe
O23 - Service: Zend Session Clustering (ZendSessionClustering) - Zend Technologies Ltd. - C:\Program Files\Zend\ZendServer\bin\ZendSessionManager.exe
--
End of file - 13497 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1788494572-549859430-2020115205-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1788494572-549859430-2020115205-1001UA.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}]
InnoGames International Toolbar - C:\Program Files\InnoGames_International\tbInno.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-24 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-10-27 1049912]
{942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - InnoGames International Toolbar - C:\Program Files\InnoGames_International\tbInno.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StickyPassword"=C:\Program Files\Sticky Password\stpass.exe [2010-11-01 3227480]
"Sony Ericsson PC Companion"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-01-05 424448]
"ICQ"=C:\Program Files\ICQ7.4\ICQ.exe [2011-02-02 119608]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
android-notifier-desktop.lnk - C:\Program Files\Android Notifier Desktop\android-notifier-desktop.exe
Apache Web Server Monitor.lnk - C:\Program Files\Zend\Apache2\bin\ApacheMonitor.exe
DynDNS Updater Tray Icon.lnk - C:\Program Files\DynDNS Updater\DynTray.exe
Zend Controller.lnk - C:\Program Files\Zend\ZendServer\bin\zendcontroller.exe
C:\Users\Samuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
android-notifier-desktop.lnk - C:\Program Files\Android Notifier Desktop\android-notifier-desktop.exe
No-IP DUC.lnk - C:\Program Files\No-IP\DUC30.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\system32\config\systemprofile\AppData\Roaming\xssend2\svcnost.exe"="C:\Windows\system32\config\systemprofile\AppData\Roaming\xssend2\svcnost.exe:*:Enabled:ldrsoft"
"C:\Windows\TEMP\urdp\setup.exe"="C:\Windows\TEMP\urdp\setup.exe:*:Enabled:setup"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit -
.js - open -
======List of files/folders created in the last 1 months======
2011-02-12 22:06:27 ----D---- C:\Program Files\trend micro
2011-02-12 22:06:26 ----D---- C:\rsit
2011-02-12 21:59:40 ----D---- C:\Avenger
2011-02-12 21:59:40 ----A---- C:\avenger.txt
2011-02-12 11:21:16 ----D---- C:\Program Files\ophcrack
2011-02-11 11:41:19 ----A---- C:\Windows\ODBCINST.INI
2011-02-11 11:38:48 ----D---- C:\ProgramData\DB2COPY1
2011-02-11 11:38:48 ----D---- C:\Program Files\IBM
2011-02-11 11:37:37 ----D---- C:\ProgramData\IBM
2011-02-11 11:37:17 ----D---- C:\Windows\Downloaded Installations
2011-02-10 23:45:24 ----D---- C:\wamp
2011-02-10 22:09:18 ----D---- C:\Program Files\No-IP
2011-02-10 15:39:13 ----D---- C:\Users\Samuel\AppData\Roaming\uTorrent
2011-02-09 19:31:06 ----D---- C:\Program Files\Git
2011-02-09 19:08:46 ----D---- C:\ProgramData\Titanium
2011-02-09 18:19:28 ----D---- C:\Users\Samuel\AppData\Roaming\gobby
2011-02-09 18:14:30 ----D---- C:\Program Files\Gobby-0.5
2011-02-05 15:27:36 ----D---- C:\Users\Samuel\AppData\Roaming\DEKSI
2011-02-05 15:27:31 ----D---- C:\Program Files\DEKSI Network Administrator
2011-02-05 14:00:43 ----D---- C:\Program Files\Android Notifier Desktop
2011-02-04 18:31:03 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 10
2011-02-02 19:56:44 ----D---- C:\Program Files\ICQ7.4
2011-02-01 14:38:21 ----D---- C:\Program Files\AVI To VCD SVCD DVD MPEG Converter Pro
2011-02-01 14:26:30 ----A---- C:\Windows\AVIConverter.INI
2011-02-01 14:26:05 ----D---- C:\Program Files\Boilsoft AVI Converter
2011-01-29 15:04:44 ----D---- C:\Program Files\Smart VPN Client
2011-01-29 14:57:03 ----D---- C:\Program Files\DrayTek Router Tools V2.5.4
2011-01-26 11:32:46 ----D---- C:\a
2011-01-25 15:29:21 ----D---- C:\android-sdk-windows
2011-01-24 17:58:11 ----A---- C:\Windows\system32\javaws.exe
2011-01-24 17:58:11 ----A---- C:\Windows\system32\javaw.exe
2011-01-24 17:58:11 ----A---- C:\Windows\system32\java.exe
2011-01-23 10:30:35 ----D---- C:\Python31
2011-01-22 12:32:49 ----D---- C:\Program Files\AppInventor
2011-01-22 12:29:43 ----D---- C:\android
2011-01-18 21:36:12 ----A---- C:\Windows\system32\HMIPCore.dll
2011-01-18 21:35:44 ----D---- C:\Program Files\Hide My IP
2011-01-18 14:08:19 ----D---- C:\ProgramData\IObit
2011-01-18 14:08:17 ----D---- C:\Program Files\IObit
2011-01-17 14:53:05 ----D---- C:\Program Files\Valve
2011-01-16 14:20:31 ----D---- C:\Program Files\Rapid PHP 2010
2011-01-16 12:42:51 ----D---- C:\Users\Samuel\AppData\Roaming\TeamViewer
2011-01-16 12:41:47 ----D---- C:\Program Files\TeamViewer
2011-01-15 10:33:52 ----D---- C:\ProgramData\PopCap Games
2011-01-15 10:33:52 ----D---- C:\Program Files\PopCap Games
2011-01-13 19:20:42 ----D---- C:\Users\Samuel\AppData\Roaming\Blumentals
======List of files/folders modified in the last 1 months======
2011-02-12 22:06:37 ----D---- C:\Windows\Temp
2011-02-12 22:06:27 ----D---- C:\Program Files
2011-02-12 22:02:58 ----D---- C:\Windows\system32\inetsrv
2011-02-12 22:02:46 ----D---- C:\Windows\system32\config
2011-02-12 22:00:39 ----D---- C:\Users\Samuel\AppData\Roaming\ICQ
2011-02-12 22:00:22 ----A---- C:\Windows\system32\TempWmicBatchFile.bat
2011-02-12 22:00:09 ----D---- C:\Windows
2011-02-12 21:59:40 ----D---- C:\Windows\system32\drivers
2011-02-12 21:53:42 ----D---- C:\Users\Samuel\AppData\Roaming\Skype
2011-02-12 21:52:30 ----D---- C:\Windows\System32
2011-02-12 21:52:29 ----D---- C:\Windows\inf
2011-02-12 21:52:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-12 16:03:43 ----D---- C:\Users\Samuel\AppData\Roaming\skypePM
2011-02-12 11:16:06 ----D---- C:\Program Files\Opera 11.00 beta
2011-02-12 11:13:20 ----D---- C:\Windows\system32\LogFiles
2011-02-11 11:46:12 ----D---- C:\Program Files\Zend
2011-02-11 11:43:41 ----SHD---- C:\Windows\Installer
2011-02-11 11:43:29 ----SHD---- C:\Config.Msi
2011-02-11 11:42:12 ----D---- C:\Windows\winsxs
2011-02-11 11:42:01 ----RSD---- C:\Windows\assembly
2011-02-11 11:38:48 ----HD---- C:\ProgramData
2011-02-11 11:28:14 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-11 10:47:37 ----D---- C:\Program Files\PHP
2011-02-11 10:29:22 ----D---- C:\xampp
2011-02-10 19:35:29 ----D---- C:\Program Files\uTorrent
2011-02-09 23:15:34 ----D---- C:\Users\Samuel\AppData\Roaming\FileZilla
2011-02-09 20:06:02 ----D---- C:\Users\Samuel\AppData\Roaming\gtk-2.0
2011-02-09 11:38:17 ----AD---- C:\ProgramData\TEMP
2011-02-08 18:22:04 ----D---- C:\Program Files\Notepad++
2011-02-08 13:19:35 ----D---- C:\Windows\system32\NDF
2011-02-07 23:50:17 ----D---- C:\Windows\Prefetch
2011-02-07 15:09:34 ----DC---- C:\Windows\system32\DRVSTORE
2011-02-07 15:09:32 ----D---- C:\Windows\system32\catroot
2011-02-07 15:09:31 ----D---- C:\Windows\system32\DriverStore
2011-02-07 14:03:41 ----D---- C:\Users\Samuel\AppData\Roaming\Zoner
2011-02-06 17:06:12 ----D---- C:\Windows\system32\catroot2
2011-02-05 20:13:28 ----D---- C:\Program Files\JetBrains
2011-02-04 21:01:47 ----D---- C:\Windows\Tasks
2011-02-02 20:33:37 ----D---- C:\Program Files\ICQ6Toolbar
2011-02-02 19:41:31 ----A---- C:\Users\Samuel\AppData\Roaming\burnaware.ini
2011-01-26 17:15:15 ----RSD---- C:\Windows\Fonts
2011-01-25 20:11:03 ----D---- C:\Windows\debug
2011-01-24 17:57:37 ----A---- C:\Windows\system32\deployJava1.dll
2011-01-24 17:57:36 ----D---- C:\Program Files\Java
2011-01-23 11:56:27 ----D---- C:\Windows\rescache
2011-01-18 19:58:31 ----D---- C:\Windows\system32\en-US
2011-01-18 19:58:31 ----D---- C:\Windows\system32\cs-CZ
2011-01-18 14:08:50 ----D---- C:\Windows\system32\Tasks
2011-01-15 22:47:00 ----D---- C:\Program Files\PokerStars
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2009-01-07 20744]
R0 PCGenFAM;PCGenFAM; C:\Windows\system32\DRIVERS\PCGenFAM.sys [2010-11-01 181704]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-24 697328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-18 4172832]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fetnd6.sys [2009-07-13 44032]
R3 RDPDISPM;RDPDISPM; C:\Windows\system32\DRIVERS\rdpdispm.sys [2010-09-22 15488]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 cpuz132;cpuz132; \??\C:\Users\Samuel\AppData\Local\Temp\cpuz132\cpuz132_x32.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-12-05 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-12-05 25512]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 mv2;mv2; C:\Windows\system32\DRIVERS\mv2.sys [2010-11-25 12096]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2010-08-16 16472]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2010-08-16 11104]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-22 109328]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S4 RsFx0150;RsFx0150 Driver; C:\Windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apache2.2-Zend;Apache2.2-Zend; C:\Program Files\Zend\Apache2\bin\httpd.exe [2010-11-30 27240]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 CronService;Cron Service for Prey; C:\Prey\platform\windows\cronsvc.exe [2010-09-29 18432]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DB2MGMTSVC_DB2COPY1;DB2 Management Service (DB2COPY1); C:\Program Files\IBM\SQLLIB\BIN\db2mgmtsvc.exe [2009-04-04 38688]
R2 DynDNS Updater;DynDNS Updater; C:\Program Files\DynDNS Updater\DynUpSvc.exe [2010-04-16 103800]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 ftpsvc;@%windir%\system32\inetsrv\ftpres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2009-07-14 13824]
R2 LPDSVC;@%systemroot%\system32\lpdsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MySQL_ZendServer51;MySQL_ZendServer51; C:\Program Files\Zend\MySQL51\bin\mysqld --defaults-file=C:\Program Files\Zend\MySQL51\my.ini MySQL_ZendServer51 []
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
R2 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
R2 NoIPDUCService3;No-IP DUC Service; C:\Program Files\No-IP\DUC30.exe [2010-06-18 1423520]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 9216]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2010-11-01 331296]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R2 uvnc_service;uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [2010-10-25 1695216]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 HideMyIpSRV;HideMyIpSRV; C:\Program Files\Hide My IP\HideMyIpSrv.exe [2010-07-06 3039536]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -sSQLEXPRESS []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;@%windir%\system32\inetsrv\iisres.dll,-30009; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 DroidExplorerService;DroidExplorer Service; C:\Program Files\Droid Explorer\DroidExplorer.Service.exe [2010-08-21 253952]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-22 136176]
S3 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-10-27 247096]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-22 1343400]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE []
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -i SQLEXPRESS []
-----------------EOF-----------------
vírus sa volá Java/TrojanDownloader.OpenStream.NBF
prosím o pomoc. tu je log :
Logfile of random's system information tool 1.08 (written by random/random)
Run by Samuel at 2011-02-12 22:06:26
Microsoft Windows 7 Ultimate
System drive C: has 24 GB (38%) free of 63 GB
Total RAM: 1471 MB (16% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:06:56, on 12. 2. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Zend\Apache2\bin\httpd.exe
C:\Windows\system32\svchost.exe
C:\Prey\platform\windows\cronsvc.exe
C:\Program Files\IBM\SQLLIB\BIN\db2mgmtsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Soluto\soluto.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IObit\Game Booster\gbtray.exe
C:\Windows\system32\PrintIsolationHost.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Sticky Password\stpass.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
C:\Program Files\ICQ7.4\ICQ.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Zend\Apache2\bin\ApacheMonitor.exe
C:\Program Files\DynDNS Updater\DynTray.exe
C:\Program Files\Zend\ZendServer\bin\zendcontroller.exe
C:\Program Files\No-IP\DUC30.exe
C:\Program Files\Java\jre6\launch4j-tmp\android-notifier-desktop.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanionInfo.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\inetsrv\inetinfo.exe
C:\Program Files\Zend\Apache2\bin\httpd.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Zend\MySQL51\bin\mysqld.exe
C:\Windows\System32\svchost.exe
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Zend\ZendServer\bin\php-cgi.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\tcpsvcs.exe
C:\Program Files\Mozilla Firefox 4.0 Beta 10\firefox.exe
C:\Program Files\Soluto\SolutoService.exe
C:\Program Files\Opera 11.00 beta\opera.exe
C:\Program Files\Zend\ZendServer\bin\php-cgi.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Zend\ZendServer\bin\php-cgi.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Windows\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Zend\ZendServer\bin\JavaServer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Zend\ZendServer\bin\jqd.exe
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
C:\Program Files\Zend\ZendServer\bin\MonitorNode.exe
C:\Program Files\UltraVNC\WinVNC.exe
C:\Program Files\Zend\ZendServer\bin\ZendSessionManager.exe
C:\Program Files\DynDNS Updater\DynUpSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Hide My IP\HideMyIpSrv.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\TeamViewer\Version6\tv_w32.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\No-IP\DUC30.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Samuel\Downloads\RSIT.exe
C:\Windows\System32\svchost.exe
C:\Program Files\trend micro\Samuel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/xmas/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: InnoGames International Toolbar - {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - C:\Program Files\InnoGames_International\tbInno.dll
F2 - REG:system.ini: UserInit=userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: InnoGames International Toolbar - {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - C:\Program Files\InnoGames_International\tbInno.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: InnoGames International Toolbar - {942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - C:\Program Files\InnoGames_International\tbInno.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [StickyPassword] C:\Program Files\Sticky Password\stpass.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Companion] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.4\ICQ.exe" silent loginmode=4
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: android-notifier-desktop.lnk = ?
O4 - Startup: No-IP DUC.lnk = C:\Program Files\No-IP\DUC30.exe
O4 - Global Startup: android-notifier-desktop.lnk = ?
O4 - Global Startup: Apache Web Server Monitor.lnk = C:\Program Files\Zend\Apache2\bin\ApacheMonitor.exe
O4 - Global Startup: DynDNS Updater Tray Icon.lnk = C:\Program Files\DynDNS Updater\DynTray.exe
O4 - Global Startup: Zend Controller.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files\ICQ7.4\ICQ.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\hmipcore.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll
O23 - Service: Apache2.2-Zend - Apache Software Foundation - C:\Program Files\Zend\Apache2\bin\httpd.exe
O23 - Service: Cron Service for Prey (CronService) - Fork Ltd. - C:\Prey\platform\windows\cronsvc.exe
O23 - Service: DB2 Management Service (DB2COPY1) (DB2MGMTSVC_DB2COPY1) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2mgmtsvc.exe
O23 - Service: DroidExplorer Service (DroidExplorerService) - Ryan Conrad - C:\Program Files\Droid Explorer\DroidExplorer.Service.exe
O23 - Service: DynDNS Updater - Dynamic Network Services, Inc. - C:\Program Files\DynDNS Updater\DynUpSvc.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HideMyIpSRV - HideMyIP - C:\Program Files\Hide My IP\HideMyIpSrv.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) - Unknown owner - c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (file missing)
O23 - Service: MySQL_ZendServer51 - Unknown owner - C:\Program.exe (file missing)
O23 - Service: No-IP DUC Service (NoIPDUCService3) - Unknown owner - C:\Program Files\No-IP\DUC30.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: uvnc_service - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: Zend Java Bridge (ZendJavaBridge) - Zend Technologies Ltd. - C:\Program Files\Zend\ZendServer\bin\JavaServer.exe
O23 - Service: Zend Job Queue (ZendJobQueue) - Zend Technologies Ltd. - C:\Program Files\Zend\ZendServer\bin\jqd.exe
O23 - Service: Zend Monitor (ZendMonitor) - Zend Technologies Ltd. - C:\Program Files\Zend\ZendServer\bin\MonitorNode.exe
O23 - Service: Zend Session Clustering (ZendSessionClustering) - Zend Technologies Ltd. - C:\Program Files\Zend\ZendServer\bin\ZendSessionManager.exe
--
End of file - 13497 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1788494572-549859430-2020115205-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1788494572-549859430-2020115205-1001UA.job
C:\Windows\tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job
C:\Windows\tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{942cd1d4-9cc1-4d31-876a-ea8f489f7a59}]
InnoGames International Toolbar - C:\Program Files\InnoGames_International\tbInno.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Plug-In - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-09-27 1250696]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-01-24 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-10-27 1049912]
{942cd1d4-9cc1-4d31-876a-ea8f489f7a59} - InnoGames International Toolbar - C:\Program Files\InnoGames_International\tbInno.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"=C:\Windows\SOUNDMAN.EXE [2009-04-14 604704]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StickyPassword"=C:\Program Files\Sticky Password\stpass.exe [2010-11-01 3227480]
"Sony Ericsson PC Companion"=C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe [2011-01-05 424448]
"ICQ"=C:\Program Files\ICQ7.4\ICQ.exe [2011-02-02 119608]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
android-notifier-desktop.lnk - C:\Program Files\Android Notifier Desktop\android-notifier-desktop.exe
Apache Web Server Monitor.lnk - C:\Program Files\Zend\Apache2\bin\ApacheMonitor.exe
DynDNS Updater Tray Icon.lnk - C:\Program Files\DynDNS Updater\DynTray.exe
Zend Controller.lnk - C:\Program Files\Zend\ZendServer\bin\zendcontroller.exe
C:\Users\Samuel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
android-notifier-desktop.lnk - C:\Program Files\Android Notifier Desktop\android-notifier-desktop.exe
No-IP DUC.lnk - C:\Program Files\No-IP\DUC30.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll [2010-06-22 202088]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SolutoService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Windows\system32\config\systemprofile\AppData\Roaming\xssend2\svcnost.exe"="C:\Windows\system32\config\systemprofile\AppData\Roaming\xssend2\svcnost.exe:*:Enabled:ldrsoft"
"C:\Windows\TEMP\urdp\setup.exe"="C:\Windows\TEMP\urdp\setup.exe:*:Enabled:setup"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit -
.js - open -
======List of files/folders created in the last 1 months======
2011-02-12 22:06:27 ----D---- C:\Program Files\trend micro
2011-02-12 22:06:26 ----D---- C:\rsit
2011-02-12 21:59:40 ----D---- C:\Avenger
2011-02-12 21:59:40 ----A---- C:\avenger.txt
2011-02-12 11:21:16 ----D---- C:\Program Files\ophcrack
2011-02-11 11:41:19 ----A---- C:\Windows\ODBCINST.INI
2011-02-11 11:38:48 ----D---- C:\ProgramData\DB2COPY1
2011-02-11 11:38:48 ----D---- C:\Program Files\IBM
2011-02-11 11:37:37 ----D---- C:\ProgramData\IBM
2011-02-11 11:37:17 ----D---- C:\Windows\Downloaded Installations
2011-02-10 23:45:24 ----D---- C:\wamp
2011-02-10 22:09:18 ----D---- C:\Program Files\No-IP
2011-02-10 15:39:13 ----D---- C:\Users\Samuel\AppData\Roaming\uTorrent
2011-02-09 19:31:06 ----D---- C:\Program Files\Git
2011-02-09 19:08:46 ----D---- C:\ProgramData\Titanium
2011-02-09 18:19:28 ----D---- C:\Users\Samuel\AppData\Roaming\gobby
2011-02-09 18:14:30 ----D---- C:\Program Files\Gobby-0.5
2011-02-05 15:27:36 ----D---- C:\Users\Samuel\AppData\Roaming\DEKSI
2011-02-05 15:27:31 ----D---- C:\Program Files\DEKSI Network Administrator
2011-02-05 14:00:43 ----D---- C:\Program Files\Android Notifier Desktop
2011-02-04 18:31:03 ----D---- C:\Program Files\Mozilla Firefox 4.0 Beta 10
2011-02-02 19:56:44 ----D---- C:\Program Files\ICQ7.4
2011-02-01 14:38:21 ----D---- C:\Program Files\AVI To VCD SVCD DVD MPEG Converter Pro
2011-02-01 14:26:30 ----A---- C:\Windows\AVIConverter.INI
2011-02-01 14:26:05 ----D---- C:\Program Files\Boilsoft AVI Converter
2011-01-29 15:04:44 ----D---- C:\Program Files\Smart VPN Client
2011-01-29 14:57:03 ----D---- C:\Program Files\DrayTek Router Tools V2.5.4
2011-01-26 11:32:46 ----D---- C:\a
2011-01-25 15:29:21 ----D---- C:\android-sdk-windows
2011-01-24 17:58:11 ----A---- C:\Windows\system32\javaws.exe
2011-01-24 17:58:11 ----A---- C:\Windows\system32\javaw.exe
2011-01-24 17:58:11 ----A---- C:\Windows\system32\java.exe
2011-01-23 10:30:35 ----D---- C:\Python31
2011-01-22 12:32:49 ----D---- C:\Program Files\AppInventor
2011-01-22 12:29:43 ----D---- C:\android
2011-01-18 21:36:12 ----A---- C:\Windows\system32\HMIPCore.dll
2011-01-18 21:35:44 ----D---- C:\Program Files\Hide My IP
2011-01-18 14:08:19 ----D---- C:\ProgramData\IObit
2011-01-18 14:08:17 ----D---- C:\Program Files\IObit
2011-01-17 14:53:05 ----D---- C:\Program Files\Valve
2011-01-16 14:20:31 ----D---- C:\Program Files\Rapid PHP 2010
2011-01-16 12:42:51 ----D---- C:\Users\Samuel\AppData\Roaming\TeamViewer
2011-01-16 12:41:47 ----D---- C:\Program Files\TeamViewer
2011-01-15 10:33:52 ----D---- C:\ProgramData\PopCap Games
2011-01-15 10:33:52 ----D---- C:\Program Files\PopCap Games
2011-01-13 19:20:42 ----D---- C:\Users\Samuel\AppData\Roaming\Blumentals
======List of files/folders modified in the last 1 months======
2011-02-12 22:06:37 ----D---- C:\Windows\Temp
2011-02-12 22:06:27 ----D---- C:\Program Files
2011-02-12 22:02:58 ----D---- C:\Windows\system32\inetsrv
2011-02-12 22:02:46 ----D---- C:\Windows\system32\config
2011-02-12 22:00:39 ----D---- C:\Users\Samuel\AppData\Roaming\ICQ
2011-02-12 22:00:22 ----A---- C:\Windows\system32\TempWmicBatchFile.bat
2011-02-12 22:00:09 ----D---- C:\Windows
2011-02-12 21:59:40 ----D---- C:\Windows\system32\drivers
2011-02-12 21:53:42 ----D---- C:\Users\Samuel\AppData\Roaming\Skype
2011-02-12 21:52:30 ----D---- C:\Windows\System32
2011-02-12 21:52:29 ----D---- C:\Windows\inf
2011-02-12 21:52:29 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-02-12 16:03:43 ----D---- C:\Users\Samuel\AppData\Roaming\skypePM
2011-02-12 11:16:06 ----D---- C:\Program Files\Opera 11.00 beta
2011-02-12 11:13:20 ----D---- C:\Windows\system32\LogFiles
2011-02-11 11:46:12 ----D---- C:\Program Files\Zend
2011-02-11 11:43:41 ----SHD---- C:\Windows\Installer
2011-02-11 11:43:29 ----SHD---- C:\Config.Msi
2011-02-11 11:42:12 ----D---- C:\Windows\winsxs
2011-02-11 11:42:01 ----RSD---- C:\Windows\assembly
2011-02-11 11:38:48 ----HD---- C:\ProgramData
2011-02-11 11:28:14 ----HD---- C:\Program Files\InstallShield Installation Information
2011-02-11 10:47:37 ----D---- C:\Program Files\PHP
2011-02-11 10:29:22 ----D---- C:\xampp
2011-02-10 19:35:29 ----D---- C:\Program Files\uTorrent
2011-02-09 23:15:34 ----D---- C:\Users\Samuel\AppData\Roaming\FileZilla
2011-02-09 20:06:02 ----D---- C:\Users\Samuel\AppData\Roaming\gtk-2.0
2011-02-09 11:38:17 ----AD---- C:\ProgramData\TEMP
2011-02-08 18:22:04 ----D---- C:\Program Files\Notepad++
2011-02-08 13:19:35 ----D---- C:\Windows\system32\NDF
2011-02-07 23:50:17 ----D---- C:\Windows\Prefetch
2011-02-07 15:09:34 ----DC---- C:\Windows\system32\DRVSTORE
2011-02-07 15:09:32 ----D---- C:\Windows\system32\catroot
2011-02-07 15:09:31 ----D---- C:\Windows\system32\DriverStore
2011-02-07 14:03:41 ----D---- C:\Users\Samuel\AppData\Roaming\Zoner
2011-02-06 17:06:12 ----D---- C:\Windows\system32\catroot2
2011-02-05 20:13:28 ----D---- C:\Program Files\JetBrains
2011-02-04 21:01:47 ----D---- C:\Windows\Tasks
2011-02-02 20:33:37 ----D---- C:\Program Files\ICQ6Toolbar
2011-02-02 19:41:31 ----A---- C:\Users\Samuel\AppData\Roaming\burnaware.ini
2011-01-26 17:15:15 ----RSD---- C:\Windows\Fonts
2011-01-25 20:11:03 ----D---- C:\Windows\debug
2011-01-24 17:57:37 ----A---- C:\Windows\system32\deployJava1.dll
2011-01-24 17:57:36 ----D---- C:\Program Files\Java
2011-01-23 11:56:27 ----D---- C:\Windows\rescache
2011-01-18 19:58:31 ----D---- C:\Windows\system32\en-US
2011-01-18 19:58:31 ----D---- C:\Windows\system32\cs-CZ
2011-01-18 14:08:50 ----D---- C:\Windows\system32\Tasks
2011-01-15 22:47:00 ----D---- C:\Program Files\PokerStars
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 BtHidBus;Bluetooth HID Bus Service; C:\Windows\System32\Drivers\BtHidBus.sys [2009-01-07 20744]
R0 PCGenFAM;PCGenFAM; C:\Windows\system32\DRIVERS\PCGenFAM.sys [2010-11-01 181704]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-24 697328]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-07-29 136632]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-07-29 41336]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\Windows\system32\drivers\RTKVAC.SYS [2009-06-18 4172832]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\fetnd6.sys [2009-07-13 44032]
R3 RDPDISPM;RDPDISPM; C:\Windows\system32\DRIVERS\rdpdispm.sys [2010-09-22 15488]
R3 seehcri;Sony Ericsson seehcri Device Driver; C:\Windows\system32\DRIVERS\seehcri.sys [2008-01-09 27632]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys []
S3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
S3 btnetBUs;Bluetooth PAN Bus Service; C:\Windows\System32\Drivers\btnetBus.sys [2008-12-07 30088]
S3 cpuz132;cpuz132; \??\C:\Users\Samuel\AppData\Local\Temp\cpuz132\cpuz132_x32.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2010-12-05 13224]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2010-12-05 25512]
S3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
S3 mv2;mv2; C:\Windows\system32\DRIVERS\mv2.sys [2010-11-25 12096]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 pwdrvio;pwdrvio; \??\C:\Windows\system32\pwdrvio.sys [2010-08-16 16472]
S3 pwdspio;pwdspio; \??\C:\Windows\system32\pwdspio.sys [2010-08-16 11104]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 s0016bus;Sony Ericsson Device 0016 driver (WDM); C:\Windows\system32\DRIVERS\s0016bus.sys [2008-05-16 89256]
S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter; C:\Windows\system32\DRIVERS\s0016mdfl.sys [2008-05-16 15016]
S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver; C:\Windows\system32\DRIVERS\s0016mdm.sys [2008-05-16 120744]
S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM); C:\Windows\system32\DRIVERS\s0016mgmt.sys [2008-05-16 114216]
S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS); C:\Windows\system32\DRIVERS\s0016nd5.sys [2008-05-16 25512]
S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface; C:\Windows\system32\DRIVERS\s0016obex.sys [2008-05-16 110632]
S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM); C:\Windows\system32\DRIVERS\s0016unic.sys [2008-05-16 115752]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2005-08-30 58320]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-12-22 109328]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S4 RsFx0150;RsFx0150 Driver; C:\Windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 240608]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apache2.2-Zend;Apache2.2-Zend; C:\Program Files\Zend\Apache2\bin\httpd.exe [2010-11-30 27240]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 CronService;Cron Service for Prey; C:\Prey\platform\windows\cronsvc.exe [2010-09-29 18432]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DB2MGMTSVC_DB2COPY1;DB2 Management Service (DB2COPY1); C:\Program Files\IBM\SQLLIB\BIN\db2mgmtsvc.exe [2009-04-04 38688]
R2 DynDNS Updater;DynDNS Updater; C:\Program Files\DynDNS Updater\DynUpSvc.exe [2010-04-16 103800]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 ftpsvc;@%windir%\system32\inetsrv\ftpres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 IISADMIN;@%windir%\system32\inetsrv\iisres.dll,-30007; C:\Windows\system32\inetsrv\inetinfo.exe [2009-07-14 13824]
R2 LPDSVC;@%systemroot%\system32\lpdsvc.dll,-500; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MySQL_ZendServer51;MySQL_ZendServer51; C:\Program Files\Zend\MySQL51\bin\mysqld --defaults-file=C:\Program Files\Zend\MySQL51\my.ini MySQL_ZendServer51 []
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 NetPipeActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
R2 NetTcpActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
R2 NoIPDUCService3;No-IP DUC Service; C:\Program Files\No-IP\DUC30.exe [2010-06-18 1423520]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 simptcp;@%SystemRoot%\system32\simptcp.dll,-200; C:\Windows\System32\tcpsvcs.exe [2009-07-14 9216]
R2 SolutoService;Soluto PCGenome Core Service; C:\Program Files\Soluto\SolutoService.exe [2010-11-01 331296]
R2 TeamViewer6;TeamViewer 6; C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-07 2228008]
R2 uvnc_service;uvnc_service; C:\Program Files\UltraVNC\WinVNC.exe [2010-10-25 1695216]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 HideMyIpSRV;HideMyIpSRV; C:\Program Files\Hide My IP\HideMyIpSrv.exe [2010-07-06 3039536]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -sSQLEXPRESS []
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aspnet_state;@%windir%\system32\inetsrv\iisres.dll,-30009; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 DroidExplorerService;DroidExplorer Service; C:\Program Files\Droid Explorer\DroidExplorer.Service.exe [2010-08-21 253952]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-22 136176]
S3 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-10-27 247096]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-10-22 1343400]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE []
S4 NetMsmqActivator;@%SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2009-06-10 128848]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -i SQLEXPRESS []
-----------------EOF-----------------