prosím o zkontrolování logu
Napsal: 25 črc 2011 05:35
Dobrý den přeji, přestože nemám FB, díky odkazu od kamaráda se mi dostal do pc tento virus... Resp. ne do pc, ale jen do jeho části, neboť mám Mac mini, Windows 7 v něm mám zařízený jen jako bootcamp, jestli mi rozumíte. Chtěl bych se zeptat, jestli to nějak ovlivní výkon celého počítače, když ja nakažen pouze windows... Nicméně tady je můj log a děkuji za ochotu.
Logfile of random's system information tool 1.09 (written by random/random)
Run by Květoslav at 2011-07-25 06:21:23
Microsoft Windows 7 Ultimate
System drive C: has 5 GB (6%) free of 76 GB
Total RAM: 1783 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:21:44, on 25.7.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Boot Camp\Bootcamp.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Windows\sysdriver32.exe
C:\Windows\sysdriver32_.exe
C:\Windows\l1rezerv.exe
C:\Windows\systemup.exe
C:\Windows\update.tray-15-0\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Květoslav\Desktop\RSIT.exe
C:\Program Files\trend micro\Květoslav.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\Bootcamp.exe
O4 - HKLM\..\Run: [VMware Tools] "C:\Program Files\VMware\VMware Tools\VMwareTray.exe"
O4 - HKLM\..\Run: [VMware User Process] "C:\Program Files\VMware\VMware Tools\VMwareUser.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [1039903.exe] "C:\Windows\Temp\1039903.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [5075472.exe] "C:\Users\Květoslav\AppData\Local\Temp\5075472.exe"
O4 - HKLM\..\Run: [1335704.exe] "C:\Windows\Temp\1335704.exe"
O4 - HKLM\..\Run: [5946748.exe] "C:\Windows\Temp\5946748.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\Windows\l1rezerv.exe"
O4 - HKLM\..\Run: [94375828-loader2.exe] "C:\Windows\Temp\94375828-loader2.exe"
O4 - HKLM\..\Run: [4450169.exe] "C:\Users\Květoslav\AppData\Local\Temp\4450169.exe"
O4 - HKLM\..\Run: [systemup] "C:\Windows\systemup.exe" stand
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-15-0\svchost.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware tools\vsock sdk\bin\win32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware tools\vsock sdk\bin\win32\vsocklib.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple OS Switch Manager (AppleOSSMgr) - Unknown owner - C:\Windows\system32\AppleOSSMgr.exe
O23 - Service: Apple Time Service (AppleTimeSrv) - Apple Inc. - C:\Windows\system32\AppleTimeSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: srvbtcclient - Unknown owner - C:\Windows\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\Windows\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TP AutoConnect Service (TPAutoConnSvc) - ThinPrint AG - C:\Program Files\VMware\VMware Tools\TPAutoConnSvc.exe
O23 - Service: TP VC Gateway Service (TPVCGateway) - ThinPrint GmbH - C:\Program Files\VMware\VMware Tools\TPVCGateway.exe
O23 - Service: VMware Tools Service (VMTools) - VMware, Inc. - C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
O23 - Service: VMware Upgrade Helper (VMUpgradeHelper) - VMware, Inc. - C:\Program Files\VMware\VMware Tools\VMUpgradeHelper.exe
O23 - Service: wxpdrivers - Unknown owner - C:\Windows\update.1\svchost.exe
--
End of file - 8405 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-06-06 64928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-14 298160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-03-14 848952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\prxtbVuze.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-14 298160]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\prxtbVuze.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apple_KbdMgr"=C:\Program Files\Boot Camp\Bootcamp.exe [2010-11-11 525112]
"VMware Tools"=C:\Program Files\VMware\VMware Tools\VMwareTray.exe [2009-10-23 141872]
"VMware User Process"=C:\Program Files\VMware\VMware Tools\VMwareUser.exe [2009-10-23 1079856]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-03-28 1910152]
"wxpdrv"=C:\Windows\services32.exe []
"1039903.exe"=C:\Windows\Temp\1039903.exe [2011-07-24 247296]
"sysdriver32.exe"=C:\Windows\sysdriver32.exe [2011-07-24 247296]
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe [2011-07-24 247296]
"5075472.exe"=C:\Users\Květoslav\AppData\Local\Temp\5075472.exe [2011-07-24 247296]
"1335704.exe"=C:\Windows\Temp\1335704.exe [2011-07-24 247296]
"5946748.exe"=C:\Windows\Temp\5946748.exe [2011-07-24 495616]
"l1rezerv.exe"=C:\Windows\l1rezerv.exe [2011-07-24 232960]
"94375828-loader2.exe"=C:\Windows\Temp\94375828-loader2.exe [2011-07-24 247296]
"4450169.exe"=C:\Users\Květoslav\AppData\Local\Temp\4450169.exe [2011-07-24 247296]
"systemup"=C:\Windows\systemup.exe [2011-07-24 114176]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-15-0\svchost.exe [2011-07-24 1174016]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files\ICQ7.5\ICQ.exe [2011-06-29 124216]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-06-15 15141768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe silent loginmode=4 []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-07-25 06:21:23 ----D---- C:\rsit
2011-07-25 06:21:23 ----D---- C:\Program Files\trend micro
2011-07-25 06:17:03 ----D---- C:\Windows\av_ico
2011-07-25 06:14:48 ----HD---- C:\Windows\update.tray-15-0-lnk
2011-07-25 06:14:48 ----HD---- C:\Windows\update.tray-15-0
2011-07-25 06:12:34 ----A---- C:\Windows\winlog-ids.txt
2011-07-25 06:12:34 ----A---- C:\Windows\winlog-dirs.txt
2011-07-24 21:30:39 ----AH---- C:\Windows\system32\ezsidmv.dat
2011-07-24 14:55:26 ----A---- C:\Windows\ddh_iplist.txt
2011-07-24 14:55:22 ----D---- C:\Windows\ufa
2011-07-24 14:55:22 ----D---- C:\Windows\rpcminer
2011-07-24 14:55:22 ----D---- C:\Windows\phoenix
2011-07-24 14:55:12 ----A---- C:\Windows\iecheck_iplist.txt
2011-07-24 14:54:40 ----A---- C:\Windows\systemup.exe
2011-07-24 14:54:38 ----A---- C:\Windows\unrar.exe
2011-07-24 14:54:27 ----A---- C:\Windows\btc_client_iplist.txt
2011-07-24 14:54:03 ----HD---- C:\Windows\update.5.0
2011-07-24 14:53:59 ----A---- C:\Windows\l1rezerv.exe
2011-07-24 14:53:41 ----HD---- C:\Windows\update.2
2011-07-24 14:51:38 ----A---- C:\Windows\iplist.txt
2011-07-24 14:51:30 ----A---- C:\Windows\sysdriver32_.exe
2011-07-24 14:51:16 ----A---- C:\Windows\sysdriver32.exe
2011-07-24 14:51:01 ----A---- C:\Windows\front_ip_list.txt
2011-07-24 14:50:52 ----HD---- C:\Windows\update.1
2011-07-23 11:52:21 ----D---- C:\Users\Květoslav\AppData\Roaming\Azureus
2011-07-23 11:51:52 ----D---- C:\Program Files\Vuze
2011-07-23 11:51:51 ----D---- C:\Program Files\Conduit
2011-07-23 11:51:49 ----D---- C:\Program Files\ConduitEngine
2011-07-23 11:51:47 ----D---- C:\Program Files\Vuze_Remote
======List of files/folders modified in the last 1 month======
2011-07-25 06:21:35 ----D---- C:\Windows\Prefetch
2011-07-25 06:21:28 ----D---- C:\Windows\Temp
2011-07-25 06:21:23 ----RD---- C:\Program Files
2011-07-25 06:19:56 ----D---- C:\Windows\system32\config
2011-07-25 06:17:29 ----D---- C:\Users\Květoslav\AppData\Roaming\Skype
2011-07-25 06:17:03 ----D---- C:\Windows
2011-07-24 23:09:34 ----SHD---- C:\System Volume Information
2011-07-24 22:19:25 ----SHD---- C:\Windows\Installer
2011-07-24 22:19:24 ----D---- C:\Windows\system32\Tasks
2011-07-24 22:19:22 ----RD---- C:\Program Files\Skype
2011-07-24 22:19:21 ----D---- C:\ProgramData\Skype
2011-07-24 22:19:16 ----D---- C:\Program Files\Common Files
2011-07-24 22:15:19 ----D---- C:\Program Files\Common Files\Adobe
2011-07-24 22:15:16 ----D---- C:\ProgramData\Adobe
2011-07-24 22:15:15 ----D---- C:\Program Files\Adobe
2011-07-24 22:15:11 ----D---- C:\Users\Květoslav\AppData\Roaming\ICQ
2011-07-24 22:15:02 ----D---- C:\Windows\System32
2011-07-24 21:30:39 ----HD---- C:\ProgramData
2011-07-24 16:02:07 ----D---- C:\Users\Květoslav\AppData\Roaming\skypePM
2011-07-24 14:54:08 ----D---- C:\Windows\system32\drivers\etc
2011-07-24 14:42:07 ----D---- C:\ProgramData\Skype Extras
2011-07-24 12:13:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-24 12:13:40 ----D---- C:\Windows\inf
2011-07-23 20:57:51 ----D---- C:\Program Files\StarCraft II
2011-07-17 09:59:48 ----RSD---- C:\Windows\assembly
2011-07-17 09:35:20 ----D---- C:\Program Files\Steam
2011-07-04 11:03:24 ----D---- C:\Program Files\ICQ7.5
2011-07-03 19:59:50 ----D---- C:\Program Files\Diablo II
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AppleHFS;AppleHFS; C:\Windows\system32\drivers\AppleHFS.sys [2010-11-11 49280]
R0 AppleMNT;AppleMNT; C:\Windows\system32\drivers\AppleMNT.sys [2010-11-11 6784]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-10 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vmhgfs;vmhgfs; C:\Windows\System32\DRIVERS\vmhgfs.sys [2009-10-23 128304]
R1 vmrawdsk;VMware Vista Physical Disk Helper; \??\C:\Program Files\VMware\VMware Tools\vmrawdsk.sys [2009-10-23 36144]
R2 KeyAgent;KeyAgent; \??\C:\Windows\system32\drivers\KeyAgent.sys [2010-11-11 6528]
R2 MacHALDriver;Mac HAL; \??\C:\Windows\system32\drivers\MacHALDriver.sys [2010-04-16 12928]
R2 VMMEMCTL;Memory Control Driver; \??\C:\Program Files\VMware\VMware Tools\Drivers\memctl\vmmemctl.sys [2009-10-23 14384]
R3 AppleBtBc;Apple Broadcom Built-in Bluetooth; C:\Windows\system32\DRIVERS\AppleBtBc.sys [2010-01-10 18432]
R3 applewtp;Apple Wireless Trackpad; C:\Windows\system32\DRIVERS\applewtp.sys [2010-10-14 37888]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2010-04-16 325672]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2010-04-16 2661368]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 CirrusFilter;CS420xLowerFilter; C:\Windows\system32\DRIVERS\CS420x86.sys [2010-10-14 14336]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 IRRemoteFlt;IR Receiver Filter Driver; C:\Windows\system32\DRIVERS\IRFilter.sys [2010-01-10 16512]
R3 KeyMagic;USB Keyboard HID Filter; C:\Windows\system32\DRIVERS\KeyMagic.sys [2010-04-16 24064]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-05-20 30576]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-04-16 68200]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2010-04-16 18944]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
S1 vmdebug;VMware Replay Debugging Helper; \??\C:\Windows\system32\Drivers\vmdebug.sys [2009-10-23 22064]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 avyvrqpn;avyvrqpn; C:\Windows\system32\drivers\avyvrqpn.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G60I32.sys [2009-07-14 118784]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vm3dmp;vm3dmp; C:\Windows\system32\DRIVERS\vm3dmp.sys [2009-10-23 70704]
S3 VMAUDIO;VMware VMaudio (VMAUDIO) (WDM); C:\Windows\system32\drivers\vmaudio.sys [2009-10-23 25136]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2009-10-23 61488]
S3 vmmouse;VMware Pointing Device; C:\Windows\system32\DRIVERS\vmmouse.sys [2009-10-23 11440]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AppleOSSMgr;Apple OS Switch Manager; C:\Windows\system32\AppleOSSMgr.exe [2010-11-11 193848]
R2 AppleTimeSrv;Apple Time Service; C:\Windows\system32\AppleTimeSrv.exe [2010-04-16 99640]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 1242504]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-01 129640]
R2 srvbtcclient;srvbtcclient; C:\Windows\update.5.0\svchost.exe [2011-07-24 340992]
R2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe [2011-07-24 495616]
R2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe [2011-07-24 247296]
R2 VMUpgradeHelper;VMware Upgrade Helper; C:\Program Files\VMware\VMware Tools\VMUpgradeHelper.exe [2009-10-23 191024]
R2 wxpdrivers;wxpdrivers; C:\Windows\update.1\svchost.exe [2011-07-24 1174016]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-24 136176]
S2 VMTools;VMware Tools Service; C:\Program Files\VMware\VMware Tools\vmtoolsd.exe [2009-10-23 72240]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-24 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-10-24 182768]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-04-17 403240]
S3 TPAutoConnSvc;TP AutoConnect Service; C:\Program Files\VMware\VMware Tools\TPAutoConnSvc.exe [2009-10-23 255304]
S3 TPVCGateway;TP VC Gateway Service; C:\Program Files\VMware\VMware Tools\TPVCGateway.exe [2009-10-23 365856]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------
Logfile of random's system information tool 1.09 (written by random/random)
Run by Květoslav at 2011-07-25 06:21:23
Microsoft Windows 7 Ultimate
System drive C: has 5 GB (6%) free of 76 GB
Total RAM: 1783 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 6:21:44, on 25.7.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Boot Camp\Bootcamp.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Windows\sysdriver32.exe
C:\Windows\sysdriver32_.exe
C:\Windows\l1rezerv.exe
C:\Windows\systemup.exe
C:\Windows\update.tray-15-0\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Květoslav\Desktop\RSIT.exe
C:\Program Files\trend micro\Květoslav.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll
O4 - HKLM\..\Run: [Apple_KbdMgr] C:\Program Files\Boot Camp\Bootcamp.exe
O4 - HKLM\..\Run: [VMware Tools] "C:\Program Files\VMware\VMware Tools\VMwareTray.exe"
O4 - HKLM\..\Run: [VMware User Process] "C:\Program Files\VMware\VMware Tools\VMwareUser.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [1039903.exe] "C:\Windows\Temp\1039903.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [5075472.exe] "C:\Users\Květoslav\AppData\Local\Temp\5075472.exe"
O4 - HKLM\..\Run: [1335704.exe] "C:\Windows\Temp\1335704.exe"
O4 - HKLM\..\Run: [5946748.exe] "C:\Windows\Temp\5946748.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\Windows\l1rezerv.exe"
O4 - HKLM\..\Run: [94375828-loader2.exe] "C:\Windows\Temp\94375828-loader2.exe"
O4 - HKLM\..\Run: [4450169.exe] "C:\Users\Květoslav\AppData\Local\Temp\4450169.exe"
O4 - HKLM\..\Run: [systemup] "C:\Windows\systemup.exe" stand
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-15-0\svchost.exe
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ7.5\ICQ.exe" silent loginmode=4
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: WikiKomentáře Google... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware tools\vsock sdk\bin\win32\vsocklib.dll
O10 - Unknown file in Winsock LSP: c:\program files\vmware\vmware tools\vsock sdk\bin\win32\vsocklib.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Apple OS Switch Manager (AppleOSSMgr) - Unknown owner - C:\Windows\system32\AppleOSSMgr.exe
O23 - Service: Apple Time Service (AppleTimeSrv) - Apple Inc. - C:\Windows\system32\AppleTimeSrv.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: srvbtcclient - Unknown owner - C:\Windows\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\Windows\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: TP AutoConnect Service (TPAutoConnSvc) - ThinPrint AG - C:\Program Files\VMware\VMware Tools\TPAutoConnSvc.exe
O23 - Service: TP VC Gateway Service (TPVCGateway) - ThinPrint GmbH - C:\Program Files\VMware\VMware Tools\TPVCGateway.exe
O23 - Service: VMware Tools Service (VMTools) - VMware, Inc. - C:\Program Files\VMware\VMware Tools\vmtoolsd.exe
O23 - Service: VMware Upgrade Helper (VMUpgradeHelper) - VMware, Inc. - C:\Program Files\VMware\VMware Tools\VMUpgradeHelper.exe
O23 - Service: wxpdrivers - Unknown owner - C:\Windows\update.1\svchost.exe
--
End of file - 8405 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pro Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-06-06 64928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-14 298160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll [2011-03-14 848952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\prxtbVuze.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2010-11-21 1054520]
{D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-05-26 1385864]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2011-03-14 298160]
{ba14329e-9550-4989-b3f2-9732e92d17cc} - Vuze Remote Toolbar - C:\Program Files\Vuze_Remote\prxtbVuze.dll [2011-01-17 175912]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\prxConduitEngine.dll [2011-01-17 175912]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apple_KbdMgr"=C:\Program Files\Boot Camp\Bootcamp.exe [2010-11-11 525112]
"VMware Tools"=C:\Program Files\VMware\VMware Tools\VMwareTray.exe [2009-10-23 141872]
"VMware User Process"=C:\Program Files\VMware\VMware Tools\VMwareUser.exe [2009-10-23 1079856]
"LifeCam"=C:\Program Files\Microsoft LifeCam\LifeExp.exe [2010-05-20 119152]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2011-03-28 1910152]
"wxpdrv"=C:\Windows\services32.exe []
"1039903.exe"=C:\Windows\Temp\1039903.exe [2011-07-24 247296]
"sysdriver32.exe"=C:\Windows\sysdriver32.exe [2011-07-24 247296]
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe [2011-07-24 247296]
"5075472.exe"=C:\Users\Květoslav\AppData\Local\Temp\5075472.exe [2011-07-24 247296]
"1335704.exe"=C:\Windows\Temp\1335704.exe [2011-07-24 247296]
"5946748.exe"=C:\Windows\Temp\5946748.exe [2011-07-24 495616]
"l1rezerv.exe"=C:\Windows\l1rezerv.exe [2011-07-24 232960]
"94375828-loader2.exe"=C:\Windows\Temp\94375828-loader2.exe [2011-07-24 247296]
"4450169.exe"=C:\Users\Květoslav\AppData\Local\Temp\4450169.exe [2011-07-24 247296]
"systemup"=C:\Windows\systemup.exe [2011-07-24 114176]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-15-0\svchost.exe [2011-07-24 1174016]
"tray_ico1"= []
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ICQ"=C:\Program Files\ICQ7.5\ICQ.exe [2011-06-29 124216]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2011-06-15 15141768]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
C:\Program Files\ICQ7.2\ICQ.exe silent loginmode=4 []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"VIDC.FPS1"=frapsvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-07-25 06:21:23 ----D---- C:\rsit
2011-07-25 06:21:23 ----D---- C:\Program Files\trend micro
2011-07-25 06:17:03 ----D---- C:\Windows\av_ico
2011-07-25 06:14:48 ----HD---- C:\Windows\update.tray-15-0-lnk
2011-07-25 06:14:48 ----HD---- C:\Windows\update.tray-15-0
2011-07-25 06:12:34 ----A---- C:\Windows\winlog-ids.txt
2011-07-25 06:12:34 ----A---- C:\Windows\winlog-dirs.txt
2011-07-24 21:30:39 ----AH---- C:\Windows\system32\ezsidmv.dat
2011-07-24 14:55:26 ----A---- C:\Windows\ddh_iplist.txt
2011-07-24 14:55:22 ----D---- C:\Windows\ufa
2011-07-24 14:55:22 ----D---- C:\Windows\rpcminer
2011-07-24 14:55:22 ----D---- C:\Windows\phoenix
2011-07-24 14:55:12 ----A---- C:\Windows\iecheck_iplist.txt
2011-07-24 14:54:40 ----A---- C:\Windows\systemup.exe
2011-07-24 14:54:38 ----A---- C:\Windows\unrar.exe
2011-07-24 14:54:27 ----A---- C:\Windows\btc_client_iplist.txt
2011-07-24 14:54:03 ----HD---- C:\Windows\update.5.0
2011-07-24 14:53:59 ----A---- C:\Windows\l1rezerv.exe
2011-07-24 14:53:41 ----HD---- C:\Windows\update.2
2011-07-24 14:51:38 ----A---- C:\Windows\iplist.txt
2011-07-24 14:51:30 ----A---- C:\Windows\sysdriver32_.exe
2011-07-24 14:51:16 ----A---- C:\Windows\sysdriver32.exe
2011-07-24 14:51:01 ----A---- C:\Windows\front_ip_list.txt
2011-07-24 14:50:52 ----HD---- C:\Windows\update.1
2011-07-23 11:52:21 ----D---- C:\Users\Květoslav\AppData\Roaming\Azureus
2011-07-23 11:51:52 ----D---- C:\Program Files\Vuze
2011-07-23 11:51:51 ----D---- C:\Program Files\Conduit
2011-07-23 11:51:49 ----D---- C:\Program Files\ConduitEngine
2011-07-23 11:51:47 ----D---- C:\Program Files\Vuze_Remote
======List of files/folders modified in the last 1 month======
2011-07-25 06:21:35 ----D---- C:\Windows\Prefetch
2011-07-25 06:21:28 ----D---- C:\Windows\Temp
2011-07-25 06:21:23 ----RD---- C:\Program Files
2011-07-25 06:19:56 ----D---- C:\Windows\system32\config
2011-07-25 06:17:29 ----D---- C:\Users\Květoslav\AppData\Roaming\Skype
2011-07-25 06:17:03 ----D---- C:\Windows
2011-07-24 23:09:34 ----SHD---- C:\System Volume Information
2011-07-24 22:19:25 ----SHD---- C:\Windows\Installer
2011-07-24 22:19:24 ----D---- C:\Windows\system32\Tasks
2011-07-24 22:19:22 ----RD---- C:\Program Files\Skype
2011-07-24 22:19:21 ----D---- C:\ProgramData\Skype
2011-07-24 22:19:16 ----D---- C:\Program Files\Common Files
2011-07-24 22:15:19 ----D---- C:\Program Files\Common Files\Adobe
2011-07-24 22:15:16 ----D---- C:\ProgramData\Adobe
2011-07-24 22:15:15 ----D---- C:\Program Files\Adobe
2011-07-24 22:15:11 ----D---- C:\Users\Květoslav\AppData\Roaming\ICQ
2011-07-24 22:15:02 ----D---- C:\Windows\System32
2011-07-24 21:30:39 ----HD---- C:\ProgramData
2011-07-24 16:02:07 ----D---- C:\Users\Květoslav\AppData\Roaming\skypePM
2011-07-24 14:54:08 ----D---- C:\Windows\system32\drivers\etc
2011-07-24 14:42:07 ----D---- C:\ProgramData\Skype Extras
2011-07-24 12:13:41 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-07-24 12:13:40 ----D---- C:\Windows\inf
2011-07-23 20:57:51 ----D---- C:\Program Files\StarCraft II
2011-07-17 09:59:48 ----RSD---- C:\Windows\assembly
2011-07-17 09:35:20 ----D---- C:\Program Files\Steam
2011-07-04 11:03:24 ----D---- C:\Program Files\ICQ7.5
2011-07-03 19:59:50 ----D---- C:\Program Files\Diablo II
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AppleHFS;AppleHFS; C:\Windows\system32\drivers\AppleHFS.sys [2010-11-11 49280]
R0 AppleMNT;AppleMNT; C:\Windows\system32\drivers\AppleMNT.sys [2010-11-11 6784]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-10-10 691696]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 vmhgfs;vmhgfs; C:\Windows\System32\DRIVERS\vmhgfs.sys [2009-10-23 128304]
R1 vmrawdsk;VMware Vista Physical Disk Helper; \??\C:\Program Files\VMware\VMware Tools\vmrawdsk.sys [2009-10-23 36144]
R2 KeyAgent;KeyAgent; \??\C:\Windows\system32\drivers\KeyAgent.sys [2010-11-11 6528]
R2 MacHALDriver;Mac HAL; \??\C:\Windows\system32\drivers\MacHALDriver.sys [2010-04-16 12928]
R2 VMMEMCTL;Memory Control Driver; \??\C:\Program Files\VMware\VMware Tools\Drivers\memctl\vmmemctl.sys [2009-10-23 14384]
R3 AppleBtBc;Apple Broadcom Built-in Bluetooth; C:\Windows\system32\DRIVERS\AppleBtBc.sys [2010-01-10 18432]
R3 applewtp;Apple Wireless Trackpad; C:\Windows\system32\DRIVERS\applewtp.sys [2010-10-14 37888]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2010-04-16 325672]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2010-04-16 2661368]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 58880]
R3 CirrusFilter;CS420xLowerFilter; C:\Windows\system32\DRIVERS\CS420x86.sys [2010-10-14 14336]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 IRRemoteFlt;IR Receiver Filter Driver; C:\Windows\system32\DRIVERS\IRFilter.sys [2010-01-10 16512]
R3 KeyMagic;USB Keyboard HID Filter; C:\Windows\system32\DRIVERS\KeyMagic.sys [2010-04-16 24064]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver; C:\Windows\System32\Drivers\nx6000.sys [2010-05-20 30576]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda32v.sys [2010-04-16 68200]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2010-04-16 18944]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 84992]
S1 vmdebug;VMware Replay Debugging Helper; \??\C:\Windows\system32\Drivers\vmdebug.sys [2009-10-23 22064]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 avyvrqpn;avyvrqpn; C:\Windows\system32\drivers\avyvrqpn.sys []
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 392704]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G60I32.sys [2009-07-14 118784]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files\Garena\safedrv.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vm3dmp;vm3dmp; C:\Windows\system32\DRIVERS\vm3dmp.sys [2009-10-23 70704]
S3 VMAUDIO;VMware VMaudio (VMAUDIO) (WDM); C:\Windows\system32\drivers\vmaudio.sys [2009-10-23 25136]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [2009-10-23 61488]
S3 vmmouse;VMware Pointing Device; C:\Windows\system32\DRIVERS\vmmouse.sys [2009-10-23 11440]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
R2 AppleOSSMgr;Apple OS Switch Manager; C:\Windows\system32\AppleOSSMgr.exe [2010-11-11 193848]
R2 AppleTimeSrv;Apple Time Service; C:\Windows\system32\AppleTimeSrv.exe [2010-04-16 99640]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2011-03-28 1242504]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2010-11-21 247608]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2010-05-20 139632]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-04-01 129640]
R2 srvbtcclient;srvbtcclient; C:\Windows\update.5.0\svchost.exe [2011-07-24 340992]
R2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe [2011-07-24 495616]
R2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe [2011-07-24 247296]
R2 VMUpgradeHelper;VMware Upgrade Helper; C:\Program Files\VMware\VMware Tools\VMUpgradeHelper.exe [2009-10-23 191024]
R2 wxpdrivers;wxpdrivers; C:\Windows\update.1\svchost.exe [2011-07-24 1174016]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-24 136176]
S2 VMTools;VMware Tools Service; C:\Program Files\VMware\VMware Tools\vmtoolsd.exe [2009-10-23 72240]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-10-24 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-10-24 182768]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2011-04-17 403240]
S3 TPAutoConnSvc;TP AutoConnect Service; C:\Program Files\VMware\VMware Tools\TPAutoConnSvc.exe [2009-10-23 255304]
S3 TPVCGateway;TP VC Gateway Service; C:\Program Files\VMware\VMware Tools\TPVCGateway.exe [2009-10-23 365856]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
-----------------EOF-----------------