- Na server se pomocí RDP hlásí jeden člověk který tam měl mít přístup pouze do účetnictví, bohužel server zřejmě využíval jako
normální pracovní stanici včetně prohlížení internetu... Server spamuje a to opravdu hodně. Nyní je zastavena služba SMTP abychom se nedostali na
blacklisty tím pádem ale máme nefunkční poštu.
SW Defogger označil službu C:\WINDOWS\System32\sbscrexe.exe jako rootkit pokoušel jsem ho odstranit pomocí utility od Kaspersky s názvem Sality_off
bez úspěchu...
Kombofix mě píše že nelze na serveru spustit.
Děkuji za případné rady.
Logfile of random's system information tool 1.09 (written by random/random)
Run by administrator at 2011-08-09 08:25:17
Microsoft(R) Windows(R) Server 2003 for Small Business Server Service Pack 2
System drive C: has 2 GB (18%) free of 12 GB
Total RAM: 4095 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:25:27, on 9.8.2011
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\APC\POWERC~1\agent\pbeagent.exe
C:\PROGRA~1\APC\POWERC~1\server\PBESER~1.EXE
C:\WINDOWS\system32\certsrv.exe
C:\WINDOWS\system32\Dfssvc.exe
C:\WINDOWS\System32\dns.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\GFI\MailEssentials\mestrxsvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Binn\sqlservr.exe
C:\Program Files\NetTime\NeTmSvNT.exe
C:\WINDOWS\system32\ntfrs.exe
C:\Program Files\OpenSSH\bin\cygrunsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\OpenSSH\usr\sbin\sshd.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
C:\WINDOWS\System32\wins.exe
C:\Program Files\UltraVNC\WinVNC.exe
D:\Program Files\Exchsrvr\bin\exmgmt.exe
D:\Program Files\Exchsrvr\bin\mad.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
D:\Program Files\Exchsrvr\bin\store.exe
D:\Program Files\Exchsrvr\bin\emsmta.exe
D:\Program Files\GFI\MailEssentials\gfiscans.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\GFI\MailEssentials\MiddleLayer\contentsecurity.as.attendant.exe
D:\Program Files\GFI\MailEssentials\msecatt.exe
D:\Program Files\GFI\MailEssentials\pop2exch.exe
D:\Program Files\GFI\MailEssentials\listserv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\svchost.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
C:\WINDOWS\system32\winlogon.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\mmc.exe
C:\Documents and Settings\Administrator\Plocha\HVH odvirovani\RSIT.exe
C:\Program Files\trend micro\administrator.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = res://shdoclc.dll/hardAdmin.htm
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll
O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE -a
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [MSConfig] "C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3962302245-2069713368-347884389-1162\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'wpck')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O14 - IERESET.INF: START_PAGE_URL=http://companyweb
O15 - ESC Trusted Zone: http://s7.addthis.com
O15 - ESC Trusted Zone: http://analytics.atdmt.com
O15 - ESC Trusted Zone: http://view.atdmt.com
O15 - ESC Trusted Zone: http://go.arbo.bbelements.com
O15 - ESC Trusted Zone: http://aktualne.centrum.cz
O15 - ESC Trusted Zone: http://www.centrum.cz
O15 - ESC Trusted Zone: http://www.dsl.cz
O15 - ESC Trusted Zone: http://www.firebirdsql.org
O15 - ESC Trusted Zone: http://a.fsdn.com
O15 - ESC Trusted Zone: http://spir.hit.gemius.pl
O15 - ESC Trusted Zone: http://www.google-analytics.com
O15 - ESC Trusted Zone: http://clients1.google.cz
O15 - ESC Trusted Zone: http://www.google.cz
O15 - ESC Trusted Zone: http://analytics.live.com
O15 - ESC Trusted Zone: http://ads1.msn.com
O15 - ESC Trusted Zone: http://analytics.msn.com
O15 - ESC Trusted Zone: http://rad.msn.com
O15 - ESC Trusted Zone: http://runonce.msn.com
O15 - ESC Trusted Zone: http://www.ohloh.net
O15 - ESC Trusted Zone: http://edge.quantserve.com
O15 - ESC Trusted Zone: http://secure.quantserve.com
O15 - ESC Trusted Zone: http://www.sedoparking.com
O15 - ESC Trusted Zone: http://*.sourceforge.net
O15 - ESC Trusted Zone: http://m.webtrends.com
O15 - ESC Trusted Zone: http://*.windowsupdate.com
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O15 - ESC Trusted IP range: http://192.168.1.1
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microso ... 9456055351
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 9456042117
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = warmpeace.cz
O17 - HKLM\Software\..\Telephony: DomainName = warmpeace.cz
O17 - HKLM\System\CCS\Services\Tcpip\..\{2D0D2FA2-7F1E-46CD-81D1-0BCEA5560F48}: NameServer = 192.168.1.10
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = warmpeace.cz
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Advanced Monitoring Agent - Remote Monitoring - C:\Program Files\Advanced Monitoring Agent\winagent.exe
O23 - Service: APC PBE Agent (APCPBEAgent) - APC - C:\PROGRA~1\APC\POWERC~1\agent\pbeagent.exe
O23 - Service: APC PBE Server (APCPBEServer) - APC - C:\PROGRA~1\APC\POWERC~1\server\PBESER~1.EXE
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
O23 - Service: GFI MailEssentials Legacy Attendant Service - GFI Software Ltd - D:\Program Files\GFI\MailEssentials\msecatt.exe
O23 - Service: GFI POP2Exchange - GFI Software Ltd. - D:\Program Files\GFI\MailEssentials\pop2exch.exe
O23 - Service: GFI MailEssentials Managed Attendant Service (gfiasmlhost) - GFI Software Ltd - D:\Program Files\GFI\MailEssentials\MiddleLayer\contentsecurity.as.attendant.exe
O23 - Service: GFI MailEssentials Enterprise Transfer Service (GFIMETRXSVC) - GFI - D:\Program Files\GFI\MailEssentials\mestrxsvc.exe
O23 - Service: GFI MailEssentials Scan Engine (GFIScanS) - GFI Software - D:\Program Files\GFI\MailEssentials\gfiscans.exe
O23 - Service: GFI List Server (listserv) - GFI Software Ltd - D:\Program Files\GFI\MailEssentials\listserv.exe
O23 - Service: NetTime (NetTimeSvc) - Subjective Software - C:\Program Files\NetTime\NeTmSvNT.exe
O23 - Service: OpenSSH Server (OpenSSHd) - Unknown owner - C:\Program Files\OpenSSH\bin\cygrunsrv.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe
--
End of file - 10205 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\1_Replikace_stop.job
C:\WINDOWS\tasks\2_Udrzba databazi.job
C:\WINDOWS\tasks\3_Replikace_start.job
C:\WINDOWS\tasks\back_ctvrtek.job
C:\WINDOWS\tasks\back_nedele.job
C:\WINDOWS\tasks\back_patek.job
C:\WINDOWS\tasks\back_pondeli.job
C:\WINDOWS\tasks\back_sobota.job
C:\WINDOWS\tasks\back_streda.job
C:\WINDOWS\tasks\back_utery.job
C:\WINDOWS\tasks\Kontrola replikace.job
C:\WINDOWS\tasks\stav_sys_e2k3.job
C:\WINDOWS\tasks\User_Feed_Synchronization-{C1196EC6-7BEF-4D0C-A5DD-5BABE4004FC9}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll [2009-05-04 650752]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-03-30 1091584]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\WidgiToolbarIE.dll [2009-05-04 650752]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DWPersistentQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE [2007-03-22 39264]
"WinVNC"=C:\Program Files\UltraVNC\WinVNC.exe [2005-08-06 974848]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2010-02-26 2140880]
"MsmqIntCert"=regsvr32 /s mqrt.dll []
"MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2007-02-17 173056]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2007-02-17 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-03-30 970240]
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe
Service Manager.lnk - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2005-04-12 46080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
C:\WINDOWS\system32\crypt32.dll [2007-02-17 598528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
C:\WINDOWS\system32\cryptnet.dll [2007-02-17 62464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
C:\WINDOWS\system32\cscdll.dll [2007-02-17 102400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
C:\WINDOWS\system32\dimsntfy.dll [2007-02-17 19456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
C:\WINDOWS\system32\wlnotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
C:\WINDOWS\system32\wlnotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
C:\WINDOWS\system32\sclgntfy.dll [2005-05-25 21504]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
C:\WINDOWS\system32\WlNotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
C:\WINDOWS\system32\wlnotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
C:\WINDOWS\system32\wlnotify.dll [2007-02-17 96768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll [2008-06-17 8365056]
CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll [2008-06-17 8365056]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll [2009-03-08 236544]
SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll [2007-02-17 122880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll [2007-02-17 1033216]
Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll [2007-02-17 1033216]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=C:\WINDOWS\system32\shell32.dll [2008-06-17 8365056]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=RASSFM
KDCSVC
WDIGEST
scecli
dsrestor
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, pwdssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBCore]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmadmin]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmboot.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmload.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmserver]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ip6fw.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NtLmSsp]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpcdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpdd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpwd.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBCore]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdpipe.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdtcp.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\termservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WZCSVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"disablecad"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=0
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ShowSuperHidden"=1
"HonorAutoRunSetting"=1
"NoWelcomeScreen"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Řízení front zpráv"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\WINDOWS\system32\mqsvc.exe"="C:\WINDOWS\system32\mqsvc.exe:*:Enabled:Řízení front zpráv"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.I420"=msh263.drv
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
======List of files/folders created in the last 1 month======
2011-08-09 08:25:17 ----D---- C:\rsit
2011-08-09 08:25:17 ----D---- C:\Program Files\trend micro
2011-08-08 14:25:24 ----D---- C:\HVHTEST
2011-08-08 13:59:18 ----D---- C:\WINDOWS\pss
2011-08-08 13:04:24 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-08-08 13:04:24 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
======List of files/folders modified in the last 1 month======
2011-08-09 08:25:19 ----D---- C:\WINDOWS\Temp
2011-08-09 08:25:17 ----RD---- C:\Program Files
2011-08-09 08:22:57 ----D---- C:\WINDOWS\system32\inetsrv
2011-08-09 08:10:59 ----D---- C:\Program Files\Advanced Monitoring Agent
2011-08-09 07:37:08 ----D---- C:\WINDOWS\system32\dhcp
2011-08-08 22:02:00 ----D---- C:\WINDOWS\system32\CertLog
2011-08-08 22:01:47 ----D---- C:\WINDOWS\NTDS
2011-08-08 20:36:54 ----D---- C:\WINDOWS\security
2011-08-08 20:05:30 ----D---- C:\WINDOWS\repair
2011-08-08 20:00:17 ----D---- C:\WINDOWS\system32\NtmsData
2011-08-08 16:10:00 ----A---- C:\WINDOWS\wincmd.ini
2011-08-08 14:43:41 ----A---- C:\WINDOWS\system.ini
2011-08-08 14:42:49 ----A---- C:\WINDOWS\wcx_ftp.ini
2011-08-08 14:31:03 ----D---- C:\temp
2011-08-08 13:59:18 ----D---- C:\WINDOWS
2011-08-08 13:47:12 ----D---- C:\WINDOWS\system32\drivers
2011-08-08 12:55:22 ----D---- C:\WINDOWS\system32\CatRoot2
2011-08-08 08:33:33 ----D---- C:\WINDOWS\system32\ias
2011-08-08 08:31:20 ----D---- C:\WINDOWS\Debug
2011-08-08 08:30:44 ----D---- C:\WINDOWS\system32\wins
2011-08-04 13:34:43 ----D---- C:\WINDOWS\system32\FxsTmp
2011-08-04 10:51:58 ----D---- C:\Signys_2
2011-07-14 00:39:21 ----D---- C:\WINDOWS\system32
2011-07-14 00:39:21 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 ACPI;Microsoft ACPI Driver; C:\WINDOWS\system32\DRIVERS\ACPI.sys [2007-02-17 194560]
R0 atapi;Standardní řadič disku IDE či ESDI; C:\WINDOWS\system32\DRIVERS\atapi.sys [2007-02-17 96768]
R0 crcdisk;Ovladač filtru disku CRC; C:\WINDOWS\system32\DRIVERS\crcdisk.sys [2007-02-17 17920]
R0 DfsDriver;DfsDriver; C:\WINDOWS\system32\drivers\Dfs.sys [2007-02-17 34816]
R0 Disk;Ovladač disku; C:\WINDOWS\system32\DRIVERS\disk.sys [2007-02-17 39936]
R0 dmboot;dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [2007-02-17 268800]
R0 dmio;Ovladač správce logických disků; C:\WINDOWS\System32\drivers\dmio.sys [2007-02-17 151552]
R0 dmload;dmload; C:\WINDOWS\System32\drivers\dmload.sys [2005-05-25 7680]
R0 FltMgr;FltMgr; C:\WINDOWS\system32\drivers\fltmgr.sys [2007-02-17 130560]
R0 Ftdisk;Ovladač správce svazků; C:\WINDOWS\system32\DRIVERS\ftdisk.sys [2007-02-17 137216]
R0 isapnp;Řadič Plug and Play sběrnice ISA/EISA; C:\WINDOWS\system32\DRIVERS\isapnp.sys [2007-02-17 38912]
R0 KSecDD;KSecDD; C:\WINDOWS\system32\drivers\KSecDD.sys [2009-06-15 134656]
R0 MountMgr;Správce přípojných bodů; C:\WINDOWS\system32\drivers\MountMgr.sys [2007-02-17 46592]
R0 Mup;Služba Multiple UNC Provider; C:\WINDOWS\system32\drivers\Mup.sys [2007-02-17 103424]
R0 NDIS;Systémový ovladač NDIS; C:\WINDOWS\system32\drivers\NDIS.sys [2007-02-17 210432]
R0 PartMgr;Správce oddílů; C:\WINDOWS\system32\drivers\PartMgr.sys [2007-02-17 25088]
R0 PCI;Řadič sběrnice PCI; C:\WINDOWS\system32\DRIVERS\pci.sys [2007-02-17 75264]
R0 PCIIde;PCIIde; C:\WINDOWS\system32\DRIVERS\pciide.sys [2003-05-15 5632]
R0 VolSnap;Paměťové svazky; C:\WINDOWS\system32\DRIVERS\volsnap.sys [2007-02-17 153600]
R1 AFD;AFD; C:\WINDOWS\System32\drivers\afd.sys [2008-10-16 150528]
R1 Beep;Beep; C:\WINDOWS\system32\drivers\Beep.sys [2005-05-25 6144]
R1 Cdrom;Ovladač jednotky CD-ROM; C:\WINDOWS\system32\DRIVERS\cdrom.sys [2007-02-17 52224]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-02-26 114984]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-02-26 95872]
R1 Fips;Fips; C:\WINDOWS\system32\drivers\Fips.sys [2007-02-17 45568]
R1 i8042prt;i8042 Keyboard and PS/2 Mouse Port Driver; C:\WINDOWS\system32\DRIVERS\i8042prt.sys [2007-02-17 55296]
R1 imapi;CD-Burning Filter Driver; C:\WINDOWS\system32\DRIVERS\imapi.sys [2007-02-17 43520]
R1 IPSec;Ovladač IPSEC; C:\WINDOWS\system32\DRIVERS\ipsec.sys [2007-02-17 82432]
R1 Kbdclass;Ovladač třídy klávesnic; C:\WINDOWS\system32\DRIVERS\kbdclass.sys [2007-02-17 25600]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2006-07-27 102384]
R1 mnmdd;mnmdd; C:\WINDOWS\system32\drivers\mnmdd.sys [2005-05-25 6144]
R1 Mouclass;Ovladač třídy myší; C:\WINDOWS\system32\DRIVERS\mouclass.sys [2005-05-25 23040]
R1 MRxSmb;MRXSMB; C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [2010-02-24 438784]
R1 Msfs;Msfs; C:\WINDOWS\system32\drivers\Msfs.sys [2007-02-17 21504]
R1 NetBIOS;Rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\netbios.sys [2007-02-17 34816]
R1 NetBT;Rozhraní NetBios nad protokolem TCP/IP; C:\WINDOWS\system32\DRIVERS\netbt.sys [2007-02-17 180224]
R1 Npfs;Npfs; C:\WINDOWS\system32\drivers\Npfs.sys [2007-02-17 32256]
R1 Null;Null; C:\WINDOWS\system32\drivers\Null.sys [2005-05-25 4608]
R1 RasAcd;Ovladač automatického připojení pomocí vzdáleného přístupu; C:\WINDOWS\system32\DRIVERS\rasacd.sys [2005-05-25 10752]
R1 Rdbss;Rdbss; C:\WINDOWS\system32\DRIVERS\rdbss.sys [2010-02-24 177664]
R1 RDPCDD;RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [2005-05-25 6144]
R1 redbook;Digital CD Audio Playback Filter Driver; C:\WINDOWS\system32\DRIVERS\redbook.sys [2007-02-17 61952]
R1 Serial;Ovladač sériového portu; C:\WINDOWS\system32\DRIVERS\serial.sys [2007-02-17 65536]
R1 Tcpip;Ovladač protokolu TCP/IP; C:\WINDOWS\system32\DRIVERS\tcpip.sys [2009-08-15 393216]
R1 TermDD;Ovladač terminálového zařízení; C:\WINDOWS\system32\DRIVERS\termdd.sys [2007-02-17 41608]
R1 VgaSave;Grafický řadič VGA; C:\WINDOWS\System32\drivers\vga.sys [2007-02-17 23552]
R1 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2007-02-17 14848]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-02-26 139192]
R2 EXIFS;EXIFS; \??\C:\WINDOWS\system32\drivers\exifs.sys []
R2 Parvdm;Parvdm; C:\WINDOWS\system32\DRIVERS\parvdm.sys [2005-05-25 8704]
R2 RMCAST;Ovladač protokolu RMCAST (PGM); C:\WINDOWS\system32\DRIVERS\RMCAST.sys [2008-05-08 109568]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-04-12 1130496]
R3 audstub;Prázdný zvukový ovladač; C:\WINDOWS\system32\DRIVERS\audstub.sys [2003-03-25 5120]
R3 b57w2k;Embedded Broadcom NetXtreme 5721 PCI-E Gigabit NIC; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-04-05 132352]
R3 esihdrv;esihdrv; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\2\esihdrv.sys []
R3 Gpc;Obecné třídění paketů; C:\WINDOWS\system32\DRIVERS\msgpc.sys [2007-02-17 39424]
R3 HTTP;Služba HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [2010-04-19 294400]
R3 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2007-02-17 40448]
R3 IpNat;IP Network Address Translator; C:\WINDOWS\system32\DRIVERS\ipnat.sys [2007-02-17 119296]
R3 MQAC;Řízení přístupu služby Řízení front zpráv; \??\C:\WINDOWS\system32\drivers\mqac.sys []
R3 MRxDAV;Přesměrovač klienta WebDav; C:\WINDOWS\system32\DRIVERS\mrxdav.sys [2007-12-17 188928]
R3 mssmbios;Ovladač Microsoft System Management BIOS; C:\WINDOWS\system32\DRIVERS\mssmbios.sys [2007-02-17 19968]
R3 NdisTapi;Ovladač Remote Access NDIS TAPI; C:\WINDOWS\system32\DRIVERS\ndistapi.sys [2007-02-17 12288]
R3 NdisWan;Ovladač Remote Access NDIS WAN; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2007-02-17 89600]
R3 NDProxy;Služba NDIS Proxy; C:\WINDOWS\system32\drivers\NDProxy.sys [2007-02-17 40960]
R3 Parport;Ovladač paralelního portu; C:\WINDOWS\system32\DRIVERS\parport.sys [2007-02-17 81408]
R3 PptpMiniport;Připojení WAN Miniport (PPTP); C:\WINDOWS\system32\DRIVERS\raspptp.sys [2007-02-17 59904]
R3 Ptilink;Direct Parallel Link Driver; C:\WINDOWS\system32\DRIVERS\ptilink.sys [2007-02-17 20480]
R3 Rasl2tp;WAN Miniport (L2TP); C:\WINDOWS\system32\DRIVERS\rasl2tp.sys [2007-02-17 65536]
R3 RasPppoe;Ovladač pro vzdálený přístup PPPOE; C:\WINDOWS\system32\DRIVERS\raspppoe.sys [2007-02-17 40960]
R3 Raspti;Přímé propojení paralelním kabelem; C:\WINDOWS\system32\DRIVERS\raspti.sys [2007-02-17 19968]
R3 rdpdr;Ovladač přesměrovače zařízení terminálového serveru; C:\WINDOWS\system32\DRIVERS\rdpdr.sys [2007-02-17 200192]
R3 RDPWD;RDPWD; C:\WINDOWS\system32\drivers\RDPWD.sys [2007-02-17 152200]
R3 serenum;Ovladač filtru Serenum; C:\WINDOWS\system32\DRIVERS\serenum.sys [2007-02-17 17920]
R3 Srv;Srv; C:\WINDOWS\system32\DRIVERS\srv.sys [2009-12-10 376832]
R3 swenum;Softwarový ovladač sběrnice; C:\WINDOWS\system32\DRIVERS\swenum.sys [2007-02-17 4736]
R3 TDTCP;TDTCP; C:\WINDOWS\system32\drivers\TDTCP.sys [2007-02-17 24200]
R3 Update;Ovladač aktualizace mikrokódu; C:\WINDOWS\system32\DRIVERS\update.sys [2007-05-28 365056]
R3 usbehci;Ovladač Miniport vylepšeného hostitelského řadiče Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-02-17 27520]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-02-17 60416]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2007-02-17 20864]
R3 Wanarp;Ovladač Remote Access IP ARP; C:\WINDOWS\system32\DRIVERS\wanarp.sys [2007-02-17 36352]
R4 Cdfs;Cdfs; C:\WINDOWS\system32\drivers\Cdfs.sys [2007-02-17 65536]
R4 Ntfs;Ntfs; C:\WINDOWS\system32\drivers\Ntfs.sys [2007-02-17 589824]
R4 Udfs;Udfs; C:\WINDOWS\system32\drivers\Udfs.sys [2007-02-17 67584]
S1 Fdc;Fdc; C:\WINDOWS\system32\drivers\Fdc.sys [2007-02-17 24576]
S1 Flpydisk;Flpydisk; C:\WINDOWS\system32\drivers\Flpydisk.sys [2005-05-25 18432]
S1 Changer;Changer; C:\WINDOWS\system32\drivers\Changer.sys []
S1 i2omgmt;i2omgmt; C:\WINDOWS\system32\drivers\i2omgmt.sys []
S1 Sfloppy;Sfloppy; C:\WINDOWS\system32\drivers\Sfloppy.sys [2005-05-25 12288]
S3 AsyncMac;Ovladač asynchronních médií připojení RAS; C:\WINDOWS\system32\DRIVERS\asyncmac.sys [2005-05-25 16384]
S3 Atmarpc;Protokol ATM ARP Client; C:\WINDOWS\system32\DRIVERS\atmarpc.sys [2007-02-17 59392]
S3 Dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2007-02-17 207872]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2003-03-25 14848]
S3 Ip6Fw;Ovladač IPv6 brány firewall systému Windows; C:\WINDOWS\system32\drivers\ip6fw.sys [2007-02-17 36352]
S3 IpFilterDriver;IP Traffic Filter Driver; C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [2007-02-17 32768]
S3 IpInIp;IP in IP Tunnel Driver; C:\WINDOWS\system32\DRIVERS\ipinip.sys []
S3 IRENUM;Služba čítače výčtu IR; C:\WINDOWS\system32\DRIVERS\irenum.sys [2007-02-17 12800]
S3 Modem;Modem; C:\WINDOWS\system32\drivers\Modem.sys [2007-02-17 31232]
S3 Ndisuio;Protokol NDIS uživatelského režimu V/V; C:\WINDOWS\system32\DRIVERS\ndisuio.sys [2007-02-17 16384]
S3 PDCOMP;PDCOMP; C:\WINDOWS\system32\drivers\PDCOMP.sys []
S3 PDFRAME;PDFRAME; C:\WINDOWS\system32\drivers\PDFRAME.sys []
S3 PDRELI;PDRELI; C:\WINDOWS\system32\drivers\PDRELI.sys []
S3 PDRFRAME;PDRFRAME; C:\WINDOWS\system32\drivers\PDRFRAME.sys []
S3 Secdrv;Secdrv; C:\WINDOWS\system32\DRIVERS\secdrv.sys [2007-11-13 20480]
S3 TDPIPE;TDPIPE; C:\WINDOWS\system32\drivers\TDPIPE.sys [2007-02-17 12936]
S3 ugtdapob;ugtdapob; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\2\ugtdapob.sys []
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2007-02-17 32128]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2007-02-17 18432]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2007-02-17 16384]
S3 vga;vga; C:\WINDOWS\system32\DRIVERS\vgapnp.sys [2007-02-17 24064]
S3 WDICA;WDICA; C:\WINDOWS\system32\drivers\WDICA.sys []
S3 WLBS;Vyrovnávání zatížení sítě; C:\WINDOWS\system32\DRIVERS\wlbs.sys [2007-02-17 177152]
S4 Abiosdsk;Abiosdsk; C:\WINDOWS\system32\drivers\Abiosdsk.sys []
S4 ACPIEC;ACPIEC; C:\WINDOWS\system32\drivers\ACPIEC.sys [2005-05-25 13312]
S4 adpu160m;adpu160m; C:\WINDOWS\system32\drivers\adpu160m.sys []
S4 adpu320;adpu320; C:\WINDOWS\system32\drivers\adpu320.sys []
S4 afcnt;afcnt; C:\WINDOWS\system32\drivers\afcnt.sys []
S4 aic78u2;aic78u2; C:\WINDOWS\system32\drivers\aic78u2.sys []
S4 aic78xx;aic78xx; C:\WINDOWS\system32\drivers\aic78xx.sys []
S4 AliIde;AliIde; C:\WINDOWS\system32\drivers\AliIde.sys []
S4 AmdIde;AmdIde; C:\WINDOWS\system32\drivers\AmdIde.sys [2007-02-17 7680]
S4 arc;arc; C:\WINDOWS\system32\drivers\arc.sys [2007-02-17 43520]
S4 Atdisk;Atdisk; C:\WINDOWS\system32\drivers\Atdisk.sys []
S4 cbidf2k;cbidf2k; C:\WINDOWS\system32\drivers\cbidf2k.sys [2005-05-25 15360]
S4 cd20xrnt;cd20xrnt; C:\WINDOWS\system32\drivers\cd20xrnt.sys []
S4 ClusDisk;Cluster Disk Driver; C:\WINDOWS\system32\DRIVERS\ClusDisk.sys [2007-02-17 69120]
S4 CmdIde;CmdIde; C:\WINDOWS\system32\drivers\CmdIde.sys []
S4 Cpqarray;Cpqarray; C:\WINDOWS\system32\drivers\Cpqarray.sys []
S4 cpqarry2;cpqarry2; C:\WINDOWS\system32\drivers\cpqarry2.sys []
S4 cpqcissm;cpqcissm; C:\WINDOWS\system32\drivers\cpqcissm.sys []
S4 cpqfcalm;cpqfcalm; C:\WINDOWS\system32\drivers\cpqfcalm.sys []
S4 dac2w2k;dac2w2k; C:\WINDOWS\system32\drivers\dac2w2k.sys []
S4 dac960nt;dac960nt; C:\WINDOWS\system32\drivers\dac960nt.sys []
S4 dellcerc;dellcerc; C:\WINDOWS\system32\drivers\dellcerc.sys []
S4 dpti2o;dpti2o; C:\WINDOWS\system32\drivers\dpti2o.sys []
S4 elxstor;elxstor; C:\WINDOWS\system32\drivers\elxstor.sys []
S4 Fastfat;Fastfat; C:\WINDOWS\system32\drivers\Fastfat.sys [2007-02-17 151040]
S4 hpcisss;hpcisss; C:\WINDOWS\system32\drivers\hpcisss.sys [2007-02-17 23552]
S4 hpn;hpn; C:\WINDOWS\system32\drivers\hpn.sys []
S4 hpt3xx;hpt3xx; C:\WINDOWS\system32\drivers\hpt3xx.sys []
S4 i2omp;i2omp; C:\WINDOWS\system32\drivers\i2omp.sys []
S4 iirsp;iirsp; C:\WINDOWS\system32\drivers\iirsp.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 ipsraidn;ipsraidn; C:\WINDOWS\system32\drivers\ipsraidn.sys []
S4 lp6nds35;lp6nds35; C:\WINDOWS\system32\drivers\lp6nds35.sys []
S4 mraid35x;mraid35x; C:\WINDOWS\system32\drivers\mraid35x.sys []
S4 nfrd960;nfrd960; C:\WINDOWS\system32\drivers\nfrd960.sys []
S4 Pcmcia;Pcmcia; C:\WINDOWS\system32\drivers\Pcmcia.sys [2007-02-17 121856]
S4 perc2;perc2; C:\WINDOWS\system32\drivers\perc2.sys []
S4 perc2hib;perc2hib; C:\WINDOWS\system32\drivers\perc2hib.sys []
S4 ql1080;ql1080; C:\WINDOWS\system32\drivers\ql1080.sys []
S4 Ql10wnt;Ql10wnt; C:\WINDOWS\system32\drivers\Ql10wnt.sys []
S4 ql12160;ql12160; C:\WINDOWS\system32\drivers\ql12160.sys []
S4 ql1240;ql1240; C:\WINDOWS\system32\drivers\ql1240.sys []
S4 ql1280;ql1280; C:\WINDOWS\system32\drivers\ql1280.sys []
S4 ql2100;ql2100; C:\WINDOWS\system32\drivers\ql2100.sys []
S4 ql2200;ql2200; C:\WINDOWS\system32\drivers\ql2200.sys []
S4 ql2300;ql2300; C:\WINDOWS\system32\drivers\ql2300.sys []
S4 Simbad;Simbad; C:\WINDOWS\system32\drivers\Simbad.sys []
S4 sym_hi;sym_hi; C:\WINDOWS\system32\drivers\sym_hi.sys []
S4 sym_u3;sym_u3; C:\WINDOWS\system32\drivers\sym_u3.sys []
S4 symc810;symc810; C:\WINDOWS\system32\drivers\symc810.sys []
S4 symc8xx;symc8xx; C:\WINDOWS\system32\drivers\symc8xx.sys []
S4 symmpi;symmpi; C:\WINDOWS\system32\drivers\symmpi.sys []
S4 TosIde;TosIde; C:\WINDOWS\system32\drivers\TosIde.sys []
S4 ultra;ultra; C:\WINDOWS\system32\drivers\ultra.sys []
S4 ViaIde;ViaIde; C:\WINDOWS\system32\drivers\ViaIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Advanced Monitoring Agent;Advanced Monitoring Agent; C:\Program Files\Advanced Monitoring Agent\winagent.exe [2011-06-07 1825280]
R2 AeLookupSvc;Služba vyhledávání zkušeností aplikací; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 Alerter;Výstrahy; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 APCPBEAgent;APC PBE Agent; C:\PROGRA~1\APC\POWERC~1\agent\pbeagent.exe [2004-06-11 28672]
R2 APCPBEServer;APC PBE Server; C:\PROGRA~1\APC\POWERC~1\server\PBESER~1.EXE [2004-06-11 45133]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2005-04-12 364544]
R2 Browser;Prohledávání počítačů; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 CertSvc;Certifikační služba; C:\WINDOWS\system32\certsrv.exe [2007-02-17 317440]
R2 CryptSvc;Šifrování; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 DcomLaunch;Spouštěč procesů serveru DCOM; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 Dfs;Systém souborů DFS; C:\WINDOWS\system32\Dfssvc.exe [2007-02-17 164864]
R2 Dhcp;Klient DHCP; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 DHCPServer;Server DHCP; C:\WINDOWS\system32\tcpsvcs.exe [2005-05-25 21504]
R2 dmserver;Správce logických disků; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 DNS;Server DNS; C:\WINDOWS\System32\dns.exe [2009-02-17 449024]
R2 Dnscache;Klient DNS; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2006-07-27 110592]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2010-02-26 810120]
R2 ERSvc;Zasílání zpráv o chybách; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 Eventlog;Protokol událostí; C:\WINDOWS\system32\services.exe [2009-02-09 113664]
R2 EventSystem;Systém událostí COM+; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe [2009-07-22 81920]
R2 GFI MailEssentials Legacy Attendant Service;GFI MailEssentials Legacy Attendant Service; D:\Program Files\GFI\MailEssentials\msecatt.exe [2011-01-31 143421]
R2 GFI POP2Exchange;GFI POP2Exchange; D:\Program Files\GFI\MailEssentials\pop2exch.exe [2011-01-31 184411]
R2 gfiasmlhost;GFI MailEssentials Managed Attendant Service; D:\Program Files\GFI\MailEssentials\MiddleLayer\contentsecurity.as.attendant.exe [2011-01-31 49152]
R2 GFIMETRXSVC;GFI MailEssentials Enterprise Transfer Service; D:\Program Files\GFI\MailEssentials\mestrxsvc.exe [2011-01-31 188416]
R2 GFIScanS;GFI MailEssentials Scan Engine; D:\Program Files\GFI\MailEssentials\gfiscans.exe [2011-01-31 254027]
R2 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-02-17 14336]
R2 IMAP4Svc;Microsoft Exchange IMAP4; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-02-17 14336]
R2 kdc;Centrum distribuce klíčů modulu Kerberos; C:\WINDOWS\System32\lsass.exe [2005-05-25 16384]
R2 lanmanserver;Server; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 lanmanworkstation;Pracovní stanice; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 LicenseService;Protokolování licence; C:\WINDOWS\System32\llssrv.exe [2007-02-17 94720]
R2 listserv;GFI List Server; D:\Program Files\GFI\MailEssentials\listserv.exe [2011-01-31 237568]
R2 LmHosts;Podpora rozhraní NetBIOS nad protokolem TCP/IP; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 LPDSVC;Tiskový server TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2005-05-25 21504]
R2 Messenger;Kurýrní služba; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 MSDTC;Koordinátor DTC; C:\WINDOWS\system32\msdtc.exe [2008-07-23 6144]
R2 MSExchangeIS;Microsoft Exchange Information Store; D:\Program Files\Exchsrvr\bin\store.exe [2005-10-04 5227520]
R2 MSExchangeMGMT;Microsoft Exchange Management; D:\Program Files\Exchsrvr\bin\exmgmt.exe [2005-08-25 3217408]
R2 MSExchangeMTA;Microsoft Exchange MTA Stacks; D:\Program Files\Exchsrvr\bin\emsmta.exe [2005-08-25 3592704]
R2 MSExchangeSA;Microsoft Exchange System Attendant; D:\Program Files\Exchsrvr\bin\mad.exe [2005-08-25 8920064]
R2 MSFtpsvc;Služba Publikování FTP; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-02-17 14336]
R2 MSMQ;Řazení zpráv; C:\WINDOWS\system32\mqsvc.exe [2009-06-15 6144]
R2 MSSEARCH;Microsoft Search; C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe [2005-05-25 69632]
R2 MSSQL$SHAREPOINT;MSSQL$SHAREPOINT; C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Binn\sqlservr.exe [2008-12-16 9158656]
R2 Netlogon;Přihlašování k síti; C:\WINDOWS\system32\lsass.exe [2005-05-25 16384]
R2 NetTimeSvc;NetTime; C:\Program Files\NetTime\NeTmSvNT.exe [2005-06-01 452608]
R2 NtFrs;Služba replikace souborů; C:\WINDOWS\system32\ntfrs.exe [2007-02-17 792576]
R2 OpenSSHd;OpenSSH Server; C:\Program Files\OpenSSH\bin\cygrunsrv.exe [2004-04-18 36864]
R2 PlugPlay;Plug and Play; C:\WINDOWS\system32\services.exe [2009-02-09 113664]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 PolicyAgent;Služby IPSEC; C:\WINDOWS\system32\lsass.exe [2005-05-25 16384]
R2 POP3Svc;Microsoft Exchange POP3; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-02-17 14336]
R2 ProtectedStorage;Chráněné úložiště; C:\WINDOWS\system32\lsass.exe [2005-05-25 16384]
R2 RemoteAccess;Směrování a vzdálený přístup; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 RemoteRegistry;Vzdálený registr; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 RESvc;Microsoft Exchange Routing Engine; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-02-17 14336]
R2 RpcSs;Vzdálené volání procedur (RPC); C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 SamSs;Správce zabezpečení účtů; C:\WINDOWS\system32\lsass.exe [2005-05-25 16384]
R2 seclogon;Sekundární přihlašování; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 SENS;Oznamování systémových událostí; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 ShellHWDetection;Rozpoznávání hardwaru; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 Schedule;Plánovač úloh; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2007-02-17 40448]
R2 Spooler;Zařazování tisku; C:\WINDOWS\system32\spoolsv.exe [2007-02-17 58368]
R2 SPTimer;Služba SharePoint Timer Service; C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\60\BIN\OWSTIMER.EXE [2007-04-19 31584]
R2 TeamViewer5;TeamViewer 5; C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-06 2002728]
R2 W32Time;Systémový čas; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 W3SVC;Služba Publikování na webu; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 WebClient;Webový klient; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 winmgmt;Služba WMI; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 WINS;WINS; C:\WINDOWS\System32\wins.exe [2009-05-28 157696]
R2 winvnc;VNC Server; C:\Program Files\UltraVNC\WinVNC.exe [2005-08-06 974848]
R2 wuauserv;Automatické aktualizace; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R3 ALG;Služba brány aplikačního rozhraní; C:\WINDOWS\System32\alg.exe [2007-02-17 45056]
R3 BITS;Služba inteligentního přenosu na pozadí; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R3 dmadmin;Služba správy pro Správce logických disků; C:\WINDOWS\System32\dmadmin.exe [2007-02-17 235008]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe [2009-07-22 2736128]
R3 HTTPFilter;Služba HTTP SSL; C:\WINDOWS\system32\lsass.exe [2005-05-25 16384]
R3 Netman;Síťová připojení; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R3 Nla;Sledování umístění v síti (NLA); C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R3 NtLmSsp;Zprostředkovatel zabezpečení NT LM; C:\WINDOWS\system32\lsass.exe [2005-05-25 16384]
R3 RasMan;Správce vzdáleného přístupu; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R3 TapiSrv;Telefonní subsystém; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R3 TermService;Terminálová služba; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S2 SMTPSVC;SMTP (Simple Mail Transfer Protocol); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-02-17 14336]
S2 SysmonLog;Výstrahy a protokolování výkonu; C:\WINDOWS\system32\smlogsvc.exe [2007-02-17 96768]
S3 AppMgmt;Správa aplikací; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AudioSrv;Zvuk systému Windows; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 CiSvc;Indexing Service; C:\WINDOWS\system32\cisvc.exe [2007-02-17 6656]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 COMSysApp;Systémové aplikace modelu COM+; C:\WINDOWS\system32\dllhost.exe [2007-02-17 5632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2010-02-26 33560]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2007-02-17 269824]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSExchangeES;Microsoft Exchange Event; D:\Program Files\Exchsrvr\bin\events.exe [2003-06-03 94720]
S3 MSIServer;Windows Installer; C:\WINDOWS\system32\msiexec.exe [2007-02-17 78848]
S3 MSSQLServerADHelper;MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [2005-05-03 73728]
S3 NtmsSvc;Vyměnitelné úložiště; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 RasAuto;Správce automatického připojení pomocí vzdáleného přístupu; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 RDSessMgr;Správce relací nápovědy ke vzdálené ploše; C:\WINDOWS\system32\sessmgr.exe [2007-02-17 124928]
S3 RpcLocator;Lokátor vzdáleného volání procedur (RPC); C:\WINDOWS\system32\locator.exe [2005-05-25 71680]
S3 RSoPProv;Poskytovatel výsledné sady zásad; C:\WINDOWS\system32\RSoPProv.exe [2007-02-17 67072]
S3 sacsvr;Pomocník pro práci se speciální konzolou pro správu; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 SCardSvr;Smart Card; C:\WINDOWS\System32\SCardSvr.exe [2007-02-17 92160]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2005-05-25 8704]
S3 SQLAgent$SBSMONITORING;SQLAgent$SBSMONITORING; C:\Program Files\Microsoft SQL Server\MSSQL$SBSMONITORING\Binn\sqlagent.EXE [2005-05-03 323584]
S3 SQLAgent$SHAREPOINT;SQLAgent$SHAREPOINT; C:\Program Files\Microsoft SQL Server\MSSQL$SHAREPOINT\Binn\sqlagent.EXE [2008-12-16 323584]
S3 swprv;Microsoft Software Shadow Copy Provider; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 TrkWks;Klient služby sledování distribuovaných propojení; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 UMWdf;Sada ovladačů pro uživatelský režim systému Windows; C:\WINDOWS\system32\wdfmgr.exe [2007-02-17 39424]
S3 vds;Virtual Disk Service; C:\WINDOWS\System32\vds.exe [2007-02-17 353280]
S3 VSS;Stínová kopie svazku; C:\WINDOWS\System32\vssvc.exe [2007-02-17 837632]
S3 WinHttpAutoProxySvc;Služba WinHTTP WPAD; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 Wmi;Rozšíření ovladače WMI; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 WmiApSrv;Adaptér výkonu služby WMI; C:\WINDOWS\system32\wbem\wmiapsrv.exe [2007-02-17 127488]
S3 WZCSVC;Konfigurace bezdrátových zařízení; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 xmlprov;Služba pro síťová ustanovení; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S4 ClipSrv;Síťová schránka; C:\WINDOWS\system32\clipsrv.exe [2005-05-25 32256]
S4 HidServ;Přístup k zařízením standardu HID; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S4 IBRepl;Replication Server; C:\Program Files\IBPhoenix\IBReplicator\ReplServer.exe [2007-05-04 587776]
S4 IBReplGuard;Replication Guardian; C:\Program Files\IBPhoenix\IBReplicator\IBReplGuardian.exe []
S4 ImapiService;Služba modelu COM pro zápis na disk CD (IMAPI); C:\WINDOWS\system32\imapi.exe [2007-02-17 157184]
S4 IsmServ;Mezisíťové zasílání zpráv; C:\WINDOWS\System32\ismserv.exe [2007-02-17 40448]
S4 mnmsrvc;NetMeeting - Vzdálené sdílení plochy; C:\WINDOWS\system32\mnmsrvc.exe [2007-02-17 32768]
S4 MSExchangeSRS;Microsoft Exchange Site Replication Service; D:\Program Files\Exchsrvr\bin\srsmain.exe [2005-08-25 339456]
S4 MSPOP3Connector;Microsoft Connector for POP3 Mailboxes; C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\imbservice.exe [2005-05-25 33600]
S4 MSSQL$SBSMONITORING;MSSQL$SBSMONITORING; C:\Program Files\Microsoft SQL Server\MSSQL$SBSMONITORING\Binn\sqlservr.exe [2005-05-04 9150464]
S4 NetDDE;Služba DDE v síti; C:\WINDOWS\system32\netdde.exe [2007-02-17 111104]
S4 NetDDEdsdm;Správce DSDM služby DDE v síti; C:\WINDOWS\system32\netdde.exe [2007-02-17 111104]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NntpSvc;NNTP (Network News Transfer Protocol); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-02-17 14336]
S4 SharedAccess;Brána Firewall / Sdílení připojení k Internetu (ICS); C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 stisvc;Načítání obrázků (WIA); C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 Themes;Motivy; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S4 TlntSvr;Telnet; C:\WINDOWS\system32\tlntsvr.exe [2007-02-17 76800]
S4 TrkSvr;Server sledování distribuovaného propojení; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 Tssdis;Terminal Services Session Directory; C:\WINDOWS\System32\tssdis.exe [2007-02-17 71168]
S4 UPS;Nepřerušitelný zdroj napájení (UPS); []
S4 WmdmPmSN;Portable Media Serial Number Service; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Windows SBS 2003 Prosím o diagnostiku logu - spamuje...
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Windows SBS 2003 Prosím o diagnostiku logu - spamuje...
Zdravim a pekny den preji 
Co jsem tak pochopil, tak se nejedna o domaci (soukrome) PC ale PC\server nejake firmy ci organizace, je tak
Co jsem tak pochopil, tak se nejedna o domaci (soukrome) PC ale PC\server nejake firmy ci organizace, je tak
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Windows SBS 2003 Prosím o diagnostiku logu - spamuje...
Ano jedná se o server o který se starám ve firmě kde pracuji...
-
MarcoMJF
Re: Windows SBS 2003 Prosím o diagnostiku logu - spamuje...
Prominte ale firemne PC sa tu neriesia.
Re: Windows SBS 2003 Prosím o diagnostiku logu - spamuje...
Pravidla fora hovori jasne - nehodlame Vam to tu resit zdarma a Vy jste za to urcite placen.
Pravidla fora - bod 7 - http://viry.cz/forum/viewtopic.php?f=12&t=2784
Pravidla fora - bod 7 - http://viry.cz/forum/viewtopic.php?f=12&t=2784
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?