Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
dopa
Návštěvník
Návštěvník
Příspěvky: 307
Registrován: 12 říj 2006 08:52

Prosím o kontrolu logu

#1 Příspěvek od dopa »

Zdravím... prosím o kontrolu logu.. je to windows server 2003, ale posledních pár dní hlásí "málo virtuální paměti" a v event logu je

Zpráva o chybě ve frontě: Chybující aplikace winlogon.exe, verze 0.0.0.0, chybující modul msvcrt.dll, verze 7.0.3790.3959, adresa chyby 0x00038efa.

nevím, jestli to dělá tohle, proto se zkouším obracet sem..

zde je log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by administrator at 2010-09-23 20:21:11
Microsoft(R) Windows(R) Server 2003 for Small Business Server Service Pack 2
System drive C: has 6 GB (25%) free of 25 GB
Total RAM: 2046 MB (29% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:21:23, on 23.9.2010
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.3959)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Dfssvc.exe
C:\WINDOWS\System32\dns.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fujitsu Siemens\RAID\bin\mr2kserv.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ntfrs.exe
C:\Program Files\Fujitsu Siemens\ServerView Agents\GlobalFlash\gf_agent.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\OPHILDCS.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fujitsu Siemens\Remote Connector\SVRemoteConnector.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Fujitsu Siemens\RAID\bin\SpySer.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Fujitsu Siemens\ServerView Agents\Server Control\SrvCtrl.exe
C:\WINDOWS\System32\wins.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\SVCHost.eXe
C:\Program Files\Fujitsu Siemens\RAID\amService.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Exchsrvr\bin\exmgmt.exe
C:\Program Files\Exchsrvr\bin\mad.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Exchsrvr\bin\store.exe
C:\Program Files\Exchsrvr\bin\events.exe
C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\imbservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\windows\system32\inetsrv\w3wp.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\mmc.exe
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\GRL4B0MG\RSIT[1].exe
C:\Program Files\trend micro\administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://companyweb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE -a
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Správa serverů.lnk = ?
O14 - IERESET.INF: START_PAGE_URL=http://companyweb
O15 - ESC Trusted Zone: http://ad.adfox.cz
O15 - ESC Trusted Zone: http://centrumcz.adocean.pl
O15 - ESC Trusted Zone: http://adserver.adtechus.com
O15 - ESC Trusted Zone: http://earl.allin1.cz
O15 - ESC Trusted Zone: http://intranet.allin1.cz
O15 - ESC Trusted Zone: http://forum.asw.cz
O15 - ESC Trusted Zone: http://view.atdmt.com
O15 - ESC Trusted Zone: http://go.eu.bbelements.com
O15 - ESC Trusted Zone: http://dl.betanews.com
O15 - ESC Trusted Zone: http://fileforum.betanews.com
O15 - ESC Trusted Zone: http://www.bing.com
O15 - ESC Trusted Zone: http://radovan.bloger.cz
O15 - ESC Trusted Zone: http://www.brothersoft.com
O15 - ESC Trusted Zone: http://www.btre.it
O15 - ESC Trusted Zone: http://adloc.centrum.cz
O15 - ESC Trusted Zone: http://aktualne.centrum.cz
O15 - ESC Trusted Zone: http://mail.centrum.cz
O15 - ESC Trusted Zone: http://www.centrum.cz
O15 - ESC Trusted Zone: http://www.stahuj.centrum.cz
O15 - ESC Trusted Zone: http://scripts.chitika.net
O15 - ESC Trusted Zone: http://download.cnet.com
O15 - ESC Trusted Zone: http://www.dopita.org
O15 - ESC Trusted Zone: http://googleads.g.doubleclick.net
O15 - ESC Trusted Zone: http://bwp.download.com
O15 - ESC Trusted Zone: http://software-files.download.com
O15 - ESC Trusted Zone: http://www.dsl.cz
O15 - ESC Trusted Zone: http://*.e-dopa.cz
O15 - ESC Trusted Zone: http://www.edownload.cz
O15 - ESC Trusted Zone: http://www.email.cz
O15 - ESC Trusted Zone: http://www.eset.cz
O15 - ESC Trusted Zone: http://www.filewatcher.com
O15 - ESC Trusted Zone: http://forum.ts.fujitsu.com
O15 - ESC Trusted Zone: http://spir.hit.gemius.pl
O15 - ESC Trusted Zone: http://load1.givemefile.net
O15 - ESC Trusted Zone: http://www.givemefile.net
O15 - ESC Trusted Zone: http://www.google.cz
O15 - ESC Trusted Zone: http://pagead2.googlesyndication.com
O15 - ESC Trusted Zone: http://www.hamachi.cz
O15 - ESC Trusted Zone: http://www.hamachifun.cz
O15 - ESC Trusted Zone: http://searchportal.information.com
O15 - ESC Trusted Zone: http://*.iskladka.cz
O15 - ESC Trusted Zone: http://search.live.com
O15 - ESC Trusted Zone: http://www.magiciso.com
O15 - ESC Trusted Zone: http://www.malwarebytes.org
O15 - ESC Trusted Zone: http://images.malwareremoval.com
O15 - ESC Trusted Zone: http://*.mapy.cz
O15 - ESC Trusted Zone: http://search.msn.com
O15 - ESC Trusted Zone: http://*.mxtoolbox.com
O15 - ESC Trusted Zone: http://www.pocitacovapohotovost.cz
O15 - ESC Trusted Zone: http://*.rapidshare.com
O15 - ESC Trusted Zone: http://search.seznam.cz
O15 - ESC Trusted Zone: http://www.seznam.cz
O15 - ESC Trusted Zone: http://*.seznam.cz
O15 - ESC Trusted Zone: http://download.slunecnice.cz
O15 - ESC Trusted Zone: http://www.slunecnice.cz
O15 - ESC Trusted Zone: http://download.sosej.cz
O15 - ESC Trusted Zone: http://www.sosej.cz
O15 - ESC Trusted Zone: http://ftp.stahuj.cz
O15 - ESC Trusted Zone: http://*.stor10.x7.to
O15 - ESC Trusted Zone: http://*.stormware.cz
O15 - ESC Trusted Zone: http://login.szn.cz
O15 - ESC Trusted Zone: http://www.vcela.net
O15 - ESC Trusted Zone: http://*.viry.cz
O15 - ESC Trusted Zone: http://www.volny.cz
O15 - ESC Trusted Zone: http://*.windowsupdate.com
O15 - ESC Trusted Zone: http://www.winstrom.cz
O15 - ESC Trusted Zone: http://www.wireshark.org
O15 - ESC Trusted Zone: http://*.x7.to
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O15 - ESC Trusted IP range: http://10.10.1.212
O15 - ESC Trusted IP range: http://88.103.15.70
O15 - ESC Trusted IP range: http://192.168.16.19
O15 - ESC Trusted IP range: http://88.86.107.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = SJGFinancial.local
O17 - HKLM\Software\..\Telephony: DomainName = SJGFinancial.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C4A020B-9E00-4F2A-8246-ADB382A5216E}: NameServer = 192.168.16.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA4FF3A8-7D87-477D-81B8-B5CAC5352196}: NameServer = 192.168.16.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = SJGFinancial.local
O17 - HKLM\System\CS1\Services\Tcpip\..\{0C4A020B-9E00-4F2A-8246-ADB382A5216E}: NameServer = 192.168.16.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = SJGFinancial.local
O17 - HKLM\System\CS2\Services\Tcpip\..\{0C4A020B-9E00-4F2A-8246-ADB382A5216E}: NameServer = 192.168.16.1
O20 - Winlogon Notify: wminotify - wminotify.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ServerView RAID Manager (amService) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens\RAID\amService.exe
O23 - Service: BackGround Switch Disktop Control (BackGround Switch) - Unknown owner - C:\WINDOWS\system32\regedit32.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: mr2kserv - LSI Logic Corporation - C:\Program Files\Fujitsu Siemens\RAID\bin\mr2kserv.exe
O23 - Service: OfflineFlash - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens\ServerView Agents\GlobalFlash\gf_agent.exe
O23 - Service: OKI OPHI DCS Loader - Oki Data Corporation - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\OPHILDCS.EXE
O23 - Service: ServerView Remote Connector (RemoteConnector) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens\Remote Connector\SVRemoteConnector.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SpySer - Unknown owner - C:\Program Files\Fujitsu Siemens\RAID\bin\SpySer.exe
O23 - Service: ServerView Server Control Service (SrvCtrl) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens\ServerView Agents\Server Control\SrvCtrl.exe
O23 - Service: Windorews Help System (WigfgnHelp32) - Unknown owner - C:\WINDOWS\system32\WinHelp32.exe (file missing)
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 10402 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Backup.job
C:\WINDOWS\tasks\ShadowCopyVolume{040918b8-50ef-11dd-866e-806e6f6e6963}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DWPersistentQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE [2007-03-22 39264]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2007-05-21 15360]

C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
Správa serverů.lnk - C:\Program Files\Microsoft Windows Small Business Server\Administration\LaunchConsole.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
Ati2evxx.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
C:\WINDOWS\system32\crypt32.dll [2007-05-21 598528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
C:\WINDOWS\system32\cryptnet.dll [2007-05-21 62464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
C:\WINDOWS\system32\cscdll.dll [2007-05-21 102400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
C:\WINDOWS\system32\dimsntfy.dll [2007-05-21 19456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
C:\WINDOWS\system32\wlnotify.dll [2007-05-21 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
C:\WINDOWS\system32\wlnotify.dll [2007-05-21 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
C:\WINDOWS\system32\sclgntfy.dll [2007-05-21 21504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
C:\WINDOWS\system32\WlNotify.dll [2007-05-21 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
C:\WINDOWS\system32\wlnotify.dll [2007-05-21 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
C:\WINDOWS\system32\wlnotify.dll [2007-05-21 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wminotify]
C:\WINDOWS\system32\wminotify.dll [2010-09-20 32768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll [2010-07-27 8366080]
CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll [2010-07-27 8366080]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll [2007-05-21 279040]
SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll [2007-05-21 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll [2010-06-24 1033216]
Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll [2010-06-24 1033216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=C:\WINDOWS\system32\shell32.dll [2010-07-27 8366080]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=RASSFM
KDCSVC
WDIGEST
scecli
dsrestor

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, pwdssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBCore]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmadmin]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmboot.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmload.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmserver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ip6fw.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NtLmSsp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpcdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpwd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBCore]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdpipe.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdtcp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\termservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WZCSVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"disablecad"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=0
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ShowSuperHidden"=1
"NoWelcomeScreen"=1
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="ctfmon.exe

======List of files/folders created in the last 1 months======

2010-09-23 20:21:11 ----D---- C:\rsit
2010-09-23 20:21:11 ----D---- C:\Program Files\trend micro
2010-09-23 15:17:18 ----SH---- C:\WINDOWS\system32\regedit32.exe
2010-09-23 15:15:08 ----A---- C:\WINDOWS\system32\7080.exe
2010-09-22 13:42:00 ----N---- C:\WINDOWS\system32\AppMgmt.cmd
2010-09-22 13:41:55 ----N---- C:\WINDOWS\system32\mcsql.exe
2010-09-22 07:40:01 ----N---- C:\WINDOWS\system32\DUData.dll
2010-09-22 07:39:39 ----N---- C:\WINDOWS\system32\00042df7.iNi
2010-09-22 07:39:26 ----N---- C:\WINDOWS\system32\dboysb.sys
2010-09-22 07:39:26 ----N---- C:\WINDOWS\system32\dboysb.bat
2010-09-21 10:48:29 ----N---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-21 10:48:28 ----N---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-21 09:29:49 ----D---- C:\Program Files\HD Tune Pro
2010-09-21 09:29:28 ----N---- C:\Documents and Settings\Administrator\Data aplikací\hdtunepro_460_trial.exe
2010-09-20 04:54:57 ----N---- C:\WINDOWS\system32\wminotify.dll
2010-09-20 04:54:57 ----N---- C:\WINDOWS\system32\install.bat
2010-09-16 20:11:03 ----D---- C:\HLServer
2010-09-15 12:06:28 ----N---- C:\WINDOWS\test.txt
2010-09-14 06:17:25 ----A---- C:\e.exe
2010-09-14 06:17:23 ----A---- C:\fuck.vbs
2010-09-14 03:12:47 ----N---- C:\WINDOWS\system32\sqlcmdx.exe
2010-09-02 12:06:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-09-02 12:05:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-09-02 11:37:28 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-09-02 11:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-09-02 11:36:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-09-02 11:26:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2183461$
2010-09-02 11:22:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$

======List of files/folders modified in the last 1 months======

2010-09-23 20:21:11 ----RD---- C:\Program Files
2010-09-23 20:16:03 ----D---- C:\WINDOWS\system32\inetsrv
2010-09-23 19:25:14 ----D---- C:\WINDOWS\system32\dhcp
2010-09-23 18:59:39 ----D---- C:\WINDOWS\Temp
2010-09-23 17:35:01 ----A---- C:\WINDOWS\system32\signal.txt
2010-09-23 16:25:57 ----D---- C:\WINDOWS\system32\ias
2010-09-23 16:25:48 ----D---- C:\WINDOWS\system32
2010-09-23 16:24:49 ----D---- C:\WINDOWS\system32\wins
2010-09-23 16:24:39 ----A---- C:\WINDOWS\system32\MemDebugSVR.txt
2010-09-23 16:24:39 ----A---- C:\WINDOWS\system32\arcerror.txt
2010-09-23 16:24:37 ----D---- C:\WINDOWS\Debug
2010-09-23 16:23:32 ----D---- C:\WINDOWS\NTDS
2010-09-23 09:56:40 ----D---- C:\WINDOWS\system32\drivers
2010-09-23 07:20:57 ----D---- C:\WINDOWS\security
2010-09-22 21:00:49 ----SHD---- C:\System Volume Information
2010-09-22 21:00:10 ----D---- C:\WINDOWS\system32\NtmsData
2010-09-22 15:20:20 ----D---- C:\WINDOWS\system32\FxsTmp
2010-09-22 11:12:27 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-09-22 09:18:41 ----SHD---- C:\RECYCLER
2010-09-22 09:17:59 ----D---- C:\Program Files\WinRAR
2010-09-22 09:17:53 ----D---- C:\WINDOWS
2010-09-22 09:17:44 ----D---- C:\WINDOWS\ime
2010-09-22 09:12:40 ----C---- C:\WINDOWS\OEWABLog.txt
2010-09-22 09:12:01 ----D---- C:\Documents and Settings
2010-09-22 09:00:20 ----D---- C:\WINDOWS\system32\config
2010-09-22 07:40:15 ----D---- C:\WINDOWS\system32\wbem
2010-09-21 09:17:44 ----D---- C:\Program Files\Mozilla Firefox
2010-09-19 16:17:38 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-19 16:17:15 ----SHD---- C:\WINDOWS\Installer
2010-09-19 16:17:15 ----SHD---- C:\Config.Msi
2010-09-19 16:12:39 ----D---- C:\WINDOWS\inf
2010-09-15 20:58:57 ----N---- C:\WINDOWS\WINCMD.INI
2010-09-02 12:23:59 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-09-02 12:17:02 ----D---- C:\WINDOWS\Microsoft.NET
2010-09-02 12:05:52 ----N---- C:\WINDOWS\imsins.BAK
2010-09-02 11:46:43 ----RSD---- C:\WINDOWS\assembly
2010-09-02 11:37:31 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-02 11:37:28 ----HD---- C:\WINDOWS\$hf_mig$
2010-09-02 11:34:45 ----N---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-02 11:32:47 ----D---- C:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;Microsoft ACPI Driver; C:\WINDOWS\system32\DRIVERS\ACPI.sys [2007-05-21 194560]
R0 crcdisk;Ovladač filtru disku CRC; C:\WINDOWS\system32\DRIVERS\crcdisk.sys [2007-02-17 17920]
R0 DfsDriver;DfsDriver; C:\WINDOWS\system32\drivers\Dfs.sys [2007-05-21 34816]
R0 Disk;Ovladač disku; C:\WINDOWS\system32\DRIVERS\disk.sys [2007-05-21 39936]
R0 dmio;Ovladač správce logických disků; C:\WINDOWS\System32\drivers\dmio.sys [2007-05-21 151552]
R0 dmload;dmload; C:\WINDOWS\System32\drivers\dmload.sys [2007-05-21 7680]
R0 FltMgr;FltMgr; C:\WINDOWS\system32\DRIVERS\fltMgr.sys [2007-05-21 130560]
R0 Ftdisk;Ovladač správce svazků; C:\WINDOWS\system32\DRIVERS\ftdisk.sys [2007-05-21 137216]
R0 isapnp;Řadič Plug and Play sběrnice ISA/EISA; C:\WINDOWS\system32\DRIVERS\isapnp.sys [2007-02-17 38912]
R0 KSecDD;KSecDD; C:\WINDOWS\system32\drivers\KSecDD.sys [2009-06-15 134656]
R0 MegaSR;MegaSR; C:\WINDOWS\system32\drivers\MegaSR.sys [2007-09-14 392192]
R0 MountMgr;Správce přípojných bodů; C:\WINDOWS\system32\drivers\MountMgr.sys [2007-05-21 46592]
R0 Mup;Služba Multiple UNC Provider; C:\WINDOWS\system32\drivers\Mup.sys [2007-05-21 103424]
R0 NDIS;Systémový ovladač NDIS; C:\WINDOWS\system32\drivers\NDIS.sys [2007-05-21 210432]
R0 PartMgr;Správce oddílů; C:\WINDOWS\system32\drivers\PartMgr.sys [2007-05-21 25088]
R0 PCI;Řadič sběrnice PCI; C:\WINDOWS\system32\DRIVERS\pci.sys [2007-05-21 75264]
R0 VolSnap;Paměťové svazky; C:\WINDOWS\system32\DRIVERS\volsnap.sys [2007-05-21 153600]
R1 AFD;AFD; C:\WINDOWS\System32\drivers\afd.sys [2008-10-16 150528]
R1 Cdrom;Ovladač jednotky CD-ROM; C:\WINDOWS\system32\DRIVERS\cdrom.sys [2007-05-21 52224]
R1 Fips;Fips; C:\WINDOWS\system32\drivers\Fips.sys [2007-05-21 45568]
R1 i8042prt;i8042 Keyboard and PS/2 Mouse Port Driver; C:\WINDOWS\system32\DRIVERS\i8042prt.sys [2007-05-21 55296]
R1 IPSec;Ovladač IPSEC; C:\WINDOWS\system32\DRIVERS\ipsec.sys [2007-05-21 82432]
R1 Kbdclass;Ovladač třídy klávesnic; C:\WINDOWS\system32\DRIVERS\kbdclass.sys [2007-05-21 25600]
R1 mnmdd;mnmdd; C:\WINDOWS\system32\drivers\mnmdd.sys [2007-05-21 6144]
R1 Mouclass;Ovladač třídy myší; C:\WINDOWS\system32\DRIVERS\mouclass.sys [2007-05-21 23040]
R1 MRxSmb;MRXSMB; C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [2010-02-24 438784]
R1 Msfs;Msfs; C:\WINDOWS\system32\drivers\Msfs.sys [2007-05-21 21504]
R1 NetBIOS;Rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\netbios.sys [2007-05-21 34816]
R1 NetBT;Rozhraní NetBios nad protokolem TCP/IP; C:\WINDOWS\system32\DRIVERS\netbt.sys [2007-05-21 180224]
R1 Npfs;Npfs; C:\WINDOWS\system32\drivers\Npfs.sys [2007-05-21 32256]
R1 Null;Null; C:\WINDOWS\system32\drivers\Null.sys [2007-05-21 4608]
R1 RasAcd;Ovladač automatického připojení pomocí vzdáleného přístupu; C:\WINDOWS\system32\DRIVERS\rasacd.sys [2007-05-21 10752]
R1 Rdbss;Rdbss; C:\WINDOWS\system32\DRIVERS\rdbss.sys [2010-02-24 177664]
R1 RDPCDD;RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [2007-05-21 6144]
R1 redbook;Digital CD Audio Playback Filter Driver; C:\WINDOWS\system32\DRIVERS\redbook.sys [2007-02-17 61952]
R1 Serial;Ovladač sériového portu; C:\WINDOWS\system32\DRIVERS\serial.sys [2007-05-21 65536]
R1 Tcpip;Ovladač protokolu TCP/IP; C:\WINDOWS\system32\DRIVERS\tcpip.sys [2009-08-15 393216]
R1 TermDD;Ovladač terminálového zařízení; C:\WINDOWS\system32\DRIVERS\termdd.sys [2007-02-17 41608]
R1 VgaSave;Grafický řadič VGA; C:\WINDOWS\System32\drivers\vga.sys [2007-05-21 23552]
R2 EXIFS;EXIFS; \??\C:\WINDOWS\system32\drivers\exifs.sys []
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 50704]
R2 Parvdm;Parvdm; C:\WINDOWS\system32\DRIVERS\parvdm.sys [2007-05-21 8704]
R2 ScSBB;Server Control ScSBB Driver; \??\C:\Program Files\Fujitsu Siemens\ServerView Agents\Server Control\ScSBB.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-12-06 1379328]
R3 audstub;Prázdný zvukový ovladač; C:\WINDOWS\system32\DRIVERS\audstub.sys [2003-03-25 5120]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-13 254872]
R3 Fdc;Ovladač řadiče disketové jednotky; C:\WINDOWS\system32\DRIVERS\fdc.sys [2007-05-21 24576]
R3 Gpc;Obecné třídění paketů; C:\WINDOWS\system32\DRIVERS\msgpc.sys [2007-05-21 39424]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2003-03-25 11776]
R3 HTTP;Služba HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [2010-04-19 294400]
R3 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2007-05-21 40448]
R3 IpFilterDriver;IP Traffic Filter Driver; C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [2007-05-21 32768]
R3 IpNat;IP Network Address Translator; C:\WINDOWS\system32\DRIVERS\ipnat.sys [2007-05-21 119296]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2003-05-15 13312]
R3 MRxDAV;Přesměrovač klienta WebDav; C:\WINDOWS\system32\DRIVERS\mrxdav.sys [2007-12-17 188928]
R3 mssmbios;Ovladač Microsoft System Management BIOS; C:\WINDOWS\system32\DRIVERS\mssmbios.sys [2007-05-21 19968]
R3 NdisTapi;Ovladač Remote Access NDIS TAPI; C:\WINDOWS\system32\DRIVERS\ndistapi.sys [2007-05-21 12288]
R3 NdisWan;Ovladač Remote Access NDIS WAN; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2007-05-21 89600]
R3 NDProxy;Služba NDIS Proxy; C:\WINDOWS\system32\drivers\NDProxy.sys [2007-05-21 40960]
R3 Parport;Ovladač paralelního portu; C:\WINDOWS\system32\DRIVERS\parport.sys [2007-05-21 81408]
R3 PptpMiniport;Připojení WAN Miniport (PPTP); C:\WINDOWS\system32\DRIVERS\raspptp.sys [2007-05-21 59904]
R3 Ptilink;Direct Parallel Link Driver; C:\WINDOWS\system32\DRIVERS\ptilink.sys [2007-05-21 20480]
R3 Rasl2tp;WAN Miniport (L2TP); C:\WINDOWS\system32\DRIVERS\rasl2tp.sys [2007-05-21 65536]
R3 RasPppoe;Ovladač pro vzdálený přístup PPPOE; C:\WINDOWS\system32\DRIVERS\raspppoe.sys [2007-05-21 40960]
R3 Raspti;Přímé propojení paralelním kabelem; C:\WINDOWS\system32\DRIVERS\raspti.sys [2007-05-21 19968]
R3 rdpdr;Ovladač přesměrovače zařízení terminálového serveru; C:\WINDOWS\system32\DRIVERS\rdpdr.sys [2007-02-17 200192]
R3 RDPWD;RDPWD; C:\WINDOWS\system32\drivers\RDPWD.sys [2007-05-21 152200]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2007-02-17 20992]
R3 serenum;Ovladač filtru Serenum; C:\WINDOWS\system32\DRIVERS\serenum.sys [2007-05-21 17920]
R3 Srv;Srv; C:\WINDOWS\system32\DRIVERS\srv.sys [2010-06-24 377344]
R3 swenum;Softwarový ovladač sběrnice; C:\WINDOWS\system32\DRIVERS\swenum.sys [2007-05-21 4736]
R3 TDTCP;TDTCP; C:\WINDOWS\system32\drivers\TDTCP.sys [2007-05-21 24200]
R3 Update;Ovladač aktualizace mikrokódu; C:\WINDOWS\system32\DRIVERS\update.sys [2007-05-28 365056]
R3 usbehci;Ovladač Miniport vylepšeného hostitelského řadiče Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-02-17 27520]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-02-17 60416]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2007-02-17 20864]
R3 Wanarp;Ovladač Remote Access IP ARP; C:\WINDOWS\system32\DRIVERS\wanarp.sys [2007-05-21 36352]
R4 Cdfs;Cdfs; C:\WINDOWS\system32\drivers\Cdfs.sys [2007-05-21 65536]
R4 Ntfs;Ntfs; C:\WINDOWS\system32\drivers\Ntfs.sys [2007-05-21 589824]
S0 adjf;adjf; C:\WINDOWS\System32\drivers\twju.sys []
S1 Beep;Beep; C:\WINDOWS\system32\drivers\Beep.sys [2007-05-21 6144]
S1 Flpydisk;Flpydisk; C:\WINDOWS\system32\drivers\Flpydisk.sys [2007-05-21 18432]
S1 Changer;Changer; C:\WINDOWS\system32\drivers\Changer.sys []
S1 i2omgmt;i2omgmt; C:\WINDOWS\system32\drivers\i2omgmt.sys []
S1 imapi;CD-Burning Filter Driver; C:\WINDOWS\system32\DRIVERS\imapi.sys [2007-05-21 43520]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2007-02-17 17408]
S1 Sfloppy;Sfloppy; C:\WINDOWS\system32\drivers\Sfloppy.sys [2007-05-21 12288]
S2 darksheii;darksheii; \??\C:\WINDOWS\system32 []
S2 ImbDrvNT;NT IMB Interface Driver; \??\C:\Program Files\Fujitsu Siemens\ServerView Agents\Server Control\ImbDrvNT.sys []
S3 AsyncMac;Ovladač asynchronních médií připojení RAS; C:\WINDOWS\system32\DRIVERS\asyncmac.sys [2007-05-21 16384]
S3 Atmarpc;Protokol ATM ARP Client; C:\WINDOWS\system32\DRIVERS\atmarpc.sys [2007-05-21 59392]
S3 Ip6Fw;Ovladač IPv6 brány firewall systému Windows; C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys [2007-05-21 36352]
S3 IpInIp;IP in IP Tunnel Driver; C:\WINDOWS\system32\DRIVERS\ipinip.sys []
S3 IRENUM;Služba čítače výčtu IR; C:\WINDOWS\system32\DRIVERS\irenum.sys [2007-02-17 12800]
S3 Modem;Modem; C:\WINDOWS\system32\drivers\Modem.sys [2007-05-21 31232]
S3 Ndisuio;Protokol NDIS uživatelského režimu V/V; C:\WINDOWS\system32\DRIVERS\ndisuio.sys [2007-05-21 16384]
S3 PDCOMP;PDCOMP; C:\WINDOWS\system32\drivers\PDCOMP.sys []
S3 PDFRAME;PDFRAME; C:\WINDOWS\system32\drivers\PDFRAME.sys []
S3 PDRELI;PDRELI; C:\WINDOWS\system32\drivers\PDRELI.sys []
S3 PDRFRAME;PDRFRAME; C:\WINDOWS\system32\drivers\PDRFRAME.sys []
S3 Secdrv;Secdrv; C:\WINDOWS\system32\DRIVERS\secdrv.sys [2007-11-13 20480]
S3 TDPIPE;TDPIPE; C:\WINDOWS\system32\drivers\TDPIPE.sys [2007-05-21 12936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2007-02-17 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2007-02-17 28160]
S3 WDICA;WDICA; C:\WINDOWS\system32\drivers\WDICA.sys []
S4 Abiosdsk;Abiosdsk; C:\WINDOWS\system32\drivers\Abiosdsk.sys []
S4 ACPIEC;ACPIEC; C:\WINDOWS\system32\drivers\ACPIEC.sys [2007-05-21 13312]
S4 adpu160m;adpu160m; C:\WINDOWS\system32\drivers\adpu160m.sys []
S4 adpu320;adpu320; C:\WINDOWS\system32\drivers\adpu320.sys []
S4 afcnt;afcnt; C:\WINDOWS\system32\drivers\afcnt.sys []
S4 aic78u2;aic78u2; C:\WINDOWS\system32\drivers\aic78u2.sys []
S4 aic78xx;aic78xx; C:\WINDOWS\system32\drivers\aic78xx.sys []
S4 AliIde;AliIde; C:\WINDOWS\system32\drivers\AliIde.sys []
S4 AmdIde;AmdIde; C:\WINDOWS\system32\drivers\AmdIde.sys []
S4 arc;arc; C:\WINDOWS\system32\drivers\arc.sys []
S4 atapi;atapi; C:\WINDOWS\system32\drivers\atapi.sys [2007-05-21 96768]
S4 Atdisk;Atdisk; C:\WINDOWS\system32\drivers\Atdisk.sys []
S4 cbidf2k;cbidf2k; C:\WINDOWS\system32\drivers\cbidf2k.sys [2007-05-21 15360]
S4 cd20xrnt;cd20xrnt; C:\WINDOWS\system32\drivers\cd20xrnt.sys []
S4 ClusDisk;Cluster Disk Driver; C:\WINDOWS\system32\DRIVERS\ClusDisk.sys [2007-05-21 69120]
S4 CmdIde;CmdIde; C:\WINDOWS\system32\drivers\CmdIde.sys []
S4 Cpqarray;Cpqarray; C:\WINDOWS\system32\drivers\Cpqarray.sys []
S4 cpqarry2;cpqarry2; C:\WINDOWS\system32\drivers\cpqarry2.sys []
S4 cpqcissm;cpqcissm; C:\WINDOWS\system32\drivers\cpqcissm.sys []
S4 cpqfcalm;cpqfcalm; C:\WINDOWS\system32\drivers\cpqfcalm.sys []
S4 dac2w2k;dac2w2k; C:\WINDOWS\system32\drivers\dac2w2k.sys []
S4 dac960nt;dac960nt; C:\WINDOWS\system32\drivers\dac960nt.sys []
S4 dellcerc;dellcerc; C:\WINDOWS\system32\drivers\dellcerc.sys []
S4 dmboot;dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [2007-05-21 268800]
S4 dpti2o;dpti2o; C:\WINDOWS\system32\drivers\dpti2o.sys []
S4 elxstor;elxstor; C:\WINDOWS\system32\drivers\elxstor.sys []
S4 Fastfat;Fastfat; C:\WINDOWS\system32\drivers\Fastfat.sys [2007-05-21 151040]
S4 hpcisss;hpcisss; C:\WINDOWS\system32\drivers\hpcisss.sys []
S4 hpn;hpn; C:\WINDOWS\system32\drivers\hpn.sys []
S4 hpt3xx;hpt3xx; C:\WINDOWS\system32\drivers\hpt3xx.sys []
S4 i2omp;i2omp; C:\WINDOWS\system32\drivers\i2omp.sys []
S4 iirsp;iirsp; C:\WINDOWS\system32\drivers\iirsp.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 ipsraidn;ipsraidn; C:\WINDOWS\system32\drivers\ipsraidn.sys []
S4 lp6nds35;lp6nds35; C:\WINDOWS\system32\drivers\lp6nds35.sys []
S4 mraid35x;mraid35x; C:\WINDOWS\system32\drivers\mraid35x.sys []
S4 nfrd960;nfrd960; C:\WINDOWS\system32\drivers\nfrd960.sys []
S4 PCIIde;PCIIde; C:\WINDOWS\system32\drivers\PCIIde.sys []
S4 Pcmcia;Pcmcia; C:\WINDOWS\system32\drivers\Pcmcia.sys [2007-05-21 121856]
S4 perc2;perc2; C:\WINDOWS\system32\drivers\perc2.sys []
S4 perc2hib;perc2hib; C:\WINDOWS\system32\drivers\perc2hib.sys []
S4 ql1080;ql1080; C:\WINDOWS\system32\drivers\ql1080.sys []
S4 Ql10wnt;Ql10wnt; C:\WINDOWS\system32\drivers\Ql10wnt.sys []
S4 ql12160;ql12160; C:\WINDOWS\system32\drivers\ql12160.sys []
S4 ql1240;ql1240; C:\WINDOWS\system32\drivers\ql1240.sys []
S4 ql1280;ql1280; C:\WINDOWS\system32\drivers\ql1280.sys []
S4 ql2100;ql2100; C:\WINDOWS\system32\drivers\ql2100.sys []
S4 ql2200;ql2200; C:\WINDOWS\system32\drivers\ql2200.sys []
S4 ql2300;ql2300; C:\WINDOWS\system32\drivers\ql2300.sys []
S4 Simbad;Simbad; C:\WINDOWS\system32\drivers\Simbad.sys []
S4 sym_hi;sym_hi; C:\WINDOWS\system32\drivers\sym_hi.sys []
S4 sym_u3;sym_u3; C:\WINDOWS\system32\drivers\sym_u3.sys []
S4 symc810;symc810; C:\WINDOWS\system32\drivers\symc810.sys []
S4 symc8xx;symc8xx; C:\WINDOWS\system32\drivers\symc8xx.sys []
S4 symmpi;symmpi; C:\WINDOWS\system32\drivers\symmpi.sys []
S4 TosIde;TosIde; C:\WINDOWS\system32\drivers\TosIde.sys []
S4 Udfs;Udfs; C:\WINDOWS\system32\drivers\Udfs.sys [2007-05-21 67584]
S4 ultra;ultra; C:\WINDOWS\system32\drivers\ultra.sys []
S4 ViaIde;ViaIde; C:\WINDOWS\system32\drivers\ViaIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AeLookupSvc;Služba vyhledávání zkušeností aplikací; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 amService;ServerView RAID Manager; C:\Program Files\Fujitsu Siemens\RAID\amService.exe [2008-04-15 16384]
R2 AppMgmt;Application Management; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 Browser;Prohledávání počítačů; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 CryptSvc;Šifrování; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 DcomLaunch;Spouštěč procesů serveru DCOM; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 Dfs;Systém souborů DFS; C:\WINDOWS\system32\Dfssvc.exe [2007-05-21 164864]
R2 Dhcp;Klient DHCP; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 DHCPServer;Server DHCP; C:\WINDOWS\system32\tcpsvcs.exe [2007-05-21 21504]
R2 dmserver;Správce logických disků; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 DNS;Server DNS; C:\WINDOWS\System32\dns.exe [2009-02-17 449024]
R2 Dnscache;Klient DNS; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 ERSvc;Zasílání zpráv o chybách; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 Eventlog;Protokol událostí; C:\WINDOWS\system32\services.exe [2009-02-09 113664]
R2 EventSystem;Systém událostí COM+; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 helpsvc;Nápověda a odborná pomoc; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 HidServ;HID Input Service; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
R2 IMAP4Svc;Microsoft Exchange IMAP4; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
R2 Iprip;Windows Audio; C:\WINDOWS\\System32\\svchost.exe [2007-05-21 14848]
R2 kdc;Centrum distribuce klíčů modulu Kerberos; C:\WINDOWS\System32\lsass.exe [2007-05-21 16384]
R2 lanmanserver;Server; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 lanmanworkstation;Pracovní stanice; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 LicenseService;Protokolování licence; C:\WINDOWS\System32\llssrv.exe [2007-05-21 94720]
R2 LmHosts;Podpora rozhraní NetBIOS nad protokolem TCP/IP; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 mr2kserv;mr2kserv; C:\Program Files\Fujitsu Siemens\RAID\bin\mr2kserv.exe [2006-09-27 69632]
R2 MSDTC;Koordinátor DTC; C:\WINDOWS\system32\msdtc.exe [2008-07-23 6144]
R2 MSExchangeES;Microsoft Exchange Event; C:\Program Files\Exchsrvr\bin\events.exe [2003-06-03 94720]
R2 MSExchangeIS;Microsoft Exchange Information Store; C:\Program Files\Exchsrvr\bin\store.exe [2005-10-04 5227520]
R2 MSExchangeMGMT;Microsoft Exchange Management; C:\Program Files\Exchsrvr\bin\exmgmt.exe [2005-08-25 3217408]
R2 MSExchangeSA;Microsoft Exchange System Attendant; C:\Program Files\Exchsrvr\bin\mad.exe [2005-08-25 8920064]
R2 MSFtpsvc;Služba Publikování FTP; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
R2 MSPOP3Connector;Microsoft Connector for POP3 Mailboxes; C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\imbservice.exe [2005-05-25 33600]
R2 MSSEARCH;Microsoft Search; C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe [2007-05-21 69632]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2005-10-14 28768528]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2005-10-14 28768528]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 Netlogon;Přihlašování k síti; C:\WINDOWS\system32\lsass.exe [2007-05-21 16384]
R2 NtFrs;Služba replikace souborů; C:\WINDOWS\system32\ntfrs.exe [2007-05-21 792576]
R2 OfflineFlash;OfflineFlash; C:\Program Files\Fujitsu Siemens\ServerView Agents\GlobalFlash\gf_agent.exe [2008-04-16 466944]
R2 OKI OPHI DCS Loader;OKI OPHI DCS Loader; C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\OPHILDCS.EXE [2007-02-09 24576]
R2 PlugPlay;Plug and Play; C:\WINDOWS\system32\services.exe [2009-02-09 113664]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 PolicyAgent;Služby IPSEC; C:\WINDOWS\system32\lsass.exe [2007-05-21 16384]
R2 POP3Svc;Microsoft Exchange POP3; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
R2 ProtectedStorage;Chráněné úložiště; C:\WINDOWS\system32\lsass.exe [2007-05-21 16384]
R2 RasAuto;Správce automatického připojení pomocí vzdáleného přístupu; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 RemoteAccess;Směrování a vzdálený přístup; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 RemoteConnector;ServerView Remote Connector; C:\Program Files\Fujitsu Siemens\Remote Connector\SVRemoteConnector.exe [2008-04-28 423184]
R2 RemoteRegistry;Vzdálený registr; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 RESvc;Microsoft Exchange Routing Engine; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
R2 RpcSs;Vzdálené volání procedur (RPC); C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 SamSs;Správce zabezpečení účtů; C:\WINDOWS\system32\lsass.exe [2007-05-21 16384]
R2 seclogon;Sekundární přihlašování; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 SENS;Oznamování systémových událostí; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 ShellHWDetection;Rozpoznávání hardwaru; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 Schedule;Plánovač úloh; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 SMTPSVC;SMTP (Simple Mail Transfer Protocol); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2007-05-21 40448]
R2 Spooler;Zařazování tisku; C:\WINDOWS\system32\spoolsv.exe [2007-05-21 58368]
R2 SPTimer;Služba SharePoint Timer Service; C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\60\BIN\OWSTIMER.EXE [2007-04-19 31584]
R2 SpySer;SpySer; C:\Program Files\Fujitsu Siemens\RAID\bin\SpySer.exe [2006-09-27 270336]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2005-10-14 239320]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2005-10-14 87768]
R2 SrvCtrl;ServerView Server Control Service; C:\Program Files\Fujitsu Siemens\ServerView Agents\Server Control\SrvCtrl.exe [2008-04-28 552208]
R2 W32Time;Systémový čas; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 W3SVC;Služba Publikování na webu; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 WebClient;Webový klient; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 winmgmt;Služba WMI; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 WINS;WINS; C:\WINDOWS\System32\wins.exe [2009-05-28 157696]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2006-05-12 439248]
R2 wuauserv;Automatické aktualizace; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 xgnxnk;xgnxnk; C:\WINDOWS\system32\SVCHost.eXe [2007-05-21 14848]
R3 ALG;Služba brány aplikačního rozhraní; C:\WINDOWS\System32\alg.exe [2007-05-21 45056]
R3 HTTPFilter;Služba HTTP SSL; C:\WINDOWS\system32\lsass.exe [2007-05-21 16384]
R3 Netman;Síťová připojení; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R3 Nla;Sledování umístění v síti (NLA); C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R3 NtLmSsp;Zprostředkovatel zabezpečení NT LM; C:\WINDOWS\system32\lsass.exe [2007-05-21 16384]
R3 RasMan;Správce vzdáleného přístupu; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R3 TapiSrv;Telefonní subsystém; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R3 TermService;Terminálová služba; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S2 BackGround Switch;BackGround Switch Disktop Control; C:\WINDOWS\system32\regedit32.exe [2010-09-23 67072]
S2 BITS;Služba inteligentního přenosu na pozadí; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S2 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S2 SysmonLog;Výstrahy a protokolování výkonu; C:\WINDOWS\system32\smlogsvc.exe [2007-05-21 96768]
S2 Themes;Motivy; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S2 WigfgnHelp32;Windorews Help System; C:\WINDOWS\system32\WinHelp32.exe []
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AudioSrv;Zvuk systému Windows; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S3 CiSvc;Indexing Service; C:\WINDOWS\system32\cisvc.exe [2007-05-21 6656]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 COMSysApp;Systémové aplikace modelu COM+; C:\WINDOWS\system32\dllhost.exe [2007-05-21 5632]
S3 dmadmin;Služba správy pro Správce logických disků; C:\WINDOWS\System32\dmadmin.exe [2007-05-21 235008]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2007-05-21 269824]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSIServer;Windows Installer; C:\WINDOWS\system32\msiexec.exe [2007-05-21 78848]
S3 NtmsSvc;Vyměnitelné úložiště; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S3 RDSessMgr;Správce relací nápovědy ke vzdálené ploše; C:\WINDOWS\system32\sessmgr.exe [2007-05-21 124928]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 RpcLocator;Lokátor vzdáleného volání procedur (RPC); C:\WINDOWS\system32\locator.exe [2007-05-21 71680]
S3 RSoPProv;Poskytovatel výsledné sady zásad; C:\WINDOWS\system32\RSoPProv.exe [2007-05-21 67072]
S3 sacsvr;Pomocník pro práci se speciální konzolou pro správu; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S3 SCardSvr;Smart Card; C:\WINDOWS\System32\SCardSvr.exe [2007-05-21 92160]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2007-05-21 8704]
S3 swprv;Microsoft Software Shadow Copy Provider; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S3 TrkWks;Klient služby sledování distribuovaných propojení; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S3 UMWdf;Sada ovladačů pro uživatelský režim systému Windows; C:\WINDOWS\system32\wdfmgr.exe [2007-05-21 39424]
S3 UPS;Nepřerušitelný zdroj napájení (UPS); C:\WINDOWS\System32\ups.exe [2007-05-21 16896]
S3 vds;Virtual Disk Service; C:\WINDOWS\System32\vds.exe [2007-05-21 353280]
S3 VSS;Stínová kopie svazku; C:\WINDOWS\System32\vssvc.exe [2007-05-21 837632]
S3 WinHttpAutoProxySvc;Služba WinHTTP WPAD; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S3 Wmi;Rozšíření ovladače WMI; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S3 WmiApSrv;Adaptér výkonu služby WMI; C:\WINDOWS\system32\wbem\wmiapsrv.exe [2007-05-21 127488]
S3 WZCSVC;Konfigurace bezdrátových zařízení; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S3 xmlprov;Služba pro síťová ustanovení; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S4 Alerter;Výstrahy; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S4 ClipSrv;Síťová schránka; C:\WINDOWS\system32\clipsrv.exe [2007-05-21 32256]
S4 ImapiService;Služba modelu COM pro zápis na disk CD (IMAPI); C:\WINDOWS\system32\imapi.exe [2007-05-21 157184]
S4 IsmServ;Mezisíťové zasílání zpráv; C:\WINDOWS\System32\ismserv.exe [2007-05-21 40448]
S4 Messenger;Kurýrní služba; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S4 mnmsrvc;NetMeeting - Vzdálené sdílení plochy; C:\WINDOWS\system32\mnmsrvc.exe [2007-05-21 32768]
S4 MSExchangeMTA;Microsoft Exchange MTA Stacks; C:\Program Files\Exchsrvr\bin\emsmta.exe [2005-08-25 3592704]
S4 MSExchangeSRS;Microsoft Exchange Site Replication Service; C:\Program Files\Exchsrvr\bin\srsmain.exe [2005-08-25 339456]
S4 NetDDE;Služba DDE v síti; C:\WINDOWS\system32\netdde.exe [2007-05-21 111104]
S4 NetDDEdsdm;Správce DSDM služby DDE v síti; C:\WINDOWS\system32\netdde.exe [2007-05-21 111104]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NntpSvc;NNTP (Network News Transfer Protocol); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
S4 SharedAccess;Brána Firewall / Sdílení připojení k Internetu (ICS); C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S4 stisvc;Načítání obrázků (WIA); C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S4 TlntSvr;Telnet; C:\WINDOWS\system32\tlntsvr.exe [2007-05-21 76800]
S4 TrkSvr;Server sledování distribuovaného propojení; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S4 Tssdis;Terminal Services Session Directory; C:\WINDOWS\System32\tssdis.exe [2007-05-21 71168]
S4 WmdmPmSN;Portable Media Serial Number Service; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15670
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu

#2 Příspěvek od JaRon »

start-spustit-services.msc<enter>
najdi a nastav typ spustenia na zakazane u sluzby:
Windorews Help System (WigfgnHelp32)
+
prescanuj PC s AVPTool
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
dopa
Návštěvník
Návštěvník
Příspěvky: 307
Registrován: 12 říj 2006 08:52

Re: Prosím o kontrolu logu

#3 Příspěvek od dopa »

zde je log. pro jistotu jsem nedal, aby infikované smazal.. jednou se mi stalo, že smazal systémové soubory, tak jsem se bál.

Autoscan: completed 2 hours ago (events: 93, objects: 606260, time: 01:42:29)
24.9.2010 9:16:19 Task started
24.9.2010 9:16:25 Detected: Trojan-PSW.Win32.Bjlog.lfz C:\Documents and Settings\All Users\DRM\%SESSIONNAME%\itgwc.cc3
24.9.2010 9:16:25 Untreated: Trojan-PSW.Win32.Bjlog.lfz C:\Documents and Settings\All Users\DRM\%SESSIONNAME%\itgwc.cc3 Cannot be disinfected
24.9.2010 9:17:06 Detected: Trojan-Downloader.Win32.Agent.dquz C:\WINDOWS\system32\wminotify.dll
24.9.2010 9:17:06 Untreated: Trojan-Downloader.Win32.Agent.dquz C:\WINDOWS\system32\wminotify.dll Cannot be disinfected
24.9.2010 9:17:38 Detected: Backdoor.Win32.Torr.fnw C:\WINDOWS\system32\AppMgmt.cmd
24.9.2010 9:17:38 Untreated: Backdoor.Win32.Torr.fnw C:\WINDOWS\system32\AppMgmt.cmd Cannot be disinfected
24.9.2010 9:18:43 Detected: Trojan-GameThief.Win32.Magania.dnwp C:\WINDOWS\system32\DUData.dll
24.9.2010 9:18:43 Untreated: Trojan-GameThief.Win32.Magania.dnwp C:\WINDOWS\system32\DUData.dll Cannot be disinfected
24.9.2010 9:19:18 Detected: Trojan-PSW.Win32.Bjlog.lfz C:\Documents and Settings\All Users\DRM\%SESSIONNAME%\itgwc.cc3
24.9.2010 9:19:18 Untreated: Trojan-PSW.Win32.Bjlog.lfz C:\Documents and Settings\All Users\DRM\%SESSIONNAME%\itgwc.cc3 Cannot be disinfected
24.9.2010 9:19:27 Detected: Backdoor.Win32.PcClient.opi C:\WINDOWS\system32\gagzeu.dLL
24.9.2010 9:19:27 Untreated: Backdoor.Win32.PcClient.opi C:\WINDOWS\system32\gagzeu.dLL Cannot be disinfected
24.9.2010 9:19:42 Detected: Backdoor.Win32.DarkShell.ga C:\WINDOWS\system32\regedit32.exe
24.9.2010 9:19:48 Untreated: Backdoor.Win32.DarkShell.ga C:\WINDOWS\system32\regedit32.exe Cannot be disinfected
24.9.2010 9:25:59 Detected: Trojan-Downloader.Win32.Agent.dquz C:\WINDOWS\system32\wminotify.dll
24.9.2010 9:25:59 Untreated: Trojan-Downloader.Win32.Agent.dquz C:\WINDOWS\system32\wminotify.dll Cannot be disinfected
24.9.2010 9:26:04 Detected: Backdoor.Win32.Torr.fnw C:\WINDOWS\system32\AppMgmt.cmd
24.9.2010 9:26:04 Untreated: Backdoor.Win32.Torr.fnw C:\WINDOWS\system32\AppMgmt.cmd Cannot be disinfected
24.9.2010 9:26:06 Detected: Trojan-PSW.Win32.Bjlog.lfz C:\Documents and Settings\All Users\DRM\%SESSIONNAME%\itgwc.cc3
24.9.2010 9:26:06 Untreated: Trojan-PSW.Win32.Bjlog.lfz C:\Documents and Settings\All Users\DRM\%SESSIONNAME%\itgwc.cc3 Cannot be disinfected
24.9.2010 9:26:12 Detected: Trojan-GameThief.Win32.Magania.dnwp C:\WINDOWS\system32\DUData.dll
24.9.2010 9:26:12 Untreated: Trojan-GameThief.Win32.Magania.dnwp C:\WINDOWS\system32\DUData.dll Cannot be disinfected
24.9.2010 9:26:18 Detected: Backdoor.Win32.PcClient.opi C:\WINDOWS\system32\gagzeu.dLL
24.9.2010 9:26:18 Untreated: Backdoor.Win32.PcClient.opi C:\WINDOWS\system32\gagzeu.dLL Cannot be disinfected
24.9.2010 9:26:34 Detected: Trojan-Downloader.Win32.Agent.dquz C:\WINDOWS\system32\wminotify.dll
24.9.2010 9:26:34 Untreated: Trojan-Downloader.Win32.Agent.dquz C:\WINDOWS\system32\wminotify.dll Cannot be disinfected
24.9.2010 9:26:36 Detected: Backdoor.Win32.PcClient.opi C:\WINDOWS\system32\gagzeu.dLL
24.9.2010 9:26:36 Untreated: Backdoor.Win32.PcClient.opi C:\WINDOWS\system32\gagzeu.dLL Cannot be disinfected
24.9.2010 9:26:36 Detected: Backdoor.Win32.Torr.fnw C:\WINDOWS\system32\AppMgmt.cmd
24.9.2010 9:26:36 Untreated: Backdoor.Win32.Torr.fnw C:\WINDOWS\system32\AppMgmt.cmd Cannot be disinfected
24.9.2010 9:26:36 Detected: Trojan-GameThief.Win32.Magania.dnwp C:\WINDOWS\system32\DUData.dll
24.9.2010 9:26:36 Untreated: Trojan-GameThief.Win32.Magania.dnwp C:\WINDOWS\system32\DUData.dll Cannot be disinfected
24.9.2010 9:26:37 Detected: Backdoor.Win32.DarkShell.ga C:\WINDOWS\system32\regedit32.exe
24.9.2010 9:26:37 Untreated: Backdoor.Win32.DarkShell.ga C:\WINDOWS\system32\regedit32.exe Cannot be disinfected
24.9.2010 9:26:50 Detected: Backdoor.Win32.Agent.abj C:\fuck.vbs
24.9.2010 9:26:50 Untreated: Backdoor.Win32.Agent.abj C:\fuck.vbs Cannot be disinfected
24.9.2010 9:28:50 Detected: Trojan-GameThief.Win32.Magania.dqty C:\Documents and Settings\123\Local Settings\Temp\2\kb0x93597953~.tmp
24.9.2010 9:28:50 Untreated: Trojan-GameThief.Win32.Magania.dqty C:\Documents and Settings\123\Local Settings\Temp\2\kb0x93597953~.tmp Cannot be disinfected
24.9.2010 9:28:57 Detected: Trojan-GameThief.Win32.Magania.dnwp C:\Documents and Settings\123\Local Settings\Temp\2\kb0x93585250~.tmp
24.9.2010 9:28:57 Untreated: Trojan-GameThief.Win32.Magania.dnwp C:\Documents and Settings\123\Local Settings\Temp\2\kb0x93585250~.tmp Cannot be disinfected
24.9.2010 9:28:57 Detected: Trojan-GameThief.Win32.Magania.dnwp C:\Documents and Settings\123\Local Settings\Temp\2\kb0x93584750~.tmp
24.9.2010 9:28:57 Untreated: Trojan-GameThief.Win32.Magania.dnwp C:\Documents and Settings\123\Local Settings\Temp\2\kb0x93584750~.tmp Cannot be disinfected
24.9.2010 9:28:57 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\123\Local Settings\Temporary Internet Files\Content.IE5\A52RWKVE\d[1].exe
24.9.2010 9:28:57 Detected: Trojan-Downloader.Win32.Agent.hgs C:\Documents and Settings\123\Local Settings\Temporary Internet Files\Content.IE5\FZHL4REC\he[1].exe/PE_Patch
24.9.2010 9:28:57 Untreated: Trojan-Downloader.Win32.Agent.hgs C:\Documents and Settings\123\Local Settings\Temporary Internet Files\Content.IE5\FZHL4REC\he[1].exe/PE_Patch Cannot be disinfected
24.9.2010 9:28:58 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\123\Local Settings\Temporary Internet Files\Content.IE5\GRL4B0MG\hh[1].exe/NSPack/NSPack
24.9.2010 9:28:58 Detected: Trojan-PSW.Win32.Bjlog.lby C:\Documents and Settings\123\Local Settings\Temporary Internet Files\Content.IE5\GRL4B0MG\server[1].exe
24.9.2010 9:28:58 Untreated: Trojan-PSW.Win32.Bjlog.lby C:\Documents and Settings\123\Local Settings\Temporary Internet Files\Content.IE5\GRL4B0MG\server[1].exe Cannot be disinfected
24.9.2010 9:28:58 Detected: HEUR:Trojan.Win32.Generic C:\Documents and Settings\123\Local Settings\Temporary Internet Files\Content.IE5\GRL4B0MG\srv2[1].exe
24.9.2010 9:29:03 Detected: Trojan-PSW.Win32.Bjlog.lby C:\Documents and Settings\123\Local Settings\Temporary Internet Files\Content.IE5\goxsjvtnpx
24.9.2010 9:29:03 Untreated: Trojan-PSW.Win32.Bjlog.lby C:\Documents and Settings\123\Local Settings\Temporary Internet Files\Content.IE5\goxsjvtnpx Cannot be disinfected
24.9.2010 9:29:03 Detected: Trojan.Win32.Agent.ddpg C:\Documents and Settings\123\Local Settings\Temporary Internet Files\Content.IE5\UGVOKHJ1\jb[1].exe
24.9.2010 9:29:03 Untreated: Trojan.Win32.Agent.ddpg C:\Documents and Settings\123\Local Settings\Temporary Internet Files\Content.IE5\UGVOKHJ1\jb[1].exe Cannot be disinfected
24.9.2010 9:30:23 Detected: Trojan-PSW.Win32.Dybalom.bkn C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\4x73brg9.default\Cache\BB188972d01/HD.Tune.Pro.460.Incl.Patch/HD.Tune.Pro.460.Incl.Patch/hdtunepro_460_trial.exe
24.9.2010 9:30:23 Untreated: Trojan-PSW.Win32.Dybalom.bkn C:\Documents and Settings\Administrator\Local Settings\Data aplikací\Mozilla\Firefox\Profiles\4x73brg9.default\Cache\BB188972d01/HD.Tune.Pro.460.Incl.Patch/HD.Tune.Pro.460.Incl.Patch/hdtunepro_460_trial.exe Write not supported
24.9.2010 9:31:25 Detected: Trojan-PSW.Win32.Bjlog.lfz C:\Documents and Settings\All Users\DRM\%SESSIONNAME%\itgwc.cc3
24.9.2010 9:31:25 Untreated: Trojan-PSW.Win32.Bjlog.lfz C:\Documents and Settings\All Users\DRM\%SESSIONNAME%\itgwc.cc3 Cannot be disinfected
24.9.2010 9:31:25 Detected: Trojan-Downloader.Win32.Agent.hgs C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\FZHL4REC\he[1].exe/PE_Patch
24.9.2010 9:31:25 Untreated: Trojan-Downloader.Win32.Agent.hgs C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\FZHL4REC\he[1].exe/PE_Patch Cannot be disinfected
24.9.2010 9:31:25 Detected: Backdoor.Win32.DarkShell.ga C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\UGVOKHJ1\7080[1].exe
24.9.2010 9:31:25 Untreated: Backdoor.Win32.DarkShell.ga C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\UGVOKHJ1\7080[1].exe Cannot be disinfected
24.9.2010 9:31:28 Detected: Trojan.Win32.Agent.ddpg C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\UGVOKHJ1\jb[1].exe
24.9.2010 9:31:28 Untreated: Trojan.Win32.Agent.ddpg C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\UGVOKHJ1\jb[1].exe Cannot be disinfected
24.9.2010 9:31:45 Detected: Trojan-PSW.Win32.Bjlog.lby C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\goxsjvtnpx
24.9.2010 9:31:45 Untreated: Trojan-PSW.Win32.Bjlog.lby C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5\goxsjvtnpx Cannot be disinfected
24.9.2010 9:31:58 Detected: Trojan-PSW.Win32.Bjlog.lby C:\Documents and Settings\remote\Local Settings\Temporary Internet Files\Content.IE5\goxsjvtnpx
24.9.2010 9:31:58 Untreated: Trojan-PSW.Win32.Bjlog.lby C:\Documents and Settings\remote\Local Settings\Temporary Internet Files\Content.IE5\goxsjvtnpx Cannot be disinfected
24.9.2010 9:39:31 Detected: Trojan-GameThief.Win32.Magania.dnwp C:\WINDOWS\ime\$MicoroSoft~X86.cpl
24.9.2010 9:39:31 Untreated: Trojan-GameThief.Win32.Magania.dnwp C:\WINDOWS\ime\$MicoroSoft~X86.cpl Cannot be disinfected
24.9.2010 9:41:00 Detected: Backdoor.Win32.DarkShell.ga C:\WINDOWS\system32\7080.exe
24.9.2010 9:41:00 Untreated: Backdoor.Win32.DarkShell.ga C:\WINDOWS\system32\7080.exe Cannot be disinfected
24.9.2010 9:41:13 Detected: Backdoor.Win32.Torr.fnw C:\WINDOWS\system32\AppMgmt.cmd
24.9.2010 9:41:13 Untreated: Backdoor.Win32.Torr.fnw C:\WINDOWS\system32\AppMgmt.cmd Cannot be disinfected
24.9.2010 9:41:17 Detected: Backdoor.Win32.PcClient.opi C:\WINDOWS\system32\gagzeu.dLL
24.9.2010 9:41:17 Untreated: Backdoor.Win32.PcClient.opi C:\WINDOWS\system32\gagzeu.dLL Cannot be disinfected
24.9.2010 9:41:22 Detected: Backdoor.Win32.Torr.fyf C:\WINDOWS\system32\mcsql.exe
24.9.2010 9:41:22 Untreated: Backdoor.Win32.Torr.fyf C:\WINDOWS\system32\mcsql.exe Cannot be disinfected
24.9.2010 9:41:28 Detected: Backdoor.Win32.DarkShell.ga C:\WINDOWS\system32\regedit32.exe
24.9.2010 9:41:28 Untreated: Backdoor.Win32.DarkShell.ga C:\WINDOWS\system32\regedit32.exe Cannot be disinfected
24.9.2010 9:41:29 Detected: Trojan-GameThief.Win32.Magania.dnwp C:\WINDOWS\system32\DUData.dll
24.9.2010 9:41:29 Untreated: Trojan-GameThief.Win32.Magania.dnwp C:\WINDOWS\system32\DUData.dll Cannot be disinfected
24.9.2010 9:41:31 Detected: Trojan-Spy.Win32.Batton.lk C:\WINDOWS\system32\sqlcmdx.exe
24.9.2010 9:41:31 Untreated: Trojan-Spy.Win32.Batton.lk C:\WINDOWS\system32\sqlcmdx.exe Cannot be disinfected
24.9.2010 9:41:32 Detected: Trojan-Downloader.Win32.Agent.dquz C:\WINDOWS\system32\wminotify.dll
24.9.2010 9:41:32 Untreated: Trojan-Downloader.Win32.Agent.dquz C:\WINDOWS\system32\wminotify.dll Cannot be disinfected
24.9.2010 9:44:52 Detected: Trojan-GameThief.Win32.Magania.dqty C:\WINDOWS\Temp\kb0x87735000~.tmp
24.9.2010 9:44:52 Untreated: Trojan-GameThief.Win32.Magania.dqty C:\WINDOWS\Temp\kb0x87735000~.tmp Cannot be disinfected
24.9.2010 9:49:21 Detected: not-a-virus:AdWare.Win32.Agent.drk G:\1\Documents and Settings\Administrator\Plocha\NOD32\setup.exe
24.9.2010 9:49:21 Untreated: not-a-virus:AdWare.Win32.Agent.drk G:\1\Documents and Settings\Administrator\Plocha\NOD32\setup.exe Cannot be disinfected
24.9.2010 10:15:29 Detected: Exploit.Win32.MS05-016.h G:\Stav_bkp\Documents and Settings\Stavinoha\Dokumenty\Downloads\Tomtom7USA_and_Canada_720.1803.rar/tt7-stuff/Patcher.exe
24.9.2010 10:15:29 Untreated: Exploit.Win32.MS05-016.h G:\Stav_bkp\Documents and Settings\Stavinoha\Dokumenty\Downloads\Tomtom7USA_and_Canada_720.1803.rar/tt7-stuff/Patcher.exe Write not supported
24.9.2010 10:58:48 Task completed
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15670
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu

#4 Příspěvek od JaRon »

to je hrozne :o daj vsetky najdene smejdy zmazat - restart a napis ako sa sprava masina :???:
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
dopa
Návštěvník
Návštěvník
Příspěvky: 307
Registrován: 12 říj 2006 08:52

Re: Prosím o kontrolu logu

#5 Příspěvek od dopa »

jak je dám smazat?
restart provedu večer, ted to není možné...
Nahoru
Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15670
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o kontrolu logu

#6 Příspěvek od JaRon »

bud to zmazas cez AVPTool, alebo rucne kus za kusom ,,,
hlavne ZMAZ vsetky subory zavirene s:
Backdoor.Win32.PcClient.opi
Backdoor.Win32.DarkShell.ga
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Nahoru
dopa
Návštěvník
Návštěvník
Příspěvky: 307
Registrován: 12 říj 2006 08:52

Re: Prosím o kontrolu logu

#7 Příspěvek od dopa »

ja myslel,aniz bych musel znova skenovat. jestli to nejde nejak vymazat pak po skenu. ale ok. udelam to rucne
Nahoru
dopa
Návštěvník
Návštěvník
Příspěvky: 307
Registrován: 12 říj 2006 08:52

Re: Prosím o kontrolu logu

#8 Příspěvek od dopa »

ja myslel,aniz bych musel znova skenovat. jestli to nejde nejak vymazat pak po skenu. ale ok. udelam to rucne
Nahoru
dopa
Návštěvník
Návštěvník
Příspěvky: 307
Registrován: 12 říj 2006 08:52

Re: Prosím o kontrolu logu

#9 Příspěvek od dopa »

tak jsem dal znova test i s mazáním... restartovalo se to samo, tak snad to bude v pohodě...nevím, kde přesně najdu ten log z posledního testu...
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Prosím o kontrolu logu

#10 Příspěvek od motji »

Dobrý večer, záskok za kolegu :)
Log nehledejte, ale poprosila bych o nový log ze Rsitu.
S pc to vypadá jak?
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
dopa
Návštěvník
Návštěvník
Příspěvky: 307
Registrován: 12 říj 2006 08:52

Re: Prosím o kontrolu logu

#11 Příspěvek od dopa »

zde je log:

Logfile of random's system information tool 1.08 (written by random/random)
Run by administrator at 2010-09-26 13:43:29
Microsoft(R) Windows(R) Server 2003 for Small Business Server Service Pack 2
System drive C: has 6 GB (25%) free of 25 GB
Total RAM: 2046 MB (8% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:43:33, on 26.9.2010
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 (6.00.3790.3959)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Dfssvc.exe
C:\WINDOWS\System32\dns.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Fujitsu Siemens\RAID\bin\mr2kserv.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ntfrs.exe
C:\Program Files\Fujitsu Siemens\ServerView Agents\GlobalFlash\gf_agent.exe
C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\OPHILDCS.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fujitsu Siemens\Remote Connector\SVRemoteConnector.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Fujitsu Siemens\RAID\bin\SpySer.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Fujitsu Siemens\ServerView Agents\Server Control\SrvCtrl.exe
C:\WINDOWS\System32\wins.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Fujitsu Siemens\RAID\amService.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Exchsrvr\bin\exmgmt.exe
C:\Program Files\Exchsrvr\bin\mad.exe
C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Exchsrvr\bin\store.exe
C:\Program Files\Exchsrvr\bin\events.exe
C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\imbservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)
O4 - HKLM\..\Run: [DWPersistentQueuedReporting] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE -a
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2158042360-509897017-4234702055-1208\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'admin$')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Startup: Správa serverů.lnk = ?
O14 - IERESET.INF: START_PAGE_URL=http://companyweb
O15 - ESC Trusted Zone: http://ad.adfox.cz
O15 - ESC Trusted Zone: http://centrumcz.adocean.pl
O15 - ESC Trusted Zone: http://adserver.adtechus.com
O15 - ESC Trusted Zone: http://earl.allin1.cz
O15 - ESC Trusted Zone: http://intranet.allin1.cz
O15 - ESC Trusted Zone: http://forum.asw.cz
O15 - ESC Trusted Zone: http://view.atdmt.com
O15 - ESC Trusted Zone: http://go.eu.bbelements.com
O15 - ESC Trusted Zone: http://dl.betanews.com
O15 - ESC Trusted Zone: http://fileforum.betanews.com
O15 - ESC Trusted Zone: http://www.bing.com
O15 - ESC Trusted Zone: http://radovan.bloger.cz
O15 - ESC Trusted Zone: http://www.brothersoft.com
O15 - ESC Trusted Zone: http://www.btre.it
O15 - ESC Trusted Zone: http://adloc.centrum.cz
O15 - ESC Trusted Zone: http://aktualne.centrum.cz
O15 - ESC Trusted Zone: http://mail.centrum.cz
O15 - ESC Trusted Zone: http://www.centrum.cz
O15 - ESC Trusted Zone: http://www.stahuj.centrum.cz
O15 - ESC Trusted Zone: http://scripts.chitika.net
O15 - ESC Trusted Zone: http://download.cnet.com
O15 - ESC Trusted Zone: http://microsoftpost.disqus.com
O15 - ESC Trusted Zone: http://www.dopita.org
O15 - ESC Trusted Zone: http://googleads.g.doubleclick.net
O15 - ESC Trusted Zone: http://bwp.download.com
O15 - ESC Trusted Zone: http://software-files.download.com
O15 - ESC Trusted Zone: http://www.dsl.cz
O15 - ESC Trusted Zone: http://*.e-dopa.cz
O15 - ESC Trusted Zone: http://www.edownload.cz
O15 - ESC Trusted Zone: http://www.email.cz
O15 - ESC Trusted Zone: http://www.eset.cz
O15 - ESC Trusted Zone: http://www.filewatcher.com
O15 - ESC Trusted Zone: http://forum.ts.fujitsu.com
O15 - ESC Trusted Zone: http://spir.hit.gemius.pl
O15 - ESC Trusted Zone: http://load1.givemefile.net
O15 - ESC Trusted Zone: http://www.givemefile.net
O15 - ESC Trusted Zone: http://www.google.cz
O15 - ESC Trusted Zone: http://pagead2.googlesyndication.com
O15 - ESC Trusted Zone: http://www.hamachi.cz
O15 - ESC Trusted Zone: http://www.hamachifun.cz
O15 - ESC Trusted Zone: http://searchportal.information.com
O15 - ESC Trusted Zone: http://*.iskladka.cz
O15 - ESC Trusted Zone: http://devbuilds.kaspersky-labs.com
O15 - ESC Trusted Zone: http://support.kaspersky.com
O15 - ESC Trusted Zone: http://search.live.com
O15 - ESC Trusted Zone: http://www.magiciso.com
O15 - ESC Trusted Zone: http://www.malwarebytes.org
O15 - ESC Trusted Zone: http://images.malwareremoval.com
O15 - ESC Trusted Zone: http://*.mapy.cz
O15 - ESC Trusted Zone: http://www.microsoftpost.com
O15 - ESC Trusted Zone: http://analytics.msn.com
O15 - ESC Trusted Zone: http://search.msn.com
O15 - ESC Trusted Zone: http://*.mxtoolbox.com
O15 - ESC Trusted Zone: http://www.pocitacovapohotovost.cz
O15 - ESC Trusted Zone: http://*.rapidshare.com
O15 - ESC Trusted Zone: http://search.seznam.cz
O15 - ESC Trusted Zone: http://www.seznam.cz
O15 - ESC Trusted Zone: http://*.seznam.cz
O15 - ESC Trusted Zone: http://download.slunecnice.cz
O15 - ESC Trusted Zone: http://www.slunecnice.cz
O15 - ESC Trusted Zone: http://download.sosej.cz
O15 - ESC Trusted Zone: http://www.sosej.cz
O15 - ESC Trusted Zone: http://ftp.stahuj.cz
O15 - ESC Trusted Zone: http://*.stor10.x7.to
O15 - ESC Trusted Zone: http://*.stormware.cz
O15 - ESC Trusted Zone: http://login.szn.cz
O15 - ESC Trusted Zone: http://www.vcela.net
O15 - ESC Trusted Zone: http://*.viry.cz
O15 - ESC Trusted Zone: http://www.volny.cz
O15 - ESC Trusted Zone: http://*.windowsupdate.com
O15 - ESC Trusted Zone: http://www.winstrom.cz
O15 - ESC Trusted Zone: http://www.wireshark.org
O15 - ESC Trusted Zone: http://*.x7.to
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O15 - ESC Trusted IP range: http://10.10.1.212
O15 - ESC Trusted IP range: http://88.103.15.70
O15 - ESC Trusted IP range: http://192.168.16.19
O15 - ESC Trusted IP range: http://88.86.107.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = SJGFinancial.local
O17 - HKLM\Software\..\Telephony: DomainName = SJGFinancial.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C4A020B-9E00-4F2A-8246-ADB382A5216E}: NameServer = 192.168.16.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA4FF3A8-7D87-477D-81B8-B5CAC5352196}: NameServer = 192.168.16.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = SJGFinancial.local
O17 - HKLM\System\CS1\Services\Tcpip\..\{0C4A020B-9E00-4F2A-8246-ADB382A5216E}: NameServer = 192.168.16.1
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = SJGFinancial.local
O17 - HKLM\System\CS2\Services\Tcpip\..\{0C4A020B-9E00-4F2A-8246-ADB382A5216E}: NameServer = 192.168.16.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ServerView RAID Manager (amService) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens\RAID\amService.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: mr2kserv - LSI Logic Corporation - C:\Program Files\Fujitsu Siemens\RAID\bin\mr2kserv.exe
O23 - Service: OfflineFlash - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens\ServerView Agents\GlobalFlash\gf_agent.exe
O23 - Service: OKI OPHI DCS Loader - Oki Data Corporation - C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\OPHILDCS.EXE
O23 - Service: ServerView Remote Connector (RemoteConnector) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens\Remote Connector\SVRemoteConnector.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SpySer - Unknown owner - C:\Program Files\Fujitsu Siemens\RAID\bin\SpySer.exe
O23 - Service: ServerView Server Control Service (SrvCtrl) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens\ServerView Agents\Server Control\SrvCtrl.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

--
End of file - 11025 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Backup.job
C:\WINDOWS\tasks\ShadowCopyVolume{040918b8-50ef-11dd-866e-806e6f6e6963}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"DWPersistentQueuedReporting"=C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE [2007-03-22 39264]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2010-03-30 1820040]
"UserFaultCheck"=C:\WINDOWS\system32\dumprep 0 -u []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2007-05-21 15360]

C:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
Správa serverů.lnk - C:\Program Files\Microsoft Windows Small Business Server\Administration\LaunchConsole.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
Ati2evxx.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
C:\WINDOWS\system32\crypt32.dll [2007-05-21 598528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
C:\WINDOWS\system32\cryptnet.dll [2007-05-21 62464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
C:\WINDOWS\system32\cscdll.dll [2007-05-21 102400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
C:\WINDOWS\system32\dimsntfy.dll [2007-05-21 19456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
C:\WINDOWS\system32\wlnotify.dll [2007-05-21 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
C:\WINDOWS\system32\wlnotify.dll [2007-05-21 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
C:\WINDOWS\system32\sclgntfy.dll [2007-05-21 21504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
C:\WINDOWS\system32\WlNotify.dll [2007-05-21 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
C:\WINDOWS\system32\wlnotify.dll [2007-05-21 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
C:\WINDOWS\system32\wlnotify.dll [2007-05-21 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll [2010-07-27 8366080]
CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll [2010-07-27 8366080]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll [2007-05-21 279040]
SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll [2007-05-21 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll [2010-06-24 1033216]
Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll [2010-06-24 1033216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=C:\WINDOWS\system32\shell32.dll [2010-07-27 8366080]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=RASSFM
KDCSVC
WDIGEST
scecli
dsrestor

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, pwdssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBCore]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmadmin]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmboot.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmload.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmserver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ip6fw.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NtLmSsp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpcdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpwd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SBCore]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdpipe.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdtcp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\termservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WZCSVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"disablecad"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=0
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ShowSuperHidden"=1
"NoWelcomeScreen"=1
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="ctfmon.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
"Debugger="ctfmon.exe

======List of files/folders created in the last 1 months======

2010-09-24 20:21:57 ----D---- C:\WINDOWS\WBEM
2010-09-24 20:19:57 ----HDC---- C:\WINDOWS\ie8
2010-09-24 19:15:11 ----D---- C:\WINDOWS\LastGood
2010-09-24 09:14:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Kaspersky Lab
2010-09-23 21:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB2124261$
2010-09-23 20:21:11 ----D---- C:\rsit
2010-09-23 20:21:11 ----D---- C:\Program Files\trend micro
2010-09-22 07:39:39 ----N---- C:\WINDOWS\system32\00042df7.iNi
2010-09-22 07:39:26 ----N---- C:\WINDOWS\system32\dboysb.sys
2010-09-22 07:39:26 ----N---- C:\WINDOWS\system32\dboysb.bat
2010-09-21 10:48:29 ----N---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-09-21 10:48:28 ----N---- C:\WINDOWS\system32\drivers\mbam.sys
2010-09-21 09:29:49 ----D---- C:\Program Files\HD Tune Pro
2010-09-21 09:29:28 ----N---- C:\Documents and Settings\Administrator\Data aplikací\hdtunepro_460_trial.exe
2010-09-20 04:54:57 ----N---- C:\WINDOWS\system32\install.bat
2010-09-16 20:11:03 ----D---- C:\HLServer
2010-09-15 12:06:28 ----N---- C:\WINDOWS\test.txt
2010-09-14 06:17:25 ----A---- C:\e.exe
2010-09-02 12:06:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$
2010-09-02 12:05:25 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$
2010-09-02 11:37:28 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$
2010-09-02 11:36:55 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$
2010-09-02 11:36:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$
2010-09-02 11:26:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2183461$
2010-09-02 11:22:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$

======List of files/folders modified in the last 1 months======

2010-09-26 13:42:44 ----D---- C:\Program Files\Mozilla Firefox
2010-09-26 13:33:17 ----D---- C:\WINDOWS\system32\inetsrv
2010-09-26 13:26:23 ----D---- C:\WINDOWS\system32\dhcp
2010-09-26 12:26:32 ----D---- C:\WINDOWS\Temp
2010-09-26 12:18:21 ----D---- C:\WINDOWS\NTDS
2010-09-25 23:32:04 ----D---- C:\WINDOWS\security
2010-09-25 15:18:34 ----D---- C:\WINDOWS\system32\wins
2010-09-25 10:17:23 ----D---- C:\WINDOWS\system32
2010-09-24 20:22:48 ----D---- C:\WINDOWS\inf
2010-09-24 20:22:35 ----D---- C:\WINDOWS
2010-09-24 20:22:02 ----D---- C:\WINDOWS\system32\config
2010-09-24 20:21:56 ----D---- C:\WINDOWS\system32\en-us
2010-09-24 20:21:34 ----D---- C:\WINDOWS\Media
2010-09-24 20:21:33 ----D---- C:\Program Files\Internet Explorer
2010-09-24 20:21:25 ----D---- C:\WINDOWS\Help
2010-09-24 20:21:24 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-09-24 20:19:52 ----D---- C:\WINDOWS\system32\CatRoot2
2010-09-24 19:16:57 ----A---- C:\WINDOWS\WINCMD.INI
2010-09-24 19:15:12 ----D---- C:\WINDOWS\system32\drivers
2010-09-24 16:57:55 ----A---- C:\WINDOWS\system32\signal.txt
2010-09-24 16:55:09 ----D---- C:\WINDOWS\ime
2010-09-24 16:37:07 ----SHD---- C:\System Volume Information
2010-09-24 16:26:02 ----D---- C:\WINDOWS\system32\ias
2010-09-24 16:24:50 ----A---- C:\WINDOWS\system32\MemDebugSVR.txt
2010-09-24 16:24:50 ----A---- C:\WINDOWS\system32\arcerror.txt
2010-09-24 16:24:40 ----D---- C:\WINDOWS\Debug
2010-09-23 21:23:18 ----A---- C:\WINDOWS\imsins.BAK
2010-09-23 21:22:41 ----HD---- C:\WINDOWS\$hf_mig$
2010-09-23 20:21:11 ----RD---- C:\Program Files
2010-09-23 09:56:40 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-09-22 21:00:10 ----D---- C:\WINDOWS\system32\NtmsData
2010-09-22 15:20:20 ----D---- C:\WINDOWS\system32\FxsTmp
2010-09-22 09:18:41 ----SHD---- C:\RECYCLER
2010-09-22 09:17:59 ----D---- C:\Program Files\WinRAR
2010-09-22 09:12:40 ----C---- C:\WINDOWS\OEWABLog.txt
2010-09-22 09:12:01 ----D---- C:\Documents and Settings
2010-09-22 07:40:15 ----D---- C:\WINDOWS\system32\wbem
2010-09-19 16:17:15 ----SHD---- C:\WINDOWS\Installer
2010-09-19 16:17:15 ----SHD---- C:\Config.Msi
2010-09-02 12:17:02 ----D---- C:\WINDOWS\Microsoft.NET
2010-09-02 11:46:43 ----RSD---- C:\WINDOWS\assembly
2010-09-02 11:37:31 ----D---- C:\WINDOWS\system32\drivers\etc
2010-09-02 11:34:45 ----N---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-09-02 11:32:47 ----D---- C:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;Microsoft ACPI Driver; C:\WINDOWS\system32\DRIVERS\ACPI.sys [2007-05-21 194560]
R0 DfsDriver;DfsDriver; C:\WINDOWS\system32\drivers\Dfs.sys [2007-05-21 34816]
R0 Disk;Ovladač disku; C:\WINDOWS\system32\DRIVERS\disk.sys [2007-05-21 39936]
R0 dmio;Ovladač správce logických disků; C:\WINDOWS\System32\drivers\dmio.sys [2007-05-21 151552]
R0 dmload;dmload; C:\WINDOWS\System32\drivers\dmload.sys [2007-05-21 7680]
R0 FltMgr;FltMgr; C:\WINDOWS\system32\DRIVERS\fltMgr.sys [2007-05-21 130560]
R0 Ftdisk;Ovladač správce svazků; C:\WINDOWS\system32\DRIVERS\ftdisk.sys [2007-05-21 137216]
R0 isapnp;Řadič Plug and Play sběrnice ISA/EISA; C:\WINDOWS\system32\DRIVERS\isapnp.sys [2007-02-17 38912]
R0 KSecDD;KSecDD; C:\WINDOWS\system32\drivers\KSecDD.sys [2009-06-15 134656]
R0 MegaSR;MegaSR; C:\WINDOWS\system32\drivers\MegaSR.sys [2007-09-14 392192]
R0 MountMgr;Správce přípojných bodů; C:\WINDOWS\system32\drivers\MountMgr.sys [2007-05-21 46592]
R0 Mup;Služba Multiple UNC Provider; C:\WINDOWS\system32\drivers\Mup.sys [2007-05-21 103424]
R0 NDIS;Systémový ovladač NDIS; C:\WINDOWS\system32\drivers\NDIS.sys [2007-05-21 210432]
R0 PartMgr;Správce oddílů; C:\WINDOWS\system32\drivers\PartMgr.sys [2007-05-21 25088]
R0 PCI;Řadič sběrnice PCI; C:\WINDOWS\system32\DRIVERS\pci.sys [2007-05-21 75264]
R0 VolSnap;Paměťové svazky; C:\WINDOWS\system32\DRIVERS\volsnap.sys [2007-05-21 153600]
R1 AFD;AFD; C:\WINDOWS\System32\drivers\afd.sys [2008-10-16 150528]
R1 Beep;Beep; C:\WINDOWS\system32\drivers\Beep.sys [2007-05-21 6144]
R1 Cdrom;Ovladač jednotky CD-ROM; C:\WINDOWS\system32\DRIVERS\cdrom.sys [2007-05-21 52224]
R1 Fips;Fips; C:\WINDOWS\system32\drivers\Fips.sys [2007-05-21 45568]
R1 i8042prt;i8042 Keyboard and PS/2 Mouse Port Driver; C:\WINDOWS\system32\DRIVERS\i8042prt.sys [2007-05-21 55296]
R1 IPSec;Ovladač IPSEC; C:\WINDOWS\system32\DRIVERS\ipsec.sys [2007-05-21 82432]
R1 Kbdclass;Ovladač třídy klávesnic; C:\WINDOWS\system32\DRIVERS\kbdclass.sys [2007-05-21 25600]
R1 mnmdd;mnmdd; C:\WINDOWS\system32\drivers\mnmdd.sys [2007-05-21 6144]
R1 Mouclass;Ovladač třídy myší; C:\WINDOWS\system32\DRIVERS\mouclass.sys [2007-05-21 23040]
R1 MRxSmb;MRXSMB; C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [2010-02-24 438784]
R1 Msfs;Msfs; C:\WINDOWS\system32\drivers\Msfs.sys [2007-05-21 21504]
R1 NetBIOS;Rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\netbios.sys [2007-05-21 34816]
R1 NetBT;Rozhraní NetBios nad protokolem TCP/IP; C:\WINDOWS\system32\DRIVERS\netbt.sys [2007-05-21 180224]
R1 Npfs;Npfs; C:\WINDOWS\system32\drivers\Npfs.sys [2007-05-21 32256]
R1 Null;Null; C:\WINDOWS\system32\drivers\Null.sys [2007-05-21 4608]
R1 RasAcd;Ovladač automatického připojení pomocí vzdáleného přístupu; C:\WINDOWS\system32\DRIVERS\rasacd.sys [2007-05-21 10752]
R1 Rdbss;Rdbss; C:\WINDOWS\system32\DRIVERS\rdbss.sys [2010-02-24 177664]
R1 RDPCDD;RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [2007-05-21 6144]
R1 redbook;Digital CD Audio Playback Filter Driver; C:\WINDOWS\system32\DRIVERS\redbook.sys [2007-02-17 61952]
R1 Serial;Ovladač sériového portu; C:\WINDOWS\system32\DRIVERS\serial.sys [2007-05-21 65536]
R1 Tcpip;Ovladač protokolu TCP/IP; C:\WINDOWS\system32\DRIVERS\tcpip.sys [2009-08-15 393216]
R1 TermDD;Ovladač terminálového zařízení; C:\WINDOWS\system32\DRIVERS\termdd.sys [2007-02-17 41608]
R1 VgaSave;Grafický řadič VGA; C:\WINDOWS\System32\drivers\vga.sys [2007-05-21 23552]
R2 EXIFS;EXIFS; \??\C:\WINDOWS\system32\drivers\exifs.sys []
R2 NPF;NetGroup Packet Filter Driver; C:\WINDOWS\system32\drivers\npf.sys [2009-10-20 50704]
R2 Parvdm;Parvdm; C:\WINDOWS\system32\DRIVERS\parvdm.sys [2007-05-21 8704]
R2 ScSBB;Server Control ScSBB Driver; \??\C:\Program Files\Fujitsu Siemens\ServerView Agents\Server Control\ScSBB.sys []
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2005-12-06 1379328]
R3 audstub;Prázdný zvukový ovladač; C:\WINDOWS\system32\DRIVERS\audstub.sys [2003-03-25 5120]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-04-13 254872]
R3 Fdc;Ovladač řadiče disketové jednotky; C:\WINDOWS\system32\DRIVERS\fdc.sys [2007-05-21 24576]
R3 Gpc;Obecné třídění paketů; C:\WINDOWS\system32\DRIVERS\msgpc.sys [2007-05-21 39424]
R3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2009-09-23 26176]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2003-03-25 11776]
R3 HTTP;Služba HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [2010-04-19 294400]
R3 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2007-05-21 40448]
R3 IpFilterDriver;IP Traffic Filter Driver; C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [2007-05-21 32768]
R3 IpNat;IP Network Address Translator; C:\WINDOWS\system32\DRIVERS\ipnat.sys [2007-05-21 119296]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2003-05-15 13312]
R3 MRxDAV;Přesměrovač klienta WebDav; C:\WINDOWS\system32\DRIVERS\mrxdav.sys [2007-12-17 188928]
R3 mssmbios;Ovladač Microsoft System Management BIOS; C:\WINDOWS\system32\DRIVERS\mssmbios.sys [2007-05-21 19968]
R3 NdisTapi;Ovladač Remote Access NDIS TAPI; C:\WINDOWS\system32\DRIVERS\ndistapi.sys [2007-05-21 12288]
R3 NdisWan;Ovladač Remote Access NDIS WAN; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2007-05-21 89600]
R3 NDProxy;Služba NDIS Proxy; C:\WINDOWS\system32\drivers\NDProxy.sys [2007-05-21 40960]
R3 Parport;Ovladač paralelního portu; C:\WINDOWS\system32\DRIVERS\parport.sys [2007-05-21 81408]
R3 PptpMiniport;Připojení WAN Miniport (PPTP); C:\WINDOWS\system32\DRIVERS\raspptp.sys [2007-05-21 59904]
R3 Ptilink;Direct Parallel Link Driver; C:\WINDOWS\system32\DRIVERS\ptilink.sys [2007-05-21 20480]
R3 Rasl2tp;WAN Miniport (L2TP); C:\WINDOWS\system32\DRIVERS\rasl2tp.sys [2007-05-21 65536]
R3 RasPppoe;Ovladač pro vzdálený přístup PPPOE; C:\WINDOWS\system32\DRIVERS\raspppoe.sys [2007-05-21 40960]
R3 Raspti;Přímé propojení paralelním kabelem; C:\WINDOWS\system32\DRIVERS\raspti.sys [2007-05-21 19968]
R3 rdpdr;Ovladač přesměrovače zařízení terminálového serveru; C:\WINDOWS\system32\DRIVERS\rdpdr.sys [2007-02-17 200192]
R3 RDPWD;RDPWD; C:\WINDOWS\system32\drivers\RDPWD.sys [2007-05-21 152200]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2007-02-17 20992]
R3 serenum;Ovladač filtru Serenum; C:\WINDOWS\system32\DRIVERS\serenum.sys [2007-05-21 17920]
R3 Srv;Srv; C:\WINDOWS\system32\DRIVERS\srv.sys [2010-06-24 377344]
R3 swenum;Softwarový ovladač sběrnice; C:\WINDOWS\system32\DRIVERS\swenum.sys [2007-05-21 4736]
R3 TDTCP;TDTCP; C:\WINDOWS\system32\drivers\TDTCP.sys [2007-05-21 24200]
R3 Update;Ovladač aktualizace mikrokódu; C:\WINDOWS\system32\DRIVERS\update.sys [2007-05-28 365056]
R3 usbehci;Ovladač Miniport vylepšeného hostitelského řadiče Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-02-17 27520]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-02-17 60416]
R3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2007-02-17 28160]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2007-02-17 20864]
R3 Wanarp;Ovladač Remote Access IP ARP; C:\WINDOWS\system32\DRIVERS\wanarp.sys [2007-05-21 36352]
R4 85959171;85959171; C:\WINDOWS\system32\DRIVERS\85959171.sys []
R4 Cdfs;Cdfs; C:\WINDOWS\system32\drivers\Cdfs.sys [2007-05-21 65536]
R4 Ntfs;Ntfs; C:\WINDOWS\system32\drivers\Ntfs.sys [2007-05-21 589824]
S0 adjf;adjf; C:\WINDOWS\System32\drivers\twju.sys []
S0 crcdisk;Ovladač filtru disku CRC; C:\WINDOWS\system32\DRIVERS\crcdisk.sys [2007-02-17 17920]
S1 Flpydisk;Flpydisk; C:\WINDOWS\system32\drivers\Flpydisk.sys [2007-05-21 18432]
S1 Changer;Changer; C:\WINDOWS\system32\drivers\Changer.sys []
S1 i2omgmt;i2omgmt; C:\WINDOWS\system32\drivers\i2omgmt.sys []
S1 imapi;CD-Burning Filter Driver; C:\WINDOWS\system32\DRIVERS\imapi.sys [2007-05-21 43520]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2007-02-17 17408]
S1 Sfloppy;Sfloppy; C:\WINDOWS\system32\drivers\Sfloppy.sys [2007-05-21 12288]
S2 darksheii;darksheii; \??\C:\WINDOWS\system32 []
S2 ImbDrvNT;NT IMB Interface Driver; \??\C:\Program Files\Fujitsu Siemens\ServerView Agents\Server Control\ImbDrvNT.sys []
S3 AsyncMac;Ovladač asynchronních médií připojení RAS; C:\WINDOWS\system32\DRIVERS\asyncmac.sys [2007-05-21 16384]
S3 Atmarpc;Protokol ATM ARP Client; C:\WINDOWS\system32\DRIVERS\atmarpc.sys [2007-05-21 59392]
S3 Ip6Fw;Ovladač IPv6 brány firewall systému Windows; C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys [2007-05-21 36352]
S3 IpInIp;IP in IP Tunnel Driver; C:\WINDOWS\system32\DRIVERS\ipinip.sys []
S3 IRENUM;Služba čítače výčtu IR; C:\WINDOWS\system32\DRIVERS\irenum.sys [2007-02-17 12800]
S3 Modem;Modem; C:\WINDOWS\system32\drivers\Modem.sys [2007-05-21 31232]
S3 Ndisuio;Protokol NDIS uživatelského režimu V/V; C:\WINDOWS\system32\DRIVERS\ndisuio.sys [2007-05-21 16384]
S3 PDCOMP;PDCOMP; C:\WINDOWS\system32\drivers\PDCOMP.sys []
S3 PDFRAME;PDFRAME; C:\WINDOWS\system32\drivers\PDFRAME.sys []
S3 PDRELI;PDRELI; C:\WINDOWS\system32\drivers\PDRELI.sys []
S3 PDRFRAME;PDRFRAME; C:\WINDOWS\system32\drivers\PDRFRAME.sys []
S3 Secdrv;Secdrv; C:\WINDOWS\system32\DRIVERS\secdrv.sys [2007-11-13 20480]
S3 TDPIPE;TDPIPE; C:\WINDOWS\system32\drivers\TDPIPE.sys [2007-05-21 12936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2007-02-17 32128]
S3 WDICA;WDICA; C:\WINDOWS\system32\drivers\WDICA.sys []
S4 Abiosdsk;Abiosdsk; C:\WINDOWS\system32\drivers\Abiosdsk.sys []
S4 ACPIEC;ACPIEC; C:\WINDOWS\system32\drivers\ACPIEC.sys [2007-05-21 13312]
S4 adpu160m;adpu160m; C:\WINDOWS\system32\drivers\adpu160m.sys []
S4 adpu320;adpu320; C:\WINDOWS\system32\drivers\adpu320.sys []
S4 afcnt;afcnt; C:\WINDOWS\system32\drivers\afcnt.sys []
S4 aic78u2;aic78u2; C:\WINDOWS\system32\drivers\aic78u2.sys []
S4 aic78xx;aic78xx; C:\WINDOWS\system32\drivers\aic78xx.sys []
S4 AliIde;AliIde; C:\WINDOWS\system32\drivers\AliIde.sys []
S4 AmdIde;AmdIde; C:\WINDOWS\system32\drivers\AmdIde.sys []
S4 arc;arc; C:\WINDOWS\system32\drivers\arc.sys []
S4 atapi;atapi; C:\WINDOWS\system32\drivers\atapi.sys [2007-05-21 96768]
S4 Atdisk;Atdisk; C:\WINDOWS\system32\drivers\Atdisk.sys []
S4 cbidf2k;cbidf2k; C:\WINDOWS\system32\drivers\cbidf2k.sys [2007-05-21 15360]
S4 cd20xrnt;cd20xrnt; C:\WINDOWS\system32\drivers\cd20xrnt.sys []
S4 ClusDisk;Cluster Disk Driver; C:\WINDOWS\system32\DRIVERS\ClusDisk.sys [2007-05-21 69120]
S4 CmdIde;CmdIde; C:\WINDOWS\system32\drivers\CmdIde.sys []
S4 Cpqarray;Cpqarray; C:\WINDOWS\system32\drivers\Cpqarray.sys []
S4 cpqarry2;cpqarry2; C:\WINDOWS\system32\drivers\cpqarry2.sys []
S4 cpqcissm;cpqcissm; C:\WINDOWS\system32\drivers\cpqcissm.sys []
S4 cpqfcalm;cpqfcalm; C:\WINDOWS\system32\drivers\cpqfcalm.sys []
S4 dac2w2k;dac2w2k; C:\WINDOWS\system32\drivers\dac2w2k.sys []
S4 dac960nt;dac960nt; C:\WINDOWS\system32\drivers\dac960nt.sys []
S4 dellcerc;dellcerc; C:\WINDOWS\system32\drivers\dellcerc.sys []
S4 dmboot;dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [2007-05-21 268800]
S4 dpti2o;dpti2o; C:\WINDOWS\system32\drivers\dpti2o.sys []
S4 elxstor;elxstor; C:\WINDOWS\system32\drivers\elxstor.sys []
S4 Fastfat;Fastfat; C:\WINDOWS\system32\drivers\Fastfat.sys [2007-05-21 151040]
S4 hpcisss;hpcisss; C:\WINDOWS\system32\drivers\hpcisss.sys []
S4 hpn;hpn; C:\WINDOWS\system32\drivers\hpn.sys []
S4 hpt3xx;hpt3xx; C:\WINDOWS\system32\drivers\hpt3xx.sys []
S4 i2omp;i2omp; C:\WINDOWS\system32\drivers\i2omp.sys []
S4 iirsp;iirsp; C:\WINDOWS\system32\drivers\iirsp.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 ipsraidn;ipsraidn; C:\WINDOWS\system32\drivers\ipsraidn.sys []
S4 lp6nds35;lp6nds35; C:\WINDOWS\system32\drivers\lp6nds35.sys []
S4 mraid35x;mraid35x; C:\WINDOWS\system32\drivers\mraid35x.sys []
S4 nfrd960;nfrd960; C:\WINDOWS\system32\drivers\nfrd960.sys []
S4 PCIIde;PCIIde; C:\WINDOWS\system32\drivers\PCIIde.sys []
S4 Pcmcia;Pcmcia; C:\WINDOWS\system32\drivers\Pcmcia.sys [2007-05-21 121856]
S4 perc2;perc2; C:\WINDOWS\system32\drivers\perc2.sys []
S4 perc2hib;perc2hib; C:\WINDOWS\system32\drivers\perc2hib.sys []
S4 ql1080;ql1080; C:\WINDOWS\system32\drivers\ql1080.sys []
S4 Ql10wnt;Ql10wnt; C:\WINDOWS\system32\drivers\Ql10wnt.sys []
S4 ql12160;ql12160; C:\WINDOWS\system32\drivers\ql12160.sys []
S4 ql1240;ql1240; C:\WINDOWS\system32\drivers\ql1240.sys []
S4 ql1280;ql1280; C:\WINDOWS\system32\drivers\ql1280.sys []
S4 ql2100;ql2100; C:\WINDOWS\system32\drivers\ql2100.sys []
S4 ql2200;ql2200; C:\WINDOWS\system32\drivers\ql2200.sys []
S4 ql2300;ql2300; C:\WINDOWS\system32\drivers\ql2300.sys []
S4 Simbad;Simbad; C:\WINDOWS\system32\drivers\Simbad.sys []
S4 sym_hi;sym_hi; C:\WINDOWS\system32\drivers\sym_hi.sys []
S4 sym_u3;sym_u3; C:\WINDOWS\system32\drivers\sym_u3.sys []
S4 symc810;symc810; C:\WINDOWS\system32\drivers\symc810.sys []
S4 symc8xx;symc8xx; C:\WINDOWS\system32\drivers\symc8xx.sys []
S4 symmpi;symmpi; C:\WINDOWS\system32\drivers\symmpi.sys []
S4 TosIde;TosIde; C:\WINDOWS\system32\drivers\TosIde.sys []
S4 Udfs;Udfs; C:\WINDOWS\system32\drivers\Udfs.sys [2007-05-21 67584]
S4 ultra;ultra; C:\WINDOWS\system32\drivers\ultra.sys []
S4 ViaIde;ViaIde; C:\WINDOWS\system32\drivers\ViaIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AeLookupSvc;Služba vyhledávání zkušeností aplikací; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 amService;ServerView RAID Manager; C:\Program Files\Fujitsu Siemens\RAID\amService.exe [2008-04-15 16384]
R2 Browser;Prohledávání počítačů; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 CryptSvc;Šifrování; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 DcomLaunch;Spouštěč procesů serveru DCOM; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 Dfs;Systém souborů DFS; C:\WINDOWS\system32\Dfssvc.exe [2007-05-21 164864]
R2 Dhcp;Klient DHCP; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 DHCPServer;Server DHCP; C:\WINDOWS\system32\tcpsvcs.exe [2007-05-21 21504]
R2 dmserver;Správce logických disků; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 DNS;Server DNS; C:\WINDOWS\System32\dns.exe [2009-02-17 449024]
R2 Dnscache;Klient DNS; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 ERSvc;Zasílání zpráv o chybách; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 Eventlog;Protokol událostí; C:\WINDOWS\system32\services.exe [2009-02-09 113664]
R2 EventSystem;Systém událostí COM+; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2010-03-30 1107336]
R2 helpsvc;Nápověda a odborná pomoc; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 HidServ;HID Input Service; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 IISADMIN;Správa služby IIS; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
R2 IMAP4Svc;Microsoft Exchange IMAP4; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
R2 kdc;Centrum distribuce klíčů modulu Kerberos; C:\WINDOWS\System32\lsass.exe [2007-05-21 16384]
R2 lanmanserver;Server; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 lanmanworkstation;Pracovní stanice; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 LicenseService;Protokolování licence; C:\WINDOWS\System32\llssrv.exe [2007-05-21 94720]
R2 LmHosts;Podpora rozhraní NetBIOS nad protokolem TCP/IP; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 mr2kserv;mr2kserv; C:\Program Files\Fujitsu Siemens\RAID\bin\mr2kserv.exe [2006-09-27 69632]
R2 MSDTC;Koordinátor DTC; C:\WINDOWS\system32\msdtc.exe [2008-07-23 6144]
R2 MSExchangeES;Microsoft Exchange Event; C:\Program Files\Exchsrvr\bin\events.exe [2003-06-03 94720]
R2 MSExchangeIS;Microsoft Exchange Information Store; C:\Program Files\Exchsrvr\bin\store.exe [2005-10-04 5227520]
R2 MSExchangeMGMT;Microsoft Exchange Management; C:\Program Files\Exchsrvr\bin\exmgmt.exe [2005-08-25 3217408]
R2 MSExchangeSA;Microsoft Exchange System Attendant; C:\Program Files\Exchsrvr\bin\mad.exe [2005-08-25 8920064]
R2 MSFtpsvc;Služba Publikování FTP; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
R2 MSPOP3Connector;Microsoft Connector for POP3 Mailboxes; C:\Program Files\Microsoft Windows Small Business Server\Networking\POP3\imbservice.exe [2005-05-25 33600]
R2 MSSEARCH;Microsoft Search; C:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe [2007-05-21 69632]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2005-10-14 28768528]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.2\MSSQL\Binn\sqlservr.exe [2005-10-14 28768528]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 Netlogon;Přihlašování k síti; C:\WINDOWS\system32\lsass.exe [2007-05-21 16384]
R2 NtFrs;Služba replikace souborů; C:\WINDOWS\system32\ntfrs.exe [2007-05-21 792576]
R2 OfflineFlash;OfflineFlash; C:\Program Files\Fujitsu Siemens\ServerView Agents\GlobalFlash\gf_agent.exe [2008-04-16 466944]
R2 OKI OPHI DCS Loader;OKI OPHI DCS Loader; C:\WINDOWS\system32\spool\DRIVERS\W32X86\3\OPHILDCS.EXE [2007-02-09 24576]
R2 PlugPlay;Plug and Play; C:\WINDOWS\system32\services.exe [2009-02-09 113664]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 PolicyAgent;Služby IPSEC; C:\WINDOWS\system32\lsass.exe [2007-05-21 16384]
R2 POP3Svc;Microsoft Exchange POP3; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
R2 ProtectedStorage;Chráněné úložiště; C:\WINDOWS\system32\lsass.exe [2007-05-21 16384]
R2 RemoteAccess;Směrování a vzdálený přístup; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 RemoteConnector;ServerView Remote Connector; C:\Program Files\Fujitsu Siemens\Remote Connector\SVRemoteConnector.exe [2008-04-28 423184]
R2 RemoteRegistry;Vzdálený registr; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 RESvc;Microsoft Exchange Routing Engine; C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
R2 RpcSs;Vzdálené volání procedur (RPC); C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 SamSs;Správce zabezpečení účtů; C:\WINDOWS\system32\lsass.exe [2007-05-21 16384]
R2 seclogon;Sekundární přihlašování; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 SENS;Oznamování systémových událostí; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 ShellHWDetection;Rozpoznávání hardwaru; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 Schedule;Plánovač úloh; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 SMTPSVC;SMTP (Simple Mail Transfer Protocol); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
R2 SNMP;SNMP; C:\WINDOWS\System32\snmp.exe [2007-05-21 40448]
R2 Spooler;Zařazování tisku; C:\WINDOWS\system32\spoolsv.exe [2007-05-21 58368]
R2 SPTimer;Služba SharePoint Timer Service; C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\60\BIN\OWSTIMER.EXE [2007-04-19 31584]
R2 SpySer;SpySer; C:\Program Files\Fujitsu Siemens\RAID\bin\SpySer.exe [2006-09-27 270336]
R2 SQLBrowser;SQL Server Browser; C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2005-10-14 239320]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2005-10-14 87768]
R2 SrvCtrl;ServerView Server Control Service; C:\Program Files\Fujitsu Siemens\ServerView Agents\Server Control\SrvCtrl.exe [2008-04-28 552208]
R2 W32Time;Systémový čas; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 W3SVC;Služba Publikování na webu; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R2 WebClient;Webový klient; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 winmgmt;Služba WMI; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R2 WINS;WINS; C:\WINDOWS\System32\wins.exe [2009-05-28 157696]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2006-05-12 439248]
R2 wuauserv;Automatické aktualizace; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R3 ALG;Služba brány aplikačního rozhraní; C:\WINDOWS\System32\alg.exe [2007-05-21 45056]
R3 HTTPFilter;Služba HTTP SSL; C:\WINDOWS\system32\lsass.exe [2007-05-21 16384]
R3 Netman;Síťová připojení; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R3 Nla;Sledování umístění v síti (NLA); C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R3 NtLmSsp;Zprostředkovatel zabezpečení NT LM; C:\WINDOWS\system32\lsass.exe [2007-05-21 16384]
R3 RasMan;Správce vzdáleného přístupu; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
R3 TapiSrv;Telefonní subsystém; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
R3 TermService;Terminálová služba; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S2 AppMgmt;Application Management; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S2 BITS;Služba inteligentního přenosu na pozadí; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S2 Iprip;Windows Audio; C:\WINDOWS\\System32\\svchost.exe [2007-05-21 14848]
S2 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S2 RasAuto;Správce automatického připojení pomocí vzdáleného přístupu; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2009-01-07 26144]
S2 SysmonLog;Výstrahy a protokolování výkonu; C:\WINDOWS\system32\smlogsvc.exe [2007-05-21 96768]
S2 Themes;Motivy; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S2 xgnxnk;xgnxnk; C:\WINDOWS\system32\SVCHost.eXe [2007-05-21 14848]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 AudioSrv;Zvuk systému Windows; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S3 CiSvc;Indexing Service; C:\WINDOWS\system32\cisvc.exe [2007-05-21 6656]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 COMSysApp;Systémové aplikace modelu COM+; C:\WINDOWS\system32\dllhost.exe [2007-05-21 5632]
S3 dmadmin;Služba správy pro Správce logických disků; C:\WINDOWS\System32\dmadmin.exe [2007-05-21 235008]
S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2007-05-21 269824]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Služba Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MSIServer;Windows Installer; C:\WINDOWS\system32\msiexec.exe [2007-05-21 78848]
S3 NtmsSvc;Vyměnitelné úložiště; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S3 RDSessMgr;Správce relací nápovědy ke vzdálené ploše; C:\WINDOWS\system32\sessmgr.exe [2007-05-21 124928]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files\WinPcap\rpcapd.exe [2009-10-20 117264]
S3 RpcLocator;Lokátor vzdáleného volání procedur (RPC); C:\WINDOWS\system32\locator.exe [2007-05-21 71680]
S3 RSoPProv;Poskytovatel výsledné sady zásad; C:\WINDOWS\system32\RSoPProv.exe [2007-05-21 67072]
S3 sacsvr;Pomocník pro práci se speciální konzolou pro správu; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S3 SCardSvr;Smart Card; C:\WINDOWS\System32\SCardSvr.exe [2007-05-21 92160]
S3 SNMPTRAP;Zachytávání pro službu SNMP; C:\WINDOWS\System32\snmptrap.exe [2007-05-21 8704]
S3 swprv;Microsoft Software Shadow Copy Provider; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S3 TrkWks;Klient služby sledování distribuovaných propojení; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S3 UMWdf;Sada ovladačů pro uživatelský režim systému Windows; C:\WINDOWS\system32\wdfmgr.exe [2007-05-21 39424]
S3 UPS;Nepřerušitelný zdroj napájení (UPS); C:\WINDOWS\System32\ups.exe [2007-05-21 16896]
S3 vds;Virtual Disk Service; C:\WINDOWS\System32\vds.exe [2007-05-21 353280]
S3 VSS;Stínová kopie svazku; C:\WINDOWS\System32\vssvc.exe [2007-05-21 837632]
S3 WinHttpAutoProxySvc;Služba WinHTTP WPAD; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S3 Wmi;Rozšíření ovladače WMI; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S3 WmiApSrv;Adaptér výkonu služby WMI; C:\WINDOWS\system32\wbem\wmiapsrv.exe [2007-05-21 127488]
S3 WZCSVC;Konfigurace bezdrátových zařízení; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S3 xmlprov;Služba pro síťová ustanovení; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]
S4 Alerter;Výstrahy; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S4 ClipSrv;Síťová schránka; C:\WINDOWS\system32\clipsrv.exe [2007-05-21 32256]
S4 ImapiService;Služba modelu COM pro zápis na disk CD (IMAPI); C:\WINDOWS\system32\imapi.exe [2007-05-21 157184]
S4 IsmServ;Mezisíťové zasílání zpráv; C:\WINDOWS\System32\ismserv.exe [2007-05-21 40448]
S4 Messenger;Kurýrní služba; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S4 mnmsrvc;NetMeeting - Vzdálené sdílení plochy; C:\WINDOWS\system32\mnmsrvc.exe [2007-05-21 32768]
S4 MSExchangeMTA;Microsoft Exchange MTA Stacks; C:\Program Files\Exchsrvr\bin\emsmta.exe [2005-08-25 3592704]
S4 MSExchangeSRS;Microsoft Exchange Site Replication Service; C:\Program Files\Exchsrvr\bin\srsmain.exe [2005-08-25 339456]
S4 NetDDE;Služba DDE v síti; C:\WINDOWS\system32\netdde.exe [2007-05-21 111104]
S4 NetDDEdsdm;Správce DSDM služby DDE v síti; C:\WINDOWS\system32\netdde.exe [2007-05-21 111104]
S4 NetTcpPortSharing;Služba sdílení portů Net.Tcp; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 NntpSvc;NNTP (Network News Transfer Protocol); C:\WINDOWS\system32\inetsrv\inetinfo.exe [2007-05-21 14336]
S4 SharedAccess;Brána Firewall / Sdílení připojení k Internetu (ICS); C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S4 stisvc;Načítání obrázků (WIA); C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S4 TlntSvr;Telnet; C:\WINDOWS\system32\tlntsvr.exe [2007-05-21 76800]
S4 TrkSvr;Server sledování distribuovaného propojení; C:\WINDOWS\system32\svchost.exe [2007-05-21 14848]
S4 Tssdis;Terminal Services Session Directory; C:\WINDOWS\System32\tssdis.exe [2007-05-21 71168]
S4 WigfgnHelp32;Windorews Help System; C:\WINDOWS\system32\WinHelp32.exe []
S4 WmdmPmSN;Portable Media Serial Number Service; C:\WINDOWS\System32\svchost.exe [2007-05-21 14848]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Prosím o kontrolu logu

#12 Příspěvek od motji »

Ještě tam něco je, zkuste jestli Vám pujde mbam a zbytek pak dočistím skriptem :)

:arrow: Stahněte MBAM z mého podpisu
-Nainstalujte,dejte úplný sken

NIC NEMAZAT :!:
-MBAM má občas falešné detekce,proto budeme mazat až po kontrole logu.
-Log zkopírujte sem.
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
dopa
Návštěvník
Návštěvník
Příspěvky: 307
Registrován: 12 říj 2006 08:52

Re: Prosím o kontrolu logu

#13 Příspěvek od dopa »

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Verze databáze: 4699

Windows 5.2.3790 Service Pack 2
Internet Explorer 8.0.6001.18702

26.9.2010 22:37:56
mbam-log-2010-09-26 (22-37-56).txt

Typ skenu: Úplný sken (C:\|G:\|)
Skenované objekty: 425767
Uplynulý čas: 1 hodina(y), 40 minuta(y), 34 sekunda(y)

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče registru: 2
Infikované hodnoty registru: 0
Infikované datové položky registru: 0
Infikované složky: 0
Infikované soubory: 0

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cscript.exe (Security.Hijack) -> No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_BACKGROUND_SWITCH (Worm.AutoRun) -> No action taken.

Infikované hodnoty registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
(Žádné škodlivé položky nebyly zjištěny)
Nahoru
Uživatelský avatar
motji
VIP
VIP
Příspěvky: 23302
Registrován: 23 říj 2008 08:02

Re: Prosím o kontrolu logu

#14 Příspěvek od motji »

V mbamu vše smažte.

:arrow: Stahněte OTL http://oldtimer.geekstogo.com/OTL.exe
-uložte ho na plochu a spustte soubor OTL.exe.
-do bílého okna dole skopírujte tento skript:

Kód: Vybrat vše

netsvcs
drivers32
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
c:\windows\*.* /U
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
nvrd32.sys
symmpi.sys
adp3132.sys
mv61xx.sys
nvraid.sys
ndis.sys
winlogon.exe
explorer.exe
userinit.exe
lsass.exe
svchost.exe
smss.exe
hal.dll
ws2_32.dll
tcpip.sys
cryptsvc.dll
Changer.sys
JakNDis.sys
isapnp.sys
cdrom.sys
/md5stop
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
CREATERESTOREPOINT
- zaškrtněte okénko Pro všechny uživatele.
-označte okénka Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
- Klikněte na tlačítko Prohledat
-po dokončení skenu se objeví logy OTL.Txt a Extras.txt, vložte je zde :)


ale na logy kouknu až zítr avečer, dnes už končím :)
Nepoužívejte COMBOFIX bez doporučení rádce, může dojít k poškození systému!
Vždy před odvirováním počítače zazálohujte důležitá data :!:
Chcete podpořit naše forum? Informace zde

Obrázek

K zastižení jsem spíše v noci, mezi 21.-23. hodinou
Pokud máte nějaké dotazy, můžete mi napsat na email Motji(zavináč)forum.viry.cz.
Nahoru
dopa
Návštěvník
Návštěvník
Příspěvky: 307
Registrován: 12 říj 2006 08:52

Re: Prosím o kontrolu logu

#15 Příspěvek od dopa »

tak nevím, ten soft už běžíé asi 3 hodiny a bez známek života.. furt je dole Scanning driver WDICA, nad tím, Createrestotrepiont a nic... :) hlásí se, že neodpovídá
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“