VIRY.CZ

Dobrý den, tenhle počítač asi dost spamuje (už jsem i na blacklistu), tak jsem se chtěl zeptat, co je příčinou.
Děkuji
Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2011-12-05 16:36:07
Microsoft(R) Windows(R) Server 2003, Standard Edition Service Pack 2
System drive C: has 46 GB (69%) free of 67 GB
Total RAM: 1023 MB (21% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:36:33, on 5.12.2011
Platform: Windows 2003 SP2 (WinNT 5.02.3790)
MSIE: Internet Explorer v7.00 (7.00.6000.17103)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\dns.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Promise Technology, Inc\Promise Array Management\MsgAgt.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Program Files\Spyware Terminator\st_rsser.exe
C:\WINDOWS\System32\wins.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\onlinePC\OnLinePC\OnLinePC.exe
C:\Program Files\NetMonStat\netmon.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Merak\kaspersky\bin\kavehost.exe
C:\Program Files\Merak\smtp.exe
C:\Program Files\Merak\pop3.exe
C:\Program Files\Merak\control.exe
C:\Program Files\Merak\ldap\slapd.exe
C:\Program Files\Merak\im.exe
C:\Program Files\Merak\purple\purpleserv.exe
C:\Program Files\Merak\cal.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\onlinePC\OnLinePC\OnLinePC.exe
C:\Program Files\NetMonStat\netmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Administrator\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource= ... =CT2475029
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O4 - HKLM\..\Run: [SetCacheMode] Rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [C:\Program Files\onlinePC\OnLinePC\OnLinePC.exe] C:\Program Files\onlinePC\OnLinePC\OnLinePC.exe
O4 - HKLM\..\Run: [netmonstat] C:\Program Files\NetMonStat\netmon.exe
O4 - HKLM\..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
O4 - HKLM\..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O15 - ESC Trusted Zone: http://*.ad.wz.cz
O15 - ESC Trusted Zone: http://get.adobe.com
O15 - ESC Trusted Zone: http://view.atdmt.com
O15 - ESC Trusted Zone: http://ad2.billboard.cz
O15 - ESC Trusted Zone: http://ftp.cesnet.cz
O15 - ESC Trusted Zone: http://files2.grisoft.cz
O15 - ESC Trusted Zone: http://*.icewarp.cz
O15 - ESC Trusted Zone: http://runonce.msn.com
O15 - ESC Trusted Zone: http://*.server
O15 - ESC Trusted Zone: http://iframe.speedtest.cz
O15 - ESC Trusted Zone: http://www.toupal.wz.cz
O15 - ESC Trusted Zone: http://*.windowsupdate.com
O15 - ESC Trusted Zone: http://www.zive.cz
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O16 - DPF: {3F932FFA-F092-4FDB-92C5-1285978614D2} (WATCH_16R Control) - http://192.168.1.177/WATCH_16R.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2309974767
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8960445281
O17 - HKLM\System\CCS\Services\Tcpip\..\{3AABE6CB-3CFD-46B5-B31A-2A83294711CC}: NameServer = 77.236.192.130,88.86.107.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{3BB51956-F4DA-4208-828F-B87FF606E50A}: NameServer = 127.0.0.1
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: IceWarp GroupWare Server (IceWarpCalendar) - IceWarp Ltd. - C:\Program Files\Merak\cal.exe
O23 - Service: IceWarp Web / RCP / FTP (IceWarpControl) - IceWarp Ltd. - C:\Program Files\Merak\control.exe
O23 - Service: IceWarp IM / VoIP (IceWarpIM) - IceWarp Ltd. - C:\Program Files\Merak\im.exe
O23 - Service: IceWarp POP3 / IMAP (IceWarpPOP3) - IceWarp Ltd. - C:\Program Files\Merak\pop3.exe
O23 - Service: IceWarp SMTP (IceWarpSMTP) - IceWarp Ltd. - C:\Program Files\Merak\smtp.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: IceWarp Kaspersky anti-virus service (kavehost) - Kaspersky Lab ZAO - C:\Program Files\Merak\kaspersky\bin\kavehost.exe
O23 - Service: Promise Array Message Agent (RAIDmAgt) - Promise Technology, Inc. - C:\Program Files\Promise Technology, Inc.\Promise Array Management\MsgAgt.exe
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files\Spyware Terminator\st_rsser.exe

--
End of file - 8712 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\87cttsxi.default

prefs.js - "browser.startup.homepage" - "http://search.conduit.com/?ctid=CT24750 ... hSource=13"
prefs.js - "extensions.enabledItems" - "{9d1f059c-cada-4111-9696-41a62d64e3ba}:0.5.3, {7E77F5DF-8022-40e3-9122-F03DEBEFC43B}:1.0.06p, {9D6218B8-03C7-4b91-AA43-680B305DD35C}:1.7.9.7, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2475029&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np32dsw.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
np_hoem_x.dll
nsIQTScriptablePlugin.xpt
QuickTimePlugin.class
ShockwavePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\87cttsxi.default\extensions\
engine@conduit.com
{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}

C:\Documents and Settings\Administrator\Data aplikací\Mozilla\Firefox\Profiles\87cttsxi.default\searchplugins\
conduit.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16 37808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}]
MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - MyAshampoo Toolbar - C:\Program Files\MyAshampoo\tbMyAs.dll [2010-11-29 3908192]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-11-29 3908192]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SetCacheMode"=ptipbmf.dll,SetWriteCacheMode []
"C:\Program Files\onlinePC\OnLinePC\OnLinePC.exe"=C:\Program Files\onlinePC\OnLinePC\OnLinePC.exe [2005-02-17 1106944]
"netmonstat"=C:\Program Files\NetMonStat\netmon.exe [2008-05-13 4618240]
"SpywareTerminatorShield"=C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe [2011-11-22 2779824]
"SpywareTerminatorUpdater"=C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [2011-11-22 3621040]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2011-01-12 2219184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2007-02-17 15360]
"NBJ"=C:\Program Files\Ahead\Nero BackItUp\NBJ.exe [2005-05-19 1957888]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
C:\WINDOWS\system32\crypt32.dll [2011-11-12 598528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
C:\WINDOWS\system32\cryptnet.dll [2007-02-17 62464]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
C:\WINDOWS\system32\cscdll.dll [2007-02-17 102400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
C:\WINDOWS\system32\dimsntfy.dll [2007-02-17 19456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
C:\WINDOWS\system32\wlnotify.dll [2007-02-17 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
C:\WINDOWS\system32\wlnotify.dll [2007-02-17 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
C:\WINDOWS\system32\sclgntfy.dll [2003-05-16 21504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
C:\WINDOWS\system32\WlNotify.dll [2007-02-17 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
C:\WINDOWS\system32\wlnotify.dll [2007-02-17 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
C:\WINDOWS\system32\wlnotify.dll [2007-02-17 96768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll [2011-01-21 8366080]
CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll [2011-01-21 8366080]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll [2011-08-17 233472]
SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll [2007-02-17 122880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll [2007-02-17 1033216]
Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll [2007-02-17 1033216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=C:\WINDOWS\system32\shell32.dll [2011-01-21 8366080]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=RASSFM
KDCSVC
WDIGEST
scecli

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmadmin]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmboot.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmload.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dmserver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmadmin]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmboot.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmload.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dmserver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ip6fw.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NtLmSsp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpcdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpwd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sharedaccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdpipe.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tdtcp.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\termservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WZCSVC]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"disablecad"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=0
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ShowSuperHidden"=1
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Symantec\Ghost\GhostSrv.exe"="C:\Program Files\Symantec\Ghost\GhostSrv.exe:*:Enabled:Symantec GhostCast Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\Symantec\Ghost\GhostSrv.exe"="C:\Program Files\Symantec\Ghost\GhostSrv.exe:*:Enabled:Symantec GhostCast Server"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

======List of files/folders created in the last 1 month======

2011-12-05 16:36:10 ----D---- C:\Program Files\trend micro
2011-12-05 16:36:07 ----D---- C:\rsit
2011-12-05 13:58:30 ----D---- C:\Program Files\CCleaner
2011-12-02 11:21:36 ----D---- C:\Program Files\ESET
2011-12-02 11:21:36 ----D---- C:\Documents and Settings\All Users\Data aplikací\ESET
2011-12-02 11:19:13 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-12-02 11:19:13 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-12-02 11:11:43 ----A---- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2011-12-02 11:11:42 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2011-12-02 11:11:42 ----D---- C:\Documents and Settings\Administrator\Data aplikací\Spyware Terminator
2011-12-02 11:10:45 ----D---- C:\Program Files\Spyware Terminator
2011-11-22 09:09:22 ----D---- C:\zaloha
2011-11-17 03:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2641690-v2$
2011-11-12 08:35:57 ----A---- C:\WINDOWS\system32\crypt32.dll
2011-11-10 03:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$

======List of files/folders modified in the last 1 month======

2011-12-05 16:36:10 ----RD---- C:\Program Files
2011-12-05 16:31:27 ----D---- C:\WINDOWS\Temp
2011-12-05 13:59:47 ----A---- C:\WINDOWS\wincmd.ini
2011-12-05 13:59:43 ----D---- C:\WINDOWS\Debug
2011-12-05 13:59:43 ----D---- C:\WINDOWS
2011-12-05 13:59:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\netmonstat
2011-12-05 10:23:43 ----D---- C:\Program Files\Mozilla Firefox
2011-12-05 10:20:33 ----D---- C:\TEMP
2011-12-02 11:52:34 ----D---- C:\WINDOWS\system32\CatRoot2
2011-12-02 11:46:41 ----D---- C:\WINDOWS\system32
2011-12-02 11:46:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-12-02 11:43:16 ----D---- C:\WINDOWS\system32\ias
2011-12-02 11:42:39 ----D---- C:\WINDOWS\system32\wins
2011-12-02 11:42:37 ----A---- C:\WINDOWS\MsgAgt.INI
2011-12-02 11:22:51 ----SHD---- C:\WINDOWS\Installer
2011-12-02 11:22:38 ----D---- C:\WINDOWS\system32\drivers
2011-12-02 11:22:37 ----D---- C:\WINDOWS\inf
2011-11-19 21:36:35 ----AC---- C:\WINDOWS\TextSpy.ini
2011-11-19 20:34:51 ----AC---- C:\WINDOWS\NeroDigital.ini
2011-11-19 20:23:45 ----D---- C:\Program Files\Microsoft Office
2011-11-17 03:16:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-11-16 19:57:01 ----HD---- C:\WINDOWS\$hf_mig$
2011-11-13 03:00:15 ----D---- C:\WINDOWS\WinSxS
2011-11-11 12:38:26 ----D---- C:\Documents and Settings\Administrator\Data aplikací\PriceGong
2011-11-11 09:16:37 ----D---- C:\Program Files\Merak
2011-11-10 03:00:47 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;Microsoft ACPI Driver; C:\WINDOWS\system32\DRIVERS\ACPI.sys [2007-02-17 194560]
R0 agp440;Filtr Intel sběrnice AGP; C:\WINDOWS\system32\DRIVERS\agp440.sys [2007-02-17 44032]
R0 atapi;Standardní řadič disku IDE či ESDI; C:\WINDOWS\system32\DRIVERS\atapi.sys [2007-02-17 96768]
R0 crcdisk;Ovladač filtru disku CRC; C:\WINDOWS\system32\DRIVERS\crcdisk.sys [2007-02-17 17920]
R0 DfsDriver;DfsDriver; C:\WINDOWS\system32\drivers\Dfs.sys [2007-02-17 34816]
R0 Disk;Ovladač disku; C:\WINDOWS\system32\DRIVERS\disk.sys [2007-02-17 39936]
R0 dmio;Ovladač správce logických disků; C:\WINDOWS\System32\drivers\dmio.sys [2007-02-17 151552]
R0 dmload;dmload; C:\WINDOWS\System32\drivers\dmload.sys [2003-05-16 7680]
R0 fasttx2k;fasttx2k; C:\WINDOWS\system32\drivers\fasttx2k.sys [2003-06-04 123904]
R0 FltMgr;FltMgr; C:\WINDOWS\system32\drivers\fltmgr.sys [2007-02-17 130560]
R0 Ftdisk;Ovladač správce svazků; C:\WINDOWS\system32\DRIVERS\ftdisk.sys [2007-02-17 137216]
R0 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2007-02-17 7680]
R0 isapnp;Řadič Plug and Play sběrnice ISA/EISA; C:\WINDOWS\system32\DRIVERS\isapnp.sys [2007-02-17 38912]
R0 KSecDD;KSecDD; C:\WINDOWS\system32\drivers\KSecDD.sys [2009-06-15 134656]
R0 MountMgr;Správce přípojných bodů; C:\WINDOWS\system32\drivers\MountMgr.sys [2007-02-17 46592]
R0 Mup;Služba Multiple UNC Provider; C:\WINDOWS\system32\drivers\Mup.sys [2011-04-12 103424]
R0 NDIS;Systémový ovladač NDIS; C:\WINDOWS\system32\drivers\NDIS.sys [2007-02-17 210432]
R0 PartMgr;Správce oddílů; C:\WINDOWS\system32\drivers\PartMgr.sys [2007-02-17 25088]
R0 PCI;Řadič sběrnice PCI; C:\WINDOWS\system32\DRIVERS\pci.sys [2007-02-17 75264]
R0 PCIIde;PCIIde; C:\WINDOWS\system32\DRIVERS\pciide.sys [2003-05-15 5632]
R0 VolSnap;Paměťové svazky; C:\WINDOWS\system32\DRIVERS\volsnap.sys [2007-02-17 153600]
R1 AFD;Prostředí pro podporu sítě AFD; C:\WINDOWS\System32\drivers\afd.sys [2011-08-17 150528]
R1 Beep;Beep; C:\WINDOWS\system32\drivers\Beep.sys [2003-05-16 6144]
R1 Cdrom;Ovladač jednotky CD-ROM; C:\WINDOWS\system32\DRIVERS\cdrom.sys [2007-02-17 52224]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-12-21 115008]
R1 epfwtdir;epfwtdir; C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2010-12-21 94872]
R1 Fips;Fips; C:\WINDOWS\system32\drivers\Fips.sys [2007-02-17 45568]
R1 imapi;CD-Burning Filter Driver; C:\WINDOWS\system32\DRIVERS\imapi.sys [2007-02-17 43520]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2004-07-16 28672]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2004-07-16 27648]
R1 IPSec;Ovladač IPSEC; C:\WINDOWS\system32\DRIVERS\ipsec.sys [2007-02-17 82432]
R1 Kbdclass;Ovladač třídy klávesnic; C:\WINDOWS\system32\DRIVERS\kbdclass.sys [2007-02-17 25600]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2007-02-17 17408]
R1 mnmdd;mnmdd; C:\WINDOWS\system32\drivers\mnmdd.sys [2003-05-16 6144]
R1 Mouclass;Ovladač třídy myší; C:\WINDOWS\system32\DRIVERS\mouclass.sys [2003-05-16 23040]
R1 MRxSmb;MRXSMB; C:\WINDOWS\system32\DRIVERS\mrxsmb.sys [2011-07-06 439296]
R1 Msfs;Msfs; C:\WINDOWS\system32\drivers\Msfs.sys [2007-02-17 21504]
R1 NetBIOS;Rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\netbios.sys [2007-02-17 34816]
R1 NetBT;Rozhraní NetBios nad protokolem TCP/IP; C:\WINDOWS\system32\DRIVERS\netbt.sys [2007-02-17 180224]
R1 Npfs;Npfs; C:\WINDOWS\system32\drivers\Npfs.sys [2007-02-17 32256]
R1 Null;Null; C:\WINDOWS\system32\drivers\Null.sys [2003-05-16 4608]
R1 PCLEPCI;PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys []
R1 RasAcd;Ovladač automatického připojení pomocí vzdáleného přístupu; C:\WINDOWS\system32\DRIVERS\rasacd.sys [2003-05-16 10752]
R1 Rdbss;Rdbss; C:\WINDOWS\system32\DRIVERS\rdbss.sys [2010-02-24 177664]
R1 RDPCDD;RDPCDD; C:\WINDOWS\System32\DRIVERS\RDPCDD.sys [2003-05-16 6144]
R1 redbook;Digital CD Audio Playback Filter Driver; C:\WINDOWS\system32\DRIVERS\redbook.sys [2007-02-17 61952]
R1 Serial;Ovladač sériového portu; C:\WINDOWS\system32\DRIVERS\serial.sys [2007-02-17 65536]
R1 sp_rsdrv2;Spyware Terminator 2012 Realtime Shield Driver; \??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys []
R1 Tcpip;Ovladač protokolu TCP/IP; C:\WINDOWS\system32\DRIVERS\tcpip.sys [2009-08-15 393216]
R1 TermDD;Ovladač terminálového zařízení; C:\WINDOWS\system32\DRIVERS\termdd.sys [2007-02-17 41608]
R1 VgaSave;Grafický řadič VGA; C:\WINDOWS\System32\drivers\vga.sys [2007-02-17 23552]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-12-21 141264]
R2 Parvdm;Parvdm; C:\WINDOWS\system32\DRIVERS\parvdm.sys [2003-05-16 8704]
R3 ati2mpad;ati2mpad; C:\WINDOWS\system32\DRIVERS\ati2mpad.sys [2003-05-15 343424]
R3 audstub;Prázdný zvukový ovladač; C:\WINDOWS\system32\DRIVERS\audstub.sys [2003-03-25 5120]
R3 E1000;Intel(R) PRO/1000 Adapter Driver; C:\WINDOWS\system32\DRIVERS\e1000325.sys [2004-03-12 131584]
R3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2004-02-10 154112]
R3 Fdc;Ovladač řadiče disketové jednotky; C:\WINDOWS\system32\DRIVERS\fdc.sys [2007-02-17 24576]
R3 Flpydisk;Ovladač disketové jednotky; C:\WINDOWS\system32\DRIVERS\flpydisk.sys [2003-05-16 18432]
R3 Gpc;Obecné třídění paketů; C:\WINDOWS\system32\DRIVERS\msgpc.sys [2007-02-17 39424]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2003-03-25 11776]
R3 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2007-02-17 40448]
R3 IpNat;IP Network Address Translator; C:\WINDOWS\system32\DRIVERS\ipnat.sys [2007-02-17 119296]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2003-05-15 13312]
R3 mssmbios;Ovladač Microsoft System Management BIOS; C:\WINDOWS\system32\DRIVERS\mssmbios.sys [2007-02-17 19968]
R3 NdisTapi;Ovladač Remote Access NDIS TAPI; C:\WINDOWS\system32\DRIVERS\ndistapi.sys [2011-07-08 12288]
R3 Ndisuio;Protokol NDIS uživatelského režimu V/V; C:\WINDOWS\system32\DRIVERS\ndisuio.sys [2007-02-17 16384]
R3 NdisWan;Ovladač Remote Access NDIS WAN; C:\WINDOWS\system32\DRIVERS\ndiswan.sys [2007-02-17 89600]
R3 NDProxy;Služba NDIS Proxy; C:\WINDOWS\system32\drivers\NDProxy.sys [2010-11-03 40960]
R3 Parport;Ovladač paralelního portu; C:\WINDOWS\system32\DRIVERS\parport.sys [2007-02-17 81408]
R3 PptpMiniport;Připojení WAN Miniport (PPTP); C:\WINDOWS\system32\DRIVERS\raspptp.sys [2007-02-17 59904]
R3 Ptilink;Direct Parallel Link Driver; C:\WINDOWS\system32\DRIVERS\ptilink.sys [2007-02-17 20480]
R3 Rasl2tp;WAN Miniport (L2TP); C:\WINDOWS\system32\DRIVERS\rasl2tp.sys [2007-02-17 65536]
R3 RasPppoe;Ovladač pro vzdálený přístup PPPOE; C:\WINDOWS\system32\DRIVERS\raspppoe.sys [2007-02-17 40960]
R3 Raspti;Přímé propojení paralelním kabelem; C:\WINDOWS\system32\DRIVERS\raspti.sys [2007-02-17 19968]
R3 rdpdr;Ovladač přesměrovače zařízení terminálového serveru; C:\WINDOWS\system32\DRIVERS\rdpdr.sys [2007-02-17 200192]
R3 RDPWD;RDPWD; C:\WINDOWS\system32\drivers\RDPWD.sys [2011-06-24 152200]
R3 serenum;Ovladač filtru Serenum; C:\WINDOWS\system32\DRIVERS\serenum.sys [2007-02-17 17920]
R3 Srv;Srv; C:\WINDOWS\system32\DRIVERS\srv.sys [2011-02-17 381952]
R3 swenum;Softwarový ovladač sběrnice; C:\WINDOWS\system32\DRIVERS\swenum.sys [2007-02-17 4736]
R3 TDTCP;TDTCP; C:\WINDOWS\system32\drivers\TDTCP.sys [2007-02-17 24200]
R3 Update;Ovladač aktualizace mikrokódu; C:\WINDOWS\system32\DRIVERS\update.sys [2007-05-28 365056]
R3 usbehci;Ovladač Miniport vylepšeného hostitelského řadiče Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-02-17 27520]
R3 usbhub;Ovladač standardního rozbočovače USB; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-02-17 60416]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2007-02-17 20864]
R3 Wanarp;Ovladač Remote Access IP ARP; C:\WINDOWS\system32\DRIVERS\wanarp.sys [2007-02-17 36352]
R4 Cdfs;Cdfs; C:\WINDOWS\system32\drivers\Cdfs.sys [2007-02-17 65536]
R4 Fastfat;Fastfat; C:\WINDOWS\system32\drivers\Fastfat.sys [2007-02-17 151040]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2004-07-16 92672]
R4 Ntfs;Ntfs; C:\WINDOWS\system32\drivers\Ntfs.sys [2007-02-17 589824]
S1 Changer;Changer; C:\WINDOWS\system32\drivers\Changer.sys []
S1 i2omgmt;i2omgmt; C:\WINDOWS\system32\drivers\i2omgmt.sys []
S1 i8042prt;i8042 Keyboard and PS/2 Mouse Port Driver; C:\WINDOWS\system32\DRIVERS\i8042prt.sys [2007-02-17 55296]
S1 Sfloppy;Sfloppy; C:\WINDOWS\system32\drivers\Sfloppy.sys [2003-05-16 12288]
S3 AsyncMac;Ovladač asynchronních médií připojení RAS; C:\WINDOWS\system32\DRIVERS\asyncmac.sys [2003-05-16 16384]
S3 Atmarpc;Protokol ATM ARP Client; C:\WINDOWS\system32\DRIVERS\atmarpc.sys [2007-02-17 59392]
S3 dot4;Ovladač MS IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [2007-02-17 207872]
S3 Dot4Print;Ovladač třídy tiskárny standardu IEEE-1284.4; C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys [2003-03-25 14848]
S3 dot4usb;Filtr Dot4USB Dot4USB Filter; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [2003-05-15 26112]
S3 HTTP;Služba HTTP; C:\WINDOWS\System32\Drivers\HTTP.sys [2009-10-20 294400]
S3 ip6fw;Ovladač IPv6 brány firewall systému Windows; C:\WINDOWS\system32\drivers\ip6fw.sys [2007-02-17 36352]
S3 IpFilterDriver;IP Traffic Filter Driver; C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys [2007-02-17 32768]
S3 IpInIp;IP in IP Tunnel Driver; C:\WINDOWS\system32\DRIVERS\ipinip.sys []
S3 IRENUM;Služba čítače výčtu IR; C:\WINDOWS\system32\DRIVERS\irenum.sys [2007-02-17 12800]
S3 Modem;Modem; C:\WINDOWS\system32\drivers\Modem.sys [2007-02-17 31232]
S3 MRxDAV;Přesměrovač klienta WebDav; C:\WINDOWS\system32\DRIVERS\mrxdav.sys [2007-12-17 188928]
S3 PDCOMP;PDCOMP; C:\WINDOWS\system32\drivers\PDCOMP.sys []
S3 PDFRAME;PDFRAME; C:\WINDOWS\system32\drivers\PDFRAME.sys []
S3 PDRELI;PDRELI; C:\WINDOWS\system32\drivers\PDRELI.sys []
S3 PDRFRAME;PDRFRAME; C:\WINDOWS\system32\drivers\PDRFRAME.sys []
S3 Processor;Ovladač procesoru; C:\WINDOWS\system32\DRIVERS\processr.sys [2007-02-17 39424]
S3 Secdrv;Secdrv; C:\WINDOWS\system32\DRIVERS\secdrv.sys [2007-11-13 20480]
S3 TDPIPE;TDPIPE; C:\WINDOWS\system32\drivers\TDPIPE.sys [2007-02-17 12936]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2007-02-17 32128]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2007-02-17 28160]
S3 WDICA;WDICA; C:\WINDOWS\system32\drivers\WDICA.sys []
S3 WLBS;Vyrovnávání zatížení sítě; C:\WINDOWS\system32\DRIVERS\wlbs.sys [2007-02-17 177152]
S4 Abiosdsk;Abiosdsk; C:\WINDOWS\system32\drivers\Abiosdsk.sys []
S4 ACPIEC;ACPIEC; C:\WINDOWS\system32\drivers\ACPIEC.sys [2003-05-16 13312]
S4 adpu160m;adpu160m; C:\WINDOWS\system32\drivers\adpu160m.sys []
S4 adpu320;adpu320; C:\WINDOWS\system32\drivers\adpu320.sys []
S4 afcnt;afcnt; C:\WINDOWS\system32\drivers\afcnt.sys []
S4 Aha154x;Aha154x; C:\WINDOWS\system32\drivers\Aha154x.sys []
S4 aic78u2;aic78u2; C:\WINDOWS\system32\drivers\aic78u2.sys []
S4 aic78xx;aic78xx; C:\WINDOWS\system32\drivers\aic78xx.sys []
S4 AliIde;AliIde; C:\WINDOWS\system32\drivers\AliIde.sys []
S4 Atdisk;Atdisk; C:\WINDOWS\system32\drivers\Atdisk.sys []
S4 cbidf2k;cbidf2k; C:\WINDOWS\system32\drivers\cbidf2k.sys [2003-05-16 15360]
S4 cd20xrnt;cd20xrnt; C:\WINDOWS\system32\drivers\cd20xrnt.sys []
S4 ClusDisk;Cluster Disk Driver; C:\WINDOWS\system32\DRIVERS\ClusDisk.sys [2007-02-17 69120]
S4 CmdIde;CmdIde; C:\WINDOWS\system32\drivers\CmdIde.sys []
S4 Cpqarray;Cpqarray; C:\WINDOWS\system32\drivers\Cpqarray.sys []
S4 cpqarry2;cpqarry2; C:\WINDOWS\system32\drivers\cpqarry2.sys []
S4 cpqcissm;cpqcissm; C:\WINDOWS\system32\drivers\cpqcissm.sys []
S4 cpqfcalm;cpqfcalm; C:\WINDOWS\system32\drivers\cpqfcalm.sys []
S4 dac2w2k;dac2w2k; C:\WINDOWS\system32\drivers\dac2w2k.sys []
S4 dac960nt;dac960nt; C:\WINDOWS\system32\drivers\dac960nt.sys []
S4 dellcerc;dellcerc; C:\WINDOWS\system32\drivers\dellcerc.sys []
S4 dmboot;dmboot; C:\WINDOWS\System32\drivers\dmboot.sys [2007-02-17 268800]
S4 dpti2o;dpti2o; C:\WINDOWS\system32\drivers\dpti2o.sys []
S4 FTEventService;FTEVTBDG; \??\C:\Program Files\Promise Technology, Inc\Promise Array Management\FTEVTBDG.sys []
S4 hpn;hpn; C:\WINDOWS\system32\drivers\hpn.sys []
S4 hpt3xx;hpt3xx; C:\WINDOWS\system32\drivers\hpt3xx.sys []
S4 i2omp;i2omp; C:\WINDOWS\system32\drivers\i2omp.sys []
S4 iirsp;iirsp; C:\WINDOWS\system32\drivers\iirsp.sys []
S4 ipsraidn;ipsraidn; C:\WINDOWS\system32\drivers\ipsraidn.sys []
S4 lp6nds35;lp6nds35; C:\WINDOWS\system32\drivers\lp6nds35.sys []
S4 mraid35x;mraid35x; C:\WINDOWS\system32\drivers\mraid35x.sys []
S4 nfrd960;nfrd960; C:\WINDOWS\system32\drivers\nfrd960.sys []
S4 Pcmcia;Pcmcia; C:\WINDOWS\system32\drivers\Pcmcia.sys [2007-02-17 121856]
S4 perc2;perc2; C:\WINDOWS\system32\drivers\perc2.sys []
S4 perc2hib;perc2hib; C:\WINDOWS\system32\drivers\perc2hib.sys []
S4 ql1080;ql1080; C:\WINDOWS\system32\drivers\ql1080.sys []
S4 Ql10wnt;Ql10wnt; C:\WINDOWS\system32\drivers\Ql10wnt.sys []
S4 ql12160;ql12160; C:\WINDOWS\system32\drivers\ql12160.sys []
S4 ql1240;ql1240; C:\WINDOWS\system32\drivers\ql1240.sys []
S4 ql1280;ql1280; C:\WINDOWS\system32\drivers\ql1280.sys []
S4 ql2100;ql2100; C:\WINDOWS\system32\drivers\ql2100.sys []
S4 ql2200;ql2200; C:\WINDOWS\system32\drivers\ql2200.sys []
S4 ql2300;ql2300; C:\WINDOWS\system32\drivers\ql2300.sys []
S4 Simbad;Simbad; C:\WINDOWS\system32\drivers\Simbad.sys []
S4 Sparrow;Sparrow; C:\WINDOWS\system32\drivers\Sparrow.sys []
S4 sym_hi;sym_hi; C:\WINDOWS\system32\drivers\sym_hi.sys []
S4 sym_u3;sym_u3; C:\WINDOWS\system32\drivers\sym_u3.sys []
S4 symc810;symc810; C:\WINDOWS\system32\drivers\symc810.sys []
S4 symc8xx;symc8xx; C:\WINDOWS\system32\drivers\symc8xx.sys []
S4 symmpi;symmpi; C:\WINDOWS\system32\drivers\symmpi.sys []
S4 TosIde;TosIde; C:\WINDOWS\system32\drivers\TosIde.sys []
S4 Udfs;Udfs; C:\WINDOWS\system32\drivers\Udfs.sys [2007-02-17 67584]
S4 ultra;ultra; C:\WINDOWS\system32\drivers\ultra.sys []
S4 ViaIde;ViaIde; C:\WINDOWS\system32\drivers\ViaIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AeLookupSvc;Služba vyhledávání zkušeností aplikací; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 AudioSrv;Zvuk systému Windows; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 Browser;Prohledávání počítačů; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 CryptSvc;Šifrování; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 DcomLaunch;Spouštěč procesů serveru DCOM; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 Dhcp;Klient DHCP; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 dmserver;Správce logických disků; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 DNS;Server DNS; C:\WINDOWS\System32\dns.exe [2011-06-29 449024]
R2 Dnscache;Klient DNS; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-01-12 810144]
R2 ERSvc;Zasílání zpráv o chybách; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 Eventlog;Protokol událostí; C:\WINDOWS\system32\services.exe [2009-02-09 113664]
R2 EventSystem;Systém událostí COM+; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 helpsvc;Nápověda a odborná pomoc; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 HidServ;HID Input Service; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 IAS;Služba ověřování v Internetu; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 IceWarpCalendar;IceWarp GroupWare Server; C:\Program Files\Merak\cal.exe [2011-11-11 2410840]
R2 IceWarpControl;IceWarp Web / RCP / FTP; C:\Program Files\Merak\control.exe [2011-11-11 3033432]
R2 IceWarpIM;IceWarp IM / VoIP; C:\Program Files\Merak\im.exe [2011-11-11 1979224]
R2 IceWarpPOP3;IceWarp POP3 / IMAP; C:\Program Files\Merak\pop3.exe [2011-11-11 2313560]
R2 IceWarpSMTP;IceWarp SMTP; C:\Program Files\Merak\smtp.exe [2011-11-11 2092376]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-07-16 1163378]
R2 lanmanserver;Server; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 lanmanworkstation;Pracovní stanice; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 LmHosts;Podpora rozhraní NetBIOS nad protokolem TCP/IP; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-20 322120]
R2 MSDTC;Koordinátor DTC; C:\WINDOWS\system32\msdtc.exe [2008-07-23 6144]
R2 PlugPlay;Plug and Play; C:\WINDOWS\system32\services.exe [2009-02-09 113664]
R2 PolicyAgent;Služby IPSEC; C:\WINDOWS\system32\lsass.exe [2003-05-16 16384]
R2 ProtectedStorage;Chráněné úložiště; C:\WINDOWS\system32\lsass.exe [2003-05-16 16384]
R2 RAIDmAgt;Promise Array Message Agent; C:\Program Files\Promise Technology, Inc.\Promise Array Management\MsgAgt.exe [2004-03-08 679936]
R2 RemoteAccess;Směrování a vzdálený přístup; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 RemoteRegistry;Vzdálený registr; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 RpcSs;Vzdálené volání procedur (RPC); C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 SamSs;Správce zabezpečení účtů; C:\WINDOWS\system32\lsass.exe [2003-05-16 16384]
R2 seclogon;Sekundární přihlašování; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 SENS;Oznamování systémových událostí; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 ShellHWDetection;Rozpoznávání hardwaru; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 Schedule;Plánovač úloh; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R2 SimpTcp;Jednoduché služby TCP/IP; C:\WINDOWS\system32\tcpsvcs.exe [2003-05-16 21504]
R2 Spooler;Zařazování tisku; C:\WINDOWS\system32\spoolsv.exe [2010-08-17 58880]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files\Spyware Terminator\st_rsser.exe [2011-11-22 482992]
R2 TrkWks;Klient služby sledování distribuovaných propojení; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 W32Time;Systémový čas; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 winmgmt;Služba WMI; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 WINS;WINS; C:\WINDOWS\System32\wins.exe [2011-08-10 158720]
R2 wuauserv;Automatické aktualizace; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R2 WZCSVC;Konfigurace bezdrátových zařízení; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R3 ALG;Služba brány aplikačního rozhraní; C:\WINDOWS\System32\alg.exe [2007-02-17 45056]
R3 kavehost;IceWarp Kaspersky anti-virus service; C:\Program Files\Merak\kaspersky\bin\kavehost.exe [2011-11-11 86016]
R3 Netman;Síťová připojení; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R3 Nla;Sledování umístění v síti (NLA); C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R3 NtLmSsp;Zprostředkovatel zabezpečení NT LM; C:\WINDOWS\system32\lsass.exe [2003-05-16 16384]
R3 RasMan;Správce vzdáleného přístupu; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
R3 TapiSrv;Telefonní subsystém; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
R3 TermService;Terminálová služba; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S2 InCDsrvR;InCD Helper (read only); C:\Program Files\Ahead\InCD\InCDsrv.exe [2004-07-16 1163378]
S2 SysmonLog;Výstrahy a protokolování výkonu; C:\WINDOWS\system32\smlogsvc.exe [2007-02-17 96768]
S3 AppMgmt;Správa aplikací; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 BITS;Služba inteligentního přenosu na pozadí; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 COMSysApp;Systémové aplikace modelu COM+; C:\WINDOWS\system32\dllhost.exe [2007-02-17 5632]
S3 Dfs;Systém souborů DFS; C:\WINDOWS\system32\Dfssvc.exe [2007-02-17 164864]
S3 dmadmin;Služba správy pro Správce logických disků; C:\WINDOWS\System32\dmadmin.exe [2007-02-17 235008]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [2011-01-12 33584]
S3 HTTPFilter;Služba HTTP SSL; C:\WINDOWS\system32\lsass.exe [2003-05-16 16384]
S3 MSIServer;Windows Installer; C:\WINDOWS\system32\msiexec.exe [2007-02-17 78848]
S3 Netlogon;Přihlašování k síti; C:\WINDOWS\system32\lsass.exe [2003-05-16 16384]
S3 NtFrs;Replikace souborů; C:\WINDOWS\system32\ntfrs.exe [2007-02-17 792576]
S3 NtmsSvc;Vyměnitelné úložiště; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 RasAuto;Správce automatického připojení pomocí vzdáleného přístupu; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 RDSessMgr;Správce relací nápovědy ke vzdálené ploše; C:\WINDOWS\system32\sessmgr.exe [2007-02-17 124928]
S3 RpcLocator;Lokátor vzdáleného volání procedur (RPC); C:\WINDOWS\system32\locator.exe [2003-05-16 71680]
S3 rqs;Agent karantény vzdáleného přístupu; C:\WINDOWS\system32\rqs.exe [2007-02-17 30720]
S3 RSoPProv;Poskytovatel výsledné sady zásad; C:\WINDOWS\system32\RSoPProv.exe [2007-02-17 67072]
S3 sacsvr;Pomocník pro práci se speciální konzolou pro správu; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 SCardSvr;Smart Card; C:\WINDOWS\System32\SCardSvr.exe [2007-02-17 92160]
S3 swprv;Microsoft Software Shadow Copy Provider; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 UMWdf;Sada ovladačů pro uživatelský režim systému Windows; C:\WINDOWS\system32\wdfmgr.exe [2007-02-17 39424]
S3 uploadmgr;Správce odesílání; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 UPS;Nepřerušitelný zdroj napájení (UPS); C:\WINDOWS\System32\ups.exe [2003-05-16 16896]
S3 vds;Virtual Disk Service; C:\WINDOWS\System32\vds.exe [2007-02-17 353280]
S3 VSS;Stínová kopie svazku; C:\WINDOWS\System32\vssvc.exe [2007-02-17 837632]
S3 WinHttpAutoProxySvc;Služba WinHTTP WPAD; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S3 WmdmPmSN;Služba sériového čísla přenosného zařízení; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 Wmi;Rozšíření ovladače WMI; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S3 WmiApSrv;Adaptér výkonu služby WMI; C:\WINDOWS\system32\wbem\wmiapsrv.exe [2007-02-17 127488]
S3 xmlprov;Služba pro síťová ustanovení; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S4 Alerter;Výstrahy; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 CiSvc;Indexing Service; C:\WINDOWS\system32\cisvc.exe [2007-02-17 6656]
S4 ClipSrv;Síťová schránka; C:\WINDOWS\system32\clipsrv.exe [2003-05-16 32256]
S4 ImapiService;Služba modelu COM pro zápis na disk CD (IMAPI); C:\WINDOWS\system32\imapi.exe [2007-02-17 157184]
S4 IsmServ;Mezisíťové zasílání zpráv; C:\WINDOWS\System32\ismserv.exe [2007-02-17 40448]
S4 kdc;Centrum distribuce klíčů modulu Kerberos; C:\WINDOWS\System32\lsass.exe [2003-05-16 16384]
S4 LicenseService;Protokolování licence; C:\WINDOWS\System32\llssrv.exe [2007-02-17 94720]
S4 Messenger;Kurýrní služba; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 mnmsrvc;NetMeeting - Vzdálené sdílení plochy; C:\WINDOWS\system32\mnmsrvc.exe [2007-02-17 32768]
S4 NetDDE;Služba DDE v síti; C:\WINDOWS\system32\netdde.exe [2007-02-17 111104]
S4 NetDDEdsdm;Správce DSDM služby DDE v síti; C:\WINDOWS\system32\netdde.exe [2007-02-17 111104]
S4 SharedAccess;Brána Firewall / Sdílení připojení k Internetu (ICS); C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 stisvc;Načítání obrázků (WIA); C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 Themes;Motivy; C:\WINDOWS\System32\svchost.exe [2007-02-17 14848]
S4 TlntSvr;Telnet; C:\WINDOWS\system32\tlntsvr.exe [2007-02-17 76800]
S4 TrkSvr;Server sledování distribuovaného propojení; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]
S4 Tssdis;Terminal Services Session Directory; C:\WINDOWS\System32\tssdis.exe [2007-02-17 71168]
S4 WebClient;Webový klient; C:\WINDOWS\system32\svchost.exe [2007-02-17 14848]

-----------------EOF-----------------

Zdravím!

Poprosím o log ComboFix.

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware

Děkuji za odpověď, ale combo neběží na SERVERu, mám server 2003.....

OK. Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log.

Status: Deleted (events: 2)
5.12.2011 22:55:38 Deleted adware not-a-virus:AdWare.Win32.DealHelper.j E:\RECYCLER\S-1-5-21-2626803833-2590210616-2312584135-500\De17652.dll Medium
5.12.2011 22:55:38 Deleted adware not-a-virus:AdWare.Win32.DealHelper.j E:\RECYCLER\S-1-5-21-2626803833-2590210616-2312584135-500\De17652.dll//CryptFF Medium

Dvouklikem na soubor C:\Program Files\trend micro\Administrator.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
R3 - URLSearchHook: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O2 - BHO: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O3 - Toolbar: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O15 - ESC Trusted Zone: http://*.ad.wz.cz
O15 - ESC Trusted Zone: http://get.adobe.com
O15 - ESC Trusted Zone: http://view.atdmt.com
O15 - ESC Trusted Zone: http://ad2.billboard.cz
O15 - ESC Trusted Zone: http://ftp.cesnet.cz
O15 - ESC Trusted Zone: http://files2.grisoft.cz
O15 - ESC Trusted Zone: http://*.icewarp.cz
O15 - ESC Trusted Zone: http://runonce.msn.com
O15 - ESC Trusted Zone: http://*.server
O15 - ESC Trusted Zone: http://iframe.speedtest.cz
O15 - ESC Trusted Zone: http://www.toupal.wz.cz
O15 - ESC Trusted Zone: http://*.windowsupdate.com
O15 - ESC Trusted Zone: http://www.zive.cz
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O16 - DPF: {3F932FFA-F092-4FDB-92C5-1285978614D2} (WATCH_16R Control) - http://192.168.1.177/WATCH_16R.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2309974767
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 8960445281

a klikněte na >Fix checked<. Restartujte PC.

Po restartu smažte:

C:\Program Files\MyAshampoo

Vzhledem k tomu, že máte nainstalován SpywareTerminátor a Spybot zároveň, doporučuji odinstalovat Spybot, aby nedocházelo k sw konfliktu.

děkuji za radu, provedeno, takže by to nemělo otravovat?

Ještě bych doporučil komplexní vyčištění od balastu CCleanerem: http://www.viry.cz/forum/viewtopic.php?f=46&t=7478 a sken Spywre terminátorem. Položky, které najde, smažte.

hmm, tak spamuju pořád, ach jo..... Máte ještě nějaký nápad kromě formátu disku?

Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log.

Tak bohužel to nic nenašlo, log je prázdný....No nic, nebudeme to řešit, zformátuju disky

Ještě byste mohl zkusit GMER: http://www.viry.cz/forum/viewtopic.php?f=29&t=62878 a dát oba logy. Tedy, pokud bude na tomto OS fungovat. Na WinServer občas některé utility nefungují.