Trojský kůň, který vytváří job přes SQL server agent

[Hektor939]

Dobrý den,
chtěl bych poprosit o projití následujícího logu.
Mám problém, že se mi na SQL serveru vytváří nové joby, ve kterých je nastaveno spouštění různých exe souboru (vždy se jmenuje jinak), které mají cestu na disku C:.Když tento job odstraním, tak se za nějakou dobu vytvoří nový. Soubory, které se mají spustit přes SQL job naštěstí antivir Eset Endpoin zachytí a vloží do truhly a tedy job nemá co spouštět/odkazovat. Eset zachytí stáhnutý soubor, ale nezachytí havěť, která vytváří joby. Bude se tedy jednat o trojského koně, který napadá/využívá SQL server.

Za případné nalezení této havěti budu velmi vděčný.
S pozdravem V.V.

Zde je výpis zprogramu RSIT:
Running processes:
C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAC9SWK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNABBSWK.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\SysWOW64\conime.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\itvrtal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://iesetup.dll/HardAdmin.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Cobian Backup 11 interface] "C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe" -service
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - S-1-5-21-3885677619-2180020940-2161389094-1107 Startup: Dropbox.lnk = ? (User 'VrtVac')
O4 - S-1-5-21-3885677619-2180020940-2161389094-1107 User Startup: Dropbox.lnk = ? (User 'VrtVac')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://www.cobiansoft.com
O15 - ESC Trusted Zone: http://www.eset.cz
O15 - ESC Trusted Zone: http://www.google.cz
O15 - ESC Trusted Zone: http://runonce.msn.com
O15 - ESC Trusted Zone: http://www.techspot.com
O15 - ESC Trusted Zone: http://m.webtrends.com
O15 - ESC Trusted Zone: http://*.windowsupdate.com
O15 - ESC Trusted Zone: http://runonce.msn.com (HKLM)
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O15 - ESC Trusted IP range: http://127.0.0.1
O15 - ESC Trusted IP range: http://89.203.144.93
O16 - DPF: {6C9B3550-8DF6-415D-9B8F-4B1E74D08355} (IndigoScreen2 ActiveX Control) - http://89.203.144.94/IndigoScreen.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = alba-metal.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{76D60EBD-0855-4D72-9F29-CEF143E70D5D}: NameServer = 127.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = alba-metal.local
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: APC PBE Agent (APCPBEAgent) - APC - C:\PROGRA~2\APC\POWERC~1\agent\pbeagent.exe
O23 - Service: Canon Driver Information Assist Service - CANON INC. - C:\Program Files\Canon\DIAS\CnxDIAS.exe
O23 - Service: Cobian Backup 11 Stínová kopie - Requester (cbVSCService11) - CobianSoft, Luis Cobian - C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
O23 - Service: Cerberus FTP Server - Cerberus, LLC - C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe
O23 - Service: Cobian Backup 11 Gravity (CobianBackup11) - Luis Cobian, CobianSoft - C:\Program Files (x86)\Cobian Backup 11\cbService.exe
O23 - Service: @%systemroot%\system32\dfssvc.exe,-101 (Dfs) - Unknown owner - C:\Windows\system32\dfssvc.exe (file missing)
O23 - Service: @dfsrress.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSRs.exe (file missing)
O23 - Service: @%systemroot%\system32\dns.exe,-49157 (DNS) - Unknown owner - C:\Windows\system32\dns.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET File Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET File Security\x86\ekrn.exe
O23 - Service: ESET RA HTTP Server (ERA_HTTP_SERVER) - ESET - C:\Program Files (x86)\ESET\ESET Remote Administrator\Server\EHttpSrv.exe
O23 - Service: ESET Remote Administrator Server (ERA_SERVER) - ESET - C:\Program Files (x86)\ESET\ESET Remote Administrator\Server\era.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @%SystemRoot%\System32\ismserv.exe,-1 (IsmServ) - Unknown owner - C:\Windows\System32\ismserv.exe (file missing)
O23 - Service: @%SystemRoot%\System32\kdcsvc.dll,-1 (kdc) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Optimax NetTest Service (NETTEST_SERVICE) - Unknown owner - D:\nettest.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ntdsmsg.dll,-1 (NTDS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @ntfrsres.dll,-130 (NtFrs) - Unknown owner - C:\Windows\system32\ntfrs.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%Systemroot%\system32\rqs.exe,-200 (Rqs) - Unknown owner - C:\Windows\system32\rqs.exe (file missing)
O23 - Service: @gpapi.dll,-114 (RSoPProv) - Unknown owner - C:\Windows\system32\RSoPProv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%windir%\system32\srm.dll,-3022 (SrmReports) - Unknown owner - C:\Windows\system32\srmhost.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: ZWSOFT License Manager - Flexera Software, Inc. - C:\Program Files (x86)\ZWLMS 2011 Eng\lmgrd.exe

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
"LogonUI.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {523D4250-295C-4E6C-A192-DD27C72495ED}
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\PROGRA~2\APC\POWERC~1\agent\pbeagent.exe
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files\Canon\DIAS\CnxDIAS.exe"
"C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe"
"C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe" -Service
"C:\Program Files (x86)\Cobian Backup 11\cbService.exe"
C:\Windows\system32\DFSRs.exe
C:\Windows\system32\dns.exe
"C:\Program Files\ESET\ESET File Security\x86\ekrn.exe"
"C:\Program Files (x86)\ESET\ESET Remote Administrator\Server\era.exe"
C:\Windows\system32\svchost.exe -k ftpsvc
C:\Windows\System32\ismserv.exe
"C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe"
"C:\Program Files\Microsoft SQL Server\MSSQL10.SQL2008\MSSQL\Binn\sqlservr.exe" -sSQL2008
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k regsvc
"C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost -k srmsvcs
C:\Windows\system32\svchost -k TSLicensing
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files (x86)\ZWLMS 2011 Eng\lmgrd.exe"
C:\Windows\system32\dfssvc.exe
"C:\Program Files (x86)\ZWLMS 2011 Eng\lmgrd.exe" -c "C:\Program Files (x86)\ZWLMS 2011 Eng\LicenseFile.lic" -l "C:\Program Files (x86)\ZWLMS 2011 Eng\sample.log" -z
zwflex.exe -T SRV-Alba 11.9 -1 -c "C:\Program Files (x86)\ZWLMS 2011 Eng\LicenseFile.lic" -lmgrd_port 6978 --lmgrd_start 50f78d09 -l "C:\Program Files (x86)\ZWLMS 2011 Eng\sample.log"
"C:\Program Files\Microsoft SQL Server\MSSQL10.SQL2008\MSSQL\Binn\SQLAGENT.EXE" -i SQL2008
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
C:\Windows\System32\svchost.exe -k tapisrv
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\msdtc.exe
C:\Windows\system32\iashost.exe {48DA6741-1BF0-4A44-8325-293086C79077} -Embedding
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
taskeng.exe {C3BA5CF4-A21B-40D3-8164-4D7461CAF04B}
rdpclip
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE"
"C:\Program Files\ESET\ESET File Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAC9SWK.EXE !hide Canon LBP7200C
C:\Windows\system32\spool\DRIVERS\x64\3\CNABBSWK.EXE !hide Canon LBP6300
"C:\Program Files (x86)\ESET\ESET Remote Administrator\Server\EHttpSrv.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" /ArmUpdateExe:"C:\ProgramData\Adobe\Acrobat\9.5\ARM\31010" /MODE:2 /PRODUCT:Acrobat /VERSION:9 /LANG:CZE
C:\Windows\system32\vssvc.exe
C:\Windows\system32\srmhost.exe
C:\Windows\System32\svchost.exe -k swprv
ftp -s:xpserver.exe
ftp -s:zyserver.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
rdpclip
taskeng.exe {2A74122E-3D2D-4807-B864-EA7C758A709B}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE"
"C:\Program Files\ESET\ESET File Security\egui.exe" /hide /waitservice
"C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe" -service
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2RPK.EXE
C:\Windows\system32\spool\DRIVERS\x64\3\CNAC9SWK.EXE !hide Canon LBP7200C
C:\Windows\system32\spool\DRIVERS\x64\3\CNABBSWK.EXE !hide Canon LBP6300
"C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe"
"C:\Helios\Helios.EXE"
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" /INSTALL
"C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe"
splwow64
"C:\totalcmd\TOTALCMD.EXE"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=6436.5e6ac00.1536134829 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll" - -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 6436 "\\.\pipe\gecko-crash-server-pipe.6436" plugin
"C:\Users\Administrator\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2012-09-24 329712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-12-18 352016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-09-24 59376]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-12-18 352016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2012-12-18 352016]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CNAP2 Launcher"=C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [2009-04-22 116128]
"egui"=C:\Program Files\ESET\ESET File Security\egui.exe [2012-05-14 2887280]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2012-09-07 2777296]
"SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [2012-09-07 3673808]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrnStatusMX]
C:\Program Files\Hewlett-Packard\PrnStatusMX\PrnStatusMX.exe [2007-08-29 1238528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Administrator^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^vrtvac^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]
C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Cobian Backup 11 interface"=C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [2012-07-31 4407808]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
"Adobe Acrobat Speed Launcher"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [2012-12-19 44280]
""= []
"Acrobat Assistant 8.0"=C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [2012-07-30 640480]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-09-17 254896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\System32\webcheck.dll [2011-12-04 249344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll [2009-04-11 1650688]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
RASSFM

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll, pwdssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableUIADesktopToggle"=0
"disablecad"=0
"dontdisplaylastusername"=1
"legalnoticecaption"=Snad se povede přihlášení.
"legalnoticetext"=
"shutdownwithoutlogon"=0
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"TaskbarNoRedock"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"ShowSuperHidden"=1
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-01-18 12:02:59 ----D---- C:\Users\Administrator\AppData\Roaming\QuickScan
2013-01-18 10:37:43 ----D---- C:\rsit
2013-01-18 10:37:43 ----D---- C:\Program Files\trend micro
2013-01-18 09:19:41 ----D---- C:\Users\Administrator\AppData\Roaming\Spyware Terminator
2013-01-18 09:19:41 ----D---- C:\ProgramData\Spyware Terminator
2013-01-18 09:19:41 ----A---- C:\Windows\system32\drivers\stflt.sys
2013-01-18 09:19:39 ----D---- C:\Program Files (x86)\Spyware Terminator
2013-01-17 07:50:30 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2013-01-16 09:55:13 ----A---- C:\Windows\system32\winusb.dll
2013-01-16 09:55:13 ----A---- C:\Windows\system32\Wdfres.dll
2013-01-16 09:55:13 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-01-16 09:55:13 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-01-16 09:55:13 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-01-16 09:55:12 ----A---- C:\Windows\SYSWOW64\winusb.dll
2013-01-16 09:55:12 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-01-16 09:55:12 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-01-16 09:55:12 ----A---- C:\Windows\system32\WUDFHost.exe
2013-01-16 09:55:12 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-01-16 09:55:12 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-01-16 09:55:11 ----A---- C:\Windows\system32\WUDFx.dll
2013-01-16 09:55:02 ----A---- C:\Windows\system32\kernel32.dll
2013-01-16 09:55:01 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-16 09:54:58 ----A---- C:\Windows\SYSWOW64\Apphlpdm.dll
2013-01-16 09:54:58 ----A---- C:\Windows\system32\Apphlpdm.dll
2013-01-16 09:54:48 ----A---- C:\Windows\SYSWOW64\shlwapi.dll
2013-01-16 09:54:48 ----A---- C:\Windows\system32\shlwapi.dll
2013-01-11 17:49:56 ----A---- C:\Windows\system32\zyserver.exe
2013-01-11 17:49:45 ----A---- C:\Windows\system32\xpserver.exe
2013-01-11 08:21:10 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-01-09 00:08:35 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 00:08:35 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 00:08:24 ----A---- C:\Windows\system32\win32k.sys
2013-01-09 00:08:11 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 00:08:11 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 00:08:11 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 00:08:10 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-01 01:00:46 ----A---- C:\Windows\system32\xp999.exe
2012-12-25 10:52:41 ----A---- C:\Windows\system32\zy1.exe
2012-12-25 10:52:25 ----A---- C:\Windows\system32\xp1.exe
2012-12-21 03:00:11 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2012-12-21 03:00:11 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2012-12-21 03:00:11 ----A---- C:\Windows\system32\atmlib.dll
2012-12-21 03:00:11 ----A---- C:\Windows\system32\atmfd.dll

======List of files/folders modified in the last 1 month======

2013-01-18 16:03:16 ----D---- C:\Windows\Temp
2013-01-18 12:03:19 ----D---- C:\Windows\system32\catroot2
2013-01-18 12:03:19 ----D---- C:\Windows\system32\catroot
2013-01-18 10:47:37 ----D---- C:\Windows\system32\ServerManager
2013-01-18 10:37:43 ----RD---- C:\Program Files
2013-01-18 09:59:02 ----D---- C:\temp
2013-01-18 09:19:42 ----D---- C:\Windows\system32\drivers
2013-01-18 09:19:41 ----HD---- C:\ProgramData
2013-01-18 09:19:39 ----RD---- C:\Program Files (x86)
2013-01-18 07:39:51 ----D---- C:\Program Files (x86)\ESET
2013-01-18 07:14:44 ----SHD---- C:\Windows\Installer
2013-01-18 07:14:44 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-01-17 23:35:11 ----D---- C:\Windows\System32
2013-01-17 20:08:23 ----D---- C:\Windows\NTDS
2013-01-17 19:36:26 ----SHD---- C:\System Volume Information
2013-01-17 07:48:56 ----D---- C:\Windows\SysWOW64
2013-01-17 06:54:44 ----D---- C:\Helios
2013-01-17 06:39:01 ----D---- C:\Windows\inf
2013-01-17 06:39:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-17 06:32:58 ----D---- C:\Windows\system32\lserver
2013-01-17 06:32:57 ----D---- C:\Program Files (x86)\ZWLMS 2011 Eng
2013-01-17 06:32:49 ----D---- C:\Windows\Debug
2013-01-17 06:32:47 ----D---- C:\Windows\system32\dns
2013-01-17 03:43:01 ----D---- C:\Windows\rescache
2013-01-17 03:24:19 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-17 03:15:43 ----D---- C:\Windows\SYSWOW64\en-US
2013-01-17 03:15:43 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-01-17 03:15:43 ----D---- C:\Windows\system32\wbem
2013-01-17 03:15:43 ----D---- C:\Windows\system32\en-US
2013-01-17 03:15:43 ----D---- C:\Windows\system32\drivers\en-US
2013-01-17 03:15:43 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-01-17 03:15:43 ----D---- C:\Windows\system32\cs-CZ
2013-01-17 03:15:43 ----D---- C:\Windows\AppPatch
2013-01-17 03:15:43 ----D---- C:\Windows
2013-01-16 09:55:45 ----D---- C:\Windows\winsxs
2013-01-09 15:22:34 ----RSD---- C:\Windows\assembly
2013-01-09 15:22:34 ----D---- C:\Windows\Microsoft.NET
2013-01-09 09:51:58 ----SD---- C:\Users\Administrator\AppData\Roaming\Microsoft
2013-01-09 06:17:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-09 03:38:20 ----D---- C:\Windows\system32\LogFiles
2013-01-09 03:09:53 ----D---- C:\ProgramData\Microsoft Help
2013-01-09 03:09:35 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-01-09 03:03:48 ----A---- C:\Windows\system32\mrt.exe
2013-01-08 09:54:49 ----D---- C:\Program Files (x86)\STORMWARE
2013-01-08 09:54:49 ----D---- C:\Program Files (x86)\Common Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ACPI;Ovladač standardu ACPI společnosti Microsoft; C:\Windows\system32\drivers\acpi.sys [2009-04-11 325608]
R0 arcsas;arcsas; C:\Windows\system32\drivers\arcsas.sys [2008-01-19 91192]
R0 atapi;Kanál IDE; C:\Windows\system32\drivers\atapi.sys [2009-04-11 20952]
R0 CLFS;Common Log (CLFS); C:\Windows\System32\CLFS.sys [2009-04-11 361448]
R0 Compbatt;Ovladač složené baterie společnosti Microsoft; C:\Windows\system32\DRIVERS\compbatt.sys [2008-01-19 23608]
R0 crcdisk;Crcdisk Filter Driver; C:\Windows\system32\drivers\crcdisk.sys [2008-01-19 27704]
R0 Datascrn;Datascrn; C:\Windows\system32\drivers\datascrn.sys [2009-04-11 80856]
R0 disk;Ovladač disku; C:\Windows\system32\drivers\disk.sys [2009-04-11 67032]
R0 FltMgr;FltMgr; C:\Windows\system32\drivers\fltmgr.sys [2009-04-11 275432]
R0 KSecDD;KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [2012-06-04 516480]
R0 mountmgr;Mount Point Manager; C:\Windows\System32\drivers\mountmgr.sys [2008-01-19 70200]
R0 msisadrv;Ovladač třídy ISA/EISA; C:\Windows\system32\drivers\msisadrv.sys [2008-01-19 17976]
R0 Mup;Mup; C:\Windows\System32\Drivers\mup.sys [2009-04-11 59880]
R0 NDIS;NDIS System Driver; C:\Windows\system32\drivers\ndis.sys [2009-04-11 738264]
R0 partmgr;Partition Manager; C:\Windows\System32\drivers\partmgr.sys [2012-03-21 72576]
R0 pci;Řadič sběrnice PCI; C:\Windows\system32\drivers\pci.sys [2009-04-11 178664]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-04-11 14312]
R0 Quota;Quota; C:\Windows\system32\drivers\quota.sys [2009-04-11 162280]
R0 spldr;Security Processor Loader Driver; C:\Windows\system32\drivers\spldr.sys [2009-04-11 19432]
R0 Tcpip;@%SystemRoot%\system32\tcpipcfg.dll,-50003; C:\Windows\System32\drivers\tcpip.sys [2012-03-30 1423744]
R0 volmgr;Ovladač správce svazků; C:\Windows\system32\drivers\volmgr.sys [2009-04-11 67048]
R0 volmgrx;Dynamic Volume Manager; C:\Windows\System32\drivers\volmgrx.sys [2009-04-11 408024]
R0 volsnap;Svazky úložiště; C:\Windows\system32\drivers\volsnap.sys [2012-08-21 267648]
R0 Wdf01000;@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000; C:\Windows\system32\drivers\Wdf01000.sys [2012-07-26 785512]
R1 AFD;Ancilliary Function Driver for Winsock; C:\Windows\system32\drivers\afd.sys [2012-01-03 404992]
R1 cdrom;Ovladač jednotky CD-ROM; C:\Windows\system32\DRIVERS\cdrom.sys [2009-04-11 79872]
R1 DfsC;@%systemroot%\system32\drivers\dfsc.sys,-101; C:\Windows\System32\Drivers\dfsc.sys [2011-04-14 97792]
R1 DfsDriver;@%systemroot%\system32\drivers\dfs.sys,-101; C:\Windows\system32\drivers\dfs.sys [2008-01-19 45112]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2011-01-05 141264]
R1 i8042prt;Ovladač portu klávesnice i8042 a myši PS/2; C:\Windows\system32\DRIVERS\i8042prt.sys [2008-01-19 64000]
R1 kbdclass;Keyboard Class Driver; C:\Windows\system32\DRIVERS\kbdclass.sys [2008-01-19 42040]
R1 mouclass;Mouse Class Driver; C:\Windows\system32\DRIVERS\mouclass.sys [2008-01-19 39992]
R1 Msfs;Msfs; C:\Windows\system32\drivers\Msfs.sys [2008-01-19 26112]
R1 NetBIOS;NetBIOS Interface; C:\Windows\system32\DRIVERS\netbios.sys [2008-01-19 44544]
R1 NetBT;NETBT; C:\Windows\System32\DRIVERS\netbt.sys [2009-04-11 248320]
R1 Npfs;Npfs; C:\Windows\system32\drivers\Npfs.sys [2009-04-11 44544]
R1 nsiproxy;NSI proxy service; C:\Windows\system32\drivers\nsiproxy.sys [2008-01-19 24064]
R1 Null;Null; C:\Windows\system32\drivers\Null.sys [2006-11-02 6144]
R1 PSched;@%SystemRoot%\System32\drivers\pacer.sys,-101; C:\Windows\system32\DRIVERS\pacer.sys [2009-04-11 94208]
R1 RasAcd;Remote Access Auto Connection Driver; C:\Windows\System32\DRIVERS\rasacd.sys [2008-01-19 14848]
R1 rdbss;Redirected Buffering Sub Sysytem; C:\Windows\system32\DRIVERS\rdbss.sys [2009-04-11 287744]
R1 RDPCDD;RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [2008-01-19 7168]
R1 RDPENCDD;RDP Encoder Mirror Driver; C:\Windows\system32\drivers\rdpencdd.sys [2008-01-19 7168]
R1 Serial;Ovladač sériového portu; C:\Windows\system32\DRIVERS\serial.sys [2008-01-19 94208]
R1 Smb;@%SystemRoot%\system32\tcpipcfg.dll,-50005; C:\Windows\system32\DRIVERS\smb.sys [2009-04-11 88064]
R1 tdx;@%SystemRoot%\system32\tcpipcfg.dll,-50004; C:\Windows\system32\DRIVERS\tdx.sys [2009-04-11 94720]
R1 TermDD;Ovladač terminálového zařízení; C:\Windows\system32\DRIVERS\termdd.sys [2009-04-11 62440]
R1 VgaSave;VgaSave; C:\Windows\System32\drivers\vga.sys [2008-01-19 28672]
R1 Wanarpv6;@%systemroot%\system32\rascfg.dll,-32012; C:\Windows\system32\DRIVERS\wanarp.sys [2009-04-11 86528]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2011-12-21 170640]
R2 lltdio;Link-Layer Topology Discovery Mapper I/O Driver; C:\Windows\system32\DRIVERS\lltdio.sys [2008-01-19 59392]
R2 luafv;UAC File Virtualization; C:\Windows\system32\drivers\luafv.sys [2008-01-19 109568]
R2 PEAUTH;PEAUTH; C:\Windows\system32\drivers\peauth.sys [2006-10-24 712704]
R2 rspndr;Link-Layer Topology Discovery Responder; C:\Windows\system32\DRIVERS\rspndr.sys [2008-01-19 75776]
R2 secdrv;Security Driver; C:\Windows\system32\drivers\secdrv.sys [2006-09-30 23040]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2013-01-18 51496]
R2 tcpipreg;TCP/IP Registry Compatibility; C:\Windows\System32\drivers\tcpipreg.sys [2009-12-08 40448]
R3 AsyncMac;@%systemroot%\system32\rascfg.dll,-32000; C:\Windows\system32\DRIVERS\asyncmac.sys [2008-01-19 22016]
R3 b57nd60a;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2008-01-05 214016]
R3 blbdrive;blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [2008-01-19 55296]
R3 bowser;Bowser; C:\Windows\system32\DRIVERS\bowser.sys [2011-02-18 90624]
R3 HidBatt;Ovladač baterie zdroje UPS standardu HID; C:\Windows\system32\DRIVERS\HidBatt.sys [2008-01-19 26624]
R3 HidUsb;Ovladač třídy standardu HID Microsoft; C:\Windows\system32\DRIVERS\hidusb.sys [2009-04-11 15872]
R3 HTTP;HTTP; C:\Windows\system32\drivers\HTTP.sys [2010-02-20 620032]
R3 intelppm;Ovladač procesoru Intel; C:\Windows\system32\DRIVERS\intelppm.sys [2008-01-19 48128]
R3 IPMIDRV;IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [2009-04-11 76800]
R3 iScsiPrt;Ovladač iScsiPort; C:\Windows\system32\DRIVERS\msiscsi.sys [2009-04-11 215528]
R3 monitor;Služba ovladače funkce třídy monitorů Microsoft; C:\Windows\system32\DRIVERS\monitor.sys [2008-01-19 49152]
R3 mouhid;Ovladač HID myši; C:\Windows\system32\DRIVERS\mouhid.sys [2008-01-19 19968]
R3 mpsdrv;@%SystemRoot%\system32\FirewallAPI.dll,-23092; C:\Windows\System32\drivers\mpsdrv.sys [2008-01-19 81408]
R3 mrxsmb;SMB MiniRedirector Wrapper and Engine; C:\Windows\system32\DRIVERS\mrxsmb.sys [2011-04-29 135680]
R3 mrxsmb10;SMB 1.x MiniRedirector; C:\Windows\system32\DRIVERS\mrxsmb10.sys [2011-07-06 275456]
R3 mrxsmb20;SMB 2.0 MiniRedirector; C:\Windows\system32\DRIVERS\mrxsmb20.sys [2011-04-29 107008]
R3 mssmbios;Ovladač Microsoft System Management BIOS; C:\Windows\system32\DRIVERS\mssmbios.sys [2008-01-19 34872]
R3 NdisTapi;@%systemroot%\system32\rascfg.dll,-32001; C:\Windows\system32\DRIVERS\ndistapi.sys [2008-01-19 24064]
R3 NdisWan;@%systemroot%\system32\rascfg.dll,-32002; C:\Windows\system32\DRIVERS\ndiswan.sys [2009-04-11 169472]
R3 NDProxy;NDIS Proxy; C:\Windows\system32\drivers\NDProxy.sys [2008-01-19 59904]
R3 Ntfs;Ntfs; C:\Windows\system32\drivers\Ntfs.sys [2009-04-11 1515496]
R3 Parport;Ovladač paralelního portu; C:\Windows\system32\DRIVERS\parport.sys [2008-01-19 96768]
R3 PptpMiniport;@%systemroot%\system32\rascfg.dll,-32006; C:\Windows\system32\DRIVERS\raspptp.sys [2009-04-11 98816]
R3 Rasl2tp;@%systemroot%\system32\rascfg.dll,-32005; C:\Windows\system32\DRIVERS\rasl2tp.sys [2009-04-11 124928]
R3 RasPppoe;@%systemroot%\system32\rascfg.dll,-32007; C:\Windows\system32\DRIVERS\raspppoe.sys [2009-04-11 50176]
R3 RasSstp;@%systemroot%\system32\sstpsvc.dll,-202; C:\Windows\system32\DRIVERS\rassstp.sys [2009-04-11 78336]
R3 rdpdr;Ovladač přesměrovače zařízení terminálového serveru; C:\Windows\system32\DRIVERS\rdpdr.sys [2009-04-11 313856]
R3 RDPWD;RDP Winstation Driver; C:\Windows\system32\drivers\RDPWD.sys [2012-05-01 209920]
R3 ROCKEYNT;Feitian ROCKEY4 Device Service; C:\Windows\system32\DRIVERS\Rockey4.sys [2012-06-26 36904]
R3 Serenum;Ovladač filtru Serenum; C:\Windows\system32\DRIVERS\serenum.sys [2008-01-19 23552]
R3 srv;srv; C:\Windows\System32\DRIVERS\srv.sys [2011-02-18 450560]
R3 srv2;srv2; C:\Windows\System32\DRIVERS\srv2.sys [2011-04-29 176128]
R3 srvnet;srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [2011-04-29 145920]
R3 swenum;Softwarový ovladač sběrnice; C:\Windows\system32\DRIVERS\swenum.sys [2006-11-02 13032]
R3 TDTCP;TDTCP; C:\Windows\system32\drivers\tdtcp.sys [2008-01-19 29696]
R3 tssecsrv;Terminal Services Security Filter Driver; C:\Windows\System32\DRIVERS\tssecsrv.sys [2008-01-19 29184]
R3 tunnel;Microsoft IPv6 Tunnel Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunnel.sys [2010-02-18 29696]
R3 umbus;Ovladač sběrnice UMBus Enumerator; C:\Windows\system32\DRIVERS\umbus.sys [2008-01-19 41984]
R3 usbehci;Ovladač Miniport vylepšeného hostitelského řadiče Microsoft USB 2.0; C:\Windows\system32\DRIVERS\usbehci.sys [2009-04-11 49664]
R3 usbhub;Rozbočovač umožňující USB2; C:\Windows\system32\DRIVERS\usbhub.sys [2009-04-11 273920]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\Windows\system32\DRIVERS\usbuhci.sys [2008-01-19 29184]
R3 vga;vga; C:\Windows\system32\DRIVERS\vgapnp.sys [2008-01-19 29184]
R4 cdfs;CD/DVD File System Reader; C:\Windows\system32\DRIVERS\cdfs.sys [2008-01-19 90624]
S0 sacdrv;sacdrv; C:\Windows\system32\DRIVERS\sacdrv.sys [2008-01-19 103992]
S0 storflt;Disk VMBUS Acceleration Filter Driver; C:\Windows\system32\drivers\storflt.sys []
S1 kbdhid;Ovladač klávesnice standardu HID; C:\Windows\system32\DRIVERS\kbdhid.sys [2009-04-11 22528]
S3 agp440;Intel AGP Bus Filter; C:\Windows\system32\drivers\agp440.sys [2008-01-19 64568]
S3 BrFiltLo;Brother USB Mass-Storage Lower Filter Driver; C:\Windows\system32\drivers\brfiltlo.sys [2006-09-18 18432]
S3 BrFiltUp;Brother USB Mass-Storage Upper Filter Driver; C:\Windows\system32\drivers\brfiltup.sys [2006-09-18 8704]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\Windows\system32\drivers\brusbser.sys [2006-09-19 14720]
S3 DXGKrnl;LDDM Graphics Subsystem; C:\Windows\System32\drivers\dxgkrnl.sys [2011-01-20 900480]
S3 E1G60;Intel(R) PRO/1000 NDIS 6 Adapter Driver; C:\Windows\system32\DRIVERS\E1G6032E.sys [2008-01-05 146176]
S3 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2011-01-05 125296]
S3 exfat;exFAT File System Driver; C:\Windows\system32\drivers\exfat.sys [2009-04-11 187904]
S3 fastfat;FAT12/16/32 File System Driver; C:\Windows\system32\drivers\fastfat.sys [2009-04-11 198144]
S3 FileInfo;File Information FS MiniFilter; C:\Windows\system32\drivers\fileinfo.sys [2008-01-19 70200]
S3 Filetrace;FileTrace; C:\Windows\system32\drivers\filetrace.sys [2008-01-19 33280]
S3 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms; C:\Windows\system32\drivers\gagp30kx.sys [2008-01-19 68152]
S3 IpFilterDriver;@%systemroot%\system32\rascfg.dll,-32013; C:\Windows\system32\DRIVERS\ipfltdrv.sys [2009-04-11 67584]
S3 IPNAT;IP Network Address Translator; C:\Windows\System32\drivers\ipnat.sys [2008-01-19 115712]
S3 IRENUM;IR Bus Enumerator; C:\Windows\system32\drivers\irenum.sys [2008-01-19 17408]
S3 ksthunk;Kernel Streaming Thunks; C:\Windows\system32\drivers\ksthunk.sys [2008-01-19 20864]
S3 Modem;Modem; C:\Windows\system32\drivers\modem.sys [2008-01-19 40448]
S3 MsRPC;MsRPC; C:\Windows\system32\drivers\MsRPC.sys [2009-04-11 310760]
S3 Ndisuio;NDIS Usermode I/O Protocol; C:\Windows\system32\DRIVERS\ndisuio.sys [2008-01-19 22016]
S3 nv_agp;NVIDIA nForce AGP Bus Filter; C:\Windows\system32\drivers\nv_agp.sys [2008-01-19 126520]
S3 sffp_mmc;SFF Storage Protocol Driver for MMC; C:\Windows\system32\drivers\sffp_mmc.sys [2008-01-19 14336]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\Windows\system32\drivers\sffp_sd.sys [2008-01-19 13824]
S3 storvsp;Ovladač virtuálního diskového serveru společnosti Microsoft; C:\Windows\system32\DRIVERS\storvsp.sys [2011-04-28 121856]
S3 Tcpip6;Microsoft IPv6 Protocol Driver; C:\Windows\system32\DRIVERS\tcpip.sys [2012-03-30 1423744]
S3 TDPIPE;TDPIPE; C:\Windows\system32\drivers\tdpipe.sys [2008-01-19 16384]
S3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\Windows\system32\DRIVERS\tunmp.sys [2008-01-19 18432]
S3 uagp35;Microsoft AGPv3.5 Filter; C:\Windows\system32\drivers\uagp35.sys [2008-01-19 67128]
S3 uliagpkx;Uli AGP Bus Filter; C:\Windows\system32\drivers\uliagpkx.sys [2008-01-19 68152]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\Windows\system32\DRIVERS\usbccgp.sys [2008-01-19 95744]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\Windows\system32\DRIVERS\USBSTOR.SYS [2009-04-11 77824]
S3 Vid;Ovladač infrastruktury virtualizace; C:\Windows\system32\DRIVERS\Vid.sys [2009-12-01 196608]
S3 vmbus;Sběrnice virtuálního počítače; C:\Windows\system32\DRIVERS\vmbus.sys [2011-04-29 214416]
S3 VMSMP;Adaptér přepínače virtuální sítě společnosti Microsoft; C:\Windows\system32\DRIVERS\vmswitch.sys []
S3 Wanarp;@%systemroot%\system32\rascfg.dll,-32011; C:\Windows\system32\DRIVERS\wanarp.sys [2009-04-11 86528]
S3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S4 adp94xx;adp94xx; C:\Windows\system32\drivers\adp94xx.sys [2008-01-19 486456]
S4 adpahci;adpahci; C:\Windows\system32\drivers\adpahci.sys [2008-01-19 342584]
S4 adpu160m;adpu160m; C:\Windows\system32\drivers\adpu160m.sys [2008-01-19 126520]
S4 adpu320;adpu320; C:\Windows\system32\drivers\adpu320.sys [2008-01-19 185912]
S4 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2006-11-02 88168]
S4 aliide;aliide; C:\Windows\system32\drivers\aliide.sys [2006-11-02 15976]
S4 amdide;amdide; C:\Windows\system32\drivers\amdide.sys [2006-11-02 15976]
S4 AmdK8;AMD K8 Processor Driver; C:\Windows\system32\drivers\amdk8.sys [2008-01-19 50688]
S4 arc;arc; C:\Windows\system32\drivers\arc.sys [2008-01-19 90680]
S4 b06bdrv;Broadcom NetXtreme II VBD; C:\Windows\system32\drivers\bxvbda.sys [2008-01-19 429568]
S4 Brserid;Brother MFC Serial Port Interface Driver (WDM); C:\Windows\system32\drivers\brserid.sys [2006-11-02 86528]
S4 BrSerWdm;Brother WDM Serial driver; C:\Windows\system32\drivers\brserwdm.sys [2006-09-18 47104]
S4 BrUsbMdm;Brother MFC USB Fax Only Modem; C:\Windows\system32\drivers\brusbmdm.sys [2006-09-18 14976]
S4 BTHMODEM;Bluetooth Serial Communications Driver; C:\Windows\system32\drivers\bthmodem.sys []
S4 circlass;Consumer IR Devices; C:\Windows\system32\drivers\circlass.sys [2008-01-19 41984]
S4 cmdide;cmdide; C:\Windows\system32\drivers\cmdide.sys [2006-11-02 18024]
S4 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 460800]
S4 elxstor;elxstor; C:\Windows\system32\drivers\elxstor.sys [2008-01-19 397368]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-19 8704]
S4 fdc;Floppy Disk Controller Driver; C:\Windows\system32\DRIVERS\fdc.sys [2008-01-19 29696]
S4 flpydisk;Floppy Disk Driver; C:\Windows\system32\DRIVERS\flpydisk.sys [2008-01-19 24576]
S4 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\Windows\system32\drivers\hdaudbus.sys [2008-01-05 50688]
S4 HidBth;Microsoft Bluetooth HID Miniport; C:\Windows\system32\drivers\hidbth.sys [2008-01-19 34304]
S4 HidIr;Microsoft Infrared HID Driver; C:\Windows\system32\drivers\hidir.sys [2008-01-19 25600]
S4 HpCISSs;HpCISSs; C:\Windows\system32\drivers\hpcisss.sys [2008-01-19 47672]
S4 i2omp;i2omp; C:\Windows\system32\drivers\i2omp.sys [2008-01-19 35896]
S4 iaStorV;Intel RAID Controller Vista; C:\Windows\system32\drivers\iastorv.sys [2008-01-19 290872]
S4 iirsp;iirsp; C:\Windows\system32\drivers\iirsp.sys [2006-11-02 44648]
S4 intelide;intelide; C:\Windows\system32\drivers\intelide.sys [2008-01-19 19512]
S4 ioatdma;Intel(R) QuickData Technology Device; C:\Windows\system32\drivers\qd260x64.sys [2008-01-19 35328]
S4 isapnp;PnP ISA/EISA Bus Driver; C:\Windows\system32\drivers\isapnp.sys [2008-01-19 23608]
S4 iteatapi;ITEATAPI_Service_Install; C:\Windows\system32\drivers\iteatapi.sys [2006-11-02 37480]
S4 iteraid;ITERAID_Service_Install; C:\Windows\system32\drivers\iteraid.sys [2006-11-02 37480]
S4 LSI_FC;LSI_FC; C:\Windows\system32\drivers\lsi_fc.sys [2008-01-19 113720]
S4 LSI_SAS;LSI_SAS; C:\Windows\system32\drivers\lsi_sas.sys [2008-01-19 105016]
S4 LSI_SCSI;LSI_SCSI; C:\Windows\system32\drivers\lsi_scsi.sys [2008-01-19 113720]
S4 megasas;megasas; C:\Windows\system32\drivers\megasas.sys [2008-01-19 35896]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-19 438328]
S4 mpio;Microsoft Multi-Path Bus Driver; C:\Windows\system32\drivers\mpio.sys [2008-01-19 128056]
S4 Mraid35x;Mraid35x; C:\Windows\system32\drivers\mraid35x.sys [2006-11-02 39016]
S4 msahci;msahci; C:\Windows\system32\drivers\msahci.sys [2008-01-19 31288]
S4 msdsm;Microsoft Multi-Path Device Specific Module; C:\Windows\system32\drivers\msdsm.sys [2008-01-19 113720]
S4 nfrd960;nfrd960; C:\Windows\system32\drivers\nfrd960.sys [2006-11-02 51816]
S4 nvraid;NVIDIA nForce RAID Driver ; C:\Windows\system32\drivers\nvraid.sys [2008-01-19 128056]
S4 nvstor;nvstor; C:\Windows\system32\drivers\nvstor.sys [2008-01-19 54328]
S4 ohci1394;NEC FireWarden OHCI Compliant IEEE 1394 Host Controller; C:\Windows\system32\drivers\ohci1394.sys [2008-01-19 72192]
S4 pcmcia;pcmcia; C:\Windows\system32\drivers\pcmcia.sys [2008-01-19 217144]
S4 Processor;Processor Driver; C:\Windows\system32\drivers\processr.sys [2008-01-19 47104]
S4 ql2300;QLogic Fibre Channel Miniport Driver; C:\Windows\system32\drivers\ql2300.sys [2008-01-19 1221176]
S4 ql40xx;QLogic iSCSI Miniport Driver; C:\Windows\system32\drivers\ql40xx.sys [2006-11-02 124008]
S4 RsFx0105;RsFx0105 Driver; C:\Windows\system32\DRIVERS\RsFx0105.sys [2011-09-22 311144]
S4 s3cap;Microsoft Emulated S3 Device Cap Driver; C:\Windows\system32\drivers\s3cap.sys []
S4 sbp2port;SBP-2 Transport/Protocol Bus Driver; C:\Windows\system32\drivers\sbp2port.sys [2008-01-19 96312]
S4 sermouse;Serial Mouse Driver; C:\Windows\system32\drivers\sermouse.sys [2008-01-19 26624]
S4 sffdisk;SFF Storage Class Driver; C:\Windows\system32\drivers\sffdisk.sys [2008-01-19 14848]
S4 sfloppy;High-Capacity Floppy Disk Drive; C:\Windows\system32\drivers\sfloppy.sys [2008-01-19 16384]
S4 SiSRaid2;SiSRaid2; C:\Windows\system32\drivers\sisraid2.sys [2008-01-19 45624]
S4 SiSRaid4;SiSRaid4; C:\Windows\system32\drivers\sisraid4.sys [2008-01-19 78392]
S4 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2008-01-19 35784]
S4 Sym_hi;Sym_hi; C:\Windows\system32\drivers\sym_hi.sys [2006-11-02 44648]
S4 Sym_u3;Sym_u3; C:\Windows\system32\drivers\sym_u3.sys [2006-11-02 48232]
S4 Symc8xx;Symc8xx; C:\Windows\system32\drivers\symc8xx.sys [2006-11-02 49256]
S4 udfs;udfs; C:\Windows\system32\DRIVERS\udfs.sys [2009-04-11 299008]
S4 uliahci;uliahci; C:\Windows\system32\drivers\uliahci.sys [2008-01-19 284728]
S4 UlSata;UlSata; C:\Windows\system32\drivers\ulsata.sys [2006-11-02 148072]
S4 ulsata2;ulsata2; C:\Windows\system32\drivers\ulsata2.sys [2006-11-02 174696]
S4 UMPass;Microsoft UMPass Driver; C:\Windows\system32\drivers\umpass.sys [2008-01-19 9728]
S4 usbcir;eHome Infrared Receiver (USBCIR); C:\Windows\system32\drivers\usbcir.sys [2008-01-19 79360]
S4 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\Windows\system32\drivers\usbohci.sys [2008-01-19 24064]
S4 usbprint;Microsoft USB PRINTER Class; C:\Windows\system32\drivers\usbprint.sys [2008-01-19 24064]
S4 viaide;viaide; C:\Windows\system32\drivers\viaide.sys [2006-11-02 18024]
S4 vsmraid;vsmraid; C:\Windows\system32\drivers\vsmraid.sys [2008-01-19 149048]
S4 WacomPen;Wacom Serial Pen HID Driver; C:\Windows\system32\drivers\wacompen.sys [2008-01-19 26624]
S4 Wd;Microsoft Watchdog Timer Driver; C:\Windows\system32\drivers\wd.sys [2008-01-19 24120]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-19 14336]
S4 ws2ifsl;Winsock IFS driver; C:\Windows\system32\drivers\ws2ifsl.sys [2008-01-19 20992]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
R2 AeLookupSvc;@%SystemRoot%\system32\aelupsvc.dll,-1; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 APCPBEAgent;APC PBE Agent; C:\PROGRA~2\APC\POWERC~1\agent\pbeagent.exe [2011-01-26 34168]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 AudioSrv;@%SystemRoot%\system32\audiosrv.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 BFE;@%SystemRoot%\system32\bfe.dll,-1001; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 BITS;@%SystemRoot%\system32\qmgr.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 Canon Driver Information Assist Service;Canon Driver Information Assist Service; C:\Program Files\Canon\DIAS\CnxDIAS.exe [2011-04-22 5873840]
R2 cbVSCService11;Cobian Backup 11 Stínová kopie - Requester; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [2012-07-31 67584]
R2 Cerberus FTP Server;Cerberus FTP Server; C:\Program Files (x86)\Cerberus LLC\Cerberus FTP Server\CerberusGUI.exe [2010-12-01 4973888]
R2 CobianBackup11;Cobian Backup 11 Gravity; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [2012-07-31 1131008]
R2 CryptSvc;@%SystemRoot%\system32\cryptsvc.dll,-1001; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 DcomLaunch;@oleres.dll,-5012; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 Dfs;@%systemroot%\system32\dfssvc.exe,-101; C:\Windows\system32\dfssvc.exe [2009-04-11 326656]
R2 DFSR;@dfsrress.dll,-101; C:\Windows\system32\DFSRs.exe [2009-04-11 3672576]
R2 Dhcp;@%SystemRoot%\system32\dhcpcsvc.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 DNS;@%systemroot%\system32\dns.exe,-49157; C:\Windows\system32\dns.exe [2011-12-23 639488]
R2 Dnscache;@%SystemRoot%\System32\dnsapi.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 DPS;@%systemroot%\system32\dps.dll,-500; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET File Security\x86\ekrn.exe [2012-05-14 933792]
R2 ERA_SERVER;ESET Remote Administrator Server; C:\Program Files (x86)\ESET\ESET Remote Administrator\Server\era.exe [2010-08-20 2264504]
R2 EventLog;@%SystemRoot%\system32\wevtsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 EventSystem;@comres.dll,-2450; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 FDResPub;@%systemroot%\system32\fdrespub.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 ftpsvc;@%windir%\system32\inetsrv\ftpres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 gpsvc;@gpapi.dll,-112; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 hidserv;@%SystemRoot%\System32\hidserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 IKEEXT;@%SystemRoot%\system32\ikeext.dll,-501; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 iphlpsvc;@%SystemRoot%\system32\iphlpsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 IsmServ;@%SystemRoot%\System32\ismserv.exe,-1; C:\Windows\System32\ismserv.exe [2008-01-19 59392]
R2 kdc;@%SystemRoot%\System32\kdcsvc.dll,-1; C:\Windows\System32\lsass.exe [2011-11-16 11264]
R2 KtmRm;@comres.dll,-2946; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 LanmanServer;@%systemroot%\system32\srvsvc.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 LanmanWorkstation;@%systemroot%\system32\wkssvc.dll,-100; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 lmhosts;@%SystemRoot%\system32\lmhsvc.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 MpsSvc;@%SystemRoot%\system32\FirewallAPI.dll,-23090; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 MSDTC;@comres.dll,-2797; C:\Windows\System32\msdtc.exe [2008-01-19 106496]
R2 MsDtsServer100;SQL Server Integration Services 10.0; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [2011-09-22 210792]
R2 MSSQL$SQL2008;SQL Server (SQL2008); C:\Program Files\Microsoft SQL Server\MSSQL10.SQL2008\MSSQL\Binn\sqlservr.exe [2011-09-22 58345832]
R2 Netlogon;@%SystemRoot%\System32\netlogon.dll,-102; C:\Windows\system32\lsass.exe [2011-11-16 11264]
R2 netprofm;@%SystemRoot%\system32\netprof.dll,-246; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 NlaSvc;@%SystemRoot%\System32\nlasvc.dll,-1; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 nsi;@%SystemRoot%\system32\nsisvc.dll,-200; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 NTDS;@%SystemRoot%\System32\ntdsmsg.dll,-1; C:\Windows\System32\lsass.exe [2011-11-16 11264]
R2 PlugPlay;@%SystemRoot%\system32\umpnpmgr.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 PolicyAgent;@%SystemRoot%\System32\polstore.dll,-5010; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 ProfSvc;@%systemroot%\system32\profsvc.dll,-300; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 RemoteAccess;@%Systemroot%\system32\mprdim.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 RemoteRegistry;@regsvc.dll,-1; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 RpcSs;@oleres.dll,-5010; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 SamSs;@%SystemRoot%\system32\samsrv.dll,-1; C:\Windows\system32\lsass.exe [2011-11-16 11264]
R2 seclogon;@%SystemRoot%\system32\seclogon.dll,-7001; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 SENS;@%SystemRoot%\system32\Sens.dll,-200; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 ShellHWDetection;@%SystemRoot%\System32\shsvcs.dll,-12288; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 Schedule;@%SystemRoot%\system32\schedsvc.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 slsvc;@%SystemRoot%\system32\SLsvc.exe,-101; C:\Windows\system32\SLsvc.exe [2009-04-11 2582016]
R2 Spooler;@%systemroot%\system32\spoolsv.exe,-1; C:\Windows\System32\spoolsv.exe [2010-08-17 273920]
R2 SQLAgent$SQL2008;SQL Server Agent (SQL2008); C:\Program Files\Microsoft SQL Server\MSSQL10.SQL2008\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 431464]
R2 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2011-09-22 255336]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2011-09-22 154984]
R2 SrmSvc;@%windir%\system32\srm.dll,-3020; C:\Windows\system32\svchost -k srmsvcs []
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2012-09-07 1148664]
R2 TermService;@%SystemRoot%\System32\termsrv.dll,-268; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 TermServLicensing;@%SystemRoot%\System32\lserver.dll,-501; C:\Windows\system32\svchost -k TSLicensing []
R2 UxSms;@%SystemRoot%\system32\dwm.exe,-2000; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 W32Time;@%SystemRoot%\system32\w32time.dll,-200; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 Wecsvc;@%SystemRoot%\system32\wecsvc.dll,-200; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 WerSvc;@%SystemRoot%\System32\wersvc.dll,-100; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 Winmgmt;@%Systemroot%\system32\wbem\wmisvc.dll,-205; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 WinRM;@%Systemroot%\system32\wsmsvc.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R2 wuauserv;@%systemroot%\system32\wuaueng.dll,-105; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R2 ZWSOFT License Manager;ZWSOFT License Manager; C:\Program Files (x86)\ZWLMS 2011 Eng\lmgrd.exe [2010-12-03 1377104]
R3 Appinfo;@%systemroot%\system32\appinfo.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R3 AudioEndpointBuilder;@%SystemRoot%\system32\audiosrv.dll,-204; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R3 CertPropSvc;@%SystemRoot%\System32\certprop.dll,-11; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R3 ERA_HTTP_SERVER;ESET RA HTTP Server; C:\Program Files (x86)\ESET\ESET Remote Administrator\Server\EHttpSrv.exe [2010-08-20 93264]
R3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-06-27 1045256]
R3 MMCSS;@%systemroot%\system32\mmcss.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R3 Netman;@%SystemRoot%\system32\netman.dll,-109; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R3 RasMan;@%Systemroot%\system32\rasmans.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R3 SessionEnv;@%SystemRoot%\System32\SessEnv.dll,-1026; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R3 SrmReports;@%windir%\system32\srm.dll,-3022; C:\Windows\system32\srmhost.exe [2009-04-11 64512]
R3 SstpSvc;@%SystemRoot%\system32\sstpsvc.dll,-200; C:\Windows\system32\svchost.exe [2008-01-19 27648]
R3 swprv;@%SystemRoot%\System32\swprv.dll,-103; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R3 TapiSrv;@%SystemRoot%\system32\tapisrv.dll,-10100; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 27648]
R3 VSS;@%systemroot%\system32\vssvc.exe,-102; C:\Windows\system32\vssvc.exe [2009-04-11 1433600]
R3 WdiSystemHost;@%systemroot%\system32\wdi.dll,-500; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 NETTEST_SERVICE;Optimax NetTest Service; D:\nettest.exe /s 2222 []
S2 TBS;@%SystemRoot%\system32\tbssvc.dll,-100; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]
S3 ALG;@%SystemRoot%\system32\Alg.exe,-112; C:\Windows\System32\alg.exe [2008-01-19 80896]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 COMSysApp;@comres.dll,-947; C:\Windows\system32\dllhost.exe [2006-11-02 8704]
S3 dot3svc;@%systemroot%\system32\dot3svc.dll,-1102; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 EapHost;@%systemroot%\system32\eapsvc.dll,-1; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET File Security\EHttpSrv.exe [2012-05-14 42408]
S3 FCRegSvc;@%SystemRoot%\system32\FCRegSvc.dll,-5000; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 fdPHost;@%systemroot%\system32\fdPHost.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2009-02-18 42840]
S3 hkmsvc;@%SystemRoot%\system32\kmsvc.dll,-6; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S3 idsvc;@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193; C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe [2009-02-18 857432]
S3 IPBusEnum;@%systemroot%\system32\IPBusEnum.dll,-102; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 KeyIso;@keyiso.dll,-100; C:\Windows\system32\lsass.exe [2011-11-16 11264]
S3 lltdsvc;@%SystemRoot%\system32\lltdres.dll,-1; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-11 115760]
S3 MSiSCSI;@%SystemRoot%\system32\iscsidsc.dll,-5000; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 msiserver;@%SystemRoot%\system32\msimsg.dll,-27; C:\Windows\system32\msiexec /V []
S3 napagent;@%SystemRoot%\system32\qagentrt.dll,-6; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S3 NtFrs;@ntfrsres.dll,-130; C:\Windows\system32\ntfrs.exe [2009-04-11 1019392]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-19 19968]
S3 pla;@%systemroot%\system32\pla.dll,-500; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S3 ProtectedStorage;@%systemroot%\system32\psbase.dll,-300; C:\Windows\system32\lsass.exe [2011-11-16 11264]
S3 RasAuto;@%Systemroot%\system32\rasauto.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S3 RpcLocator;@%systemroot%\system32\Locator.exe,-2; C:\Windows\system32\locator.exe [2006-11-02 8704]
S3 Rqs;@%Systemroot%\system32\rqs.exe,-200; C:\Windows\system32\rqs.exe [2008-01-19 41472]
S3 RSoPProv;@gpapi.dll,-114; C:\Windows\system32\RSoPProv.exe [2009-04-11 91648]
S3 sacsvr;@%systemroot%\system32\sacsvr.dll,-500; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S3 SCardSvr;@%SystemRoot%\System32\SCardSvr.dll,-1; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 SCPolicySvc;@%SystemRoot%\System32\certprop.dll,-13; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 SLUINotify;@%SystemRoot%\system32\SLUINotify.dll,-103; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 SNMPTRAP;@%SystemRoot%\system32\snmptrap.exe,-3; C:\Windows\System32\snmptrap.exe [2006-11-02 14336]
S3 THREADORDER;@%systemroot%\system32\mmcss.dll,-102; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 TrkWks;@%SystemRoot%\system32\trkwks.dll,-1; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S3 TrustedInstaller;@%SystemRoot%\servicing\TrustedInstaller.exe,-100; C:\Windows\servicing\TrustedInstaller.exe [2009-04-11 42496]
S3 UI0Detect;@%SystemRoot%\system32\ui0detect.exe,-101; C:\Windows\system32\UI0Detect.exe [2008-01-19 40960]
S3 vds;@%SystemRoot%\system32\vds.exe,-100; C:\Windows\System32\vds.exe [2009-04-11 454656]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 1149440]
S3 WcsPlugInService;@%SystemRoot%\system32\WcsPlugInService.dll,-200; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 WdiServiceHost;@%systemroot%\system32\wdi.dll,-502; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S3 wercplsupport;@%SystemRoot%\System32\wercplsupport.dll,-101; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S3 WinHttpAutoProxySvc;@%SystemRoot%\system32\winhttp.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 wmiApSrv;@%Systemroot%\system32\wbem\wmiapsrv.exe,-110; C:\Windows\system32\wbem\WmiApSrv.exe [2009-04-11 209920]
S3 WPDBusEnum;@%SystemRoot%\system32\wpdbusenum.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S3 wudfsvc;@%SystemRoot%\system32\wudfsvc.dll,-1000; C:\Windows\system32\svchost.exe [2008-01-19 27648]
S4 Browser;@%systemroot%\system32\browser.dll,-100; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S4 clr_optimization_v2.0.50727_32;Microsoft .NET Framework NGEN v2.0.50727_X86; C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2009-03-30 66368]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-03-30 89920]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 27648]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-10 61976]

[vyosek]

Zdravim

Predpokladam dobre, kdyz si myslim, ze se jedna o nejaky pracovni\firemni PC\ntb???

[Hektor939]

Dobrý den,
jedná se o server na kterém běží SQL server pro IS Helios.

[vyosek]

No ale urcite to neni doma PC na beznem domaci pouzivani, ale pisete server, firemni ze?

[vyosek]

Nebudem to dale napinat - pravidla fora jsou jasna

6. Fórum viry.cz se nezabývá odvirováním firemních PC - na toto jsou ve firmách placení (a někdy až hodně nadstandardně) IT technici, případně si je firma může najmou. My jsme tu zdarma a ve svém volném čase, nehodláme dělat práci za někoho jiného, kdo si pak jen slízne smetánku a plat. Taktéž ani neposkytujeme poradenství v oblasti zabezpečení firemních sítí či nastavení firemních sítí. Zkrátka a jednoduše, naše fórum poskytuje podporu domácím uživatelům.