Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Vir hledal v historii prohlizece a smazal za sebou stopy

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
newim123
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 10 črc 2011 16:25

Vir hledal v historii prohlizece a smazal za sebou stopy

#1 Příspěvek od newim123 »

Jak je v predmetu vir je exe soubor ktery hleda v prohlizeci a pak za sebou maze cestu
zde je ten exe soubor:

Kód: Vybrat vše

http://www.edisk.cz/stahni/88377/Konta_Premium.rar_125.98KB.html
Kdyby jste se mohli podivat co udela kdyz se pusti
LOG z HjakTHis
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:40:43, on 10.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LGScsiCommandService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Lucka\Dokumenty\Stažené soubory\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: FileServeManager - {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - C:\FileServe Manager\FileServeBHO.dll (file missing)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Documents and Settings\Lucka\Dokumenty\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [FileServe Manager Task] "C:\FileServe Manager\FSStarter.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TNOD UP] "C:\Program Files\TNod User & Password Finder\TNODUP.exe" /i
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download with FileServe Manager - C:\FileServe Manager\GetUrl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Filter hijack: text/html - {4C962D98-7E08-4df4-BC99-060644D7CA60} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LG SCSI command service (LGScsiCommandService) - Mobile Leader Co.,Ltd. - C:\WINDOWS\system32\LGScsiCommandService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 8729 bytes
Log z DDS
.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_25
Run by Lucka at 20:41:06 on 2011-07-10
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.895 [GMT 2:00]
.
AV: ESET Smart Security 4.2 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LGScsiCommandService.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Lucka\Dokumenty\Stažené soubory\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://facebook.com/
BHO: FileServeManager: {00000001-ab3b-4334-9da2-ec6b2a02afc6} - c:\fileserve manager\FileServeBHO.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: HistoryTriggerBHO Class: {21a88cb9-84d2-4020-a2d1-b25a21034884} - c:\documents and settings\lucka\dokumenty\lg pc suite iv\linkair\LinkAirBrowserHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {D5D47440-0750-463D-BAEF-A47D02414806} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [BitTorrent DNA] "c:\program files\dna\btdna.exe"
uRun: [<NO NAME>]
uRun: [NokiaOviSuite2] c:\program files\nokia\nokia ovi suite\NokiaOviSuite.exe -tray
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [LG LinkAir]
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [NokiaMServer] c:\program files\common files\nokia\mplatform\NokiaMServer /watchfiles startup
mRun: [FileServe Manager Task] "c:\fileserve manager\FSStarter.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TNOD UP] "c:\program files\tnod user & password finder\TNODUP.exe" /i
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
IE: Download with FileServe Manager - c:\fileserve manager\GetUrl.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab
TCP: DhcpNameServer = 10.0.161.254 81.19.33.2
TCP: Interfaces\{EC232351-A358-467D-8B17-EF999762AD5A} : DhcpNameServer = 10.0.161.254 81.19.33.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office14\GROOVEEX.DLL
mASetup: {97702F2v-220Y-2vE0-YY39-E9G92219MM5} - c:\documents and settings\lucka\data aplikací\javaw.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\lucka\data aplikací\mozilla\firefox\profiles\kofaa3ww.default\
.
============= SERVICES / DRIVERS ===============
.
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-7-29 115008]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2010-8-12 810144]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [2011-3-29 47616]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-10-18 90112]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2011-6-6 1524544]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [2009-9-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [2009-9-29 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [2009-9-29 12928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2004-1-1 100456]
R3 PSched;Plánovač paketů technologie QoS;c:\windows\system32\drivers\psched.sys [2006-3-2 69120]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2010-11-29 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\lavalys\everest home edition\kerneld.wnt [2005-8-18 7168]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [2004-1-1 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [2004-1-1 8576]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [2010-10-18 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [2010-10-18 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [2010-10-18 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [2010-10-18 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [2010-10-18 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [2010-10-18 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [2010-10-18 109864]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\drivers\snp325.sys --> c:\windows\system32\drivers\snp325.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-07-10 15:15:09 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-07-10 14:56:46 188416 ----a-w- c:\documents and settings\lucka\data aplikací\javaw.exe
2011-07-07 16:16:51 442368 ----a-r- c:\windows\system32\vp6vfw.dll
2011-07-07 16:16:51 -------- d-----w- c:\program files\EA GAMES
2011-07-05 17:30:55 -------- d-----w- c:\program files\ICE-Land2
2011-07-05 16:37:24 -------- d-----w- c:\program files\directx
2011-07-05 16:37:15 -------- d-----w- c:\windows\AM
2011-07-05 16:37:06 -------- d-----w- c:\program files\Mýty a legendy
2011-07-01 17:03:34 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-06-23 04:28:35 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
2011-06-23 04:28:35 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll
2011-06-17 21:24:38 -------- d-----w- c:\windows\SxsCaPendDel
2011-06-17 12:16:56 105472 -c----w- c:\windows\system32\dllcache\mup.sys
.
==================== Find3M ====================
.
2011-07-07 19:21:14 252080 -c--a-w- c:\windows\system32\nvdrsdb0.bin
2011-07-07 19:21:14 1 ----a-w- c:\windows\system32\nvdrssel.bin
2011-06-18 09:01:46 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 16:29:10 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-05-02 15:32:14 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25:05 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:52:08 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-29 16:52:07 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-29 16:19:43 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:06:09 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:06:09 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:06:09 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01:33 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37:43 105472 ----a-w- c:\windows\system32\drivers\mup.sys
.
============= FINISH: 20:42:02,96 ===============
Log z RSIT
Logfile of random's system information tool 1.09 (written by random/random)
Run by Lucka at 2011-07-10 20:43:21
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 5 GB (12%) free of 43 GB
Total RAM: 2046 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:43:24, on 10.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LGScsiCommandService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Documents and Settings\Lucka\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Lucka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: FileServeManager - {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - C:\FileServe Manager\FileServeBHO.dll (file missing)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Documents and Settings\Lucka\Dokumenty\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [FileServe Manager Task] "C:\FileServe Manager\FSStarter.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TNOD UP] "C:\Program Files\TNod User & Password Finder\TNODUP.exe" /i
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download with FileServe Manager - C:\FileServe Manager\GetUrl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Filter hijack: text/html - {4C962D98-7E08-4df4-BC99-060644D7CA60} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LG SCSI command service (LGScsiCommandService) - Mobile Leader Co.,Ltd. - C:\WINDOWS\system32\LGScsiCommandService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 8763 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\kofaa3ww.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "facebook.com"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, smartwebprinting@hp.com:4.5, {6236BA26-C117-4007-928C-DE0716C7FA80}:1.0.23, {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.6, {6236BA26-C117-4007-928C-DE0716C7FA99}:1.0.1, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, {8675f4b3-2f19-11ed-2d6b-0800600c0a16}:1.0, toolbar@ask.com:3.11.3.15590, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}"=C:\FileServe Manager\FireFox_Extension\{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=C:\Program Files\DNA\plugins\npbtdna.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=c:\Program Files\Sony\Media Go\npmediago.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npLegitCheckPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\kofaa3ww.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
{8675f4b3-2f19-11ed-2d6b-0800600c0a17}

C:\Documents and Settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\kofaa3ww.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000001-AB3B-4334-9DA2-EC6B2A02AFC6}]
FileServeManager - C:\FileServe Manager\FileServeBHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class - C:\Documents and Settings\Lucka\Dokumenty\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2011-01-31 35688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-04-29 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-04-05 94208]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-04-05 77824]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2005-04-05 114688]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-08-12 2215064]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2011-01-07 111208]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-01-07 13880424]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-11-04 1753192]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"FileServe Manager Task"=C:\FileServe Manager\FSStarter.exe []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]
"TNOD UP"=C:\Program Files\TNod User & Password Finder\TNODUP.exe [2011-05-07 1882112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2011-01-10 323392]
""= []
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-01-31 703360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"LG LinkAir"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Lucka\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe [2005-04-08 7081984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-11-20 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-05-21 275768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-04-05 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=95

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=serwvdrv.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FFDS"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

======List of files/folders created in the last 1 month======

2011-07-10 20:43:21 ----D---- C:\rsit
2011-07-10 20:43:21 ----D---- C:\Program Files\trend micro
2011-07-10 17:15:09 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-07-10 17:15:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-07-10 16:56:46 ----A---- C:\Documents and Settings\Lucka\Data aplikací\javaw.exe
2011-07-07 18:16:51 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2011-07-07 18:16:51 ----D---- C:\Program Files\EA GAMES
2011-07-05 19:30:55 ----D---- C:\Program Files\ICE-Land2
2011-07-05 18:37:24 ----D---- C:\Program Files\directx
2011-07-05 18:37:15 ----D---- C:\WINDOWS\AM
2011-07-05 18:37:06 ----D---- C:\Program Files\Mýty a legendy
2011-07-01 19:03:34 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2011-06-29 10:13:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2011-06-17 23:27:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2011-06-17 23:27:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2503665$
2011-06-17 23:26:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2011-06-17 23:25:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276$
2011-06-17 23:25:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893$
2011-06-17 23:24:38 ----D---- C:\WINDOWS\SxsCaPendDel

======List of files/folders modified in the last 1 month======

2011-07-10 20:43:22 ----D---- C:\WINDOWS\Temp
2011-07-10 20:43:21 ----RD---- C:\Program Files
2011-07-10 20:37:15 ----D---- C:\Documents and Settings\Lucka\Data aplikací\DNA
2011-07-10 16:56:54 ----D---- C:\WINDOWS\Prefetch
2011-07-10 15:46:43 ----D---- C:\Program Files\DNA
2011-07-10 13:54:55 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-10 09:48:15 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-09 21:19:31 ----D---- C:\Documents and Settings\Lucka\Data aplikací\HPAppData
2011-07-07 20:03:33 ----A---- C:\WINDOWS\NeroDigital.ini
2011-07-07 18:16:51 ----D---- C:\WINDOWS\system32
2011-07-06 22:08:05 ----D---- C:\Program Files\Mozilla Firefox
2011-07-05 18:37:15 ----D---- C:\WINDOWS
2011-07-01 19:03:47 ----D---- C:\Program Files\TuneUp Utilities 2011
2011-07-01 19:03:44 ----SHD---- C:\WINDOWS\Installer
2011-07-01 19:03:38 ----HD---- C:\Config.Msi
2011-07-01 11:52:57 ----RSD---- C:\WINDOWS\assembly
2011-07-01 11:52:57 ----D---- C:\WINDOWS\Microsoft.NET
2011-07-01 11:27:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-01 11:27:09 ----D---- C:\WINDOWS\WinSxS
2011-06-29 20:50:17 ----HD---- C:\WINDOWS\inf
2011-06-29 10:13:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-29 09:55:08 ----HD---- C:\WINDOWS\$hf_mig$
2011-06-24 16:43:32 ----D---- C:\WINDOWS\system32\DirectX
2011-06-23 21:30:41 ----D---- C:\WINDOWS\system32\CatRoot
2011-06-23 21:29:26 ----D---- C:\WINDOWS\system32\drivers
2011-06-23 21:28:34 ----D---- C:\Program Files\LG Electronics
2011-06-18 10:43:16 ----D---- C:\Program Files\Microsoft Silverlight
2011-06-17 23:31:11 ----A---- C:\WINDOWS\system32\MRT.exe
2011-06-17 23:30:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-06-17 23:27:14 ----A---- C:\WINDOWS\imsins.BAK
2011-06-17 23:25:36 ----D---- C:\Program Files\Internet Explorer
2011-06-17 23:25:26 ----D---- C:\WINDOWS\ie8updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-02-17 431672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2010-07-29 115008]
R1 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys [2010-08-03 55256]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys [2010-08-04 140752]
R2 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2010-07-29 134512]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-03-04 157696]
R3 Epfwndis;Eset Personal Firewall; C:\WINDOWS\system32\DRIVERS\Epfwndis.sys [2010-07-29 32608]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-01-08 9888672]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2010-11-12 100456]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2008-04-10 1271032]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 asvzl49g;asvzl49g; C:\WINDOWS\system32\drivers\asvzl49g.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-29 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-29 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-29 21568]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-04-05 830684]
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys [2006-08-28 13312]
S3 mbr;mbr; \??\C:\DOCUME~1\Lucka\LOCALS~1\Temp\mbr.sys []
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-07-26 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-07-26 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-04-04 35712]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2010-08-12 810144]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-04-29 153376]
R2 LGScsiCommandService;LG SCSI command service; C:\WINDOWS\system32\LGScsiCommandService.exe [2010-04-12 47616]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-01-07 156776]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-06-06 1524544]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-08-12 33584]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#2 Příspěvek od chodnik74 »

Dobrý den :welcome:
co budeme dělat s nelegálním ESET? :twisted:

Pravidla fora: č.1 a č.2, č.3
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
newim123
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 10 črc 2011 16:25

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#3 Příspěvek od newim123 »

ESET je legalni vkladam do nej trialove klice :) jak jsem porusil pravidla?
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#4 Příspěvek od chodnik74 »

Tak to na mě nezkušejte..vkládá vám do něho licenci program...a pokud jste se nedočetl,tak v licenčních podmínkách ESET je,že můžete trial licenci využít pouze jednou..čili na jeden měsíc a poté produkt odinstalovat nebo zakoupit..nikoliv shánět nové licence..
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
newim123
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 10 črc 2011 16:25

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#5 Příspěvek od newim123 »

Tak dekuji za vasi pomoct.
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#6 Příspěvek od chodnik74 »

Pokud chcete,tak vyměňte nelegální ESET třeba za Avast :) Ten je zadarmo a je na špičkové úrovni...
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
newim123
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 10 črc 2011 16:25

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#7 Příspěvek od newim123 »

Prejdu na antivir od Microsoftu :)
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#8 Příspěvek od chodnik74 »

Dobře..odinstalujte všechny nelegální věci z pc,změňte AV a poté bych poprosil nový log z RSIT :)
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
newim123
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 10 črc 2011 16:25

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#9 Příspěvek od newim123 »

Logfile of random's system information tool 1.09 (written by random/random)
Run by Lucka at 2011-07-11 16:27:20
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 6 GB (13%) free of 43 GB
Total RAM: 2046 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:27:25, on 11.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\LGScsiCommandService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Nokia\NoA\nokiaaserver.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Documents and Settings\Lucka\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Lucka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: FileServeManager - {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - C:\FileServe Manager\FileServeBHO.dll (file missing)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Documents and Settings\Lucka\Dokumenty\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: (no name) - {D5D47440-0750-463D-BAEF-A47D02414806} - (no file)
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [FileServe Manager Task] "C:\FileServe Manager\FSStarter.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [NokiaOviSuite2] C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Download with FileServe Manager - C:\FileServe Manager\GetUrl.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Filter hijack: text/html - {4C962D98-7E08-4df4-BC99-060644D7CA60} - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LG SCSI command service (LGScsiCommandService) - Mobile Leader Co.,Ltd. - C:\WINDOWS\system32\LGScsiCommandService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

--
End of file - 8265 bytes

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\kofaa3ww.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "facebook.com"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.1, smartwebprinting@hp.com:4.5, {6236BA26-C117-4007-928C-DE0716C7FA80}:1.0.23, {6236BA26-C117-4007-928C-DE0716C7FA96}:1.0.6, {6236BA26-C117-4007-928C-DE0716C7FA99}:1.0.1, {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.2, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51, {8675f4b3-2f19-11ed-2d6b-0800600c0a16}:1.0, toolbar@ask.com:3.11.3.15590, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}"=C:\FileServe Manager\FireFox_Extension\{9F6FB1C9-22DA-4123-A7D4-9E7844B60EE5}
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bittorrent.com/BitTorrentDNA]
"Description"=Delivery Network Acceleration by BitTorrent™
"Path"=C:\Program Files\DNA\plugins\npbtdna.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=c:\Program Files\Sony\Media Go\npmediago.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeployJava1.dll
npLegitCheckPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
Cetrumcz_igeared.xml
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Documents and Settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\kofaa3ww.default\extensions\
{20a82645-c095-46ed-80e3-08825760534b}
{8675f4b3-2f19-11ed-2d6b-0800600c0a16}
{8675f4b3-2f19-11ed-2d6b-0800600c0a17}

C:\Documents and Settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\kofaa3ww.default\searchplugins\
askcom.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000001-AB3B-4334-9DA2-EC6B2A02AFC6}]
FileServeManager - C:\FileServe Manager\FileServeBHO.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21A88CB9-84D2-4020-A2D1-B25A21034884}]
HistoryTriggerBHO Class - C:\Documents and Settings\Lucka\Dokumenty\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll [2011-01-31 35688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-04-29 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-04-29 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{D5D47440-0750-463D-BAEF-A47D02414806}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2005-04-05 94208]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2005-04-05 77824]
"Persistence"=C:\WINDOWS\system32\igfxpers.exe [2005-04-05 114688]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2011-01-07 111208]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2011-01-07 13880424]
"nwiz"=C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [2010-11-04 1753192]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"FileServe Manager Task"=C:\FileServe Manager\FSStarter.exe []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2010-03-17 421888]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"BitTorrent DNA"=C:\Program Files\DNA\btdna.exe [2011-01-10 323392]
""= []
"NokiaOviSuite2"=C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe [2011-01-31 703360]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"LG LinkAir"= []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-09-21 932288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Lucka\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe /c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
C:\Program Files\Intel Audio Studio\IntelAudioStudio.exe [2005-04-08 7081984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2003-10-31 32768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2009-11-20 434176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2009-05-21 275768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
C:\PROGRA~1\WI459E~1\WINDOW~1.EXE [2008-05-26 123904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-04-05 131072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2009-05-24 304128]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 4222864]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveTypeAutoRun"=95

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Microsoft Office\Office14\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office14\GROOVE.EXE:*:Enabled:Microsoft SharePoint Workspace"
"C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office14\ONENOTE.EXE:*:Enabled:Microsoft OneNote"
"C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application"
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe"="C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe"="C:\Program Files\Common Files\HP\Digital Imaging\Bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe:*:Enabled:hpqusgm.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe:*:Enabled:hpqusgh.exe"
"C:\Program Files\HP\HP Software Update\hpwucli.exe"="C:\Program Files\HP\HP Software Update\hpwucli.exe:*:Enabled:hpwucli.exe"
"C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe"="C:\Program Files\HP\Digital Imaging\smart web printing\SmartWebPrintExe.exe:*:Enabled:smartwebprintexe.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=serwvdrv.dll
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave1"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"VIDC.FFDS"=C:\PROGRA~1\COMBIN~1\Filters\FFDShow\ff_vfw.dll
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"vidc.VP60"=C:\WINDOWS\system32\vp6vfw.dll
"vidc.VP61"=C:\WINDOWS\system32\vp6vfw.dll

======List of files/folders created in the last 1 month======

2011-07-11 16:26:29 ----D---- C:\WINDOWS\LastGood
2011-07-10 20:43:21 ----D---- C:\rsit
2011-07-10 20:43:21 ----D---- C:\Program Files\trend micro
2011-07-10 17:15:09 ----D---- C:\Program Files\Spybot - Search & Destroy
2011-07-10 17:15:09 ----D---- C:\Documents and Settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-07-10 16:56:46 ----A---- C:\Documents and Settings\Lucka\Data aplikací\javaw.exe
2011-07-07 18:16:51 ----RA---- C:\WINDOWS\system32\vp6vfw.dll
2011-07-07 18:16:51 ----D---- C:\Program Files\EA GAMES
2011-07-05 19:30:55 ----D---- C:\Program Files\ICE-Land2
2011-07-05 18:37:24 ----D---- C:\Program Files\directx
2011-07-05 18:37:15 ----D---- C:\WINDOWS\AM
2011-07-05 18:37:06 ----D---- C:\Program Files\Mýty a legendy
2011-07-01 19:03:34 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2011-06-29 10:13:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2541763$
2011-06-17 23:27:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$
2011-06-17 23:27:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2503665$
2011-06-17 23:26:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$
2011-06-17 23:25:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276$
2011-06-17 23:25:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893$
2011-06-17 23:24:38 ----D---- C:\WINDOWS\SxsCaPendDel

======List of files/folders modified in the last 1 month======

2011-07-11 16:27:25 ----D---- C:\WINDOWS\Prefetch
2011-07-11 16:26:47 ----SHD---- C:\WINDOWS\Installer
2011-07-11 16:26:44 ----HD---- C:\Config.Msi
2011-07-11 16:26:42 ----RD---- C:\Program Files
2011-07-11 16:26:36 ----HD---- C:\WINDOWS\inf
2011-07-11 16:26:36 ----D---- C:\WINDOWS\Temp
2011-07-11 16:26:36 ----D---- C:\WINDOWS\system32\drivers
2011-07-11 16:26:29 ----D---- C:\WINDOWS\system32\CatRoot2
2011-07-11 16:26:29 ----D---- C:\WINDOWS
2011-07-11 16:24:44 ----D---- C:\Program Files\DNA
2011-07-11 16:24:44 ----D---- C:\Documents and Settings\Lucka\Data aplikací\DNA
2011-07-11 15:22:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2011-07-11 12:23:26 ----A---- C:\WINDOWS\NeroDigital.ini
2011-07-09 21:19:31 ----D---- C:\Documents and Settings\Lucka\Data aplikací\HPAppData
2011-07-07 18:16:51 ----D---- C:\WINDOWS\system32
2011-07-06 22:08:05 ----D---- C:\Program Files\Mozilla Firefox
2011-07-01 19:03:47 ----D---- C:\Program Files\TuneUp Utilities 2011
2011-07-01 11:52:57 ----RSD---- C:\WINDOWS\assembly
2011-07-01 11:52:57 ----D---- C:\WINDOWS\Microsoft.NET
2011-07-01 11:27:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2011-07-01 11:27:09 ----D---- C:\WINDOWS\WinSxS
2011-06-29 10:13:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2011-06-29 09:55:08 ----HD---- C:\WINDOWS\$hf_mig$
2011-06-24 16:43:32 ----D---- C:\WINDOWS\system32\DirectX
2011-06-23 21:30:41 ----D---- C:\WINDOWS\system32\CatRoot
2011-06-23 21:28:34 ----D---- C:\Program Files\LG Electronics
2011-06-18 10:43:16 ----D---- C:\Program Files\Microsoft Silverlight
2011-06-17 23:31:11 ----A---- C:\WINDOWS\system32\MRT.exe
2011-06-17 23:30:41 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2011-06-17 23:27:14 ----A---- C:\WINDOWS\imsins.BAK
2011-06-17 23:25:36 ----D---- C:\Program Files\Internet Explorer
2011-06-17 23:25:26 ----D---- C:\WINDOWS\ie8updates

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2011-02-17 431672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R3 E100B;Intel(R) PRO Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2005-03-04 157696]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 KMWDFILTER;HIDUASDesc; C:\WINDOWS\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 LgBttPort;LGE Bluetooth TransPort; C:\WINDOWS\system32\DRIVERS\lgbtport.sys [2009-09-29 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\lgbtbus.sys [2009-09-29 10496]
R3 LGVMODEM;LGE Virtual Modem; C:\WINDOWS\system32\DRIVERS\lgvmodem.sys [2009-09-29 12928]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2006-03-02 12160]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2011-01-08 9888672]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2010-11-12 100456]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2008-04-10 1271032]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys []
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 eamon;eamon; C:\WINDOWS\system32\DRIVERS\eamon.sys []
R4 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys []
R4 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys []
R4 epfwtdi;epfwtdi; C:\WINDOWS\system32\DRIVERS\epfwtdi.sys []
S1 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2008-04-14 31744]
S3 adi1j4j7;adi1j4j7; C:\WINDOWS\system32\drivers\adi1j4j7.sys []
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 EverestDriver;Lavalys EVEREST Kernel Driver; \??\C:\Program Files\Lavalys\EVEREST Home Edition\kerneld.wnt []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-29 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-29 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-29 21568]
S3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
S3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
S3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-04-05 830684]
S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys [2006-08-28 13312]
S3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-07-30 18048]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-07-30 23040]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2010-07-26 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2010-07-26 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM); C:\WINDOWS\system32\DRIVERS\s1018bus.sys [2009-03-25 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s1018mdfl.sys [2009-03-25 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s1018mdm.sys [2009-03-25 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s1018mgmt.sys [2009-03-25 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS); C:\WINDOWS\system32\DRIVERS\s1018nd5.sys [2009-03-25 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s1018obex.sys [2009-03-25 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM); C:\WINDOWS\system32\DRIVERS\s1018unic.sys [2009-03-25 109864]
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2005-04-04 35712]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SNP325;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys []
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-07-30 8192]
S3 usbbus;LGE Mobile Composite USB Device; C:\WINDOWS\system32\DRIVERS\lgusbbus.sys [2010-01-21 13056]
S3 UsbDiag;LGE Mobile USB Serial Port; C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys [2010-01-21 20864]
S3 USBModem;LGE Mobile USB Modem; C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys [2010-01-21 24960]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-07-30 8192]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2009-01-30 38528]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-03-02 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-04-29 153376]
R2 LGScsiCommandService;LG SCSI command service; C:\WINDOWS\system32\LGScsiCommandService.exe [2010-04-12 47616]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nvsvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2011-01-07 156776]
R2 OMSI download service;Sony Ericsson OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [2009-04-30 90112]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [2011-06-06 1524544]
R2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-12-08 628736]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-02-04 913920]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

-----------------EOF-----------------
Nahoru
newim123
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 10 črc 2011 16:25

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#10 Příspěvek od newim123 »

Log Z combofixu
ComboFix 11-07-11.02 - Lucka 11.07.2011 17:02:26.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1358 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucka\Dokumenty\Sta×enÚ soubory\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CommonFiles
c:\commonfiles\Java\bin\awt.dll
c:\commonfiles\Java\bin\axbridge.dll
c:\commonfiles\Java\bin\client\classes.jsa
c:\commonfiles\Java\bin\client\jvm.dll
c:\commonfiles\Java\bin\client\Xusage.txt
c:\commonfiles\Java\bin\cmm.dll
c:\commonfiles\Java\bin\dcpr.dll
c:\commonfiles\Java\bin\deploy.dll
c:\commonfiles\Java\bin\deployJava1.dll
c:\commonfiles\Java\bin\dt_shmem.dll
c:\commonfiles\Java\bin\dt_socket.dll
c:\commonfiles\Java\bin\eula.dll
c:\commonfiles\Java\bin\fontmanager.dll
c:\commonfiles\Java\bin\hpi.dll
c:\commonfiles\Java\bin\hprof.dll
c:\commonfiles\Java\bin\instrument.dll
c:\commonfiles\Java\bin\ioser12.dll
c:\commonfiles\Java\bin\j2pcsc.dll
c:\commonfiles\Java\bin\j2pkcs11.dll
c:\commonfiles\Java\bin\jaas_nt.dll
c:\commonfiles\Java\bin\java-rmi.exe
c:\commonfiles\Java\bin\java.dll
c:\commonfiles\Java\bin\java.exe
c:\commonfiles\Java\bin\java_crw_demo.dll
c:\commonfiles\Java\bin\javacpl.cpl
c:\commonfiles\Java\bin\javacpl.exe
c:\commonfiles\Java\bin\javaw.exe
c:\commonfiles\Java\bin\javaws.exe
c:\commonfiles\Java\bin\jawt.dll
c:\commonfiles\Java\bin\jbroker.exe
c:\commonfiles\Java\bin\JdbcOdbc.dll
c:\commonfiles\Java\bin\jdwp.dll
c:\commonfiles\Java\bin\jkernel.dll
c:\commonfiles\Java\bin\jli.dll
c:\commonfiles\Java\bin\jp2iexp.dll
c:\commonfiles\Java\bin\jp2launcher.exe
c:\commonfiles\Java\bin\jp2native.dll
c:\commonfiles\Java\bin\jp2ssv.dll
c:\commonfiles\Java\bin\jpeg.dll
c:\commonfiles\Java\bin\jpicom.dll
c:\commonfiles\Java\bin\jpiexp.dll
c:\commonfiles\Java\bin\jpinscp.dll
c:\commonfiles\Java\bin\jpioji.dll
c:\commonfiles\Java\bin\jpishare.dll
c:\commonfiles\Java\bin\jqs.exe
c:\commonfiles\Java\bin\jqsnotify.exe
c:\commonfiles\Java\bin\jsound.dll
c:\commonfiles\Java\bin\jsoundds.dll
c:\commonfiles\Java\bin\keytool.exe
c:\commonfiles\Java\bin\kinit.exe
c:\commonfiles\Java\bin\klist.exe
c:\commonfiles\Java\bin\ktab.exe
c:\commonfiles\Java\bin\management.dll
c:\commonfiles\Java\bin\mlib_image.dll
c:\commonfiles\Java\bin\msvcr71.dll
c:\commonfiles\Java\bin\msvcrt.dll
c:\commonfiles\Java\bin\net.dll
c:\commonfiles\Java\bin\new_plugin\msvcr71.dll
c:\commonfiles\Java\bin\new_plugin\npdeployJava1.dll
c:\commonfiles\Java\bin\new_plugin\npjp2.dll
c:\commonfiles\Java\bin\nio.dll
c:\commonfiles\Java\bin\npdeployJava1.dll
c:\commonfiles\Java\bin\npjpi160_25.dll
c:\commonfiles\Java\bin\npoji610.dll
c:\commonfiles\Java\bin\npt.dll
c:\commonfiles\Java\bin\orbd.exe
c:\commonfiles\Java\bin\pack200.exe
c:\commonfiles\Java\bin\policytool.exe
c:\commonfiles\Java\bin\regutils.dll
c:\commonfiles\Java\bin\rmi.dll
c:\commonfiles\Java\bin\rmid.exe
c:\commonfiles\Java\bin\rmiregistry.exe
c:\commonfiles\Java\bin\servertool.exe
c:\commonfiles\Java\bin\splashscreen.dll
c:\commonfiles\Java\bin\ssv.dll
c:\commonfiles\Java\bin\ssvagent.exe
c:\commonfiles\Java\bin\sunmscapi.dll
c:\commonfiles\Java\bin\tnameserv.exe
c:\commonfiles\Java\bin\unicows.dll
c:\commonfiles\Java\bin\unpack.dll
c:\commonfiles\Java\bin\unpack200.exe
c:\commonfiles\Java\bin\verify.dll
c:\commonfiles\Java\bin\w2k_lsa_auth.dll
c:\commonfiles\Java\bin\wsdetect.dll
c:\commonfiles\Java\bin\zip.dll
c:\commonfiles\Java\COPYRIGHT
c:\commonfiles\Java\Data\PortableApps.comInstaller\license.ini
c:\commonfiles\Java\JavaPortable.ini
c:\commonfiles\Java\lib\audio\soundbank.gm
c:\commonfiles\Java\lib\calendars.properties
c:\commonfiles\Java\lib\classlist
c:\commonfiles\Java\lib\cmm\CIEXYZ.pf
c:\commonfiles\Java\lib\cmm\GRAY.pf
c:\commonfiles\Java\lib\cmm\LINEAR_RGB.pf
c:\commonfiles\Java\lib\cmm\PYCC.pf
c:\commonfiles\Java\lib\cmm\sRGB.pf
c:\commonfiles\Java\lib\content-types.properties
c:\commonfiles\Java\lib\deploy.jar
c:\commonfiles\Java\lib\deploy.pack
c:\commonfiles\Java\lib\deploy\ffjcext.zip
c:\commonfiles\Java\lib\deploy\jqs\ff\chrome.manifest
c:\commonfiles\Java\lib\deploy\jqs\ff\chrome\content\overlay.js
c:\commonfiles\Java\lib\deploy\jqs\ff\chrome\content\overlay.xul
c:\commonfiles\Java\lib\deploy\jqs\ff\install.rdf
c:\commonfiles\Java\lib\deploy\jqs\ie\jqs_plugin.dll
c:\commonfiles\Java\lib\deploy\jqs\jqs.conf
c:\commonfiles\Java\lib\deploy\jqs\jqsmessages.properties
c:\commonfiles\Java\lib\deploy\lzma.dll
c:\commonfiles\Java\lib\deploy\messages.properties
c:\commonfiles\Java\lib\deploy\messages_de.properties
c:\commonfiles\Java\lib\deploy\messages_es.properties
c:\commonfiles\Java\lib\deploy\messages_fr.properties
c:\commonfiles\Java\lib\deploy\messages_it.properties
c:\commonfiles\Java\lib\deploy\messages_ja.properties
c:\commonfiles\Java\lib\deploy\messages_ko.properties
c:\commonfiles\Java\lib\deploy\messages_pt_BR.properties
c:\commonfiles\Java\lib\deploy\messages_sv.properties
c:\commonfiles\Java\lib\deploy\messages_zh_CN.properties
c:\commonfiles\Java\lib\deploy\messages_zh_HK.properties
c:\commonfiles\Java\lib\deploy\messages_zh_TW.properties
c:\commonfiles\Java\lib\deploy\splash.gif
c:\commonfiles\Java\lib\ext\dnsns.jar
c:\commonfiles\Java\lib\ext\localedata.jar
c:\commonfiles\Java\lib\ext\localedata.pack
c:\commonfiles\Java\lib\ext\meta-index
c:\commonfiles\Java\lib\ext\sunjce_provider.jar
c:\commonfiles\Java\lib\ext\sunmscapi.jar
c:\commonfiles\Java\lib\ext\sunpkcs11.jar
c:\commonfiles\Java\lib\flavormap.properties
c:\commonfiles\Java\lib\fontconfig.98.bfc
c:\commonfiles\Java\lib\fontconfig.98.properties.src
c:\commonfiles\Java\lib\fontconfig.bfc
c:\commonfiles\Java\lib\fontconfig.properties.src
c:\commonfiles\Java\lib\fonts\LucidaBrightDemiBold.ttf
c:\commonfiles\Java\lib\fonts\LucidaBrightDemiItalic.ttf
c:\commonfiles\Java\lib\fonts\LucidaBrightItalic.ttf
c:\commonfiles\Java\lib\fonts\LucidaBrightRegular.ttf
c:\commonfiles\Java\lib\fonts\LucidaSansDemiBold.ttf
c:\commonfiles\Java\lib\fonts\LucidaSansRegular.ttf
c:\commonfiles\Java\lib\fonts\LucidaTypewriterBold.ttf
c:\commonfiles\Java\lib\fonts\LucidaTypewriterRegular.ttf
c:\commonfiles\Java\lib\charsets.jar
c:\commonfiles\Java\lib\charsets.pack
c:\commonfiles\Java\lib\i386\jvm.cfg
c:\commonfiles\Java\lib\im\indicim.jar
c:\commonfiles\Java\lib\im\thaiim.jar
c:\commonfiles\Java\lib\images\cursors\cursors.properties
c:\commonfiles\Java\lib\images\cursors\invalid32x32.gif
c:\commonfiles\Java\lib\images\cursors\win32_CopyDrop32x32.gif
c:\commonfiles\Java\lib\images\cursors\win32_CopyNoDrop32x32.gif
c:\commonfiles\Java\lib\images\cursors\win32_LinkDrop32x32.gif
c:\commonfiles\Java\lib\images\cursors\win32_LinkNoDrop32x32.gif
c:\commonfiles\Java\lib\images\cursors\win32_MoveDrop32x32.gif
c:\commonfiles\Java\lib\images\cursors\win32_MoveNoDrop32x32.gif
c:\commonfiles\Java\lib\javaws.jar
c:\commonfiles\Java\lib\javaws.pack
c:\commonfiles\Java\lib\jce.jar
c:\commonfiles\Java\lib\jsse.jar
c:\commonfiles\Java\lib\jsse.pack
c:\commonfiles\Java\lib\jvm.hprof.txt
c:\commonfiles\Java\lib\logging.properties
c:\commonfiles\Java\lib\management-agent.jar
c:\commonfiles\Java\lib\management\jmxremote.access
c:\commonfiles\Java\lib\management\jmxremote.password.template
c:\commonfiles\Java\lib\management\management.properties
c:\commonfiles\Java\lib\management\snmp.acl.template
c:\commonfiles\Java\lib\meta-index
c:\commonfiles\Java\lib\net.properties
c:\commonfiles\Java\lib\plugin.jar
c:\commonfiles\Java\lib\plugin.pack
c:\commonfiles\Java\lib\psfont.properties.ja
c:\commonfiles\Java\lib\psfontj2d.properties
c:\commonfiles\Java\lib\resources.jar
c:\commonfiles\Java\lib\rt.jar
c:\commonfiles\Java\lib\rt.pack
c:\commonfiles\Java\lib\security\blacklist
c:\commonfiles\Java\lib\security\cacerts
c:\commonfiles\Java\lib\security\java.policy
c:\commonfiles\Java\lib\security\java.security
c:\commonfiles\Java\lib\security\javaws.policy
c:\commonfiles\Java\lib\security\local_policy.jar
c:\commonfiles\Java\lib\security\trusted.libraries
c:\commonfiles\Java\lib\security\US_export_policy.jar
c:\commonfiles\Java\lib\servicetag\jdk_header.png
c:\commonfiles\Java\lib\sound.properties
c:\commonfiles\Java\lib\tzmappings
c:\commonfiles\Java\lib\zi\Africa\Abidjan
c:\commonfiles\Java\lib\zi\Africa\Accra
c:\commonfiles\Java\lib\zi\Africa\Addis_Ababa
c:\commonfiles\Java\lib\zi\Africa\Algiers
c:\commonfiles\Java\lib\zi\Africa\Asmara
c:\commonfiles\Java\lib\zi\Africa\Bamako
c:\commonfiles\Java\lib\zi\Africa\Bangui
c:\commonfiles\Java\lib\zi\Africa\Banjul
c:\commonfiles\Java\lib\zi\Africa\Bissau
c:\commonfiles\Java\lib\zi\Africa\Blantyre
c:\commonfiles\Java\lib\zi\Africa\Brazzaville
c:\commonfiles\Java\lib\zi\Africa\Bujumbura
c:\commonfiles\Java\lib\zi\Africa\Cairo
c:\commonfiles\Java\lib\zi\Africa\Casablanca
c:\commonfiles\Java\lib\zi\Africa\Ceuta
c:\commonfiles\Java\lib\zi\Africa\Conakry
c:\commonfiles\Java\lib\zi\Africa\Dakar
c:\commonfiles\Java\lib\zi\Africa\Dar_es_Salaam
c:\commonfiles\Java\lib\zi\Africa\Djibouti
c:\commonfiles\Java\lib\zi\Africa\Douala
c:\commonfiles\Java\lib\zi\Africa\El_Aaiun
c:\commonfiles\Java\lib\zi\Africa\Freetown
c:\commonfiles\Java\lib\zi\Africa\Gaborone
c:\commonfiles\Java\lib\zi\Africa\Harare
c:\commonfiles\Java\lib\zi\Africa\Johannesburg
c:\commonfiles\Java\lib\zi\Africa\Kampala
c:\commonfiles\Java\lib\zi\Africa\Khartoum
c:\commonfiles\Java\lib\zi\Africa\Kigali
c:\commonfiles\Java\lib\zi\Africa\Kinshasa
c:\commonfiles\Java\lib\zi\Africa\Lagos
c:\commonfiles\Java\lib\zi\Africa\Libreville
c:\commonfiles\Java\lib\zi\Africa\Lome
c:\commonfiles\Java\lib\zi\Africa\Luanda
c:\commonfiles\Java\lib\zi\Africa\Lubumbashi
c:\commonfiles\Java\lib\zi\Africa\Lusaka
c:\commonfiles\Java\lib\zi\Africa\Malabo
c:\commonfiles\Java\lib\zi\Africa\Maputo
c:\commonfiles\Java\lib\zi\Africa\Maseru
c:\commonfiles\Java\lib\zi\Africa\Mbabane
c:\commonfiles\Java\lib\zi\Africa\Mogadishu
c:\commonfiles\Java\lib\zi\Africa\Monrovia
c:\commonfiles\Java\lib\zi\Africa\Nairobi
c:\commonfiles\Java\lib\zi\Africa\Ndjamena
c:\commonfiles\Java\lib\zi\Africa\Niamey
c:\commonfiles\Java\lib\zi\Africa\Nouakchott
c:\commonfiles\Java\lib\zi\Africa\Ouagadougou
c:\commonfiles\Java\lib\zi\Africa\Porto-Novo
c:\commonfiles\Java\lib\zi\Africa\Sao_Tome
c:\commonfiles\Java\lib\zi\Africa\Tripoli
c:\commonfiles\Java\lib\zi\Africa\Tunis
c:\commonfiles\Java\lib\zi\Africa\Windhoek
c:\commonfiles\Java\lib\zi\America\Adak
c:\commonfiles\Java\lib\zi\America\Anguilla
c:\commonfiles\Java\lib\zi\America\Anchorage
c:\commonfiles\Java\lib\zi\America\Antigua
c:\commonfiles\Java\lib\zi\America\Araguaina
c:\commonfiles\Java\lib\zi\America\Argentina\Buenos_Aires
c:\commonfiles\Java\lib\zi\America\Argentina\Catamarca
c:\commonfiles\Java\lib\zi\America\Argentina\Cordoba
c:\commonfiles\Java\lib\zi\America\Argentina\Jujuy
c:\commonfiles\Java\lib\zi\America\Argentina\La_Rioja
c:\commonfiles\Java\lib\zi\America\Argentina\Mendoza
c:\commonfiles\Java\lib\zi\America\Argentina\Rio_Gallegos
c:\commonfiles\Java\lib\zi\America\Argentina\Salta
c:\commonfiles\Java\lib\zi\America\Argentina\San_Juan
c:\commonfiles\Java\lib\zi\America\Argentina\San_Luis
c:\commonfiles\Java\lib\zi\America\Argentina\Tucuman
c:\commonfiles\Java\lib\zi\America\Argentina\Ushuaia
c:\commonfiles\Java\lib\zi\America\Aruba
c:\commonfiles\Java\lib\zi\America\Asuncion
c:\commonfiles\Java\lib\zi\America\Atikokan
c:\commonfiles\Java\lib\zi\America\Bahia
c:\commonfiles\Java\lib\zi\America\Bahia_Banderas
c:\commonfiles\Java\lib\zi\America\Barbados
c:\commonfiles\Java\lib\zi\America\Belem
c:\commonfiles\Java\lib\zi\America\Belize
c:\commonfiles\Java\lib\zi\America\Blanc-Sablon
c:\commonfiles\Java\lib\zi\America\Boa_Vista
c:\commonfiles\Java\lib\zi\America\Bogota
c:\commonfiles\Java\lib\zi\America\Boise
c:\commonfiles\Java\lib\zi\America\Cambridge_Bay
c:\commonfiles\Java\lib\zi\America\Campo_Grande
c:\commonfiles\Java\lib\zi\America\Cancun
c:\commonfiles\Java\lib\zi\America\Caracas
c:\commonfiles\Java\lib\zi\America\Cayenne
c:\commonfiles\Java\lib\zi\America\Cayman
c:\commonfiles\Java\lib\zi\America\Costa_Rica
c:\commonfiles\Java\lib\zi\America\Cuiaba
c:\commonfiles\Java\lib\zi\America\Curacao
c:\commonfiles\Java\lib\zi\America\Danmarkshavn
c:\commonfiles\Java\lib\zi\America\Dawson
c:\commonfiles\Java\lib\zi\America\Dawson_Creek
c:\commonfiles\Java\lib\zi\America\Denver
c:\commonfiles\Java\lib\zi\America\Detroit
c:\commonfiles\Java\lib\zi\America\Dominica
c:\commonfiles\Java\lib\zi\America\Edmonton
c:\commonfiles\Java\lib\zi\America\Eirunepe
c:\commonfiles\Java\lib\zi\America\El_Salvador
c:\commonfiles\Java\lib\zi\America\Fortaleza
c:\commonfiles\Java\lib\zi\America\Glace_Bay
c:\commonfiles\Java\lib\zi\America\Godthab
c:\commonfiles\Java\lib\zi\America\Goose_Bay
c:\commonfiles\Java\lib\zi\America\Grand_Turk
c:\commonfiles\Java\lib\zi\America\Grenada
c:\commonfiles\Java\lib\zi\America\Guadeloupe
c:\commonfiles\Java\lib\zi\America\Guatemala
c:\commonfiles\Java\lib\zi\America\Guayaquil
c:\commonfiles\Java\lib\zi\America\Guyana
c:\commonfiles\Java\lib\zi\America\Halifax
c:\commonfiles\Java\lib\zi\America\Havana
c:\commonfiles\Java\lib\zi\America\Hermosillo
c:\commonfiles\Java\lib\zi\America\Chicago
c:\commonfiles\Java\lib\zi\America\Chihuahua
c:\commonfiles\Java\lib\zi\America\Indiana\Indianapolis
c:\commonfiles\Java\lib\zi\America\Indiana\Knox
c:\commonfiles\Java\lib\zi\America\Indiana\Marengo
c:\commonfiles\Java\lib\zi\America\Indiana\Petersburg
c:\commonfiles\Java\lib\zi\America\Indiana\Tell_City
c:\commonfiles\Java\lib\zi\America\Indiana\Vevay
c:\commonfiles\Java\lib\zi\America\Indiana\Vincennes
c:\commonfiles\Java\lib\zi\America\Indiana\Winamac
c:\commonfiles\Java\lib\zi\America\Inuvik
c:\commonfiles\Java\lib\zi\America\Iqaluit
c:\commonfiles\Java\lib\zi\America\Jamaica
c:\commonfiles\Java\lib\zi\America\Juneau
c:\commonfiles\Java\lib\zi\America\Kentucky\Louisville
c:\commonfiles\Java\lib\zi\America\Kentucky\Monticello
c:\commonfiles\Java\lib\zi\America\La_Paz
c:\commonfiles\Java\lib\zi\America\Lima
c:\commonfiles\Java\lib\zi\America\Los_Angeles
c:\commonfiles\Java\lib\zi\America\Maceio
c:\commonfiles\Java\lib\zi\America\Managua
c:\commonfiles\Java\lib\zi\America\Manaus
c:\commonfiles\Java\lib\zi\America\Martinique
c:\commonfiles\Java\lib\zi\America\Matamoros
c:\commonfiles\Java\lib\zi\America\Mazatlan
c:\commonfiles\Java\lib\zi\America\Menominee
c:\commonfiles\Java\lib\zi\America\Merida
c:\commonfiles\Java\lib\zi\America\Mexico_City
c:\commonfiles\Java\lib\zi\America\Miquelon
c:\commonfiles\Java\lib\zi\America\Moncton
c:\commonfiles\Java\lib\zi\America\Monterrey
c:\commonfiles\Java\lib\zi\America\Montevideo
c:\commonfiles\Java\lib\zi\America\Montreal
c:\commonfiles\Java\lib\zi\America\Montserrat
c:\commonfiles\Java\lib\zi\America\Nassau
c:\commonfiles\Java\lib\zi\America\New_York
c:\commonfiles\Java\lib\zi\America\Nipigon
c:\commonfiles\Java\lib\zi\America\Nome
c:\commonfiles\Java\lib\zi\America\Noronha
c:\commonfiles\Java\lib\zi\America\North_Dakota\Beulah
c:\commonfiles\Java\lib\zi\America\North_Dakota\Center
c:\commonfiles\Java\lib\zi\America\North_Dakota\New_Salem
c:\commonfiles\Java\lib\zi\America\Ojinaga
c:\commonfiles\Java\lib\zi\America\Panama
c:\commonfiles\Java\lib\zi\America\Pangnirtung
c:\commonfiles\Java\lib\zi\America\Paramaribo
c:\commonfiles\Java\lib\zi\America\Phoenix
c:\commonfiles\Java\lib\zi\America\Port-au-Prince
c:\commonfiles\Java\lib\zi\America\Port_of_Spain
c:\commonfiles\Java\lib\zi\America\Porto_Velho
c:\commonfiles\Java\lib\zi\America\Puerto_Rico
c:\commonfiles\Java\lib\zi\America\Rainy_River
c:\commonfiles\Java\lib\zi\America\Rankin_Inlet
c:\commonfiles\Java\lib\zi\America\Recife
c:\commonfiles\Java\lib\zi\America\Regina
c:\commonfiles\Java\lib\zi\America\Resolute
c:\commonfiles\Java\lib\zi\America\Rio_Branco
c:\commonfiles\Java\lib\zi\America\Santa_Isabel
c:\commonfiles\Java\lib\zi\America\Santarem
c:\commonfiles\Java\lib\zi\America\Santiago
c:\commonfiles\Java\lib\zi\America\Santo_Domingo
c:\commonfiles\Java\lib\zi\America\Sao_Paulo
c:\commonfiles\Java\lib\zi\America\Scoresbysund
c:\commonfiles\Java\lib\zi\America\St_Johns
c:\commonfiles\Java\lib\zi\America\St_Kitts
c:\commonfiles\Java\lib\zi\America\St_Lucia
c:\commonfiles\Java\lib\zi\America\St_Thomas
c:\commonfiles\Java\lib\zi\America\St_Vincent
c:\commonfiles\Java\lib\zi\America\Swift_Current
c:\commonfiles\Java\lib\zi\America\Tegucigalpa
c:\commonfiles\Java\lib\zi\America\Thule
c:\commonfiles\Java\lib\zi\America\Thunder_Bay
c:\commonfiles\Java\lib\zi\America\Tijuana
c:\commonfiles\Java\lib\zi\America\Toronto
c:\commonfiles\Java\lib\zi\America\Tortola
c:\commonfiles\Java\lib\zi\America\Vancouver
c:\commonfiles\Java\lib\zi\America\Whitehorse
c:\commonfiles\Java\lib\zi\America\Winnipeg
c:\commonfiles\Java\lib\zi\America\Yakutat
c:\commonfiles\Java\lib\zi\America\Yellowknife
c:\commonfiles\Java\lib\zi\Antarctica\Casey
c:\commonfiles\Java\lib\zi\Antarctica\Davis
c:\commonfiles\Java\lib\zi\Antarctica\DumontDUrville
c:\commonfiles\Java\lib\zi\Antarctica\Macquarie
c:\commonfiles\Java\lib\zi\Antarctica\Mawson
c:\commonfiles\Java\lib\zi\Antarctica\McMurdo
c:\commonfiles\Java\lib\zi\Antarctica\Palmer
c:\commonfiles\Java\lib\zi\Antarctica\Rothera
c:\commonfiles\Java\lib\zi\Antarctica\Syowa
c:\commonfiles\Java\lib\zi\Antarctica\Vostok
c:\commonfiles\Java\lib\zi\Asia\Aden
c:\commonfiles\Java\lib\zi\Asia\Almaty
c:\commonfiles\Java\lib\zi\Asia\Amman
c:\commonfiles\Java\lib\zi\Asia\Anadyr
c:\commonfiles\Java\lib\zi\Asia\Aqtau
c:\commonfiles\Java\lib\zi\Asia\Aqtobe
c:\commonfiles\Java\lib\zi\Asia\Ashgabat
c:\commonfiles\Java\lib\zi\Asia\Baghdad
c:\commonfiles\Java\lib\zi\Asia\Bahrain
c:\commonfiles\Java\lib\zi\Asia\Baku
c:\commonfiles\Java\lib\zi\Asia\Bangkok
c:\commonfiles\Java\lib\zi\Asia\Beirut
c:\commonfiles\Java\lib\zi\Asia\Bishkek
c:\commonfiles\Java\lib\zi\Asia\Brunei
c:\commonfiles\Java\lib\zi\Asia\Colombo
c:\commonfiles\Java\lib\zi\Asia\Damascus
c:\commonfiles\Java\lib\zi\Asia\Dhaka
c:\commonfiles\Java\lib\zi\Asia\Dili
c:\commonfiles\Java\lib\zi\Asia\Dubai
c:\commonfiles\Java\lib\zi\Asia\Dushanbe
c:\commonfiles\Java\lib\zi\Asia\Gaza
c:\commonfiles\Java\lib\zi\Asia\Harbin
c:\commonfiles\Java\lib\zi\Asia\Ho_Chi_Minh
c:\commonfiles\Java\lib\zi\Asia\Hong_Kong
c:\commonfiles\Java\lib\zi\Asia\Hovd
c:\commonfiles\Java\lib\zi\Asia\Choibalsan
c:\commonfiles\Java\lib\zi\Asia\Chongqing
c:\commonfiles\Java\lib\zi\Asia\Irkutsk
c:\commonfiles\Java\lib\zi\Asia\Jakarta
c:\commonfiles\Java\lib\zi\Asia\Jayapura
c:\commonfiles\Java\lib\zi\Asia\Jerusalem
c:\commonfiles\Java\lib\zi\Asia\Kabul
c:\commonfiles\Java\lib\zi\Asia\Kamchatka
c:\commonfiles\Java\lib\zi\Asia\Karachi
c:\commonfiles\Java\lib\zi\Asia\Kashgar
c:\commonfiles\Java\lib\zi\Asia\Kathmandu
c:\commonfiles\Java\lib\zi\Asia\Kolkata
c:\commonfiles\Java\lib\zi\Asia\Krasnoyarsk
c:\commonfiles\Java\lib\zi\Asia\Kuala_Lumpur
c:\commonfiles\Java\lib\zi\Asia\Kuching
c:\commonfiles\Java\lib\zi\Asia\Kuwait
c:\commonfiles\Java\lib\zi\Asia\Macau
c:\commonfiles\Java\lib\zi\Asia\Magadan
c:\commonfiles\Java\lib\zi\Asia\Makassar
c:\commonfiles\Java\lib\zi\Asia\Manila
c:\commonfiles\Java\lib\zi\Asia\Muscat
c:\commonfiles\Java\lib\zi\Asia\Nicosia
c:\commonfiles\Java\lib\zi\Asia\Novokuznetsk
c:\commonfiles\Java\lib\zi\Asia\Novosibirsk
c:\commonfiles\Java\lib\zi\Asia\Omsk
c:\commonfiles\Java\lib\zi\Asia\Oral
c:\commonfiles\Java\lib\zi\Asia\Phnom_Penh
c:\commonfiles\Java\lib\zi\Asia\Pontianak
c:\commonfiles\Java\lib\zi\Asia\Pyongyang
c:\commonfiles\Java\lib\zi\Asia\Qatar
c:\commonfiles\Java\lib\zi\Asia\Qyzylorda
c:\commonfiles\Java\lib\zi\Asia\Rangoon
c:\commonfiles\Java\lib\zi\Asia\Riyadh
c:\commonfiles\Java\lib\zi\Asia\Riyadh87
c:\commonfiles\Java\lib\zi\Asia\Riyadh88
c:\commonfiles\Java\lib\zi\Asia\Riyadh89
c:\commonfiles\Java\lib\zi\Asia\Sakhalin
c:\commonfiles\Java\lib\zi\Asia\Samarkand
c:\commonfiles\Java\lib\zi\Asia\Seoul
c:\commonfiles\Java\lib\zi\Asia\Shanghai
c:\commonfiles\Java\lib\zi\Asia\Singapore
c:\commonfiles\Java\lib\zi\Asia\Taipei
c:\commonfiles\Java\lib\zi\Asia\Tashkent
c:\commonfiles\Java\lib\zi\Asia\Tbilisi
c:\commonfiles\Java\lib\zi\Asia\Tehran
c:\commonfiles\Java\lib\zi\Asia\Thimphu
c:\commonfiles\Java\lib\zi\Asia\Tokyo
c:\commonfiles\Java\lib\zi\Asia\Ulaanbaatar
c:\commonfiles\Java\lib\zi\Asia\Urumqi
c:\commonfiles\Java\lib\zi\Asia\Vientiane
c:\commonfiles\Java\lib\zi\Asia\Vladivostok
c:\commonfiles\Java\lib\zi\Asia\Yakutsk
c:\commonfiles\Java\lib\zi\Asia\Yekaterinburg
c:\commonfiles\Java\lib\zi\Asia\Yerevan
c:\commonfiles\Java\lib\zi\Atlantic\Azores
c:\commonfiles\Java\lib\zi\Atlantic\Bermuda
c:\commonfiles\Java\lib\zi\Atlantic\Canary
c:\commonfiles\Java\lib\zi\Atlantic\Cape_Verde
c:\commonfiles\Java\lib\zi\Atlantic\Faroe
c:\commonfiles\Java\lib\zi\Atlantic\Madeira
c:\commonfiles\Java\lib\zi\Atlantic\Reykjavik
c:\commonfiles\Java\lib\zi\Atlantic\South_Georgia
c:\commonfiles\Java\lib\zi\Atlantic\St_Helena
c:\commonfiles\Java\lib\zi\Atlantic\Stanley
c:\commonfiles\Java\lib\zi\Australia\Adelaide
c:\commonfiles\Java\lib\zi\Australia\Brisbane
c:\commonfiles\Java\lib\zi\Australia\Broken_Hill
c:\commonfiles\Java\lib\zi\Australia\Currie
c:\commonfiles\Java\lib\zi\Australia\Darwin
c:\commonfiles\Java\lib\zi\Australia\Eucla
c:\commonfiles\Java\lib\zi\Australia\Hobart
c:\commonfiles\Java\lib\zi\Australia\Lindeman
c:\commonfiles\Java\lib\zi\Australia\Lord_Howe
c:\commonfiles\Java\lib\zi\Australia\Melbourne
c:\commonfiles\Java\lib\zi\Australia\Perth
c:\commonfiles\Java\lib\zi\Australia\Sydney
c:\commonfiles\Java\lib\zi\CET
c:\commonfiles\Java\lib\zi\CST6CDT
c:\commonfiles\Java\lib\zi\EET
c:\commonfiles\Java\lib\zi\EST
c:\commonfiles\Java\lib\zi\EST5EDT
c:\commonfiles\Java\lib\zi\Etc\GMT-1
c:\commonfiles\Java\lib\zi\Etc\GMT-10
c:\commonfiles\Java\lib\zi\Etc\GMT-11
c:\commonfiles\Java\lib\zi\Etc\GMT-12
c:\commonfiles\Java\lib\zi\Etc\GMT-13
c:\commonfiles\Java\lib\zi\Etc\GMT-14
c:\commonfiles\Java\lib\zi\Etc\GMT-2
c:\commonfiles\Java\lib\zi\Etc\GMT-3
c:\commonfiles\Java\lib\zi\Etc\GMT-4
c:\commonfiles\Java\lib\zi\Etc\GMT-5
c:\commonfiles\Java\lib\zi\Etc\GMT-6
c:\commonfiles\Java\lib\zi\Etc\GMT-7
c:\commonfiles\Java\lib\zi\Etc\GMT-8
c:\commonfiles\Java\lib\zi\Etc\GMT-9
c:\commonfiles\Java\lib\zi\Etc\GMT
c:\commonfiles\Java\lib\zi\Etc\GMT+1
c:\commonfiles\Java\lib\zi\Etc\GMT+10
c:\commonfiles\Java\lib\zi\Etc\GMT+11
c:\commonfiles\Java\lib\zi\Etc\GMT+12
c:\commonfiles\Java\lib\zi\Etc\GMT+2
c:\commonfiles\Java\lib\zi\Etc\GMT+3
c:\commonfiles\Java\lib\zi\Etc\GMT+4
c:\commonfiles\Java\lib\zi\Etc\GMT+5
c:\commonfiles\Java\lib\zi\Etc\GMT+6
c:\commonfiles\Java\lib\zi\Etc\GMT+7
c:\commonfiles\Java\lib\zi\Etc\GMT+8
c:\commonfiles\Java\lib\zi\Etc\GMT+9
c:\commonfiles\Java\lib\zi\Etc\UCT
c:\commonfiles\Java\lib\zi\Etc\UTC
c:\commonfiles\Java\lib\zi\Europe\Amsterdam
c:\commonfiles\Java\lib\zi\Europe\Andorra
c:\commonfiles\Java\lib\zi\Europe\Athens
c:\commonfiles\Java\lib\zi\Europe\Belgrade
c:\commonfiles\Java\lib\zi\Europe\Berlin
c:\commonfiles\Java\lib\zi\Europe\Brussels
c:\commonfiles\Java\lib\zi\Europe\Budapest
c:\commonfiles\Java\lib\zi\Europe\Bucharest
c:\commonfiles\Java\lib\zi\Europe\Copenhagen
c:\commonfiles\Java\lib\zi\Europe\Dublin
c:\commonfiles\Java\lib\zi\Europe\Gibraltar
c:\commonfiles\Java\lib\zi\Europe\Helsinki
c:\commonfiles\Java\lib\zi\Europe\Chisinau
c:\commonfiles\Java\lib\zi\Europe\Istanbul
c:\commonfiles\Java\lib\zi\Europe\Kaliningrad
c:\commonfiles\Java\lib\zi\Europe\Kiev
c:\commonfiles\Java\lib\zi\Europe\Lisbon
c:\commonfiles\Java\lib\zi\Europe\London
c:\commonfiles\Java\lib\zi\Europe\Luxembourg
c:\commonfiles\Java\lib\zi\Europe\Madrid
c:\commonfiles\Java\lib\zi\Europe\Malta
c:\commonfiles\Java\lib\zi\Europe\Minsk
c:\commonfiles\Java\lib\zi\Europe\Monaco
c:\commonfiles\Java\lib\zi\Europe\Moscow
c:\commonfiles\Java\lib\zi\Europe\Oslo
c:\commonfiles\Java\lib\zi\Europe\Paris
c:\commonfiles\Java\lib\zi\Europe\Prague
c:\commonfiles\Java\lib\zi\Europe\Riga
c:\commonfiles\Java\lib\zi\Europe\Rome
c:\commonfiles\Java\lib\zi\Europe\Samara
c:\commonfiles\Java\lib\zi\Europe\Simferopol
c:\commonfiles\Java\lib\zi\Europe\Sofia
c:\commonfiles\Java\lib\zi\Europe\Stockholm
c:\commonfiles\Java\lib\zi\Europe\Tallinn
c:\commonfiles\Java\lib\zi\Europe\Tirane
c:\commonfiles\Java\lib\zi\Europe\Uzhgorod
c:\commonfiles\Java\lib\zi\Europe\Vaduz
c:\commonfiles\Java\lib\zi\Europe\Vienna
c:\commonfiles\Java\lib\zi\Europe\Vilnius
c:\commonfiles\Java\lib\zi\Europe\Volgograd
c:\commonfiles\Java\lib\zi\Europe\Warsaw
c:\commonfiles\Java\lib\zi\Europe\Zaporozhye
c:\commonfiles\Java\lib\zi\Europe\Zurich
c:\commonfiles\Java\lib\zi\GMT
c:\commonfiles\Java\lib\zi\HST
c:\commonfiles\Java\lib\zi\Indian\Antananarivo
c:\commonfiles\Java\lib\zi\Indian\Cocos
c:\commonfiles\Java\lib\zi\Indian\Comoro
c:\commonfiles\Java\lib\zi\Indian\Chagos
c:\commonfiles\Java\lib\zi\Indian\Christmas
c:\commonfiles\Java\lib\zi\Indian\Kerguelen
c:\commonfiles\Java\lib\zi\Indian\Mahe
c:\commonfiles\Java\lib\zi\Indian\Maldives
c:\commonfiles\Java\lib\zi\Indian\Mauritius
c:\commonfiles\Java\lib\zi\Indian\Mayotte
c:\commonfiles\Java\lib\zi\Indian\Reunion
c:\commonfiles\Java\lib\zi\MET
c:\commonfiles\Java\lib\zi\MST
c:\commonfiles\Java\lib\zi\MST7MDT
c:\commonfiles\Java\lib\zi\Pacific\Apia
c:\commonfiles\Java\lib\zi\Pacific\Auckland
c:\commonfiles\Java\lib\zi\Pacific\Easter
c:\commonfiles\Java\lib\zi\Pacific\Efate
c:\commonfiles\Java\lib\zi\Pacific\Enderbury
c:\commonfiles\Java\lib\zi\Pacific\Fakaofo
c:\commonfiles\Java\lib\zi\Pacific\Fiji
c:\commonfiles\Java\lib\zi\Pacific\Funafuti
c:\commonfiles\Java\lib\zi\Pacific\Galapagos
c:\commonfiles\Java\lib\zi\Pacific\Gambier
c:\commonfiles\Java\lib\zi\Pacific\Guadalcanal
c:\commonfiles\Java\lib\zi\Pacific\Guam
c:\commonfiles\Java\lib\zi\Pacific\Honolulu
c:\commonfiles\Java\lib\zi\Pacific\Chatham
c:\commonfiles\Java\lib\zi\Pacific\Chuuk
c:\commonfiles\Java\lib\zi\Pacific\Johnston
c:\commonfiles\Java\lib\zi\Pacific\Kiritimati
c:\commonfiles\Java\lib\zi\Pacific\Kosrae
c:\commonfiles\Java\lib\zi\Pacific\Kwajalein
c:\commonfiles\Java\lib\zi\Pacific\Majuro
c:\commonfiles\Java\lib\zi\Pacific\Marquesas
c:\commonfiles\Java\lib\zi\Pacific\Midway
c:\commonfiles\Java\lib\zi\Pacific\Nauru
c:\commonfiles\Java\lib\zi\Pacific\Niue
c:\commonfiles\Java\lib\zi\Pacific\Norfolk
c:\commonfiles\Java\lib\zi\Pacific\Noumea
c:\commonfiles\Java\lib\zi\Pacific\Pago_Pago
c:\commonfiles\Java\lib\zi\Pacific\Palau
c:\commonfiles\Java\lib\zi\Pacific\Pitcairn
c:\commonfiles\Java\lib\zi\Pacific\Pohnpei
c:\commonfiles\Java\lib\zi\Pacific\Port_Moresby
c:\commonfiles\Java\lib\zi\Pacific\Rarotonga
c:\commonfiles\Java\lib\zi\Pacific\Saipan
c:\commonfiles\Java\lib\zi\Pacific\Tahiti
c:\commonfiles\Java\lib\zi\Pacific\Tarawa
c:\commonfiles\Java\lib\zi\Pacific\Tongatapu
c:\commonfiles\Java\lib\zi\Pacific\Wake
c:\commonfiles\Java\lib\zi\Pacific\Wallis
c:\commonfiles\Java\lib\zi\PST8PDT
c:\commonfiles\Java\lib\zi\SystemV\AST4
c:\commonfiles\Java\lib\zi\SystemV\AST4ADT
c:\commonfiles\Java\lib\zi\SystemV\CST6
c:\commonfiles\Java\lib\zi\SystemV\CST6CDT
c:\commonfiles\Java\lib\zi\SystemV\EST5
c:\commonfiles\Java\lib\zi\SystemV\EST5EDT
c:\commonfiles\Java\lib\zi\SystemV\HST10
c:\commonfiles\Java\lib\zi\SystemV\MST7
c:\commonfiles\Java\lib\zi\SystemV\MST7MDT
c:\commonfiles\Java\lib\zi\SystemV\PST8
c:\commonfiles\Java\lib\zi\SystemV\PST8PDT
c:\commonfiles\Java\lib\zi\SystemV\YST9
c:\commonfiles\Java\lib\zi\SystemV\YST9YDT
c:\commonfiles\Java\lib\zi\WET
c:\commonfiles\Java\lib\zi\ZoneInfoMappings
c:\commonfiles\Java\LICENSE
c:\commonfiles\Java\LICENSE.txt
c:\commonfiles\Java\Other\Source\PluginEULA.rtf
c:\commonfiles\Java\Other\Source\plugininstaller.ini
c:\commonfiles\Java\README.txt
c:\commonfiles\Java\THIRDPARTYLICENSEREADME.txt
c:\commonfiles\Java\Welcome.html
c:\documents and settings\Lucka\Data aplikací\javaw.exe
c:\documents and settings\Lucka\Recent\desktop_67729522.ico
c:\windows\system32\detoured.dll
c:\windows\system32\Thumbs.db
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-11 do 2011-07-11 )))))))))))))))))))))))))))))))
.
.
2011-07-11 14:26 . 2011-07-11 14:26 -------- d-----w- c:\windows\LastGood
2011-07-10 18:43 . 2011-07-11 14:27 -------- d-----w- c:\program files\trend micro
2011-07-10 18:43 . 2011-07-10 18:43 -------- d-----w- C:\rsit
2011-07-10 15:15 . 2011-07-10 15:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-07-10 15:15 . 2011-07-10 15:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-07-07 16:16 . 2011-07-07 19:06 -------- d-----w- c:\program files\EA GAMES
2011-07-07 16:16 . 2004-08-18 08:34 442368 ----a-r- c:\windows\system32\vp6vfw.dll
2011-07-05 17:30 . 2011-07-05 17:55 -------- d-----w- c:\program files\ICE-Land2
2011-07-05 16:37 . 2011-07-05 16:37 -------- d-----w- c:\program files\directx
2011-07-05 16:37 . 2011-07-05 16:37 -------- d-----w- c:\windows\AM
2011-07-05 16:37 . 2011-07-05 16:37 -------- d-----w- c:\program files\Mýty a legendy
2011-07-01 17:03 . 2011-06-06 16:23 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-06-23 04:28 . 2011-06-23 04:28 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-06-23 04:28 . 2011-06-23 04:28 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-06-17 21:24 . 2011-06-18 08:43 -------- d-----w- c:\windows\SxsCaPendDel
2011-06-17 12:16 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-18 09:01 . 2011-05-27 10:42 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 16:29 . 2010-12-18 18:35 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-05-02 15:32 . 2010-09-30 15:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2006-03-02 12:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:52 . 2011-04-29 16:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-29 16:52 . 2011-04-29 16:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-29 16:19 . 2006-03-02 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:06 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:06 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:06 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2006-03-02 12:00 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-06-23 04:28 . 2011-04-23 07:54 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2011-01-10 323392]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2011-01-31 703360]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-04-05 94208]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824]
"Persistence"="c:\windows\system32\igfxpers.exe" [2005-04-05 114688]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-01-07 111208]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-11-04 1753192]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-03-17 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
path=c:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\Windows Search.lnk
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2010-09-21 18:37 932288 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
2010-03-13 12:54 91520 ----a-w- c:\program files\Microsoft Office\Office14\BCSSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-05-08 14:24 54840 -c--a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
2005-04-08 17:37 7081984 ----a-w- c:\program files\Intel Audio Studio\IntelAudioStudio.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 09:50 155648 -c--a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-17 19:53 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
2003-10-31 17:42 32768 -c--a-w- c:\program files\CyberLink\PowerDVD\PDVDServ.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2009-11-20 08:17 434176 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"tsnp325"=c:\windows\tsnp325.exe
"snp325"=c:\windows\vsnp325.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [29.3.2011 21:12 47616]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [6.6.2011 18:26 1524544]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29.9.2009 8:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29.9.2009 8:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29.9.2009 8:11 12928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [1.1.2004 1:42 100456]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [29.11.2010 20:27 10064]
R4 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys --> c:\windows\system32\DRIVERS\ehdrv.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [18.10.2010 19:53 90112]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [18.8.2005 1:00 7168]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [25.3.2010 10:25 30969208]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [1.1.2004 3:43 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [1.1.2004 3:43 8576]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [18.10.2010 19:21 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [18.10.2010 19:21 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [18.10.2010 19:21 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [18.10.2010 19:21 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [18.10.2010 19:21 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [18.10.2010 19:21 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [18.10.2010 19:21 109864]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys --> c:\windows\system32\DRIVERS\snp325.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://facebook.com/
IE: Download with FileServe Manager - c:\fileserve manager\GetUrl.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.161.254 81.19.33.2
FF - ProfilePath - c:\documents and settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\kofaa3ww.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - facebook.com
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
HKCU-Run-LG LinkAir - (no file)
HKLM-Run-FileServe Manager Task - c:\fileserve manager\FSStarter.exe
MSConfigStartUp-Google Update - c:\documents and settings\Lucka\Local Settings\Data aplikací\Google\Update\GoogleUpdate.exe
MSConfigStartUp-Skype - c:\program files\Skype\Phone\Skype.exe
HKLM_ActiveSetup-{97702F2v-220Y-2vE0-YY39-E9G92219MM5} - c:\documents and settings\Lucka\Data aplikací\javaw.exe
AddRemove-TNod - c:\program files\TNod User & Password Finder\uninst-TNod.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-11 17:08
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
.
Celkový čas: 2011-07-11 17:10:27
ComboFix-quarantined-files.txt 2011-07-11 15:10
.
Před spuštěním: 5 790 806 016
Po spuštění: 5 830 488 064
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /TUTag=WSIEK3 /Kernel=TUKernel.exe
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition (TuneUp Backup)" /noexecute=optin /fastdetect /TUTag=WSIEK3-BAK
.
- - End Of File - - BA90306284DF87787C8536E390D93206
Nahoru
newim123
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 10 črc 2011 16:25

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#11 Příspěvek od newim123 »

nahral jsem ten virus na virustotal a tohle to napsalo :)
http://www.virustotal.com/file-scan/rep ... 1310335843
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#12 Příspěvek od chodnik74 »

Kdo vám poradil Combofix?

:arrow: Nebezpeči Combofixu
  • Program je primárně určený pro rádce,takže svévolným použitím ztrácíte nárok na pomoc
  • Maže stopy po veškeré havěti,takže když ho použijete sami,tak v RSITU nic nejde vidět
  • Výsledný log je potřeba doluštit a dočistit,protože Combofix neumí mazat vše
  • Combofix může mít chybu,zboří vám systém a pokud nevíte,kam ukládá své zálohy a jak je obnovit,tak vás čeká reinstall systému
  • Combofix nekontroluje důležité knihovny(například hall.dll)
:arrow: Odinstalujte Spybot - Search & Destroy a FileServe Manager (detekován jako havěť,pokud nutně používáte,tak nepokračujte dále,protože ve scriptu ho natvrdo odpalujeme,co neodinstalujete,zničí Combofix :D )


:arrow: Otevřeme si Poznámkový blok Obrázek
  • (stiskneme klávesovou kombinaci WIN+R a napíšeme ,,notepad,, bez úvozovek a dáme enter)
  • Vložíme do něj následující script:

    Kód: Vybrat vše

    KillAll::

Registry::
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaOviSuite2"=-
"DAEMON Tools Lite"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"=-
"IgfxTray"=-
"Persistence"=-
"NvMediaCenter"=-
"nwiz"=-
"SunJavaUpdateSched"=-
"QuickTime Task"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
""=-
"LG LinkAir"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{D5D47440-0750-463D-BAEF-A47D02414806}"=-
[-HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^HP Digital Imaging Monitor.lnk]
[-HKLM\~\startupfolder\C:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Windows Search.lnk]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelAudioStudio]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000001-AB3B-4334-9DA2-EC6B2A02AFC6}]

DDS::
IE: Download with FileServe Manager - c:\fileserve manager\GetUrl.htm

Folder::
C:\FileServe Manager\

Reboot::
  • Soubor uložíme na Plochu jako CFScript.txt
  • Poté tento soubor uchopíme levým tlačítkem myši a přetáhneme na ikonu Combofixu a upustíme

    Obrázek
  • Poté Combofix provede všechny operace a udělá nový log,který sem vložte
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
newim123
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 10 črc 2011 16:25

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#13 Příspěvek od newim123 »

ComboFix 11-07-11.02 - Lucka 11.07.2011 18:54:29.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1250.420.1029.18.2046.1501 [GMT 2:00]
Spuštěný z: c:\documents and settings\Lucka\Dokumenty\Stažené soubory\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Lucka\Plocha\CFScript.txt
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-06-11 do 2011-07-11 )))))))))))))))))))))))))))))))
.
.
2011-07-10 18:43 . 2011-07-11 14:27 -------- d-----w- c:\program files\trend micro
2011-07-10 18:43 . 2011-07-10 18:43 -------- d-----w- C:\rsit
2011-07-10 15:15 . 2011-07-10 15:20 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Spybot - Search & Destroy
2011-07-10 15:15 . 2011-07-10 15:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-07-07 16:16 . 2011-07-07 19:06 -------- d-----w- c:\program files\EA GAMES
2011-07-07 16:16 . 2004-08-18 08:34 442368 ----a-r- c:\windows\system32\vp6vfw.dll
2011-07-05 17:30 . 2011-07-05 17:55 -------- d-----w- c:\program files\ICE-Land2
2011-07-05 16:37 . 2011-07-05 16:37 -------- d-----w- c:\program files\directx
2011-07-05 16:37 . 2011-07-05 16:37 -------- d-----w- c:\windows\AM
2011-07-05 16:37 . 2011-07-05 16:37 -------- d-----w- c:\program files\Mýty a legendy
2011-07-01 17:03 . 2011-06-06 16:23 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-06-23 04:28 . 2011-06-23 04:28 2106216 ----a-w- c:\program files\Mozilla Firefox\D3DCompiler_43.dll
2011-06-23 04:28 . 2011-06-23 04:28 1998168 ----a-w- c:\program files\Mozilla Firefox\d3dx9_43.dll
2011-06-17 21:24 . 2011-06-18 08:43 -------- d-----w- c:\windows\SxsCaPendDel
2011-06-17 12:16 . 2011-04-21 13:37 105472 -c----w- c:\windows\system32\dllcache\mup.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-18 09:01 . 2011-05-27 10:42 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-06-06 16:29 . 2010-12-18 18:35 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-05-02 15:32 . 2010-09-30 15:41 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-04-29 17:25 . 2006-03-02 12:00 151552 ----a-w- c:\windows\system32\schannel.dll
2011-04-29 16:52 . 2011-04-29 16:52 73728 ----a-w- c:\windows\system32\javacpl.cpl
2011-04-29 16:52 . 2011-04-29 16:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-04-29 16:19 . 2006-03-02 12:00 456320 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-04-25 16:06 . 2006-03-02 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2011-04-25 16:06 . 2006-03-02 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-04-25 16:06 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-04-25 12:01 . 2006-03-02 12:00 385024 ----a-w- c:\windows\system32\html.iec
2011-04-21 13:37 . 2006-03-02 12:00 105472 ----a-w- c:\windows\system32\drivers\mup.sys
2011-06-23 04:28 . 2011-04-23 07:54 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-07-11_15.08.24 )))))))))))))))))))))))))))))))))))))))))
.
+ 2011-07-11 16:59 . 2011-07-11 16:59 16384 c:\windows\temp\Perflib_Perfdata_24c.dat
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2011-01-10 323392]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-04-05 77824]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-01-07 13880424]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"tsnp325"=c:\windows\tsnp325.exe
"snp325"=c:\windows\vsnp325.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqcopy2.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\Common Files\\HP\\Digital Imaging\\Bin\\hpqPhotoCrm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgm.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqusgh.exe"=
"c:\\Program Files\\HP\\HP Software Update\\hpwucli.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\smart web printing\\SmartWebPrintExe.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version6\\TeamViewer_Service.exe"=
.
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R2 LGScsiCommandService;LG SCSI command service;c:\windows\system32\LGScsiCommandService.exe [29.3.2011 21:12 47616]
R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [18.10.2010 19:53 90112]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [6.6.2011 18:26 1524544]
R3 LgBttPort;LGE Bluetooth TransPort;c:\windows\system32\drivers\lgbtport.sys [29.9.2009 8:11 12160]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\drivers\lgbtbus.sys [29.9.2009 8:11 10496]
R3 LGVMODEM;LGE Virtual Modem;c:\windows\system32\drivers\lgvmodem.sys [29.9.2009 8:11 12928]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [1.1.2004 1:42 100456]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [29.11.2010 20:27 10064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18.3.2010 13:16 130384]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt [18.8.2005 1:00 7168]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [25.3.2010 10:25 30969208]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [1.1.2004 3:43 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [1.1.2004 3:43 8576]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [9.1.2010 21:37 4640000]
S3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\drivers\s1018bus.sys [18.10.2010 19:21 86824]
S3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\drivers\s1018mdfl.sys [18.10.2010 19:21 15016]
S3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\drivers\s1018mdm.sys [18.10.2010 19:21 114728]
S3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1018mgmt.sys [18.10.2010 19:21 106208]
S3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1018nd5.sys [18.10.2010 19:21 26024]
S3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\drivers\s1018obex.sys [18.10.2010 19:21 104744]
S3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1018unic.sys [18.10.2010 19:21 109864]
S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys --> c:\windows\system32\DRIVERS\snp325.sys [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18.3.2010 13:16 753504]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://facebook.com/
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.161.254 81.19.33.2
FF - ProfilePath - c:\documents and settings\Lucka\Data aplikací\Mozilla\Firefox\Profiles\kofaa3ww.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - facebook.com
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-07-11 18:59
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]
"ImagePath"="\??\c:\program files\Lavalys\EVEREST Home Edition\kerneld.wnt"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3700)
c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
c:\progra~1\MICROS~2\Office14\1029\GrooveIntlResource.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\nvsvc32.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\igfxsrvc.exe
.
**************************************************************************
.
Celkový čas: 2011-07-11 19:02:51 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-07-11 17:02
ComboFix2.txt 2011-07-11 15:10
.
Před spuštěním: 5 830 373 376
Po spuštění: 5 824 405 504
.
- - End Of File - - DE36254BE35203DEDEAEC74080907F0F
Nahoru
Uživatelský avatar
chodnik74
Přítel fóra
Přítel fóra
Příspěvky: 4975
Registrován: 13 zář 2010 21:30
Bydliště: Napajedla
Kontaktovat uživatele:
Kontaktovat uživatele chodnik74

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#14 Příspěvek od chodnik74 »

A porozhlédneme po havěti ;-)

:arrow: Malwarebytes' Anti-Malware Obrázek
  • Stáhneme,nainstalujeme a spustíme(pokud si nevíte rady jak,klikněte ZDE)
  • Vybereme Úplná kontrola a klikneme na tlačítko ProhledatObrázek
  • Program provede kontrolu počítače a na konci se vám objeví hláska,že bylo skenování dokončeno,tak potvrdíme tlačítkem OK
  • Objeví se vám log,který mi sem vložte
  • NIC NEMAZAT!!Program mívá občas falešné detekce,takže mazat budeme až po konzultaci :twisted:
Napiš mi: chodnik74@gmail.com nebo Obrázek

>RSIT<>MBAM<>VirusTotal

Doporučuji:Obrázek | Obrázek

:!: Postup si raději vícekrát přečtěte a v případě jakýchkoliv nejasností či pochybností se ptejte. ;-) Pokud máte infikovaný počítač nebo se nechová jako obvykle, tak si zálohujte všechny data a pozorně postupujte dle pokynů rádce! :!:

:!: Nepoužívejte utilitu Combofix bez dohledu a doporučení rádce!

:idea: Jste s naší pomocí spokojeni :???: Neváhejte a podpořte forum ZDE.

Pravidla fora: č.1 a č.2
Nahoru
newim123
Návštěvník
Návštěvník
Příspěvky: 13
Registrován: 10 črc 2011 16:25

Re: Vir hledal v historii prohlizece a smazal za sebou stopy

#15 Příspěvek od newim123 »

Malwarebytes' Anti-Malware
www.malwarebytes.org

Verze databáze:

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

11.7.2011 20:52:21
mbam-log-2011-07-11 (20-52-18).txt

Typ: Úplná kontrola (C:\|D:\|)
Kontrolované objekty: 240661
Uplynulý čas: 48 minut, 17 sekund

Infikované procesy v paměti: 0
Infikované moduly v paměti: 0
Infikované klíče v registru: 0
Infikované hodnoty v registru: 0
Infikované datové položky v registru: 0
Infikované složky: 0
Infikované soubory: 1

Infikované procesy v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované hodnoty v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované datové položky v registru:
(Žádné škodlivé položky nebyly zjištěny)

Infikované složky:
(Žádné škodlivé položky nebyly zjištěny)

Infikované soubory:
c:\program files\Mirillis\splash pro\splash.pro.1.6.0-res-patch.exe (RiskWare.Tool.CK) -> No action taken.
a smazal jsem to byl to patch na prehravac jinak ted mi malware zakazal odchozi IP adresu ktera asi patrila viru
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“