svchost.exe zabírá 95-98% CPU + nejde mi udělat log

[radak]

ComboFix 11-04-11.01 - Radka 11.04.2011 22:01:34.1.1 - x86
Spuštěný z: c:\documents and settings\Radka\Plocha\ComboFix.exe
AV: Eset NOD32 Antivirus 2.70 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Radka\Data aplikací\.#
c:\documents and settings\Radka\Data aplikací\Island
c:\documents and settings\Radka\Data aplikací\Island\space.rgt
c:\documents and settings\Radka\WINDOWS
c:\program files\Gomez
c:\program files\Gomez\GomezPEER\agents\agents.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\image\gozilla.zip
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\.autoreg
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\AccessibleMarshal.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\application.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\blocklist.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\browserconfig.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutCertError.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutPrivateBrowsing.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutRights.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutRobots.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\aboutSessionRestore.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\browserdirprovider.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\brwsrcmp.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\FeedConverter.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\FeedProcessor.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\FeedWriter.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\flashplayer.xpt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\fuelApplication.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\gomezplugin.xpt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\jsconsole-clhandler.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\NetworkGeolocationProvider.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsAddonRepository.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsBadCertHandler.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsBlocklistService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsBrowserContentHandler.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsBrowserGlue.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsContentDispatchChooser.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsContentPrefService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsDefaultCLH.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsDownloadManagerUI.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsExtensionManager.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsHandlerService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsHelperAppDlg.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsLivemarkService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsLoginInfo.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsLoginManager.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsLoginManagerPrompter.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsMicrosummaryService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsPlacesDBFlush.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsPlacesTransactionsService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsPostUpdateWin.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsPrivateBrowsingService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsProxyAutoConfig.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSafebrowsingApplication.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSearchService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSearchSuggestions.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSessionStartup.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSessionStore.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSetDefaultBrowser.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsSidebar.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsTaggingService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsTryToClose.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsUpdateService.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsUrlClassifierLib.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsUrlClassifierListManager.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsURLFormatter.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\nsWebHandlerApp.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\pluginGlue.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\storage-Legacy.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\storage-mozStorage.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\txEXSLTRegExFunctions.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\components\WebContentConverter.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\crashreporter-override.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\crashreporter.exe
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\crashreporter.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\autoconfig\platform.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\autoconfig\prefcalls.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\firefox-branding.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\firefox-l10n.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\firefox.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\channel-prefs.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\pref\reporter.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\bookmarks.html
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\chrome\userContent-example.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\chrome\userChrome-example.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\localstore.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\mimeTypes.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\defaults\profile\prefs.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\dictionaries\en-US.aff
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\dictionaries\en-US.dic
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\components\xhtmlmp-logging.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\components\xhtmlmp-multipartmixed-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\components\xhtmlmp-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\defaults\preferences\xhtmlmp.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\chrome.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\chrome\xhtmlmp.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\install.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{8ea9957e-2953-402f-80e0-bceb5f169d6f}\readme.txt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}\install.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\components\wml-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\defaults\preferences\prefs.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\chrome.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\chrome\wmlbrowser.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\install.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\{c4dc572a-3295-40eb-b30f-b54aa4cdc4b7}\install.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-alogger-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-cache-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-filter-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-prompt-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-psrbuilder-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-scoe-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-stats-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-utility-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\agent-visualresult-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\browser-monitor-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\gsl-converter-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\http-event-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsIFxAgent.xpt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsIMachineInfo.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsIMachineInfo.xpt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsITraceRoute.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\nsITraceRoute.xpt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\txn-executor.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\txn-server-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\components\zconsole-server-service.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\config\loggerConfig.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\chrome.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\chrome\gomezagent.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\install.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\beautify.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\gsl2shim.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\io.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\json2.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\psrtest.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\utils.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\version.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\extensions\gomezagent@gomez.com\modules\zipit.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\freebl3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\freebl3.chk
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\gomez-tools\awaitfile.exe
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\gomez-tools\gozilla-launch.cmd
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\gomez-tools\gozilla-provision-sa.cmd
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\gomez-tools\gozilla-provision.cmd
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\gozilla.exe
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\greprefs\all.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\greprefs\security-prefs.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\greprefs\xpinstall.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\browser.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\browser.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\classic.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\classic.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\comm.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\comm.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\en-US.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\en-US.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\pippki.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\pippki.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\reporter.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\reporter.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\toolkit.jar
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\chrome\toolkit.manifest
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\js3250.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\LICENSE
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\log4cplus.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\log4cplus.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\debug.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\distribution.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\DownloadLastDir.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\DownloadUtils.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\ISO8601DateUtils.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\Microformats.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\openLocationLastURL.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\PlacesDBUtils.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\PluralForm.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\SpatialNavigation.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\utils.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\WindowDraggingUtils.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\modules\XPCOMUtils.jsm
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\mozcrt19.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\nspr4.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\nss3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\nssckbi.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\nssdbm3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\nssdbm3.chk
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\nssutil3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\platform.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plc4.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plds4.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plugins\npgfp.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plugins\npgslp.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plugins\npnul32.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\plugins\NPSWF32.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\README.txt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\removed-files
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\arrow.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\arrowd.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\broken-image.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\contenteditable.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\designmode.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\dtd\mathml.dtd
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\dtd\xhtml11.dtd
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\EditorOverride.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\html40Latin1.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\html40Special.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\html40Symbols.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\htmlEntityVersions.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\mathml20.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\entityTables\transliterate.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfont.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontStandardSymbolsL.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontSTIXNonUnicode.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontSTIXSize1.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontSymbol.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\fonts\mathfontUnicode.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\forms.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\grabber.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\hiddenWindow.html
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\html.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\html\folder.png
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\charsetalias.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\charsetData.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\langGroups.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\language.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\loading-image.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\mathml.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\quirk.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\svg.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-after-active.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-after-hover.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-after.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-before-active.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-before-hover.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-column-before.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-after-active.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-after-hover.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-after.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-before-active.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-before-hover.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-add-row-before.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-column-active.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-column-hover.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-column.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-row-active.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-row-hover.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\table-remove-row.gif
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\ua.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\viewsource.css
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\res\wincharset.properties
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\amazondotcom.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\answers.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\creativecommons.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\eBay.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\google.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\wikipedia.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\searchplugins\yahoo.xml
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\smime3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\softokn3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\softokn3.chk
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\sqlite3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\ssl3.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\bookmarkbackups\bookmarks-2010-09-13.json
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\Cache\_CACHE_001_
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\Cache\_CACHE_002_
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\Cache\_CACHE_003_
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\Cache\_CACHE_MAP_
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\cert8.db
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\compatibility.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\compreg.dat
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\content-prefs.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\cookies.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\downloads.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\extensions.cache
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\extensions.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\extensions.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\formhistory.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\key3.db
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\localstore.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\mimeTypes.rdf
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\OfflineCache\index.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\permissions.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\places.sqlite-journal
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\places.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\prefs.js
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\profile.done
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\search.json
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\search.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\secmod.db
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\signons.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\webappsstore.sqlite
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\XPC.mfl
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\xpti.dat
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\agt_0_template\XUL.mfl
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\storage\FF35\log\agt-0-ga.log
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\uninstall\helper.exe
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\update.locale
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\updater.exe
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\updater.ini
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\version.txt
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\xpcom.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\xul.dll
c:\program files\Gomez\GomezPEER\agents\gozilla\runtime\zlib1.dll
c:\program files\Gomez\GomezPEER\bin\GomezPEER.exe
c:\program files\Gomez\GomezPEER\cache\params.xml
c:\program files\Gomez\GomezPEER\cache\Respawn.class
c:\program files\Gomez\GomezPEER\country_list.txt
c:\program files\Gomez\GomezPEER\decode.exe
c:\program files\Gomez\GomezPEER\getclean.exe
c:\program files\Gomez\GomezPEER\gomez.dat
c:\program files\Gomez\GomezPEER\gomez.dat.backup1
c:\program files\Gomez\GomezPEER\gomez.dat.backup2
c:\program files\Gomez\GomezPEER\gomez.dat.backup3
c:\program files\Gomez\GomezPEER\javparms.dat
c:\program files\Gomez\GomezPEER\jre\bin\attach.dll
c:\program files\Gomez\GomezPEER\jre\bin\awt.dll
c:\program files\Gomez\GomezPEER\jre\bin\axbridge.dll
c:\program files\Gomez\GomezPEER\jre\bin\client\classes.jsa
c:\program files\Gomez\GomezPEER\jre\bin\client\jvm.dll
c:\program files\Gomez\GomezPEER\jre\bin\client\Xusage.txt
c:\program files\Gomez\GomezPEER\jre\bin\cmm.dll
c:\program files\Gomez\GomezPEER\jre\bin\comfyj.lic
c:\program files\Gomez\GomezPEER\jre\bin\dcpr.dll
c:\program files\Gomez\GomezPEER\jre\bin\deploy.dll
c:\program files\Gomez\GomezPEER\jre\bin\dt_shmem.dll
c:\program files\Gomez\GomezPEER\jre\bin\dt_socket.dll
c:\program files\Gomez\GomezPEER\jre\bin\eula.dll
c:\program files\Gomez\GomezPEER\jre\bin\fontmanager.dll
c:\program files\Gomez\GomezPEER\jre\bin\hpi.dll
c:\program files\Gomez\GomezPEER\jre\bin\hprof.dll
c:\program files\Gomez\GomezPEER\jre\bin\ICE_JNIRegistry.dll
c:\program files\Gomez\GomezPEER\jre\bin\instrument.dll
c:\program files\Gomez\GomezPEER\jre\bin\ioser12.dll
c:\program files\Gomez\GomezPEER\jre\bin\j2pcsc.dll
c:\program files\Gomez\GomezPEER\jre\bin\j2pkcs11.dll
c:\program files\Gomez\GomezPEER\jre\bin\jaas_nt.dll
c:\program files\Gomez\GomezPEER\jre\bin\java-rmi.exe
c:\program files\Gomez\GomezPEER\jre\bin\java.dll
c:\program files\Gomez\GomezPEER\jre\bin\java.exe
c:\program files\Gomez\GomezPEER\jre\bin\java_crw_demo.dll
c:\program files\Gomez\GomezPEER\jre\bin\javacpl.cpl
c:\program files\Gomez\GomezPEER\jre\bin\javacpl.exe
c:\program files\Gomez\GomezPEER\jre\bin\javaw.exe
c:\program files\Gomez\GomezPEER\jre\bin\javaws.exe
c:\program files\Gomez\GomezPEER\jre\bin\jawt.dll
c:\program files\Gomez\GomezPEER\jre\bin\JdbcOdbc.dll
c:\program files\Gomez\GomezPEER\jre\bin\jdwp.dll
c:\program files\Gomez\GomezPEER\jre\bin\jexplorer.lic
c:\program files\Gomez\GomezPEER\jre\bin\jli.dll
c:\program files\Gomez\GomezPEER\jre\bin\jniwrap.dll
c:\program files\Gomez\GomezPEER\jre\bin\jniwrap.lic
c:\program files\Gomez\GomezPEER\jre\bin\jpeg.dll
c:\program files\Gomez\GomezPEER\jre\bin\jpicom.dll
c:\program files\Gomez\GomezPEER\jre\bin\jpiexp.dll
c:\program files\Gomez\GomezPEER\jre\bin\jpinscp.dll
c:\program files\Gomez\GomezPEER\jre\bin\jpioji.dll
c:\program files\Gomez\GomezPEER\jre\bin\jpishare.dll
c:\program files\Gomez\GomezPEER\jre\bin\jsound.dll
c:\program files\Gomez\GomezPEER\jre\bin\jsoundds.dll
c:\program files\Gomez\GomezPEER\jre\bin\jucheck.exe
c:\program files\Gomez\GomezPEER\jre\bin\jureg.exe
c:\program files\Gomez\GomezPEER\jre\bin\jusched.exe
c:\program files\Gomez\GomezPEER\jre\bin\keytool.exe
c:\program files\Gomez\GomezPEER\jre\bin\kinit.exe
c:\program files\Gomez\GomezPEER\jre\bin\klist.exe
c:\program files\Gomez\GomezPEER\jre\bin\ktab.exe
c:\program files\Gomez\GomezPEER\jre\bin\management.dll
c:\program files\Gomez\GomezPEER\jre\bin\Microsoft.VC80.CRT.manifest
c:\program files\Gomez\GomezPEER\jre\bin\msvcm80.dll
c:\program files\Gomez\GomezPEER\jre\bin\msvcp80.dll
c:\program files\Gomez\GomezPEER\jre\bin\msvcr71.dll
c:\program files\Gomez\GomezPEER\jre\bin\msvcr80.dll
c:\program files\Gomez\GomezPEER\jre\bin\net.dll
c:\program files\Gomez\GomezPEER\jre\bin\nio.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjava11.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjava12.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjava13.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjava14.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjava32.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjpi160.dll
c:\program files\Gomez\GomezPEER\jre\bin\npjpi160_03.dll
c:\program files\Gomez\GomezPEER\jre\bin\npoji610.dll
c:\program files\Gomez\GomezPEER\jre\bin\npt.dll
c:\program files\Gomez\GomezPEER\jre\bin\orbd.exe
c:\program files\Gomez\GomezPEER\jre\bin\pack200.exe
c:\program files\Gomez\GomezPEER\jre\bin\policytool.exe
c:\program files\Gomez\GomezPEER\jre\bin\porivonet.dll
c:\program files\Gomez\GomezPEER\jre\bin\PorivoProcess.dll
c:\program files\Gomez\GomezPEER\jre\bin\regutils.dll
c:\program files\Gomez\GomezPEER\jre\bin\rmi.dll
c:\program files\Gomez\GomezPEER\jre\bin\rmid.exe
c:\program files\Gomez\GomezPEER\jre\bin\rmiregistry.exe
c:\program files\Gomez\GomezPEER\jre\bin\server\jvm.dll
c:\program files\Gomez\GomezPEER\jre\bin\server\Xusage.txt
c:\program files\Gomez\GomezPEER\jre\bin\servertool.exe
c:\program files\Gomez\GomezPEER\jre\bin\splashscreen.dll
c:\program files\Gomez\GomezPEER\jre\bin\ssv.dll
c:\program files\Gomez\GomezPEER\jre\bin\sunmscapi.dll
c:\program files\Gomez\GomezPEER\jre\bin\SystemInfo.dll
c:\program files\Gomez\GomezPEER\jre\bin\tnameserv.exe
c:\program files\Gomez\GomezPEER\jre\bin\unicows.dll
c:\program files\Gomez\GomezPEER\jre\bin\unpack.dll
c:\program files\Gomez\GomezPEER\jre\bin\unpack200.exe
c:\program files\Gomez\GomezPEER\jre\bin\verify.dll
c:\program files\Gomez\GomezPEER\jre\bin\w2k_lsa_auth.dll
c:\program files\Gomez\GomezPEER\jre\bin\WinTimer.dll
c:\program files\Gomez\GomezPEER\jre\bin\wsdetect.dll
c:\program files\Gomez\GomezPEER\jre\bin\zip.dll
c:\program files\Gomez\GomezPEER\jre\COPYRIGHT
c:\program files\Gomez\GomezPEER\jre\lib\audio\soundbank.gm
c:\program files\Gomez\GomezPEER\jre\lib\calendars.properties
c:\program files\Gomez\GomezPEER\jre\lib\classlist
c:\program files\Gomez\GomezPEER\jre\lib\cmm\CIEXYZ.pf
c:\program files\Gomez\GomezPEER\jre\lib\cmm\GRAY.pf
c:\program files\Gomez\GomezPEER\jre\lib\cmm\LINEAR_RGB.pf
c:\program files\Gomez\GomezPEER\jre\lib\cmm\PYCC.pf
c:\program files\Gomez\GomezPEER\jre\lib\cmm\sRGB.pf
c:\program files\Gomez\GomezPEER\jre\lib\content-types.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy.jar
c:\program files\Gomez\GomezPEER\jre\lib\deploy\ffjcext.zip
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_de.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_es.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_fr.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_it.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_ja.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_ko.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_sv.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_zh_CN.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_zh_HK.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\messages_zh_TW.properties
c:\program files\Gomez\GomezPEER\jre\lib\deploy\splash.jpg
c:\program files\Gomez\GomezPEER\jre\lib\endorsed\xalan.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\commons-codec.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\commons-lang.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\css.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\dnsjava.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\dnsns.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\gomez-webcore.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\HeartBeatProject.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\jdom.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\JNIRegistry.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\jniwrap.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\js.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\jstools.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\Kernel.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\localedata.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\log4j.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\meta-index
c:\program files\Gomez\GomezPEER\jre\lib\ext\nekohtml.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\oro.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\peergui.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\PeerReviewProject.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\poi.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\porivo-agent.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\porivo-lib.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\porivo-modules.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\porivo-utils.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\sunjce_provider.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\sunmscapi.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\sunpkcs11.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\winpack.jar
c:\program files\Gomez\GomezPEER\jre\lib\ext\xerces.jar
c:\program files\Gomez\GomezPEER\jre\lib\flavormap.properties
c:\program files\Gomez\GomezPEER\jre\lib\fontconfig.98.bfc
c:\program files\Gomez\GomezPEER\jre\lib\fontconfig.98.properties.src
c:\program files\Gomez\GomezPEER\jre\lib\fontconfig.bfc
c:\program files\Gomez\GomezPEER\jre\lib\fontconfig.properties.src
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaBrightDemiBold.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaBrightDemiItalic.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaBrightItalic.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaBrightRegular.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaSansDemiBold.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaSansRegular.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaTypewriterBold.ttf
c:\program files\Gomez\GomezPEER\jre\lib\fonts\LucidaTypewriterRegular.ttf
c:\program files\Gomez\GomezPEER\jre\lib\charsets.jar
c:\program files\Gomez\GomezPEER\jre\lib\i386\jvm.cfg
c:\program files\Gomez\GomezPEER\jre\lib\im\indicim.jar
c:\program files\Gomez\GomezPEER\jre\lib\im\thaiim.jar
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\cursors.properties
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\invalid32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\win32_CopyDrop32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\win32_CopyNoDrop32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\win32_LinkDrop32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\win32_LinkNoDrop32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\win32_MoveDrop32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\images\cursors\win32_MoveNoDrop32x32.gif
c:\program files\Gomez\GomezPEER\jre\lib\javaws.jar
c:\program files\Gomez\GomezPEER\jre\lib\jce.jar
c:\program files\Gomez\GomezPEER\jre\lib\jsse.jar
c:\program files\Gomez\GomezPEER\jre\lib\jvm.hprof.txt
c:\program files\Gomez\GomezPEER\jre\lib\logging.properties
c:\program files\Gomez\GomezPEER\jre\lib\management-agent.jar
c:\program files\Gomez\GomezPEER\jre\lib\management\jmxremote.access
c:\program files\Gomez\GomezPEER\jre\lib\management\jmxremote.password.template
c:\program files\Gomez\GomezPEER\jre\lib\management\management.properties
c:\program files\Gomez\GomezPEER\jre\lib\management\snmp.acl.template
c:\program files\Gomez\GomezPEER\jre\lib\meta-index
c:\program files\Gomez\GomezPEER\jre\lib\net.properties
c:\program files\Gomez\GomezPEER\jre\lib\plugin.jar
c:\program files\Gomez\GomezPEER\jre\lib\psfont.properties.ja
c:\program files\Gomez\GomezPEER\jre\lib\psfontj2d.properties
c:\program files\Gomez\GomezPEER\jre\lib\resources.jar
c:\program files\Gomez\GomezPEER\jre\lib\rt.jar
c:\program files\Gomez\GomezPEER\jre\lib\security\cacerts
c:\program files\Gomez\GomezPEER\jre\lib\security\gsr.policy
c:\program files\Gomez\GomezPEER\jre\lib\security\java.policy
c:\program files\Gomez\GomezPEER\jre\lib\security\java.security
c:\program files\Gomez\GomezPEER\jre\lib\security\javaws.policy
c:\program files\Gomez\GomezPEER\jre\lib\security\local_policy.jar
c:\program files\Gomez\GomezPEER\jre\lib\security\US_export_policy.jar
c:\program files\Gomez\GomezPEER\jre\lib\sound.properties
c:\program files\Gomez\GomezPEER\jre\lib\tzmappings
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Abidjan
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Accra
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Addis_Ababa
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Algiers
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Asmara
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Asmera
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Bamako
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Bangui
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Banjul
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Bissau
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Blantyre
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Brazzaville
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Bujumbura
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Cairo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Casablanca
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Ceuta
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Conakry
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Dakar
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Dar_es_Salaam
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Djibouti
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Douala
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\El_Aaiun
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Freetown
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Gaborone
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Harare
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Johannesburg
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Kampala
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Khartoum
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Kigali
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Kinshasa
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Lagos
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Libreville
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Lome
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Luanda
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Lubumbashi
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Lusaka
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Malabo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Maputo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Maseru
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Mbabane
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Mogadishu
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Monrovia
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Nairobi
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Ndjamena
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Niamey
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Nouakchott
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Ouagadougou
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Porto-Novo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Sao_Tome
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Tripoli
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Tunis
c:\program files\Gomez\GomezPEER\jre\lib\zi\Africa\Windhoek
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Adak
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Anguilla
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Anchorage
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Antigua
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Araguaina
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Buenos_Aires
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Catamarca
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Cordoba
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Jujuy
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\La_Rioja
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Mendoza
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Rio_Gallegos
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\San_Juan
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Tucuman
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Argentina\Ushuaia
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Aruba
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Asuncion
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Atikokan
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Bahia
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Barbados
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Belem
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Belize
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Blanc-Sablon
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Boa_Vista
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Bogota
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Boise
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Cambridge_Bay
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Campo_Grande
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Cancun
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Caracas
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Cayenne
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Cayman
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Costa_Rica
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Cuiaba
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Curacao
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Danmarkshavn
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Dawson
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Dawson_Creek
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Denver
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Detroit
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Dominica
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Edmonton
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Eirunepe
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\El_Salvador
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Fortaleza
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Glace_Bay
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Godthab
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Goose_Bay
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Grand_Turk
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Grenada
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Guadeloupe
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Guatemala
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Guayaquil
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Guyana
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Halifax
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Havana
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Hermosillo
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Chicago
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Chihuahua
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Indianapolis
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Knox
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Marengo
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Petersburg
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Tell_City
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Vevay
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Vincennes
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Indiana\Winamac
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Inuvik
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Iqaluit
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Jamaica
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Juneau
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Kentucky\Louisville
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Kentucky\Monticello
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\La_Paz
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Lima
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Los_Angeles
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Maceio
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Managua
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Manaus
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Martinique
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Mazatlan
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Menominee
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Merida
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Mexico_City
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Miquelon
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Moncton
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Monterrey
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Montevideo
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Montreal
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Montserrat
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Nassau
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\New_York
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Nipigon
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Nome
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Noronha
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\North_Dakota\Center
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\North_Dakota\New_Salem
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Panama
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Pangnirtung
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Paramaribo
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Phoenix
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Port-au-Prince
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Port_of_Spain
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Porto_Velho
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Puerto_Rico
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Rainy_River
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Rankin_Inlet
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Recife
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Regina
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Resolute
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Rio_Branco
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Santiago
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Santo_Domingo
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Sao_Paulo
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Scoresbysund
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\St_Johns
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\St_Kitts
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\St_Lucia
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\St_Thomas
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\St_Vincent
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Swift_Current
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Tegucigalpa
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Thule
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Thunder_Bay
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Tijuana
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Toronto
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Tortola
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Vancouver
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Whitehorse
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Winnipeg
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Yakutat
c:\program files\Gomez\GomezPEER\jre\lib\zi\America\Yellowknife
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Casey
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Davis
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\DumontDUrville
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Mawson
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\McMurdo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Palmer
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Rothera
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Syowa
c:\program files\Gomez\GomezPEER\jre\lib\zi\Antarctica\Vostok
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Aden
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Almaty
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Amman
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Anadyr
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Aqtau
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Aqtobe
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Ashgabat
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Baghdad
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Bahrain
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Baku
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Bangkok
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Beirut
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Bishkek
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Brunei
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Calcutta
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Colombo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Damascus
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Dhaka
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Dili
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Dubai
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Dushanbe
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Gaza
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Harbin
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Hong_Kong
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Hovd
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Choibalsan
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Chongqing
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Irkutsk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Jakarta
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Jayapura
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Jerusalem
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Kabul
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Kamchatka
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Karachi
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Kashgar
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Katmandu
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Krasnoyarsk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Kuala_Lumpur
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Kuching
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Kuwait
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Macau
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Magadan
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Makassar
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Manila
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Muscat
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Nicosia
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Novosibirsk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Omsk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Oral
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Phnom_Penh
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Pontianak
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Pyongyang
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Qatar
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Qyzylorda
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Rangoon
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Riyadh
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Riyadh87
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Riyadh88
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Riyadh89
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Saigon
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Sakhalin
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Samarkand
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Seoul
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Shanghai
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Singapore
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Taipei
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Tashkent
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Tbilisi
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Tehran
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Thimphu
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Tokyo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Ulaanbaatar
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Urumqi
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Vientiane
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Vladivostok
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Yakutsk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Yekaterinburg
c:\program files\Gomez\GomezPEER\jre\lib\zi\Asia\Yerevan
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Azores
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Bermuda
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Canary
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Cape_Verde
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Faeroe
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Faroe
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Madeira
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Reykjavik
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\South_Georgia
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\St_Helena
c:\program files\Gomez\GomezPEER\jre\lib\zi\Atlantic\Stanley
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Adelaide
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Brisbane
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Broken_Hill
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Currie
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Darwin
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Eucla
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Hobart
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Lindeman
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Lord_Howe
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Melbourne
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Perth
c:\program files\Gomez\GomezPEER\jre\lib\zi\Australia\Sydney
c:\program files\Gomez\GomezPEER\jre\lib\zi\CET
c:\program files\Gomez\GomezPEER\jre\lib\zi\CST6CDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\EET
c:\program files\Gomez\GomezPEER\jre\lib\zi\EST
c:\program files\Gomez\GomezPEER\jre\lib\zi\EST5EDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-1
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-10
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-11
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-12
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-13
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-14
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-2
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-3
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-4
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-5
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-6
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-7
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-8
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT-9
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+1
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+10
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+11
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+12
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+2
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+3
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+4
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+5
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+6
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+7
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+8
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\GMT+9
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\UCT
c:\program files\Gomez\GomezPEER\jre\lib\zi\Etc\UTC
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Amsterdam
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Andorra
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Athens
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Belgrade
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Berlin
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Brussels
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Budapest
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Bucharest
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Copenhagen
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Dublin
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Gibraltar
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Helsinki
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Chisinau
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Istanbul
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Kaliningrad
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Kiev
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Lisbon
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\London
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Luxembourg
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Madrid
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Malta
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Minsk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Monaco
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Moscow
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Oslo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Paris
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Prague
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Riga
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Rome
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Samara
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Simferopol
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Sofia
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Stockholm
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Tallinn
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Tirane
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Uzhgorod
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Vaduz
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Vienna
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Vilnius
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Volgograd
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Warsaw
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Zaporozhye
c:\program files\Gomez\GomezPEER\jre\lib\zi\Europe\Zurich
c:\program files\Gomez\GomezPEER\jre\lib\zi\GMT
c:\program files\Gomez\GomezPEER\jre\lib\zi\HST
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Antananarivo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Cocos
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Comoro
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Chagos
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Christmas
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Kerguelen
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Mahe
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Maldives
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Mauritius
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Mayotte
c:\program files\Gomez\GomezPEER\jre\lib\zi\Indian\Reunion
c:\program files\Gomez\GomezPEER\jre\lib\zi\MET
c:\program files\Gomez\GomezPEER\jre\lib\zi\MST
c:\program files\Gomez\GomezPEER\jre\lib\zi\MST7MDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Apia
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Auckland
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Easter
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Efate
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Enderbury
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Fakaofo
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Fiji
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Funafuti
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Galapagos
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Gambier
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Guadalcanal
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Guam
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Honolulu
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Chatham
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Johnston
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Kiritimati
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Kosrae
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Kwajalein
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Majuro
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Marquesas
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Midway
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Nauru
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Niue
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Norfolk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Noumea
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Pago_Pago
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Palau
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Pitcairn
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Ponape
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Port_Moresby
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Rarotonga
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Saipan
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Tahiti
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Tarawa
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Tongatapu
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Truk
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Wake
c:\program files\Gomez\GomezPEER\jre\lib\zi\Pacific\Wallis
c:\program files\Gomez\GomezPEER\jre\lib\zi\PST8PDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\AST4
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\AST4ADT
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\CST6
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\CST6CDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\EST5
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\EST5EDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\HST10
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\MST7
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\MST7MDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\PST8
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\PST8PDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\YST9
c:\program files\Gomez\GomezPEER\jre\lib\zi\SystemV\YST9YDT
c:\program files\Gomez\GomezPEER\jre\lib\zi\WET
c:\program files\Gomez\GomezPEER\jre\lib\zi\ZoneInfoMappings
c:\program files\Gomez\GomezPEER\jre\LICENSE
c:\program files\Gomez\GomezPEER\jre\LICENSE.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_de.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_es.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_fr.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_it.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_ja.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_ko.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_sv.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_zh_CN.rtf
c:\program files\Gomez\GomezPEER\jre\LICENSE_zh_TW.rtf
c:\program files\Gomez\GomezPEER\jre\README.txt
c:\program files\Gomez\GomezPEER\jre\THIRDPARTYLICENSEREADME.txt
c:\program files\Gomez\GomezPEER\jre\Welcome.html
c:\program files\Gomez\GomezPEER\mname.ini
c:\program files\Gomez\GomezPEER\par2.exe
c:\program files\Gomez\GomezPEER\peer.log
c:\program files\Gomez\GomezPEER\ReadMe.txt
c:\program files\Gomez\GomezPEER\tools\bind\bind.zip
c:\program files\Gomez\GomezPEER\uninstall.exe
c:\windows\Fonts\COPRGTL.TTF
D:\install.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-11 do 2011-04-11 )))))))))))))))))))))))))))))))
.
.
2011-04-11 16:39 . 2011-04-11 16:39 -------- d-----w- C:\rsit
2011-04-06 11:35 . 2011-04-06 11:35 -------- d-----w- c:\documents and settings\Radka\Data aplikací\Nokia Ovi Suite
2011-04-06 09:04 . 2011-04-06 09:04 -------- d-----w- c:\program files\Registr koz
2011-04-06 09:01 . 2011-04-06 09:01 -------- d-----w- c:\program files\Registr ovcí
2011-03-23 21:34 . 2011-03-23 21:34 -------- d-----w- c:\program files\Common Files\Skype
2011-03-23 21:33 . 2011-03-23 21:33 1024000 ----a-w- c:\program files\Mozilla Firefox\Milan's GUI 4.exe
2011-03-23 21:33 . 2004-06-30 12:20 160768 ----a-w- c:\program files\Mozilla Firefox\fmod.dll
2011-03-23 21:33 . 2004-09-14 11:00 59392 ----a-w- c:\program files\Mozilla Firefox\codecs\wavunpack.exe
2011-03-23 21:33 . 2004-09-14 11:00 60928 ----a-w- c:\program files\Mozilla Firefox\codecs\wavpack.exe
2011-03-23 21:33 . 2004-01-26 21:42 187904 ----a-w- c:\program files\Mozilla Firefox\codecs\tag.exe
2011-03-23 21:33 . 2004-02-28 07:31 57856 ----a-w- c:\program files\Mozilla Firefox\codecs\speexenc.exe
2011-03-23 21:33 . 2004-02-28 07:31 58368 ----a-w- c:\program files\Mozilla Firefox\codecs\speexdec.exe
2011-03-23 21:33 . 2004-05-04 14:44 92160 ----a-w- c:\program files\Mozilla Firefox\codecs\shorten.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-08 01:16 . 2011-02-08 01:16 922112 ------w- c:\windows\system32\imapi2fs.dll
2011-02-08 01:16 . 2011-02-08 01:16 426496 ------w- c:\windows\system32\imapi2.dll
2011-02-08 01:16 . 2004-08-03 20:59 62592 ----a-w- c:\windows\system32\drivers\cdrom.sys
2009-10-05 17:34 . 2010-01-02 08:06 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
.
.
------- Sigcheck -------
.
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\sfcfiles.dll
[-] 2007-08-03 . 25B3480FD32A1D6A65F865817F2B4FD0 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
.
c:\windows\System32\drivers\beep.sys ... chybí !!
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\windows\OETRN.EXE" [2007-12-20 26624]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2008-10-06 793712]
"NokiaOviSuite2"="c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe" [2010-09-02 672632]
"NokiaPCInternetAccess"="c:\program files\Nokia\PC Internet Access\NPCIA.exe" [2008-09-29 536576]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 1079808]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-12-20 949376]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"Rapget"="c:\program files\rapget\rapget.exe" [2008-06-03 171008]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-09 198160]
"UpdateReminder"="c:\program files\Eset\UpdateReminder.exe" [2010-11-03 413696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2010-05-04 124928]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Pidgin.lnk - c:\program files\Pidgin\pidgin.exe [2011-3-11 48618]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\TC PowerPack\\TOTALCMD.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\rapget\\rapget.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
.
R0 nullcd;nullcd;c:\windows\System32\Drivers\nullcd.sys [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-06-29 112640]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2009-06-29 102656]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-08-13 717296]
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-20 15424]
.
.
Obsah adresáře 'Naplánované úlohy'
.
2011-04-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]
.
.
------- Doplňkový sken -------
.
uStart Page =
uDefault_Search_URL =
mStart Page =
uSearchAssistant =
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\windows\system32\imon.dll
DPF: {CEBE157C-C91E-4A45-BB3C-45F8C77C012F} - hxxp://gameyard.com/online_games/wandering-willows-online/WanderingWillowsWeb.1.0.0.18.cab
FF - ProfilePath - c:\documents and settings\Radka\Data aplikací\Mozilla\Firefox\Profiles\b8nsytid.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-Wdf01000.sys
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Ask Toolbar_is1 - c:\program files\AskBarDis\unins000.exe
AddRemove-Blue Byte Game Channel - d:\bluebyte\BBGC\uninst.dll
AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe
AddRemove-GomezPEER - c:\program files\Gomez\GomezPEER\uninstall.exe
AddRemove-Grey Olltwit's Tom & Jerry Game - d:\hry\DADA\tom\tnjerryunins.exe
AddRemove-Hledači pokladů - patch_is1 - c:\program files\Hledači pokladů\unins000.exe
AddRemove-Steam - d:\hry\hl2\UNWISE.EXE
AddRemove-{3DE19DBA-6F79-4E14-AE0B-1833B26DD184}_is1 - d:\hry\Solace\unins000.exe
AddRemove-My Kingdom for the Princess - d:\hry\kingdom\Uninstal.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-11 22:12
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-1935655697-152049171-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D5784C1C-B41B-70AF-4BF0-CE73E16FDC99}*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(756)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
Celkový čas: 2011-04-11 22:17:12
ComboFix-quarantined-files.txt 2011-04-11 20:16
.
Před spuštěním: 4 312 133 632
Po spuštění: 4 224 016 384
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect
.
- - End Of File - - 01D93CA096FFC7A6FC3B8226348B2F69

[vyosek]

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  Restore::
  c:\windows\System32\drivers\beep.sys
  c:\windows\system32\sfcfiles.dll
  
  Registry::
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "DAEMON Tools Lite"=-
  "PC Suite Tray"=-
  "NokiaOviSuite2"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "SunJavaUpdateSched"=-
  "Adobe Reader Speed Launcher"=-
  "UpdateReminder"=-
  
  Driver::
  nullcd
  
  File::
  c:\windows\Tasks\AppleSoftwareUpdate.job
  
  RegLock::
  [HKEY_USERS\S-1-5-21-1935655697-152049171-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D5784C1C-B41B-70AF-4BF0-CE73E16FDC99}*]
  
  RegNull::
  [HKEY_USERS\S-1-5-21-1935655697-152049171-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{D5784C1C-B41B-70AF-4BF0-CE73E16FDC99}*]
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

[radak]

ComboFix 11-04-11.01 - Radka 11.04.2011 22:48:48.2.1 - x86
Spuštěný z: c:\documents and settings\Radka\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Radka\Plocha\CFScript.txt
AV: Eset NOD32 Antivirus 2.70 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
* Rezidentní štít AV je zapnutý
.
.
FILE ::
"c:\windows\Tasks\AppleSoftwareUpdate.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Radka\Data aplikací\TMInc
c:\documents and settings\Radka\Data aplikací\TMInc\game.cfg
c:\documents and settings\Radka\Data aplikací\TMInc\user1.sav
c:\windows\Tasks\AppleSoftwareUpdate.job
.
c:\windows\System32\drivers\beep.sys . . . je infikován!!
.
c:\windows\system32\sfcfiles.dll . . . je infikován!!
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_nullcd
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-11 do 2011-04-11 )))))))))))))))))))))))))))))))
.
.
2011-04-11 20:59 . 2011-04-11 20:59 -------- d-----w- c:\windows\system32\xircom
2011-04-11 20:59 . 2011-04-11 20:59 -------- d-----w- c:\windows\system32\wbem\snmp
2011-04-11 20:59 . 2011-04-11 20:59 -------- d-----w- c:\program files\microsoft frontpage
2011-04-11 16:39 . 2011-04-11 16:39 -------- d-----w- C:\rsit
2011-04-06 11:35 . 2011-04-06 11:35 -------- d-----w- c:\documents and settings\Radka\Data aplikací\Nokia Ovi Suite
2011-04-06 09:04 . 2011-04-06 09:04 -------- d-----w- c:\program files\Registr koz
2011-04-06 09:01 . 2011-04-06 09:01 -------- d-----w- c:\program files\Registr ovcí
2011-03-23 21:34 . 2011-03-23 21:34 -------- d-----w- c:\program files\Common Files\Skype
2011-03-23 21:33 . 2011-03-23 21:33 1024000 ----a-w- c:\program files\Mozilla Firefox\Milan's GUI 4.exe
2011-03-23 21:33 . 2004-06-30 12:20 160768 ----a-w- c:\program files\Mozilla Firefox\fmod.dll
2011-03-23 21:33 . 2004-09-14 11:00 59392 ----a-w- c:\program files\Mozilla Firefox\codecs\wavunpack.exe
2011-03-23 21:33 . 2004-09-14 11:00 60928 ----a-w- c:\program files\Mozilla Firefox\codecs\wavpack.exe
2011-03-23 21:33 . 2004-01-26 21:42 187904 ----a-w- c:\program files\Mozilla Firefox\codecs\tag.exe
2011-03-23 21:33 . 2004-02-28 07:31 57856 ----a-w- c:\program files\Mozilla Firefox\codecs\speexenc.exe
2011-03-23 21:33 . 2004-02-28 07:31 58368 ----a-w- c:\program files\Mozilla Firefox\codecs\speexdec.exe
2011-03-23 21:33 . 2004-05-04 14:44 92160 ----a-w- c:\program files\Mozilla Firefox\codecs\shorten.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-08 01:16 . 2011-02-08 01:16 922112 ------w- c:\windows\system32\imapi2fs.dll
2011-02-08 01:16 . 2011-02-08 01:16 426496 ------w- c:\windows\system32\imapi2.dll
2011-02-08 01:16 . 2004-08-03 20:59 62592 ----a-w- c:\windows\system32\drivers\cdrom.sys
2009-10-05 17:34 . 2010-01-02 08:06 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
.
.
------- Sigcheck -------
.
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\sfcfiles.dll
[-] 2007-08-03 . 25B3480FD32A1D6A65F865817F2B4FD0 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
.
c:\windows\System32\drivers\beep.sys ... chybí !!
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\windows\OETRN.EXE" [2007-12-20 26624]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2008-10-06 793712]
"NokiaPCInternetAccess"="c:\program files\Nokia\PC Internet Access\NPCIA.exe" [2008-09-29 536576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-12-20 949376]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Rapget"="c:\program files\rapget\rapget.exe" [2008-06-03 171008]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-09 198160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2010-05-04 124928]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Pidgin.lnk - c:\program files\Pidgin\pidgin.exe [2011-3-11 48618]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\TC PowerPack\\TOTALCMD.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\rapget\\rapget.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
.
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-06-29 112640]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2009-06-29 102656]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-08-13 717296]
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-20 15424]
.
.
.
------- Doplňkový sken -------
.
uStart Page =
uDefault_Search_URL =
mStart Page =
uSearchAssistant =
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\windows\system32\imon.dll
DPF: {CEBE157C-C91E-4A45-BB3C-45F8C77C012F} - hxxp://gameyard.com/online_games/wandering-willows-online/WanderingWillowsWeb.1.0.0.18.cab
FF - ProfilePath - c:\documents and settings\Radka\Data aplikací\Mozilla\Firefox\Profiles\b8nsytid.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-11 23:00
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(768)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
- - - - - - - > 'explorer.exe'(936)
c:\windows\TrnOEH.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Eset\nod32krn.exe
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Celkový čas: 2011-04-11 23:05:35 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-11 21:05
ComboFix2.txt 2011-04-11 20:17
.
Před spuštěním: 4 222 267 392
Po spuštění: 4 119 715 840
.
- - End Of File - - 310818FF24D7F8995CBFDA8AE3F8B790

[radak]

pro dnesek to balim, prubezne dekuji za pomoc ))

[vyosek]

Stahnete si tento soubor http://vyosek.ic.cz/pro_usery/beep.sys a ulozte jej primo na disk c:\ tak aby nebyl v zadne slozce (cesta k nemu tedy bude c:\beep.sys)

A znovu si dame skript pro CFko - postup je stejny jako minule

Kód: Vybrat vše

KillAll::

FCopy::
c:\beep.sys | c:\windows\System32\drivers\beep.sys

DDS::
uStart Page =
uDefault_Search_URL =
mStart Page =
uSearchAssistant = 

Reboot::

[radak]

ComboFix 11-04-11.02 - Radka 12.04.2011 7:13.3.1 - x86
Spuštěný z: c:\documents and settings\Radka\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\Radka\Plocha\CFScript.txt
AV: Eset NOD32 Antivirus 2.70 *Disabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\beep.sys --> c:\windows\System32\drivers\beep.sys
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-03-12 do 2011-04-12 )))))))))))))))))))))))))))))))
.
.
2011-04-12 05:13 . 2011-04-12 05:04 4224 ----a-w- c:\windows\system32\drivers\beep.sys
2011-04-12 05:04 . 2011-04-12 05:04 4224 ------w- C:\beep.sys
2011-04-11 20:59 . 2011-04-11 20:59 -------- d-----w- c:\windows\system32\xircom
2011-04-11 16:39 . 2011-04-11 16:39 -------- d-----w- C:\rsit
2011-04-06 11:35 . 2011-04-06 11:35 -------- d-----w- c:\documents and settings\Radka\Data aplikací\Nokia Ovi Suite
2011-04-06 09:04 . 2011-04-06 09:04 -------- d-----w- c:\program files\Registr koz
2011-04-06 09:01 . 2011-04-06 09:01 -------- d-----w- c:\program files\Registr ovcí
2011-03-23 21:34 . 2011-03-23 21:34 -------- d-----w- c:\program files\Common Files\Skype
2011-03-23 21:33 . 2011-03-23 21:33 1024000 ----a-w- c:\program files\Mozilla Firefox\Milan's GUI 4.exe
2011-03-23 21:33 . 2004-06-30 12:20 160768 ----a-w- c:\program files\Mozilla Firefox\fmod.dll
2011-03-23 21:33 . 2004-09-14 11:00 59392 ----a-w- c:\program files\Mozilla Firefox\codecs\wavunpack.exe
2011-03-23 21:33 . 2004-09-14 11:00 60928 ----a-w- c:\program files\Mozilla Firefox\codecs\wavpack.exe
2011-03-23 21:33 . 2004-01-26 21:42 187904 ----a-w- c:\program files\Mozilla Firefox\codecs\tag.exe
2011-03-23 21:33 . 2004-02-28 07:31 57856 ----a-w- c:\program files\Mozilla Firefox\codecs\speexenc.exe
2011-03-23 21:33 . 2004-02-28 07:31 58368 ----a-w- c:\program files\Mozilla Firefox\codecs\speexdec.exe
2011-03-23 21:33 . 2004-05-04 14:44 92160 ----a-w- c:\program files\Mozilla Firefox\codecs\shorten.exe
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-02-08 01:16 . 2011-02-08 01:16 922112 ------w- c:\windows\system32\imapi2fs.dll
2011-02-08 01:16 . 2011-02-08 01:16 426496 ------w- c:\windows\system32\imapi2.dll
2011-02-08 01:16 . 2004-08-03 20:59 62592 ----a-w- c:\windows\system32\drivers\cdrom.sys
2009-10-05 17:34 . 2010-01-02 08:06 118000 ----a-w- c:\program files\mozilla firefox\components\qippipe.dll
.
.
------- Sigcheck -------
.
[-] 2008-04-14 . 56A6034E7764E23D9114223EB3523925 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\8fb85d68ee3649be8b622da7b69408ee\sfcfiles.dll
[-] 2007-08-03 . 25B3480FD32A1D6A65F865817F2B4FD0 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"="c:\windows\OETRN.EXE" [2007-12-20 26624]
"DW6"="c:\program files\The Weather Channel FW\Desktop\DesktopWeather.exe" [2008-10-06 793712]
"NokiaPCInternetAccess"="c:\program files\Nokia\PC Internet Access\NPCIA.exe" [2008-09-29 536576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NokiaMServer"="c:\program files\Common Files\Nokia\MPlatform\NokiaMServer" [X]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-12-20 949376]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648]
"Rapget"="c:\program files\rapget\rapget.exe" [2008-06-03 171008]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-03-09 198160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-17 15360]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_3"="advpack.dll" [2010-05-04 124928]
.
c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Pidgin.lnk - c:\program files\Pidgin\pidgin.exe [2011-3-11 48618]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\QIP\\qip.exe"=
"c:\\Program Files\\TC PowerPack\\TOTALCMD.EXE"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\rapget\\rapget.exe"=
"c:\\Program Files\\Trillian\\trillian.exe"=
"c:\\Program Files\\Nokia\\Nokia Ovi Suite\\NokiaOviSuite.exe"=
"c:\\Program Files\\Common Files\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
"c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
.
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-06-29 112640]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys [2009-06-29 102656]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2008-08-13 717296]
S1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-12-20 15424]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - BEEP
.
.
------- Doplňkový sken -------
.
uSearchAssistant =
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
LSP: c:\windows\system32\imon.dll
DPF: {CEBE157C-C91E-4A45-BB3C-45F8C77C012F} - hxxp://gameyard.com/online_games/wandering-willows-online/WanderingWillowsWeb.1.0.0.18.cab
FF - ProfilePath - c:\documents and settings\Radka\Data aplikací\Mozilla\Firefox\Profiles\b8nsytid.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Firefox Synchronisation Extension: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70} - c:\program files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-04-12 07:24
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'lsass.exe'(756)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
- - - - - - - > 'explorer.exe'(4092)
c:\windows\TrnOEH.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 6\phonebrowser.dll
c:\program files\Nokia\Nokia PC Suite 6\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 6\Lang\PhoneBrowser_cze.nlr
c:\program files\Nokia\Nokia PC Suite 6\Resource\PhoneBrowser_Nokia.ngr
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Eset\nod32krn.exe
c:\program files\PC Connectivity Solution\ServiceLayer.exe
c:\program files\PC Connectivity Solution\Transports\NclUSBSrv.exe
c:\program files\PC Connectivity Solution\Transports\NclRSSrv.exe
.
**************************************************************************
.
Celkový čas: 2011-04-12 07:38:07 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-04-12 05:37
ComboFix2.txt 2011-04-11 21:05
ComboFix3.txt 2011-04-11 20:17
.
Před spuštěním: 4 013 551 616
Po spuštění: 3 998 269 440
.
- - End Of File - - CD7256345E532900F6A93DA9F502A393

[vyosek]

Jak se chova nas pacient

[radak]

Pacient je zivotaschopny, podstatne rychlejsi nez pred zacatkem lecby (to byl uz vcera vecer), dnes rano po spusteni zase svchost na tech temer 100%, ted po spusteni toho posledniho scriptu je to OK

[vyosek]

Tak jeste uklidime

Odinstalujte Combofix

• Start - Spustit (nebo pouzijte klavesobou zkratku Win+R)
• Napiste ComboFix /Uninstall
• Stisknete Enter
• Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Zkuste udelat log z RSIT, napiste jak se chova PC

[radak]

PC vypada ze je v pohode, jen ten log z RSIT mi stale nejde udelat

[vyosek]

Z logu bylo patrno, ze nemate aktualni verzi Windows - chybi Vam ServicePack 3 - doinstalujte jej

• Vice info mate zde http://www.viry.cz/forum/viewtopic.php?f=46&t=86100

Jinak pokud nejsou problemy ci dotazy, je to z me strany vse

[radak]

aha, zila jsem v domneni, ze aktualizace se stahuji automaticky, napravim to tedy

vrele diky za pomoc

[vyosek]

Dalsi srdicko, to zas bude od pritelkyne "kecu" Delam si legraci samozrejme

Nemate zac, rad jsem pomohl Zase nekdy

[radak]

Dobrý den,
tak mám zase problém se svchost.exe, původně jsem si myslela, že bych si to opravila podle tohoto starého vlákna, ale nejsem si jistá, jestli to je dobrý nápad tak kdybyste mi to mohli zkouknout, log vkládám níže. Díky moc Radka

Logfile of random's system information tool 1.06 (written by random/random)
Run by Radka at 2014-01-06 11:00:22
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 468 MB (2%) free of 20 GB
Total RAM: 512 MB (28% free)

HijackThis download failed

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-11-13 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-11-13 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431}
{D4027C7F-154A-4066-A1AD-4243D8127440}
10

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OEXPRESS"= []
"DW6"=C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe [2008-10-06 793712]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
""= []
"NokiaSuite.exe"=C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [2013-04-19 1090912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoSMMyPictures"=1
"NoSMConfigurePrograms"=1
"NoSMHelp"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\QIP\qip.exe"="C:\Program Files\QIP\qip.exe:*:Enabled:QIP 2005"
"C:\Program Files\TC PowerPack\TOTALCMD.EXE"="C:\Program Files\TC PowerPack\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\rapget\rapget.exe"="C:\Program Files\rapget\rapget.exe:*:Enabled:rapget"
"C:\Program Files\Trillian\trillian.exe"="C:\Program Files\Trillian\trillian.exe:*:Enabled:Trillian"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"C:\Program Files\Pidgin\pidgin.exe"="C:\Program Files\Pidgin\pidgin.exe:*:Enabled:Pidgin"
"C:\Documents and Settings\Radka\Plocha\My Mobile\MyMobiler\MyMobiler.exe"="C:\Documents and Settings\Radka\Plocha\My Mobile\MyMobiler\MyMobiler.exe:*:Enabled:My Mobiler"
"C:\Program Files\Raspberry Software\True Connect\TrueConnect.exe"="C:\Program Files\Raspberry Software\True Connect\TrueConnect.exe:*:Enabled:TrueConnect"
"C:\Program Files\PANDORA.TV\PanService\PandoraService.exe"="C:\Program Files\PANDORA.TV\PanService\PandoraService.exe:*:Enabled:PandoraService"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "
"E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe"="E:\EasySetupAssistant\wr741n\EasySetupAssistant.exe:*:Enabled:TP-LINK Easy Setup Assistant"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe"
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"

======List of files/folders created in the last 1 months======

2014-01-04 21:01:43 ----N---- C:\WINDOWS\SchedLgU.Txt
2014-01-01 07:16:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2868626$
2014-01-01 06:06:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2900986$
2014-01-01 05:52:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$
2014-01-01 05:43:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2898715$
2014-01-01 05:30:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$
2014-01-01 05:14:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2013-12-30 06:29:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2904266$
2013-12-30 06:17:54 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$
2013-12-30 06:08:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$
2013-12-30 05:49:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2862152$
2013-12-30 05:46:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2876331$
2013-12-30 05:33:17 ----HDC---- C:\WINDOWS\$NtUninstallKB2884256$
2013-12-30 05:18:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2868038$
2013-12-29 15:10:00 ----D---- C:\Program Files\Mozilla Firefox
2013-12-29 07:07:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2834886$
2013-12-29 07:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2845187$
2013-12-29 06:57:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2850869$
2013-12-29 06:06:41 ----HDC---- C:\WINDOWS\$NtUninstallKB2859537$
2013-12-29 06:01:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2893294$
2013-12-29 05:49:52 ----HDC---- C:\WINDOWS\$NtUninstallKB2892075$
2013-12-29 05:36:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$
2013-12-27 22:44:50 ----HDC---- C:\WINDOWS\$NtUninstallKB2863058$
2013-12-27 21:41:14 ----A---- C:\WINDOWS\system32\FlashPlayerInstaller.exe

======List of files/folders modified in the last 1 months======

2014-01-06 11:00:29 ----D---- C:\Program Files\trend micro
2014-01-06 10:45:22 ----D---- C:\WINDOWS\SoftwareDistribution
2014-01-06 10:45:21 ----D---- C:\WINDOWS
2014-01-06 10:45:20 ----D---- C:\WINDOWS\temp
2014-01-03 18:10:50 ----D---- C:\WINDOWS\Prefetch
2014-01-01 08:08:40 ----D---- C:\WINDOWS\Microsoft.NET
2014-01-01 08:08:38 ----RSD---- C:\WINDOWS\assembly
2014-01-01 07:42:30 ----D---- C:\WINDOWS\system32
2014-01-01 07:18:11 ----HD---- C:\WINDOWS\inf
2014-01-01 07:16:52 ----D---- C:\WINDOWS\system32\dllcache
2014-01-01 07:04:35 ----HD---- C:\Config.Msi
2014-01-01 06:59:09 ----SHD---- C:\WINDOWS\Installer
2014-01-01 06:57:41 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-01 06:51:27 ----D---- C:\WINDOWS\WinSxS
2014-01-01 05:30:53 ----D---- C:\WINDOWS\system32\drivers
2014-01-01 05:15:59 ----D---- C:\WINDOWS\system32\CatRoot
2014-01-01 05:13:57 ----D---- C:\WINDOWS\system32\CatRoot2
2013-12-31 05:04:37 ----D---- C:\Program Files\Microsoft Silverlight
2013-12-30 06:39:15 ----D---- C:\Documents and Settings\Radka\Data aplikací\Skype
2013-12-29 19:34:39 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-12-29 19:34:38 ----RD---- C:\Program Files
2013-12-27 22:15:41 ----D---- C:\WINDOWS\system32\XPSViewer
2013-12-27 21:43:08 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;Ovladač procesoru AMD K7; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2008-04-14 41600]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2006-07-24 5632]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2003-07-15 578368]
R3 usbehci;Ovladač miniportu rozšířeného radiče hostitele Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2009-03-18 30336]
R3 usbhub;Rozbočovač umožnující USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S3 ewusbnet;HUAWEI USB-NDIS miniport; C:\WINDOWS\system32\DRIVERS\ewusbnet.sys [2009-06-29 112640]
S3 hamachi;Hamachi Network Interface; C:\WINDOWS\system32\DRIVERS\hamachi.sys [2008-03-16 25280]
S3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2008-10-29 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2008-10-29 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2008-10-29 21568]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2009-04-09 102400]
S3 hwusbfake;Huawei DataCard USB Fake; C:\WINDOWS\system32\DRIVERS\ewusbfake.sys [2009-06-29 102656]
S3 motmodem;Motorola USB CDC ACM Driver; C:\WINDOWS\system32\DRIVERS\motmodem.sys [2007-06-18 23680]
S3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\WINDOWS\system32\drivers\ccdcmb.sys [2013-01-23 18560]
S3 nmwcdc;Nokia USB Communication Driver; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2013-01-23 23168]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent; C:\WINDOWS\system32\drivers\nmwcdnsu.sys [2013-01-23 137600]
S3 nmwcdnsuc;Nokia USB Flashing Generic; C:\WINDOWS\system32\drivers\nmwcdnsuc.sys [2013-01-23 8576]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2012-10-17 19072]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2013-01-23 8192]
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2013-02-12 12928]
S3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2013-08-29 26240]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2013-01-23 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2009-07-14 444136]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Podpůrné prostředí zprostředkovatele služeb Windows Socket 2.0 bez podpory IFS; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2002-09-23 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-11-13 153376]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PanService;PandoraService; C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [2012-06-22 625816]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-27 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-29 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[vyosek]

Zdravim

Zkuste na zkousku vypnout automaticke aktualizace