VIRY.CZ

Po startu počítače cosi blokuje připojení k netu a povolí po cca 5 min.
Děkuji

ComboFix 12-12-19.01 - User1 19.12.2012 13:54:20.1.2 - x86 NETWORK
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2046.1499 [GMT 1:00]
Spuštěný z: f:\documents and settings\User1\Dokumenty\Downloads\ComboFix.exe
.
ADS - WINDOWS: deleted 256 bytes in 2 streams.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
f:\documents and settings\All Users\Data aplikací\lsass.exe
f:\documents and settings\User1\System
f:\documents and settings\User1\System\win_qs8.jqx
f:\documents and settings\User1\WINDOWS
f:\program files\explorer
f:\program files\explorer\AddressParser\AddressParserConfiguration.xml
f:\program files\explorer\AddressParser\parser_andorra.xml
f:\program files\explorer\AddressParser\parser_austria.xml
f:\program files\explorer\AddressParser\parser_belgium.xml
f:\program files\explorer\AddressParser\parser_canada.xml
f:\program files\explorer\AddressParser\parser_denmark.xml
f:\program files\explorer\AddressParser\parser_france.xml
f:\program files\explorer\AddressParser\parser_germany.xml
f:\program files\explorer\AddressParser\parser_ireland.xml
f:\program files\explorer\AddressParser\parser_italy.xml
f:\program files\explorer\AddressParser\parser_liechtenstein.xml
f:\program files\explorer\AddressParser\parser_luxembourg.xml
f:\program files\explorer\AddressParser\parser_monaco.xml
f:\program files\explorer\AddressParser\parser_netherlands.xml
f:\program files\explorer\AddressParser\parser_norway.xml
f:\program files\explorer\AddressParser\parser_portugal.xml
f:\program files\explorer\AddressParser\parser_spain.xml
f:\program files\explorer\AddressParser\parser_sweden.xml
f:\program files\explorer\AddressParser\parser_switzerland.xml
f:\program files\explorer\AddressParser\parser_uk.xml
f:\program files\explorer\AddressParser\parser_usa.xml
f:\program files\explorer\basemaps\basemap0.nmf
f:\program files\explorer\basemaps\basemap0.png
f:\program files\explorer\basemaps\basemap1.nmf
f:\program files\explorer\basemaps\basemap1.png
f:\program files\explorer\basemaps\basemap2.nmf
f:\program files\explorer\basemaps\basemap2.png
f:\program files\explorer\basemaps\basemap3.nmf
f:\program files\explorer\basemaps\basemap3.png
f:\program files\explorer\basemaps\basemap4.nmf
f:\program files\explorer\basemaps\basemap4.png
f:\program files\explorer\basemaps\basemap5.nmf
f:\program files\explorer\basemaps\basemap5.png
f:\program files\explorer\basemaps\basemap6.nmf
f:\program files\explorer\basemaps\basemap6.png
f:\program files\explorer\basemaps\basemap7.nmf
f:\program files\explorer\basemaps\basemap7.png
f:\program files\explorer\basemaps\basemap8.nmf
f:\program files\explorer\basemaps\basemap8.png
f:\program files\explorer\basemaps\basemaps.de.xml
f:\program files\explorer\basemaps\basemaps.es.xml
f:\program files\explorer\basemaps\basemaps.fr.xml
f:\program files\explorer\basemaps\basemaps.ja-jp.xml
f:\program files\explorer\basemaps\basemaps.xml
f:\program files\explorer\basemaps\basemaps.zh-CN.xml
f:\program files\explorer\bin\3dAnalystUtil.dll
f:\program files\explorer\bin\3DSymbols.dll
f:\program files\explorer\bin\3DSymbolsLib.dll
f:\program files\explorer\bin\AfCore.dll
f:\program files\explorer\bin\AfUtil.dll
f:\program files\explorer\bin\AGSClient.dll
f:\program files\explorer\bin\aibase.dll
f:\program files\explorer\bin\aifeat.dll
f:\program files\explorer\bin\AISClient.dll
f:\program files\explorer\bin\AISGlobalLib.dll
f:\program files\explorer\bin\aishape.dll
f:\program files\explorer\bin\Animation.dll
f:\program files\explorer\bin\AnnoLayer.dll
f:\program files\explorer\bin\Annotation.dll
f:\program files\explorer\bin\AnnotationLib.dll
f:\program files\explorer\bin\AoInitializer.dll
f:\program files\explorer\bin\AppInitializerLib.dll
f:\program files\explorer\bin\ApplicationConfigurationManager.exe
f:\program files\explorer\bin\ArcGISExplorer.ISCConfig
f:\program files\explorer\bin\atl71.dll
f:\program files\explorer\bin\BasemapLayer.dll
f:\program files\explorer\bin\BasicRasterPicture.dll
f:\program files\explorer\bin\BGLAPI.dll
f:\program files\explorer\bin\BGLAPILib.dll
f:\program files\explorer\bin\BGLFontEngine.dll
f:\program files\explorer\bin\BGLGeometricEffects.dll
f:\program files\explorer\bin\BGLGeomChestLib.dll
f:\program files\explorer\bin\BGLImageCoders.dll
f:\program files\explorer\bin\BGLRasterizerLib.dll
f:\program files\explorer\bin\BGLRasterizerSW.dll
f:\program files\explorer\bin\BGLSymbols.dll
f:\program files\explorer\bin\BGLSymbolsLib.dll
f:\program files\explorer\bin\BGLToGDIHelper.dll
f:\program files\explorer\bin\bin.zreg
f:\program files\explorer\bin\CadastralFabric.dll
f:\program files\explorer\bin\CadastralFabricLayer.dll
f:\program files\explorer\bin\CadEngine.dll
f:\program files\explorer\bin\CadFDB.dll
f:\program files\explorer\bin\CadWorkspaceFactory.dll
f:\program files\explorer\bin\CacheRasterDB.dll
f:\program files\explorer\bin\Camera.dll
f:\program files\explorer\bin\CartoControlsLib.dll
f:\program files\explorer\bin\CartoXLib.dll
f:\program files\explorer\bin\CIMLib.dll
f:\program files\explorer\bin\Color.dll
f:\program files\explorer\bin\ComplexSymbols.dll
f:\program files\explorer\bin\CompressedDataFile.dll
f:\program files\explorer\bin\Configuration\CATID\esri.catid.ecfg
f:\program files\explorer\bin\Configuration\CLSID\esri.clsid.ecfg
f:\program files\explorer\bin\DADFLib.dll
f:\program files\explorer\bin\DaeFile.dll
f:\program files\explorer\bin\dbghelp.dll
f:\program files\explorer\bin\de\ApplicationConfigurationManager.resources.dll
f:\program files\explorer\bin\de\DADFRes.dll
f:\program files\explorer\bin\de\ESRI.ArcGISExplorer.Application.resources.dll
f:\program files\explorer\bin\de\ESRI.ArcGISExplorer.resources.dll
f:\program files\explorer\bin\de\ResToolkitPro.dll
f:\program files\explorer\bin\DECoreLib.dll
f:\program files\explorer\bin\DFORRT.DLL
f:\program files\explorer\bin\Display.dll
f:\program files\explorer\bin\DisplayFeedback.dll
f:\program files\explorer\bin\DisplayGraph.dll
f:\program files\explorer\bin\DisplayLib.dll
f:\program files\explorer\bin\DistributedGeodbLib.dll
f:\program files\explorer\bin\DynamicDisplay.dll
f:\program files\explorer\bin\e3.config.xml
f:\program files\explorer\bin\E3.exe
f:\program files\explorer\bin\E3Control.dll
f:\program files\explorer\bin\E3EmailHelper.exe
f:\program files\explorer\bin\EngineGraphics.dll
f:\program files\explorer\bin\es\ApplicationConfigurationManager.resources.dll
f:\program files\explorer\bin\es\DADFRes.dll
f:\program files\explorer\bin\es\ESRI.ArcGISExplorer.Application.resources.dll
f:\program files\explorer\bin\es\ESRI.ArcGISExplorer.resources.dll
f:\program files\explorer\bin\es\ResToolkitPro.dll
f:\program files\explorer\bin\ESRI.ArcGIS.Utilities.Compression.dll
f:\program files\explorer\bin\ESRI.ArcGISExplorer.Application.dll
f:\program files\explorer\bin\ESRI.ArcGISExplorer.dll
f:\program files\explorer\bin\ESRI.DADF.Core.dll
f:\program files\explorer\bin\ESRI.DADF.dll
f:\program files\explorer\bin\esrizip.exe
f:\program files\explorer\bin\Export.dll
f:\program files\explorer\bin\ExtTopoEngine.dll
f:\program files\explorer\bin\FdaCore.dll
f:\program files\explorer\bin\FdaCoreLib.dll
f:\program files\explorer\bin\FdaRel.dll
f:\program files\explorer\bin\FeatureDataElements.dll
f:\program files\explorer\bin\FeatureLayer.dll
f:\program files\explorer\bin\FeatureLayerLib.dll
f:\program files\explorer\bin\FgdbRasterDB.dll
f:\program files\explorer\bin\FgdbUtilLib.dll
f:\program files\explorer\bin\FileDBCoreLib.dll
f:\program files\explorer\bin\FileGDB.dll
f:\program files\explorer\bin\FileGDBWorkspaceFactory.dll
f:\program files\explorer\bin\fr\ApplicationConfigurationManager.resources.dll
f:\program files\explorer\bin\fr\DADFRes.dll
f:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.Application.resources.dll
f:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.resources.dll
f:\program files\explorer\bin\fr\ResToolkitPro.dll
f:\program files\explorer\bin\gdal16.dll
f:\program files\explorer\bin\GdalRasterDB.dll
f:\program files\explorer\bin\GdbCatalog.dll
f:\program files\explorer\bin\GdbCore.dll
f:\program files\explorer\bin\GdbCoreLib.dll
f:\program files\explorer\bin\GdbNet.dll
f:\program files\explorer\bin\GdbTopo.dll
f:\program files\explorer\bin\GeoDataServer.dll
f:\program files\explorer\bin\Geometry.dll
f:\program files\explorer\bin\GeoprocessingLib.dll
f:\program files\explorer\bin\GeoRSSPlugin.dll
f:\program files\explorer\bin\glew32.dll
f:\program files\explorer\bin\Globe.dll
f:\program files\explorer\bin\GlobeCamera.dll
f:\program files\explorer\bin\GlobeClient.dll
f:\program files\explorer\bin\GlobeCoreLib.dll
f:\program files\explorer\bin\GlobeDisplay.dll
f:\program files\explorer\bin\GlobeLayers.dll
f:\program files\explorer\bin\GlobeServer.dll
f:\program files\explorer\bin\GlobeServerLayer.dll
f:\program files\explorer\bin\GlobeViewerCoreLib.dll
f:\program files\explorer\bin\GPClient.dll
f:\program files\explorer\bin\GpObjects.dll
f:\program files\explorer\bin\GPRasterFunctions.dll
f:\program files\explorer\bin\GraphicElements.dll
f:\program files\explorer\bin\hd420m.dll
f:\program files\explorer\bin\hdf5dll.dll
f:\program files\explorer\bin\hm420m.dll
f:\program files\explorer\bin\icudt40.dll
f:\program files\explorer\bin\icuin40.dll
f:\program files\explorer\bin\icuio40.dll
f:\program files\explorer\bin\icule40.dll
f:\program files\explorer\bin\icuuc40.dll
f:\program files\explorer\bin\ImageAccessLib.dll
f:\program files\explorer\bin\ImageClient.dll
f:\program files\explorer\bin\ImageServer.dll
f:\program files\explorer\bin\ImageServerLayer.dll
f:\program files\explorer\bin\IMSConnector.dll
f:\program files\explorer\bin\ImsFDB.dll
f:\program files\explorer\bin\IMSLayer.dll
f:\program files\explorer\bin\IMSLayerLib.dll
f:\program files\explorer\bin\IMSServiceLib.dll
f:\program files\explorer\bin\ImsWorkspaceFactory.dll
f:\program files\explorer\bin\InMemoryWorkspaceFactory.dll
f:\program files\explorer\bin\InputDevice3Dx.dll
f:\program files\explorer\bin\ja-JP\ApplicationConfigurationManager.resources.dll
f:\program files\explorer\bin\ja-JP\DADFRes.dll
f:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.Application.resources.dll
f:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.resources.dll
f:\program files\explorer\bin\ja-JP\ResToolkitPro.dll
f:\program files\explorer\bin\kdu61.dll
f:\program files\explorer\bin\KmlLayer.dll
f:\program files\explorer\bin\LabelPlacement.dll
f:\program files\explorer\bin\Layer.dll
f:\program files\explorer\bin\LayerLib.dll
f:\program files\explorer\bin\lcms117lib.dll
f:\program files\explorer\bin\libcollada14dom21.dll
f:\program files\explorer\bin\libcurl.dll
f:\program files\explorer\bin\lti_dsdk_dll.dll
f:\program files\explorer\bin\Map.dll
f:\program files\explorer\bin\MapClient.dll
f:\program files\explorer\bin\MapElements.dll
f:\program files\explorer\bin\MaplexEngineLib.dll
f:\program files\explorer\bin\MapLib.dll
f:\program files\explorer\bin\MappingCoreLib.dll
f:\program files\explorer\bin\MappingServicesLib.dll
f:\program files\explorer\bin\MapServer.dll
f:\program files\explorer\bin\MapServerLayer.dll
f:\program files\explorer\bin\Marker3DFile.dll
f:\program files\explorer\bin\MessageSupport.dll
f:\program files\explorer\bin\Microsoft.VC90.ATL\atl90.dll
f:\program files\explorer\bin\Microsoft.VC90.ATL\Microsoft.VC90.ATL.manifest
f:\program files\explorer\bin\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
f:\program files\explorer\bin\Microsoft.VC90.CRT\msvcm90.dll
f:\program files\explorer\bin\Microsoft.VC90.CRT\msvcp90.dll
f:\program files\explorer\bin\Microsoft.VC90.CRT\msvcr90.dll
f:\program files\explorer\bin\Microsoft.VC90.MFC\mfc90.dll
f:\program files\explorer\bin\Microsoft.VC90.MFC\mfc90u.dll
f:\program files\explorer\bin\Microsoft.VC90.MFC\mfcm90.dll
f:\program files\explorer\bin\Microsoft.VC90.MFC\mfcm90u.dll
f:\program files\explorer\bin\Microsoft.VC90.MFC\Microsoft.VC90.MFC.manifest
f:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90DEU.dll
f:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ENU.dll
f:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ESN.dll
f:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ESP.dll
f:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90FRA.dll
f:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90CHS.dll
f:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90CHT.dll
f:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ITA.dll
f:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90JPN.dll
f:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90KOR.dll
f:\program files\explorer\bin\Microsoft.VC90.MFCLOC\Microsoft.VC90.MFCLOC.manifest
f:\program files\explorer\bin\Microsoft.VC90.OPENMP\Microsoft.VC90.OpenMP.manifest
f:\program files\explorer\bin\Microsoft.VC90.OPENMP\vcomp90.dll
f:\program files\explorer\bin\msvcp71.dll
f:\program files\explorer\bin\msvcr71.dll
f:\program files\explorer\bin\Navigation.dll
f:\program files\explorer\bin\NetEngine80.dll
f:\program files\explorer\bin\Network.dll
f:\program files\explorer\bin\NetworkDataset.dll
f:\program files\explorer\bin\OGCClient.dll
f:\program files\explorer\bin\OutputLib.dll
f:\program files\explorer\bin\PageLayout.dll
f:\program files\explorer\bin\pe.dll
f:\program files\explorer\bin\PlugInDataSource.dll
f:\program files\explorer\bin\PlugInWorkspaceFactory.dll
f:\program files\explorer\bin\PrintOut.dll
f:\program files\explorer\bin\RasterAnalysisUtilLib.dll
f:\program files\explorer\bin\RasterCatalog.dll
f:\program files\explorer\bin\RasterCoreLib.dll
f:\program files\explorer\bin\RasterDB.dll
f:\program files\explorer\bin\RasterEngine.dll
f:\program files\explorer\bin\RasterFormats.dat
f:\program files\explorer\bin\RasterGraphicElements.dll
f:\program files\explorer\bin\RasterIO.dll
f:\program files\explorer\bin\RasterLayer.dll
f:\program files\explorer\bin\RasterRenderer.dll
f:\program files\explorer\bin\RasterWorkspaceFactory.dll
f:\program files\explorer\bin\Renderers.dll
f:\program files\explorer\bin\RepresentationDB.dll
f:\program files\explorer\bin\RepresentationEffects.dll
f:\program files\explorer\bin\RepresentationLayer.dll
f:\program files\explorer\bin\RepresentationLib.dll
f:\program files\explorer\bin\RepresentationSymbols.dll
f:\program files\explorer\bin\SceneFilters.dll
f:\program files\explorer\bin\SceneGraph.dll
f:\program files\explorer\bin\sdcdbx.dll
f:\program files\explorer\bin\SDCPlugIn.dll
f:\program files\explorer\bin\sde.dll
f:\program files\explorer\bin\SdeFDB.dll
f:\program files\explorer\bin\SdeRasterDB.dll
f:\program files\explorer\bin\sdesetup.dll
f:\program files\explorer\bin\SdeWorkspaceFactory.dll
f:\program files\explorer\bin\ServerStyleGallery.dll
f:\program files\explorer\bin\sg.dll
f:\program files\explorer\bin\ShapefileFDB.dll
f:\program files\explorer\bin\ShapefileWorkspaceFactory.dll
f:\program files\explorer\bin\StyleGalleryClasses.dll
f:\program files\explorer\bin\SystemUIUtil.dll
f:\program files\explorer\bin\Terrain.dll
f:\program files\explorer\bin\TerrainLayer.dll
f:\program files\explorer\bin\TinDb.dll
f:\program files\explorer\bin\TinEngine.dll
f:\program files\explorer\bin\TinLayer.dll
f:\program files\explorer\bin\TinRenderer.dll
f:\program files\explorer\bin\TinWorkspaceFactory.dll
f:\program files\explorer\bin\ViewerCoreLib.dll
f:\program files\explorer\bin\VpfFDB.dll
f:\program files\explorer\bin\VpfWorkspaceFactory.dll
f:\program files\explorer\bin\WebServices.dll
f:\program files\explorer\bin\WMSLayer.dll
f:\program files\explorer\bin\xerces-c_2_7.dll
f:\program files\explorer\bin\XmlSupport.dat
f:\program files\explorer\bin\XMLSupport.dll
f:\program files\explorer\bin\zh-CN\applicationconfigurationmanager.resources.dll
f:\program files\explorer\bin\zh-CN\DADFRes.dll
f:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.Application.resources.dll
f:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.resources.dll
f:\program files\explorer\bin\zh-CN\ResToolkitPro.dll
f:\program files\explorer\bin\zlib1.dll
f:\program files\explorer\bin\znglib.dll
f:\program files\explorer\ColorProfiles\esriGray22.icc
f:\program files\explorer\ColorProfiles\Lab2Lab.icm
f:\program files\explorer\ColorProfiles\sRGB_IEC61966-2-1_noBPC.icc
f:\program files\explorer\ColorProfiles\USWebCoatedSWOP.icc
f:\program files\explorer\ColorProfiles\Xyz2Xyz.icm
f:\program files\explorer\com\com.zreg
f:\program files\explorer\com\esriE3.olb
f:\program files\explorer\license\ExplorerEnglishLicense.pdf
f:\program files\explorer\license\ExplorerFrenchLicense.pdf
f:\program files\explorer\license\ExplorerGermanLicense.pdf
f:\program files\explorer\license\ExplorerJapaneseLicense.pdf
f:\program files\explorer\license\ExplorerSimplChineseLicense.pdf
f:\program files\explorer\license\ExplorerSpanishLicense.pdf
f:\program files\explorer\pedata\gdaldata\coordinate_axis.csv
f:\program files\explorer\pedata\gdaldata\cubewerx_extra.wkt
f:\program files\explorer\pedata\gdaldata\ecw_cs.dat
f:\program files\explorer\pedata\gdaldata\ellipsoid.csv
f:\program files\explorer\pedata\gdaldata\epsg.wkt
f:\program files\explorer\pedata\gdaldata\esri_extra.wkt
f:\program files\explorer\pedata\gdaldata\gcs.csv
f:\program files\explorer\pedata\gdaldata\gdal_datum.csv
f:\program files\explorer\pedata\gdaldata\gdalicon.png
f:\program files\explorer\pedata\gdaldata\pcs.csv
f:\program files\explorer\pedata\gdaldata\prime_meridian.csv
f:\program files\explorer\pedata\gdaldata\projop_wparm.csv
f:\program files\explorer\pedata\gdaldata\s57attributes.csv
f:\program files\explorer\pedata\gdaldata\s57expectedinput.csv
f:\program files\explorer\pedata\gdaldata\s57objectclasses.csv
f:\program files\explorer\pedata\gdaldata\seed_2d.dgn
f:\program files\explorer\pedata\gdaldata\seed_3d.dgn
f:\program files\explorer\pedata\gdaldata\stateplane.csv
f:\program files\explorer\pedata\gdaldata\unit_of_measure.csv
f:\program files\explorer\plugins\explorerCore.ecfg
f:\program files\explorer\schemas\ExplorerAddIn.xsd
f:\program files\explorer\schemas\ExplorerGeometry.xsd
f:\program files\explorer\Styles\default.css
f:\program files\explorer\Styles\ExplorerColors.de.xml
f:\program files\explorer\Styles\ExplorerColors.es.xml
f:\program files\explorer\Styles\ExplorerColors.fr.xml
f:\program files\explorer\Styles\ExplorerColors.ja-JP.xml
f:\program files\explorer\Styles\ExplorerColors.xml
f:\program files\explorer\Styles\ExplorerColors.zh-CN.xml
f:\program files\explorer\Styles\ExplorerSymbols.de.xml
f:\program files\explorer\Styles\ExplorerSymbols.es.xml
f:\program files\explorer\Styles\ExplorerSymbols.fr.xml
f:\program files\explorer\Styles\ExplorerSymbols.ja-JP.xml
f:\program files\explorer\Styles\ExplorerSymbols.xml
f:\program files\explorer\Styles\ExplorerSymbols.zh-CN.xml
f:\program files\explorer\Styles\kml.css
f:\program files\explorer\Styles\KMLIcons\american-flag.png
f:\program files\explorer\Styles\KMLIcons\arrow.png
f:\program files\explorer\Styles\KMLIcons\asian-flag.png
f:\program files\explorer\Styles\KMLIcons\auto-service.png
f:\program files\explorer\Styles\KMLIcons\auto.png
f:\program files\explorer\Styles\KMLIcons\bang.png
f:\program files\explorer\Styles\KMLIcons\bars.png
f:\program files\explorer\Styles\KMLIcons\building.png
f:\program files\explorer\Styles\KMLIcons\coffee_house_16.png
f:\program files\explorer\Styles\KMLIcons\crosshair.png
f:\program files\explorer\Styles\KMLIcons\dining.png
f:\program files\explorer\Styles\KMLIcons\dining_16.png
f:\program files\explorer\Styles\KMLIcons\dot.png
f:\program files\explorer\Styles\KMLIcons\fast-food.png
f:\program files\explorer\Styles\KMLIcons\four-dollars.png
f:\program files\explorer\Styles\KMLIcons\french-flag.png
f:\program files\explorer\Styles\KMLIcons\hand.png
f:\program files\explorer\Styles\KMLIcons\high_res_places.png
f:\program files\explorer\Styles\KMLIcons\highway_16.png
f:\program files\explorer\Styles\KMLIcons\italian-flag.png
f:\program files\explorer\Styles\KMLIcons\large_traffic_count_16.png
f:\program files\explorer\Styles\KMLIcons\mexican-flag.png
f:\program files\explorer\Styles\KMLIcons\misc_dining.png
f:\program files\explorer\Styles\KMLIcons\note.png
f:\program files\explorer\Styles\KMLIcons\one-dollar.png
f:\program files\explorer\Styles\KMLIcons\palette-2.png
f:\program files\explorer\Styles\KMLIcons\palette-3.png
f:\program files\explorer\Styles\KMLIcons\palette-4.png
f:\program files\explorer\Styles\KMLIcons\palette-5.png
f:\program files\explorer\Styles\KMLIcons\parks.png
f:\program files\explorer\Styles\KMLIcons\recreation.png
f:\program files\explorer\Styles\KMLIcons\search.png
f:\program files\explorer\Styles\KMLIcons\school_16.png
f:\program files\explorer\Styles\KMLIcons\streamed_layer.png
f:\program files\explorer\Styles\KMLIcons\streamed_layers.png
f:\program files\explorer\Styles\KMLIcons\terrain_16.png
f:\program files\explorer\Styles\KMLIcons\three-dollars.png
f:\program files\explorer\Styles\KMLIcons\transportation.png
f:\program files\explorer\Styles\KMLIcons\two-dollars.png
f:\program files\explorer\Styles\KMLIcons\webcam_16.png
f:\program files\explorer\Styles\SlideTitleStyles.de.xml
f:\program files\explorer\Styles\SlideTitleStyles.es.xml
f:\program files\explorer\Styles\SlideTitleStyles.fr.xml
f:\program files\explorer\Styles\SlideTitleStyles.ja-JP.xml
f:\program files\explorer\Styles\SlideTitleStyles.xml
f:\program files\explorer\Styles\SlideTitleStyles.zh-CN.xml
f:\program files\explorer\Styles\StyleSheet.xsl
f:\program files\explorer\Styles\SymbolImages\Civic\ATM.png
f:\program files\explorer\Styles\SymbolImages\Civic\Bank.png
f:\program files\explorer\Styles\SymbolImages\Civic\Bell.png
f:\program files\explorer\Styles\SymbolImages\Civic\Cemetery.png
f:\program files\explorer\Styles\SymbolImages\Civic\City.png
f:\program files\explorer\Styles\SymbolImages\Civic\Clue.png
f:\program files\explorer\Styles\SymbolImages\Civic\Crowd.png
f:\program files\explorer\Styles\SymbolImages\Civic\GhostTown.png
f:\program files\explorer\Styles\SymbolImages\Civic\Horn.png
f:\program files\explorer\Styles\SymbolImages\Civic\Housing.png
f:\program files\explorer\Styles\SymbolImages\Civic\MailPost.png
f:\program files\explorer\Styles\SymbolImages\Civic\Office.png
f:\program files\explorer\Styles\SymbolImages\Civic\Radioactive.png
f:\program files\explorer\Styles\SymbolImages\Civic\School.png
f:\program files\explorer\Styles\SymbolImages\Civic\StarsStripes.png
f:\program files\explorer\Styles\SymbolImages\Flag\GreenFlag.png
f:\program files\explorer\Styles\SymbolImages\Flag\CheckeredFlag.png
f:\program files\explorer\Styles\SymbolImages\Flag\RedFlag.png
f:\program files\explorer\Styles\SymbolImages\Flag\WhiteFlag.png
f:\program files\explorer\Styles\SymbolImages\Flag\YellowFlag.png
f:\program files\explorer\Styles\SymbolImages\Health\AidStation.png
f:\program files\explorer\Styles\SymbolImages\Health\Ambulance.png
f:\program files\explorer\Styles\SymbolImages\Health\Doctor.png
f:\program files\explorer\Styles\SymbolImages\Health\Health.png
f:\program files\explorer\Styles\SymbolImages\Health\Hospital.png
f:\program files\explorer\Styles\SymbolImages\Health\Pharmacy.png
f:\program files\explorer\Styles\SymbolImages\Marine\AmberBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\BlackBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\BlueBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\BoatsKeepOut.png
f:\program files\explorer\Styles\SymbolImages\Marine\ControlledArea.png
f:\program files\explorer\Styles\SymbolImages\Marine\Danger.png
f:\program files\explorer\Styles\SymbolImages\Marine\DiverDown.png
f:\program files\explorer\Styles\SymbolImages\Marine\GreenBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\GreenDiamondDaymark.png
f:\program files\explorer\Styles\SymbolImages\Marine\GreenRedBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\GreenSquareDaymark.png
f:\program files\explorer\Styles\SymbolImages\Marine\GreenWhiteBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\OrangeBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\PersonOverboard.png
f:\program files\explorer\Styles\SymbolImages\Marine\RadioBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\RedBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\RedDiamondDaymark.png
f:\program files\explorer\Styles\SymbolImages\Marine\RedGreenBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\RedSquareDaymark.png
f:\program files\explorer\Styles\SymbolImages\Marine\RedTriangleDaymark.png
f:\program files\explorer\Styles\SymbolImages\Marine\RedWhiteBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\SkullandCrossbones.png
f:\program files\explorer\Styles\SymbolImages\Marine\UnderwaterOperations.png
f:\program files\explorer\Styles\SymbolImages\Marine\VioletBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\WhiteBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\WhiteDiamondDaymark.png
f:\program files\explorer\Styles\SymbolImages\Marine\WhiteGreenBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\WhiteRedBeacon.png
f:\program files\explorer\Styles\SymbolImages\Marine\Wreck.png
f:\program files\explorer\Styles\SymbolImages\Placemark\ArrowYellow.png
f:\program files\explorer\Styles\SymbolImages\Placemark\Capital1.png
f:\program files\explorer\Styles\SymbolImages\Placemark\Capital2.png
f:\program files\explorer\Styles\SymbolImages\Placemark\CircleX.png
f:\program files\explorer\Styles\SymbolImages\Placemark\CrossHair.png
f:\program files\explorer\Styles\SymbolImages\Placemark\Populated1.png
f:\program files\explorer\Styles\SymbolImages\Placemark\Populated2.png
f:\program files\explorer\Styles\SymbolImages\Placemark\Populated3.png
f:\program files\explorer\Styles\SymbolImages\Placemark\Populated4.png
f:\program files\explorer\Styles\SymbolImages\Placemark\Populated5.png
f:\program files\explorer\Styles\SymbolImages\Placemark\Populated6.png
f:\program files\explorer\Styles\SymbolImages\Placemark\Populated7.png
f:\program files\explorer\Styles\SymbolImages\Placemark\Star.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\AmusementPark.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Bar.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Camera.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\CameraWeb.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\CellPhone.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Coffee.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Dam.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\DepartmentStore.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Dining.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\DrinkingWater.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\FastFood.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\FitnessCenter.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Forest.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Globe.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Information.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\InformationQuestion.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\LandLine.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Light.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\LiveShow.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Mine.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\MovieTheater.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Museum.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\News.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Note.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\OilWell.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Pizza.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Pub.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Question.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\RealEstate.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Reservoir.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Restroom.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Shopping.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Shower.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Stadium.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\TowerShort.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\TowerTall.png
f:\program files\explorer\Styles\SymbolImages\Points of Interest\Zoo.png
f:\program files\explorer\Styles\SymbolImages\Public Safety\Burglary.png
f:\program files\explorer\Styles\SymbolImages\Public Safety\FireFighter.png
f:\program files\explorer\Styles\SymbolImages\Public Safety\FireStation.png
f:\program files\explorer\Styles\SymbolImages\Public Safety\FireTruck.png
f:\program files\explorer\Styles\SymbolImages\Public Safety\Homicide.png
f:\program files\explorer\Styles\SymbolImages\Public Safety\Police.png
f:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceCar.png
f:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceOfficer.png
f:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceStation.png
f:\program files\explorer\Styles\SymbolImages\Public Safety\Theft.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\BlackPushpin.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\BluePushpin.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\BrownPushpin.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\GrayPushpin.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\GreenPushpin.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\LightBluePushpin.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\OrangePushpin.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\PinkPushpin.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\PurplePushpin.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\RedPushpin.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\SpringGreenPushpin.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\WhitePushpin.png
f:\program files\explorer\Styles\SymbolImages\Pushpin\YellowPushpin.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Beach.png
f:\program files\explorer\Styles\SymbolImages\Recreation\BoatLaunch.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Bowling.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Camping.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Deer.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Fishing.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Geocache.png
f:\program files\explorer\Styles\SymbolImages\Recreation\GeocacheFound.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Gliding.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Golf.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Hiking.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Mountain.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Park.png
f:\program files\explorer\Styles\SymbolImages\Recreation\RestArea.png
f:\program files\explorer\Styles\SymbolImages\Recreation\RVPark.png
f:\program files\explorer\Styles\SymbolImages\Recreation\SkyDiving.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Sports.png
f:\program files\explorer\Styles\SymbolImages\Recreation\Swimming.png
f:\program files\explorer\Styles\SymbolImages\Recreation\TrackBack.png
f:\program files\explorer\Styles\SymbolImages\Recreation\WaterSkiing.png
f:\program files\explorer\Styles\SymbolImages\Sphere\BlueSphere.png
f:\program files\explorer\Styles\SymbolImages\Sphere\GreenSphere.png
f:\program files\explorer\Styles\SymbolImages\Sphere\OrangeSphere.png
f:\program files\explorer\Styles\SymbolImages\Sphere\PurpleSphere.png
f:\program files\explorer\Styles\SymbolImages\Sphere\RedSphere.png
f:\program files\explorer\Styles\SymbolImages\Sphere\YellowSphere.png
f:\program files\explorer\Styles\SymbolImages\Square\BlackWaypoint.png
f:\program files\explorer\Styles\SymbolImages\Square\BlueWaypoint.png
f:\program files\explorer\Styles\SymbolImages\Square\WhiteWaypoint.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\BlackStickpin.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\BlueStickpin.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\BrownStickpin.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\GrayStickpin.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\GreenStickpin.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\LightBlueStickpin.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\OrangeStickpin.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\PinkStickpin.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\PurpleStickpin.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\RedStickpin.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\SpringGreenStickpin.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\WhiteStickpin.png
f:\program files\explorer\Styles\SymbolImages\Stickpin\YellowStickpin.png
f:\program files\explorer\Styles\SymbolImages\Transparent\Transparent.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Airplane.png
f:\program files\explorer\Styles\SymbolImages\Transportation\AirStrip.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Breakdown.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Bus.png
f:\program files\explorer\Styles\SymbolImages\Transportation\CarGreenBack.png
f:\program files\explorer\Styles\SymbolImages\Transportation\CarGreenFront.png
f:\program files\explorer\Styles\SymbolImages\Transportation\CarRedBack.png
f:\program files\explorer\Styles\SymbolImages\Transportation\CarRedFront.png
f:\program files\explorer\Styles\SymbolImages\Transportation\CarRental.png
f:\program files\explorer\Styles\SymbolImages\Transportation\CarRepair.png
f:\program files\explorer\Styles\SymbolImages\Transportation\CarYellowBack.png
f:\program files\explorer\Styles\SymbolImages\Transportation\CarYellowFront.png
f:\program files\explorer\Styles\SymbolImages\Transportation\ConvenienceStore.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Crossing.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Fuel.png
f:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterGreen.png
f:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterRed.png
f:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterYellow.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Landingpad.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Lodging.png
f:\program files\explorer\Styles\SymbolImages\Transportation\MileMarker.png
f:\program files\explorer\Styles\SymbolImages\Transportation\MountainPass.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Overpass.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Parking.png
f:\program files\explorer\Styles\SymbolImages\Transportation\PrivateField.png
f:\program files\explorer\Styles\SymbolImages\Transportation\RoadClosure.png
f:\program files\explorer\Styles\SymbolImages\Transportation\RoadWork.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Sailing.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Scales.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Seaplane.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Tank.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Toll.png
f:\program files\explorer\Styles\SymbolImages\Transportation\TrafficAccident.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Tunnel.png
f:\program files\explorer\Styles\SymbolImages\Transportation\Ultralight.png
f:\program files\explorer\Styles\SymbolImages\Transportation\WarningRed.png
f:\program files\explorer\Styles\SymbolImages\Transportation\WarningYellow.png
f:\program files\explorer\Styles\SymbolImages\Transportation\YellowSemiTractor.png
f:\program files\explorer\Styles\SymbolImages\Weather\Cloudy.png
f:\program files\explorer\Styles\SymbolImages\Weather\HeatAdvisory.png
f:\program files\explorer\Styles\SymbolImages\Weather\Lightning.png
f:\program files\explorer\Styles\SymbolImages\Weather\PartlySunny.png
f:\program files\explorer\Styles\SymbolImages\Weather\Rain.png
f:\program files\explorer\Styles\SymbolImages\Weather\Snow.png
f:\program files\explorer\Styles\SymbolImages\Weather\Sunny.png
f:\program files\explorer\Styles\Template.ncfg
f:\program files\explorer\TilingSchemes\ArcGIS_Online_Bing_Maps_Google_Maps.xml
f:\program files\explorer\TilingSchemes\GoogleMapsVersions.xml
f:\program files\explorer\TilingSchemes\Yahoo.xml
f:\program files\IEToolbar
f:\program files\IEToolbar\Dynamic Searcher\basis.xml
f:\program files\IEToolbar\Dynamic Searcher\DynamicSearcher.crc
f:\program files\IEToolbar\Dynamic Searcher\DyNAmicsearcher.dll
f:\program files\IEToolbar\Dynamic Searcher\icons.bmp
f:\program files\IEToolbar\Dynamic Searcher\info.txt
f:\program files\IEToolbar\Dynamic Searcher\tbhelper.dll
f:\program files\IEToolbar\Dynamic Searcher\uninstall.exe
f:\program files\IEToolbar\Dynamic Searcher\update.exe
f:\program files\IEToolbar\Dynamic Searcher\version.txt
f:\program files\IEToolbar\Dynamic Searcher\your_logo.png
f:\program files\Messenger\msmsgs .exe
f:\windows\apppatch\AppLoc.exe
f:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
f:\windows\EventSystem.log
f:\windows\Install.txt
f:\windows\OPTIONS\CABS\_desktop.ini
f:\windows\pkunzip.pif
f:\windows\pkzip.pif
f:\windows\system32\01.exe
f:\windows\system32\AegisI5Installer.exe
f:\windows\system32\ctfmon .exe
f:\windows\system32\Install.txt
f:\windows\system32\tmp0_464277194581.bk
f:\windows\system32\tmp0_610542229694.bk
f:\windows\system32\tmp0_636349224636.bk
f:\windows\system32\tmp0_694865554603.bk
f:\windows\system32\tmp0_767979502222.bk
f:\windows\system32\tmp0_82950774360.bk
f:\windows\system32\URTTemp
f:\windows\system32\URTTemp\fusion.dll
f:\windows\system32\URTTemp\mscoree.dll
f:\windows\system32\URTTemp\mscoree.dll.local
f:\windows\system32\URTTemp\mscorsn.dll
f:\windows\system32\URTTemp\mscorwks.dll
f:\windows\system32\URTTemp\msvcr71.dll
f:\windows\system32\URTTemp\regtlib.exe
f:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_AFINDING
-------\Legacy_PERFMONS
-------\Legacy_ROUTING
-------\Legacy_WSERVING
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-19 do 2012-12-19 )))))))))))))))))))))))))))))))
.
.
2012-12-18 20:36 . 2012-12-18 20:36 -------- d-----w- f:\program files\Unlocker
2012-12-16 17:22 . 2012-12-16 17:22 -------- d-----w- f:\documents and settings\All Users\Data aplikací\OO Software
2012-12-16 16:48 . 2012-12-16 16:48 -------- d-----w- f:\documents and settings\User1\Local Settings\Data aplikací\Sun
2012-12-16 16:38 . 2012-12-16 16:37 93672 ----a-w- f:\windows\system32\WindowsAccessBridge.dll
2012-12-16 16:31 . 2012-12-16 16:37 821736 ----a-w- f:\windows\system32\npDeployJava1.dll
2012-12-15 23:22 . 2012-12-15 23:22 -------- d-----w- f:\documents and settings\User1\Data aplikací\Avira
2012-12-15 23:16 . 2012-12-16 11:55 36552 ----a-w- f:\windows\system32\drivers\avkmgr.sys
2012-12-15 23:16 . 2012-12-16 11:55 83944 ----a-w- f:\windows\system32\drivers\avgntflt.sys
2012-12-15 23:16 . 2012-12-16 11:17 134336 ----a-w- f:\windows\system32\drivers\avipbb.sys
2012-12-15 23:16 . 2012-12-15 23:16 -------- d-----w- f:\program files\Avira
2012-12-15 23:03 . 2012-12-15 23:03 -------- d-sh--w- f:\documents and settings\User2
2012-12-15 22:48 . 2012-12-15 22:48 -------- d-----w- f:\documents and settings\Administrator\Data aplikací\Corel
2012-12-15 22:48 . 2012-12-15 22:48 -------- d-----w- f:\documents and settings\Administrator\Data aplikací\Windows Search
2012-12-15 22:05 . 2012-12-15 22:05 -------- d-----w- f:\documents and settings\User1\Local Settings\Data aplikací\Secunia PSI
2012-12-15 22:04 . 2012-12-15 22:04 -------- d-----w- f:\program files\Secunia
2012-11-30 13:02 . 2012-11-30 13:02 -------- d-----w- f:\documents and settings\User1\Data aplikací\TeamViewer
2012-11-22 10:30 . 2012-11-22 10:30 -------- d-----w- f:\program files\Drush
2012-11-22 10:30 . 2012-11-22 10:30 -------- d-----w- f:\documents and settings\All Users\Data aplikací\Drush
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-16 16:37 . 2010-07-21 17:36 746984 ----a-w- f:\windows\system32\deployJava1.dll
2012-12-16 16:37 . 2007-12-22 19:38 143872 ----a-w- f:\windows\system32\javacpl.cpl
2012-12-13 08:38 . 2012-07-13 06:09 697272 ----a-w- f:\windows\system32\FlashPlayerApp.exe
2012-12-13 08:38 . 2011-05-19 09:20 73656 ----a-w- f:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-01 10:45 . 2012-11-01 10:45 3425648 ----a-w- f:\windows\system32\ooscrsav.scr
2012-11-01 10:44 . 2012-11-01 10:44 206704 ----a-w- f:\windows\system32\oodbs.exe
2012-11-01 10:44 . 2012-11-01 10:44 537456 ----a-w- f:\windows\system32\oodssrs.dll
2012-11-01 10:44 . 2012-11-01 10:44 10096 ----a-w- f:\windows\system32\oodbsrs.dll
2012-10-22 19:57 . 2004-08-17 13:44 1866368 ----a-w- f:\windows\system32\win32k.sys
2012-10-02 18:04 . 2004-08-17 13:49 58368 ----a-w- f:\windows\system32\synceng.dll
. .
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2010-05-14 10:17 . C3A2915C71AE6F225EB906C25CCD29B5 . 24064 . . [1.0.0.5] . . f:\windows\ServicePackFiles\i386\ctfmon.exe
[-] 2010-05-14 10:17 . C3A2915C71AE6F225EB906C25CCD29B5 . 24064 . . [1.0.0.5] . . f:\windows\system32\ctfmon.exe
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"= "f:\program files\Winamp Toolbar\winamptb.dll" [2011-09-28 1937736]
.
[HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
[HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="f:\program files\uTorrent\utorrent.exe" [2011-03-29 399736]
"H/PC Connection Agent"="f:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2012-09-09 421776]
"QuickTime Task"="f:\program files\QuickTime\qttask.exe" [2011-10-24 421888]
"CloneCDTray"="f:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"avgnt"="f:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-12-16 384800]
"SunJavaUpdateSched"="f:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"OODefragTray"="f:\program files\OO Software\Defrag\oodtray.exe" [2012-11-01 5029744]
"UnlockerAssistant"="f:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="f:\windows\system32\ctfmon.exe" [2010-05-14 24064]
"DWQueuedReporting"="f:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2011-07-27 434080]
.
f:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\
O&O Defrag Tray.lnk - f:\windows\Installer\{0C6CDC1E-F247-45FD-BEC7-47014D2698C1}\DefragIcon.exe [2012-12-16 292878]
Secunia PSI Tray.lnk - f:\program files\Secunia\PSI\psi_tray.exe [2012-11-26 573024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "f:\program files\SUPERAntiSpyware\SASSEH.DLL" [2012-02-02 113024]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "f:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Adobe Acrobat Synchronizer.lnk]
backup=f:\windows\pss\Adobe Acrobat Synchronizer.lnkCommon Startup
.
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^BlueSoleil.lnk]
backup=f:\windows\pss\BlueSoleil.lnkCommon Startup
.
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^Service Manager.lnk]
backup=f:\windows\pss\Service Manager.lnkCommon Startup
.
[HKLM\~\startupfolder\F:^Documents and Settings^All Users^Nabídka Start^Programy^Po spuštění^WinZip Quick Pick.lnk]
backup=f:\windows\pss\WinZip Quick Pick.lnkCommon Startup
.
[HKLM\~\startupfolder\F:^Documents and Settings^User1^Nabídka Start^Programy^Po spuštění^MagicDisc.lnk]
backup=f:\windows\pss\MagicDisc.lnkStartup
.
[HKLM\~\startupfolder\F:^Documents and Settings^User1^Nabídka Start^Programy^Po spuštění^PowerReg Scheduler .exe]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"f:\\Program Files\\GIGABYTE\\VGA Utility Manager\\G-VGA.exe"=
"f:\\Program Files\\uTorrent\\utorrent.exe"=
"f:\\Program Files\\GIGABYTE\\VGA Utility Manager\\G-VGA .exe"=
"f:\\Program Files\\GIGABYTE\\VGA Utility Manager\\G-VGA .exe"=
"f:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"f:\windows\system32\njkqsllg.exe"= f:\windows\system32\njk
"f:\\WINDOWS\\system32\\usmt\\migwiz.exe"=
"f:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"f:\windows\system32\foxvjsar.exe"= f:\windows\system32\fox
"f:\windows\system32\lhcselte.exe"= f:\windows\system32\lhc
"f:\\Program Files\\Autodesk\\Backburner\\monitor.exe"=
"f:\\Program Files\\Autodesk\\Backburner\\manager.exe"=
"f:\\Program Files\\Autodesk\\Backburner\\server.exe"=
"f:\program files\Microsoft ActiveSync\rapimgr.exe"= f:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"f:\program files\Microsoft ActiveSync\wcescomm.exe"= f:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"f:\program files\Microsoft ActiveSync\WCESMgr.exe"= f:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"f:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
"f:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
"f:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"f:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"f:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"f:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"f:\\Program Files\\SopCast\\SopCast.exe"=
"f:\\Program Files\\GIGABYTE\\UpdManager\\RunUpd.exe"=
"f:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2011\\RpcAgentSrv.exe"=
"f:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2011\\WNt500x86\\RpcSandraSrv.exe"=
"f:\\Program Files\\Codemasters\\Colin McRae DiRT 2\\dirt2_game.exe"=
"f:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\Program Files\\Foxit Software\\PDF Editor\\PDFEdit.exe"=
"f:\\Program Files\\iTunes\\iTunes.exe"=
"f:\\Program Files\\Skype\\Phone\\Skype.exe"=
"f:\\Program Files\\1ClickDownload\\1ClickDownload.exe"=
"f:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"=
"f:\\Program Files\\Common Files\\soft602\\langserv.exe"=
"f:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"f:\\Program Files\\Messenger\\msmsgs.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"5353:TCP"= 5353:TCP:Adobe CSI CS4
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);f:\windows\system32\drivers\sfdrv01a.sys [5.7.2006 13:46 63352]
R0 sptd;sptd;f:\windows\system32\drivers\sptd.sys [23.12.2007 21:08 715248]
R1 avkmgr;avkmgr;f:\windows\system32\drivers\avkmgr.sys [16.12.2012 0:16 36552]
R1 ElRawDisk;ElRawDisk;f:\windows\system32\drivers\elrawdsk.sys [16.8.2008 12:46 29768]
R1 nltdi;nltdi;f:\windows\system32\drivers\nltdi.sys [23.4.2007 12:03 82200]
R1 SASDIFSV;SASDIFSV;f:\program files\SUPERAntiSpyware\SASDIFSV.SYS [4.12.2008 13:50 12880]
R1 SASKUTIL;SASKUTIL;f:\program files\SUPERAntiSpyware\SASKUTIL.SYS [4.12.2008 13:50 67664]
R2 !SASCORE;SAS Core Service;f:\program files\SUPERAntiSpyware\SASCORE.EXE [7.8.2010 15:55 116608]
R2 602XML Updater;602Updater;f:\program files\Common Files\soft602\602updsvc\602updsvc.exe [10.10.2011 11:55 85344]
R2 AntiVirMailService;Avira Mail Protection;f:\program files\Avira\AntiVir Desktop\avmailc.exe [16.12.2012 12:58 400160]
R2 AntiVirSchedulerService;Avira Scheduler;f:\program files\Avira\AntiVir Desktop\sched.exe [16.12.2012 0:16 85280]
R2 AntiVirWebService;Avira Web Protection;f:\program files\Avira\AntiVir Desktop\avwebgrd.exe [16.12.2012 0:16 565024]
R2 ArchVision Content Manager Service;ArchVision Content Manager Service;f:\program files\ArchVision\ArchVision Content Manager\rpcACMapp.exe --service --path "f:\program files\ArchVision\ArchVision Content Manager" --> f:\program files\ArchVision\ArchVision Content Manager\rpcACMapp.exe --service --path f:\program files\ArchVision\ArchVision Content Manager [?]
R2 mi-raysat_3dsMax2009_32;mental ray 3.6 Satellite for Autodesk 3ds Max Design 2009 32-bit 32-bit;f:\program files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [10.3.2008 0:04 65536]
R2 NitroDriverReadSpool;NitroPDFDriverCreatorReadSpool;f:\program files\Nitro PDF\Professional\NitroPDFDriverService.exe [12.1.2011 14:40 196928]
R2 nlsX86cc;NLS Service;f:\windows\system32\NLSSRV32.EXE [12.1.2011 14:40 68928]
R2 OODefragAgent;O&O Defrag;f:\program files\OO Software\Defrag\oodag.exe [1.11.2012 11:44 2021744]
R2 Secunia PSI Agent;Secunia PSI Agent;f:\program files\Secunia\PSI\psia.exe [26.11.2012 15:09 1225312]
R2 Secunia Update Agent;Secunia Update Agent;f:\program files\Secunia\PSI\sua.exe [26.11.2012 15:09 659040]
R3 gMouPS2;PS2 Scroll Mouse Device;f:\windows\system32\drivers\gMouPS2.sys [1.1.2007 2:04 17408]
R3 pcouffin;VSO Software pcouffin;f:\windows\system32\drivers\pcouffin.sys [13.10.2009 11:46 47360]
R3 PSI;PSI;f:\windows\system32\drivers\psi_mf.sys [1.9.2010 9:30 15544]
R3 WFLR6654;WinFast DTV1800 H (Video);f:\windows\system32\drivers\wfeaglxt.sys [23.12.2007 23:35 393088]
S0 Lbd;Lbd;f:\windows\system32\DRIVERS\Lbd.sys --> f:\windows\system32\DRIVERS\Lbd.sys [?]
S2 gupdate1c8f162805eaeaf;Google Update Service (gupdate1c8f162805eaeaf);f:\program files\Google\Update\GoogleUpdate.exe [29.7.2008 11:04 133104]
S2 LMIInfo;LogMeIn Kernel Information Provider;\??\f:\program files\LogMeIn\x86\RaInfo.sys --> f:\program files\LogMeIn\x86\RaInfo.sys [?]
S2 SkypeUpdate;Skype Updater;f:\program files\Skype\Updater\Updater.exe [13.7.2012 12:28 160944]
S2 WinDefend;Windows Defender;f:\program files\Windows Defender\MsMpEng.exe [3.11.2006 19:19 13592]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;f:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [15.10.2009 6:51 87336]
S3 DrvAgent32;DrvAgent32;f:\windows\system32\drivers\DrvAgent32.sys [12.11.2010 12:16 23456]
S3 GPCIDrv;GPCIDrv;f:\windows\GPCIDrv.sys [26.4.2008 21:40 5112]
S3 GVTDrv;GVTDrv;f:\windows\system32\drivers\GVTDrv.sys [22.12.2007 19:04 17962]
S3 MBAMSwissArmy;MBAMSwissArmy;\??\f:\windows\system32\drivers\mbamswissarmy.sys --> f:\windows\system32\drivers\mbamswissarmy.sys [?]
S3 Netaapl;Apple Mobile Device Ethernet Service;f:\windows\system32\drivers\netaapl.sys [20.6.2011 8:29 18432]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;f:\program files\SiSoftware\SiSoftware Sandra Lite 2011\RpcAgentSrv.exe [25.11.2010 18:45 93848]
S3 SASENUM;SASENUM;f:\program files\SUPERAntiSpyware\SASENUM.SYS [4.12.2008 13:50 12872]
S3 SM_SUGE1_FUService;SUGE1 Status Monitor Service;"f:\program files\SAMSUNG\Samsung SCX-4200 Series\SPanel\ssmsrvc /Service --> f:\program files\SAMSUNG\Samsung SCX-4200 Series\SPanel\ssmsrvc [?]
S3 TVICHW32;TVICHW32;f:\windows\system32\drivers\TVICHW32.SYS [5.9.2008 14:19 23600]
S3 WFIOCTL;WFIOCTL;f:\program files\WinFast\WFDTV\WFIOCTL.sys [24.12.2007 8:45 9446]
S4 ekrn;Eset Service;f:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [14.11.2007 15:05 455936]
S4 msvsmon80;Visual Studio 2005 Remote Debugger;f:\program files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [23.9.2005 7:01 2799808]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
.
Obsah adresáře 'Naplánované úlohy'
.
2012-12-19 f:\windows\Tasks\Adobe Flash Player Updater.job
- f:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-13 08:38]
.
2012-11-27 f:\windows\Tasks\AppleSoftwareUpdate.job
- f:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 10:34]
.
2012-12-17 f:\windows\Tasks\Google Software Updater.job
- f:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-07-08 07:57]
.
2012-12-19 f:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- f:\program files\Google\Update\GoogleUpdate.exe [2008-07-29 08:32]
.
2012-12-19 f:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- f:\program files\Google\Update\GoogleUpdate.exe [2008-07-29 08:32]
.
2012-12-19 f:\windows\Tasks\MP Scheduled Scan.job
- f:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 18:20]
.
2012-12-19 f:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-839522115-920026266-2147137731-1003.job
- f:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 15:02]
.
2012-12-17 f:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-839522115-920026266-2147137731-1003.job
- f:\program files\Real\RealUpgrade\realupgrade.exe [2011-11-29 15:02]
.
2012-12-19 f:\windows\Tasks\SDMsgUpdate (TE).job
- f:\progra~1\SmartDraw 2010\Messages\SDNotify.exe [2009-12-20 16:21]
.
2012-12-19 f:\windows\Tasks\YASU.job
- f:\program files\Y.A.S.U v1.1.7035\YASU.exe [2008-04-30 14:57]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU
uDefault_Search_URL = hxxp://www.google.com/ie
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/ymj/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - f:\windows\system32\GPhotos.scr/200
IE: Append Link Target to Existing PDF - f:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - f:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - f:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - f:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xportovat do aplikace Microsoft Excel - f:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: E&xportovat do aplikace Microsoft Office Excel - f:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Převést cíl vazby do Adobe PDF - f:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést cíl vazby do existujícího PDF - f:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Převést do Adobe PDF - f:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést vybrané vazby do Adobe PDF - f:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést vybrané vazby do existujícího PDF - f:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Převést výběr do Adobe PDF - f:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Převést výběr do existujícího PDF - f:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Přidat do stávajícího PDF - f:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
LSP: f:\program files\Avira\AntiVir Desktop\avsda.dll
Trusted Zone: army.cz\sepo
Trusted Zone: postsignum.cz\www
TCP: DhcpNameServer = 213.46.172.36 213.46.172.37
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
Notify-WgaLogon - (no file)
AddRemove-HijackThis - f:\documents and settings\User1\Plocha\HijackThis.exe
AddRemove-Windows Doctor 2.7_is1 - f:\program files\Windows Doctor\unins000.exe
AddRemove-{52D1D62C-FEAB-4580-849E-1DB624BADBBD} - f:\program files\InstallShield Installation Information\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}\setup.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-19 14:13
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\SM_SUGE1_FUService]
"ImagePath"="\"f:\program files\SAMSUNG\Samsung SCX-4200 Series\SPanel\ssmsrvc /Service"
.
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\{95808DC4-FA4A-4C74-92FE-5B863F82066B}]
"ImagePath"="\??\f:\program files\CyberLink\PowerDVD\000.fcl"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-839522115-920026266-2147137731-1003\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-839522115-920026266-2147137731-1003\Software\Policies\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (S-1-5-21-839522115-920026266-2147137731-1003)
@Allowed: (Read) (S-1-5-21-839522115-920026266-2147137731-1003)
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@f:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="f:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG10.00.00.01WORKSTATION"="0A84B74738ECB7CFCADA8D5294ED3EC93FB1D926E0D7A7C6766CCDA3258BFC4725C51EE941A60FBCC10BE23F33C940376ADA460C22E417B19E037AE33F93A157C9630EA1790E29741662008F7EA5BA5C1B7A36A60557F573D2C7B052F163B8BDE3341A534C820C08B7AEA5A175A0ED0FE6EC38EB3F2EE34D6D466922C97ADEC535984A8C38A47169EEBC867AAC1D528DBA91CD7B19AD34E41F9013A6E29D641B52EE99F9D15CC6F1D35F4AC24CC21377534DE914725F6EC3E9B9905BF0D7CED123A0F5703ED3ACDB546D0E4491FB0C51C406F61D3A8E4D57A8DBB6DE3975D360E69442653A77F846B2C261F04CF8D182F529521D764B42F18492FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A2D97226D213B5555D575E7D6A3B9808A6171C11EC38DE3D256E8A57331BF379A4E2C7F206EDEF900037DF9D90F29C51786523B0FB19757467F14D097312B5C6E9EB9A57BA1E8A895AEA287B1254A25223B82176E98AFE8355EC426668C8A4D39835A9973DC78963661574A04687E9E314483612836D55CC372533355DFC9F24C79FEE5AB61392D2254E1835D2BDFB8CDB072A4E0B1D06C74907F90250D458BF01B0FE8B020F1B100DD477A5909036567C0CD73975D9716DBA22899A7358D7B1BF91FDDB2E2C6FD5090A8FA38BF7C84DED13ADA4ECC44FBDAFAA64932E73F68AF48DA43FFEBFB0E77674EB258453398398F8B0A5CD67293AC1F9A3C39A76655C861740ED6C835289A73EB0E1EF645E905EC27618AAABDAEAFA09F2C58697A5C04DC1B2E3A1159A8361B392587552660B12952B9A486219585D7992F8F5ED8DD2164871627FF4A6A1DEC7DD49F2A6529378BD0D0D213DE793D90F58001E744AB12205856B9789E535CE91EEB878D17649CEA8719762D5A0AEDB32AAC2E90E5880A6FB0BC8B19C9C1452C839F04B23FB5444EABDA36C2672BE3E6D86EB78FD0CE84BCFB586C9D96195FDCCC27F61D2DFDB79BAED5F578DDD5F4F72FB6B9BEC0B93AF49487410D3A116DE9E26B4E9FB710F87F291BBE9CFB9AF55133073D9E6D0B362D69DA6E6809BF6EF651126459A561FF891CBF02314AE528849D97B6D5C2B7AE988A1F46637E31C26E8452C061308424DBAD378B3E53C6D92AFC6BF46A13F9FBE13577C5AB7E16FE5991AE476ABD2317635F31082B432AB950756BD856F01DF4E50D21D42A251DC8808F9B0930F56AADB6C8D3AA7D3B7BC24317DB80362BC7A79BBBD7A50FB43D4DDE962B58B4989EF58ED123CF1FA46D148B8C3B9477A11B2947855FC6E2F99CCA69966DCC4CF33C43CEC88A161C42BA17C48C68A139B6F5068486BD035880D3C1A15AA52D677717649408EB8AC3208E730AFB4395810A1203416E466773AA921E0FD6C878FFA"
"OODEFRAG11.00.00.01WORKSTATION"="D87BB7F0B3325CB04409DF422275554532B299BCD43A2A2FB8E1A821D67447DFD49C7C7FDA6E1A1D9EE3B03D1CAFF0CD561950330C65B5E0386E79D9D5646EBAAA74C87EABB5923DAF2C1191EDB43156B130710012BF62251EE8A59D6BF48DA94AD63E20B5017E892A631429F9FE4A615E4C1A623E630129089778A5047FB2A2769BF7B6188CC8609614BE1237C9A5D5C7C8DE447BAE967AE745B0D31F24227CC49D02BD09D79102D1498BFE2E185DFC2F81C6AE4AC25EFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC79339DB7CE019D40AA5CC038D530D6EB34521759444D65891AE46C4D80DF303C8D2630DC4CF26F6F7107CAA448310F40D5314471DE76A163CE421A44A7277CD4ED029CAEDD49E3DB356667756A6DC3542F64610F79EF75D688984A6A1B8225273F3A6784820AB2EFE1E0AC5545CC305ADE168405B86BECE75F3C21F6D12D8CA9BB415C1D9FA136B9F2272EA8CF08CA133F53AEFB468EB42B3135A375465C39E6DF3C2A092170EED8269AE4A4054DAD54F05A3E6F4FF39ECB9F403DC9F33656FEEF8465AE7449FE020051AD5564BA1209D79E7AAD03AA20878ECE3C26DE563325702785C70D7531FCC697C61972E85B2B1DC88CDB9633D430A70351940BCAC221ACE664E062AFEF27066A56A137DD8DCEABB201F1C284792E58B895F182971BCDB2B8C25E6D2ACA6E8CFC64773D18D118B46E4A3BC408EF79527981EED2B3F699D3C5C3F32E0677D8ED355E7415887640ABBCBB58DC1C3F21890874108E09B689266C6E2C26DDCAFE012E13475293E914C817913BCE128FC7B757302D4A79DBB3843DAEE45CBC430C613738738B93C2760928E8ADE3312F24D991DB75A0548E438DFDD2CFDBA1FEC16E50654FDC54B85B2B50C04AE932907EB1110167ADE197F623A91071330344F14AB2168466172A4DB32100012FC34A3844E88ED894DE68A4696BFC2674467807DC47AC134C9117676B64EF150A8894C0D9DA57F1F97913B0CD269399B6C8287CD0ADEC4EB4EBA35DDE153E20D2164F9F7F6190B088D2CC18FBEF354E955B05E295387EDBCC439A72DCE1FC0CE675F9EE87A85564ED84F2696611251A2EC061DE5FEBEEB7C2A8E7817AAE1F1AA5263D5C879025B2DA1803C8C4870AA524B034A823062DAF4B221CF50F9201DCF399E0AB56AEDF14848DA0EC1004EEF09DD89B8A1D710FE59DA76C5338DADDBBBAB5D2B193CA4ED52757122086ED444C45D75667CCD4CB52F527B12D550558F367D4A6D99FE01A98FCDB42C2AA5DDC5DCAC14832758301BF1401E8AD0A457594E84490A19E23CF50CAF6C049C121F09E5F9FF9731D89ADCC3A89B2123F039D02B5C6EB1BF9F4E44654F7C0B7D6B81ADC39EB16479025B7"
"OODEFRAG16.00.00.01PROFESSIONAL"="199D654325EC6B5BCDD6D59B255E38B773A46AB1EF2571D8C068EB6833475DEDA0751BCA705C5284B58B46C647B656AAEA9D6E40D148CFE5996B02680A703EF7B56AA06DC9FE0CF0987BF073D021EE94CAF588E36488D291EC01E20AF5705B82A637E47C5C6DEEC32D27F7DE258D57175093AB6865FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA9C6AECB7A5D1407FEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A8491386FC35567F55BBFB1565F47592948D4B6FB2C28C68F078D4197033AC6653E57347A5C03BCDA506B0F417F97C144688B905E1B1EDCF44502275E34AF7ADF34978A075886101C945AC8EF07C275B1268C3DD08F78EB6EB2ADAAAF39299311BE17D1F64C2BF572AE647F9508578FD57BDDEB7890F1C2D5AD732C22717109970DF11B53D2EBEB2BE9C8D3066A267B7035934371A76BCE6916A0FA758E84B35AA36F6B8A08A3D19175ABF9037646068185222644430863CABB90BAB3899B072999E28E1011C0D3455DAD15C9C62C0902F0139A8E5C38628D361F481C5C219E89C154F4E282BF4D1AF996C3B42B55CD9F285BFD5B0BABBCC4AC050435B7FD1CE28584C003007ADE4EF59ECB6A9FA7A0D23C02F1EA9251C6B64F9D2EBA2EE9B8348ECB0DC897C6602759D633E2755D59A91D9B418AC140EEC09F4665D19342C85199CC72CF6E3C0E3B13115A264E99C9427B9B1C0E4A06D5EB5DB2B5B1379ABFBCAF0091D9292D267AAA0781B5C61F3B05F8FBC7655620C6D7A1F728DB667B62FA33D2740C5E726107ABC3CC262E9EFCC48CD1EFC54F9ACEFFAF0C281FE30608BFC12830CD243B902511BC09698B59E658429D3FB0A0A075D6F495627B984ABA144CAB658CA887E886F1498FA79FAFC9ECD1C0FFD763848CFA5631D520B1F122779810C641622DA91ACC50EB3D071FEBE6DE6367369308F0AFB3DB83CE93A8074B217835072FB2AADF1901E6DC0580BB04488E1AE0A20706E679B8080209459071BAF4F21EC06B8143E9AF6B5BC707D83C34AE0E751BAF305EF837C20CBF4EFFEEBB3D7C16C36481D23CCFEFD0F8023EA7434B23B0CB516F93342ED80E19E0FA1F9CE397EA504104848534E9E52D1C03C70940F26DE4D469CDFE447E727617159A9F1438926EC3A3866A032D0F7B08DF2E87E5E0D3DBFE9E03CC02E04B889C930F2CFF6F6CC71E3B0CC682A33C66F342F1FC7BD3871CE575F1E6C7C65826DBD5964628EC14E16A01C5D25EA48D4E552B1EB0A7F5199425BD472C1C07F4963E3281FE474C5B16273098E135C7691E97CE3B924A969A7E3359EBA60BE2C22464B1758D6C8C5D2E459A86A349C873B5CB9CD8837F3F260039AC10A2D6CA6F9F6F4C059FCDC6662AD405210CCFAAAE79C03216AAA4DC45FF232670A4C75"
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(924)
f:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(2192)
f:\program files\Unlocker\UnlockerHook.dll
f:\program files\Windows Desktop Search\deskbar.dll
f:\program files\Windows Desktop Search\cs-cz\dbres.dll.mui
f:\program files\Windows Desktop Search\dbres.dll
f:\program files\Windows Desktop Search\wordwheel.dll
f:\program files\Windows Desktop Search\cs-cz\msnlExtRes.dll.mui
f:\program files\Windows Desktop Search\msnlExtRes.dll
f:\program files\Common Files\Autodesk Shared\AcSignCore16.dll
f:\windows\system32\msi.dll
f:\windows\system32\webcheck.dll
f:\windows\system32\WPDShServiceObj.dll
f:\windows\system32\PortableDeviceTypes.dll
f:\windows\system32\PortableDeviceApi.dll
f:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll
f:\windows\system32\LMIRfsClientNP.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
f:\windows\system32\Ati2evxx.exe
f:\windows\system32\Ati2evxx.exe
f:\program files\Avira\AntiVir Desktop\avguard.exe
f:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
f:\program files\ArchVision\ArchVision Content Manager\rpcACMapp.exe
f:\windows\system32\ASTSRV.EXE
f:\program files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
f:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
f:\program files\Bonjour\mDNSResponder.exe
f:\program files\Java\jre7\bin\jqs.exe
f:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
f:\program files\Microsoft SQL Server\MSSQL$MICROSOFTSMLBIZ\Binn\sqlservr.exe
f:\program files\NetLimiter 2 Pro\nlsvc.exe
f:\program files\CyberLink\Shared files\RichVideo.exe
f:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
f:\program files\Avira\AntiVir Desktop\avshadow.exe
f:\program files\NetLimiter 2 Pro\NLClient.exe
f:\progra~1\Microsoft ActiveSync\rapimgr.exe
f:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Celkový čas: 2012-12-19 14:22:50 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-12-19 13:22
.
Před spuštěním: Volných bajtů: 12 805 185 536
Po spuštění: Volných bajtů: 13 388 222 464
.
WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /noexecute=optin
.
- - End Of File - - 0F0D2A259718BFBA8D319B2D52FFCF97

Zdravim

Jedna se o domaci PC nebo nejaky pracovni\firemni??

Co se tyce ComboFixu, tak na zaklade licence a pravidel fora ptam, umite s nim pracovat (spusteni, rozlusteni logu, napsani skriptu)?

licencni podminky hovori jasne "Nikdy by nemel byt pouzit v prostredi bez dozoru zkusene osoby"


Nebezpeci CFka

• Je urcen primarne pro radce - jeho svevolnym pouzitim ztracite narok na podporu
• Maze stopy po haveti, takze v logu z RSIT neni nic videt
• Jeho log je treba dolustit, jelikoz neumi smazat vse - to ovsem tezko zvladnete pokud k tomu nejste vyskolen
• CF muze mit bug = sunda Vam system, pokud nevite kam co uklada, jak co obnovit, mate system v kytkam a ceka Vas reinstal
• CF taky bohuzel prozatim nekontroluje nektere dulezite knihovny (napr. hal.dll) - ty treba mazou nektere typy haveti (napr. angela) - smaze Vam po restartu hal.dll = nenajede Vam system a jste o radek vyse = reinstal

Jedná se o domácí PC. Smozřejmě neslouží jen k brouzdání po pornu, ale dělám i smysluplné věci. Doma na něm běží i CAD.
P3in jako Petřín.

A abych nezapoměl, nějak mi lumpík přenastavil hijacka, tak že hijack log není hijack log.....?????
Divné.
P3in

ComboFix neni HiJackThis

CF, ktery jste spustil, je urcen jen radcum a osobam vyskolenym

Pokud nemate, tak presunte Combofix na plochu

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  KillAll::
  
  RenV::
  f:\program files\ATI Technologies\ATI HydraVision\HydraDM .exe
  f:\program files\ATI Technologies\ATI HydraVision\HydraMD .exe
  f:\program files\ATI Technologies\ATI.ACE\CLIStart .exe
  f:\program files\Common Files\InstallShield\UpdateService\issch .exe
  f:\program files\Common Files\Nero\Lib\NeroCheck .exe
  f:\program files\Common Files\Nero\Lib\NMBgMonitor  .exe
  f:\program files\ESET\ESET NOD32 Antivirus\egui .exe
  f:\program files\GIGABYTE\VGA Utility Manager\G-VGA  .exe
  f:\program files\GIGABYTE\VGA Utility Manager\G-VGA .exe
  
  Folder::
  f:\program files\Winamp Toolbar
  
  Registry::
  [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
  "{57BCA5FA-5DBB-45a2-B558-1755C3F6253B}"=-
  [-HKEY_CLASSES_ROOT\clsid\{57bca5fa-5dbb-45a2-b558-1755c3f6253b}]
  [-HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch.1]
  [-HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
  [-HKEY_CLASSES_ROOT\WinampTb.AOLTBSearch]
  [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "uTorrent"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "iTunesHelper"=-
  "QuickTime Task"=-
  "CloneCDTray"=-
  "SunJavaUpdateSched"=-
  "UnlockerAssistant"=-
  [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
  "ctfmon.exe"=-
  "DWQueuedReporting"=-
  [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
  "DisableMonitoring"=dword:00000000
  [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
  "DisableMonitoring"=dword:00000000
  [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
  "DisableMonitoring"=dword:00000000
  [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
  "bdx"=-
  
  Driver::
  bdx
  
  NetSvc::
  bdx
  
  File::
  f:\windows\Tasks\Adobe Flash Player Updater.job
  f:\windows\Tasks\AppleSoftwareUpdate.job
  f:\windows\Tasks\Google Software Updater.job
  f:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  f:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  f:\windows\Tasks\MP Scheduled Scan.job
  f:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-839522115-920026266-2147137731-1003.job
  f:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-839522115-920026266-2147137731-1003.job
  f:\windows\Tasks\SDMsgUpdate (TE).job
  f:\windows\Tasks\YASU.job
  
  DDS::
  uStart Page = hxxp://search.avira.com/?l=dis&o=APN10267&gct=hp&dc=EU
  uDefault_Search_URL = hxxp://www.google.com/ie
  mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/def ... earch.html
  uInternet Settings,ProxyOverride = *.local
  uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
  
  RegNull::
  [HKEY_USERS\S-1-5-21-839522115-920026266-2147137731-1003\Software\Microsoft\SystemCertificates\AddressBook*]
  [HKEY_USERS\S-1-5-21-839522115-920026266-2147137731-1003\Software\Policies\Microsoft\SystemCertificates\AddressBook*]
  [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
  
  RegLock::
  [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  
  ClearJavaCache::
  
  Reboot::

• Ulozte vytvoreny TXT jako CFScript.txt
• Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
  
• Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci