Dobrý den, pomozte mi prosím.
Avast mi vyhodil hlášku, odstranil jsem ji vymazáním. Teď mi nejde PC připojit na net a nevím jestli je zavirován.
log rsit
Logfile of random's system information tool 1.09 (written by random/random)
Run by Administrator at 2012-12-05 22:37:18
Systém Microsoft Windows XP Professional Service Pack 3
System drive H: has 196 GB (41%) free of 477 GB
Total RAM: 3326 MB (79% free)
HijackThis download failed
======Scheduled tasks folder======
H:\WINDOWS\tasks\Adobe Flash Player Updater.job
H:\WINDOWS\tasks\avast! Emergency Update.job
H:\WINDOWS\tasks\Game_Booster_Startup.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
H:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - H:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2007-11-06 322880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
ContributeBHO Class - I:\Program\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-30 75232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - H:\WINDOWS\WebIE.dll [2011-02-28 491520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - H:\Program Files\Java\jre6\bin\ssv.dll [2012-08-28 329712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - H:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - H:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-08-28 59376]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-08-28 79856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - H:\Program Files\Hewlett-Packard\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - H:\WINDOWS\WebIE.dll [2011-02-28 491520]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - H:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2011-01-20 988480]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - I:\Program\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll [2010-03-27 164312]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - H:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2012-10-30 1227736]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=H:\WINDOWS\RTHDCPL.EXE [2008-06-27 16875008]
"StartCCC"=H:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-07-28 98304]
"Launch LCore"=H:\Program Files\Logitech Gaming Software\LCore.exe [2012-07-24 5115192]
"RTSS"=H:\Program Files\MSI Afterburner\Bundle\OSDServer\RTSS.exe [2012-10-30 166968]
"MSIAfterburner"=H:\Program Files\MSI Afterburner\MSIAfterburner.exe [2012-10-30 408632]
"QuickTime Task"=H:\Program Files\QuickTime Alternative\QTTask.exe [2011-10-24 421888]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=H:\Program Files\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"ctfmon.exe"=H:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
H:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
H:\WINDOWS\ALCWZRD.EXE [2008-06-19 2808832]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp]
H:\Program Files\TO2SSM\McciTrayApp.exe [2008-08-15 1473536]
H:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
H:\Documents and Settings\Administrator\Nabídka Start\Programy\Po spuštění
AutorunsDisabled
Logitech . Registrace produktu.lnk - H:\Program Files\Logitech Gaming Software\EReg\eReg.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
H:\WINDOWS\system32\Ati2evxx.dll [2011-07-28 188416]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]
H:\WINDOWS\system32\avgrsstx.dll [2009-08-18 11952]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wgalogon]
H:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=H:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0
"NoResolveSearch"=1
"NoPopUpsOnBoot"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"H:\Program Files\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe"="H:\Program Files\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe:*:Enabled:Frontlines Game"
"H:\Program Files\ICQ6.5\ICQ.exe"="H:\Program Files\ICQ6.5\ICQ.exe:*:Enabled:ICQ6"
"H:\WINDOWS\system32\dpnsvr.exe"="H:\WINDOWS\system32\dpnsvr.exe:*:Enabled:Microsoft DirectPlay8 Server"
"H:\Program Files\Pando Networks\Media Booster\PMB.exe"="H:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"
"H:\Program Files\Opera\opera.exe"="H:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser"
"H:\Program Files\Electronic Arts\Need for Speed Carbon\NFSC.exe"="H:\Program Files\Electronic Arts\Need for Speed Carbon\NFSC.exe:*:Enabled:NFSC"
"H:\Program Files\Metin2_CZ\metin2.bin"="H:\Program Files\Metin2_CZ\metin2.bin:*:Enabled:metin2"
"H:\Program Files\Metin2_CZ\metin2client.bin"="H:\Program Files\Metin2_CZ\metin2client.bin:*:Enabled:metin2client"
"H:\Program Files\ICQ7.0\ICQ.exe"="H:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"H:\Program Files\ICQ7.0\aolload.exe"="H:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
"H:\Program Files\Google\Google Earth\client\googleearth.exe"="H:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"H:\Program Files\Google\Google Earth\plugin\geplugin.exe"="H:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth"
"H:\Program Files\Electronic Arts\Medal of Honor\Binaries\moh.exe"="H:\Program Files\Electronic Arts\Medal of Honor\Binaries\moh.exe:*:Enabled:Medal of Honor™"
"H:\Program Files\Electronic Arts\Medal of Honor\MP\MoHMPGame.exe"="H:\Program Files\Electronic Arts\Medal of Honor\MP\MoHMPGame.exe:*:Enabled:Medal of Honor: Multiplayer"
"H:\Program Files\GIGABYTE\EnergySaver\run.exe"="H:\Program Files\GIGABYTE\EnergySaver\run.exe:*:Enabled:update"
"I:\Games\Ubi Soft\Hawx\HAWX.exe"="I:\Games\Ubi Soft\Hawx\HAWX.exe:*:Enabled:Tom Clancy's H.A.W.X"
"H:\WINDOWS\system32\PnkBstrA.exe"="H:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"H:\WINDOWS\system32\PnkBstrB.exe"="H:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"I:\Games\Crytek\Crysis\Bin32\Crysis.exe"="I:\Games\Crytek\Crysis\Bin32\Crysis.exe:*:Enabled:Crysis_32"
"I:\Games\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe"="I:\Games\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe:*:Enabled:CrysisDedicatedServer_32"
"H:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="H:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"H:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="H:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"H:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="H:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"I:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe"="I:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (CLI)"
"I:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe"="I:\Games\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\bin\dedicated\xrEngine.exe:*:Enabled:S.T.A.L.K.E.R. - Clear Sky (SRV)"
"H:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe"="H:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe:*:Enabled:ArmA 2"
"H:\Program Files\UBISOFT\Ubisoft Game Launcher\UbisoftGameLauncher.exe"="H:\Program Files\UBISOFT\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher"
"H:\Program Files\UBISOFT\Tom Clancy's H.A.W.X. 2\HAWX2.exe"="H:\Program Files\UBISOFT\Tom Clancy's H.A.W.X. 2\HAWX2.exe:*:Enabled:Tom Clancy's H.A.W.X. 2"
"H:\Program Files\UBISOFT\Tom Clancy's H.A.W.X. 2\Data\Browser\UPlayBrowser.exe"="H:\Program Files\UBISOFT\Tom Clancy's H.A.W.X. 2\Data\Browser\UPlayBrowser.exe:*:Enabled:UPlayBrowser Application"
"I:\Games\Crytek\Crysis 2\bin32\Crysis2.exe"="I:\Games\Crytek\Crysis 2\bin32\Crysis2.exe:*:Enabled:Crysis2"
"H:\Program Files\Bohemia Interactive\ArmA 2\arma2OA.exe"="H:\Program Files\Bohemia Interactive\ArmA 2\arma2OA.exe:*:Enabled:ArmA 2 Operation Arrowhead"
"I:\Games\BlackBeanGames\WRC2010\Launcher.exe"="I:\Games\BlackBeanGames\WRC2010\Launcher.exe:*:Enabled:Launcher"
"I:\Games\F1_2010\F1_2010_game.exe"="I:\Games\F1_2010\F1_2010_game.exe:*:Enabled:F1 2010"
"H:\Program Files\uTorrent\utorrent.exe"="H:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent"
"I:\Games\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe"="I:\Games\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe:*:Enabled:Assassin's Creed Brotherhood"
"I:\Games\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe"="I:\Games\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe:*:Enabled:Assassin's Creed Brotherhood Multiplayer"
"I:\Games\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe"="I:\Games\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe:*:Enabled:Assassin's Creed Brotherhood Update"
"I:\Games\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe"="I:\Games\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe:*:Enabled:Assassin's Creed Brotherhood Uplay"
"I:\Games\Mass Effect 2\Binaries\MassEffect2.exe"="I:\Games\Mass Effect 2\Binaries\MassEffect2.exe:*:Enabled:Mass Effect 2 Hra"
"I:\Games\Mass Effect 2\MassEffect2Launcher.exe"="I:\Games\Mass Effect 2\MassEffect2Launcher.exe:*:Enabled:Mass Effect 2 Spustit"
"I:\Games\Auran\TS2010\Trainz.exe"="I:\Games\Auran\TS2010\Trainz.exe:*:Disabled:Spustit TS2010"
"I:\Games\Auran\TS2010\bin\TADDaemon.exe"="I:\Games\Auran\TS2010\bin\TADDaemon.exe:*:Disabled:TADDaemon"
"H:\Program Files\Bohemia Interactive\ArmA 2\arma2oaserver.exe"="H:\Program Files\Bohemia Interactive\ArmA 2\arma2oaserver.exe:*:Enabled:ArmA 2 OA"
"I:\Games\Call of Duty 4 - Modern Warfare\iw3mp.exe"="I:\Games\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:iw3mp"
"H:\Program Files\Server\USB server\mysql\bin\mysqld_usbwv8.exe"="H:\Program Files\Server\USB server\mysql\bin\mysqld_usbwv8.exe:*:Enabled:mysqld_usbwv8"
"H:\Program Files\Server\USB server\apache\bin\httpd_usbwv8.exe"="H:\Program Files\Server\USB server\apache\bin\httpd_usbwv8.exe:*:Enabled:Apache HTTP Server"
"H:\Program Files\Metin2_CZ\metin2.exe"="H:\Program Files\Metin2_CZ\metin2.exe:*:Enabled:metin2"
"H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe"="H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe"="H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe"
"H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe"="H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe"="H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"H:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe"="H:\Program Files\Hewlett-Packard\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpiscnapp.exe"="H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe"
"H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe"="H:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"I:\Games\Z8Games\CrossFire\CF_G4box.exe"="I:\Games\Z8Games\CrossFire\CF_G4box.exe:*:Enabled:cf launcher"
"I:\Games\Battlefield 2142\BF2142.exe"="I:\Games\Battlefield 2142\BF2142.exe:*:Enabled:Battlefield 2"
"H:\Program Files\Bohemia Interactive\Take On Helicopters Demo\TakeOnHDemo.exe"="H:\Program Files\Bohemia Interactive\Take On Helicopters Demo\TakeOnHDemo.exe:*:Enabled:Take On Helicopters Demo"
"H:\Program Files\Skype\Phone\Skype.exe"="H:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"I:\Games\Call of Duty - World at War\CoDWaWmp.exe"="I:\Games\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty(R): World at War Multiplayer"
"I:\Games\FlatOut2\flatout2.exe"="I:\Games\FlatOut2\flatout2.exe:*:Enabled:flatout2"
"H:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="H:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"H:\Program Files\ICQ7.0\ICQ.exe"="H:\Program Files\ICQ7.0\ICQ.exe:*:Enabled:ICQ7"
"H:\Program Files\ICQ7.0\aolload.exe"="H:\Program Files\ICQ7.0\aolload.exe:*:Enabled:aolload.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=H:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=H:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.lhacm"=lhacm.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.XVID"=xvidvfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.RTV1"=rtvcvfw32.dll
======File associations======
.scr - open - H:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2012-12-05 22:30:30 ----D---- H:\rsit
2012-12-05 22:30:30 ----D---- H:\Program Files\trend micro
2012-12-05 22:00:36 ----SHD---- H:\RECYCLER
2012-12-05 22:00:10 ----SHD---- H:\Config.Msi
2012-12-05 21:59:54 ----D---- H:\WINDOWS\SxsCaPendDel
2012-12-05 21:51:16 ----A---- H:\ComboFix.txt
2012-11-28 18:56:04 ----D---- H:\Documents and Settings\Administrator\Data aplikací\Apple Computer
2012-11-26 23:14:34 ----D---- H:\Program Files\CamStudio 2.6b
2012-11-26 23:14:34 ----A---- H:\WINDOWS\system32\CamCodec.dll
======List of files/folders modified in the last 1 month======
2012-12-05 22:30:30 ----D---- H:\Program Files
2012-12-05 22:26:56 ----D---- H:\WINDOWS\Temp
2012-12-05 22:26:13 ----D---- H:\WINDOWS
2012-12-05 22:10:06 ----A---- H:\WINDOWS\SchedLgU.Txt
2012-12-05 22:10:05 ----D---- H:\WINDOWS\system32\CatRoot2
2012-12-05 22:08:44 ----D---- H:\WINDOWS\network diagnostic
2012-12-05 22:00:15 ----SHD---- H:\WINDOWS\Installer
2012-12-05 21:59:06 ----D---- H:\Program Files\Common Files
2012-12-05 21:53:54 ----D---- H:\WINDOWS\system32\drivers
2012-12-05 21:51:18 ----D---- H:\Qoobox
2012-12-05 21:50:04 ----A---- H:\WINDOWS\system.ini
2012-12-05 21:47:54 ----D---- H:\WINDOWS\system32
2012-12-05 21:47:54 ----D---- H:\WINDOWS\AppPatch
2012-12-05 21:33:33 ----D---- H:\Program Files\MSI Afterburner
2012-12-05 21:22:17 ----A---- H:\WINDOWS\MAILTRAN.INI
2012-12-05 21:09:48 ----D---- H:\Documents and Settings\Administrator\Data aplikací\uTorrent
2012-12-05 21:09:47 ----D---- H:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools Lite
2012-12-05 21:03:27 ----D---- H:\Documents and Settings\Administrator\Data aplikací\TS3Client
2012-12-05 20:09:47 ----SD---- H:\WINDOWS\Tasks
2012-12-05 20:09:03 ----D---- H:\WINDOWS\system32\drivers\etc
2012-12-05 20:08:16 ----AD---- H:\Documents and Settings\All Users\Data aplikací\TEMP
2012-12-05 20:00:47 ----SHD---- H:\System Volume Information
2012-12-05 20:00:47 ----D---- H:\WINDOWS\system32\Restore
2012-12-05 19:27:33 ----D---- H:\WINDOWS\system32\config
2012-12-05 19:22:02 ----A---- H:\WINDOWS\WTRAN32.INI
2012-12-05 19:13:37 ----D---- H:\WINDOWS\Prefetch
2012-12-05 16:17:16 ----RSHDC---- H:\WINDOWS\system32\dllcache
2012-12-05 16:12:44 ----D---- H:\Documents and Settings\All Users\Data aplikací\IObit
2012-12-04 18:34:15 ----A---- H:\WINDOWS\NeroDigital.ini
2012-12-04 18:00:16 ----D---- H:\Program Files\SpeedFan
2012-12-02 13:24:27 ----D---- H:\Documents and Settings\Administrator\Data aplikací\Skype
2012-11-27 21:22:46 ----D---- H:\Program Files\QuickTime Alternative
2012-11-27 21:22:14 ----D---- H:\WINDOWS\WinSxS
2012-11-26 21:18:25 ----D---- H:\Program Files\Mozilla Firefox
2012-11-22 06:14:45 ----AC---- H:\WINDOWS\system32\PerfStringBackup.INI
2012-11-21 19:28:50 ----D---- H:\Program Files\Opera
2012-11-20 08:24:03 ----D---- H:\Documents and Settings\All Users\Data aplikací\Adobe
2012-11-20 08:20:25 ----A---- H:\WINDOWS\system32\FlashPlayerApp.exe
2012-11-17 22:50:42 ----D---- H:\Documents and Settings\Administrator\Data aplikací\Ancestry
2012-11-08 19:26:00 ----SD---- H:\Documents and Settings\Administrator\Data aplikací\Microsoft
2012-11-08 19:25:59 ----D---- H:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2012-11-06 16:42:34 ----A---- H:\WINDOWS\system32\PnkBstrB.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 giveio;giveio; H:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 prohlp02;StarForce Protection Helper Driver v2; H:\WINDOWS\System32\drivers\prohlp02.sys [2004-09-03 115680]
R0 prosync1;StarForce Protection Synchronization Driver v1; H:\WINDOWS\System32\drivers\prosync1.sys [2004-07-19 7040]
R0 PxHelp20;PxHelp20; H:\WINDOWS\System32\Drivers\PxHelp20.sys [2009-07-09 45200]
R0 sfdrv01;StarForce Protection Environment Driver (version 1.x); H:\WINDOWS\System32\drivers\sfdrv01.sys [2006-03-26 51200]
R0 sfhlp01;StarForce Protection Helper Driver; H:\WINDOWS\System32\drivers\sfhlp01.sys [2003-12-01 4832]
R0 sfhlp02;StarForce Protection Helper Driver (version 2.x); H:\WINDOWS\System32\drivers\sfhlp02.sys [2006-03-13 6656]
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x); H:\WINDOWS\System32\drivers\sfsync02.sys [2006-02-21 19968]
R0 SmartDefragDriver;SmartDefragDriver; H:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [2011-02-23 13496]
R0 speedfan;speedfan; H:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 sptd;sptd; H:\WINDOWS\System32\Drivers\sptd.sys [2011-01-24 431672]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; H:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
R1 Aavmker4;avast! Asynchronous Virus Monitor; H:\WINDOWS\system32\drivers\Aavmker4.sys [2012-10-30 25256]
R1 aswSnx;aswSnx; H:\WINDOWS\system32\drivers\aswSnx.sys [2012-10-30 738504]
R1 aswSP;aswSP; H:\WINDOWS\system32\drivers\aswSP.sys [2012-10-30 361032]
R1 aswTdi;avast! Network Shield Support; H:\WINDOWS\system32\drivers\aswTdi.sys [2012-10-30 54232]
R1 AvgLdx86;AVG Free AVI Loader Driver x86; H:\WINDOWS\System32\Drivers\avgldx86.sys [2009-08-18 335240]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; H:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-08-18 27784]
R1 intelppm;Řadič procesoru Intel; H:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; H:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 prodrv06;StarForce Protection Environment Driver v6; H:\WINDOWS\System32\drivers\prodrv06.sys [2004-09-03 54368]
R1 SCDEmu;SCDEmu; H:\WINDOWS\system32\drivers\SCDEmu.sys [2010-04-12 59388]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; H:\WINDOWS\System32\drivers\ws2ifsl.sys [2001-10-25 12032]
R2 aswFsBlk;aswFsBlk; H:\WINDOWS\system32\drivers\aswFsBlk.sys [2012-10-30 21256]
R2 aswMon2;avast! Standard Shield Support; H:\WINDOWS\system32\drivers\aswMon2.sys [2012-10-30 97608]
R2 atksgt;atksgt; H:\WINDOWS\system32\DRIVERS\atksgt.sys [2009-05-18 281504]
R2 lirsgt;lirsgt; H:\WINDOWS\system32\DRIVERS\lirsgt.sys [2009-05-18 25888]
R3 ati2mtag;ati2mtag; H:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2011-07-28 7084544]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; H:\WINDOWS\system32\drivers\AtiHdmi.sys [2009-11-18 95232]
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; H:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; H:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); H:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-06-27 4742656]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver; H:\WINDOWS\system32\drivers\LGBusEnum.sys [2009-11-24 19720]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; H:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [2012-02-07 42008]
R3 mouhid;Ovladač myši standardu HID; H:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 RTCore32;RTCore32; \??\H:\Program Files\MSI Afterburner\RTCore32.sys []
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; H:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2008-06-16 109184]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; H:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbstor;Ovladač velkokapacitního paměťového zařízení USB; H:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; H:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Kernel Mode Driver Frameworks service; H:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver; H:\WINDOWS\system32\drivers\WmBEnum.sys [2009-09-11 22792]
R3 WmFilter;Logitech Gaming HID Filter Driver; H:\WINDOWS\system32\drivers\WmFilter.sys [2009-09-11 35592]
R3 WmXlCore;Logitech Translation Layer Driver; H:\WINDOWS\system32\drivers\WmXlCore.sys [2009-09-11 66056]
S1 aswRdr;aswRdr; H:\WINDOWS\system32\drivers\aswRdr.sys [2012-10-30 35928]
S1 AvgTdiX;AVG Free8 Network Redirector; H:\WINDOWS\System32\Drivers\avgtdix.sys [2009-05-19 108552]
S1 cc2209c0;cc2209c0; H:\WINDOWS\System32\drivers\cc2209c0.sys []
S3 afrj3n5e;afrj3n5e; H:\WINDOWS\system32\drivers\afrj3n5e.sys []
S3 ak6d0bv4;ak6d0bv4; H:\WINDOWS\system32\drivers\ak6d0bv4.sys []
S3 catchme;catchme; \??\H:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
S3 cpuz130;cpuz130; \??\H:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys []
S3 EagleNT;EagleNT; \??\H:\WINDOWS\system32\drivers\EagleNT.sys []
S3 EagleXNt;EagleXNt; \??\H:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 gdrv;gdrv; \??\H:\WINDOWS\gdrv.sys []
S3 GMSIPCI;GMSIPCI; \??\G:\INSTALL\GMSIPCI.SYS []
S3 HPZid412;IEEE-1284.4 Driver HPZid412; H:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-31 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; H:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-31 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; H:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-31 21568]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver; H:\WINDOWS\system32\drivers\LGVirHid.sys [2009-11-24 14856]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\H:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\H:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\H:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\H:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\H:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\H:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 nmwcd;Nokia USB Phone Parent; H:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; H:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 nv;nv; H:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-10-07 6133856]
S3 pccsmcfd;PCCS Mode Change Filter Driver; H:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 pcouffin;VSO Software pcouffin; H:\WINDOWS\System32\Drivers\pcouffin.sys [2009-05-30 47360]
S3 RegFilter;RegFilter; \??\H:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\regfilter.sys []
S3 SMCWPCIG;SMCWPCI-G 54Mbps Wireless PCI adapter Service; H:\WINDOWS\system32\DRIVERS\SMCWPCIG.sys []
S3 upperdev;upperdev; H:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 UrlFilter;UrlFilter; \??\H:\Program Files\IObit\IObit Malware Fighter\drivers\wxp_x86\UrlFilter.sys []
S3 usbprint;Třída USB Printer; H:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;Ovladač skeneru USB; H:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; H:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; H:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 wlanndi5;wlanndi5 NDIS Protocol Driver; \??\H:\WINDOWS\system32\wlanndi5.SYS []
S3 WmHidLo;Logitech Gaming USB Filter Driver; H:\WINDOWS\system32\drivers\WmHidLo.sys [2009-09-11 31752]
S3 WmVirHid;Logitech Virtual Hid Device Driver; H:\WINDOWS\system32\drivers\WmVirHid.sys [2009-09-11 14984]
S3 WpdUsb;WpdUsb; H:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; H:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 XDva317;XDva317; \??\H:\WINDOWS\system32\XDva317.sys []
S3 XDva321;XDva321; \??\H:\WINDOWS\system32\XDva321.sys []
S3 XDva323;XDva323; \??\H:\WINDOWS\system32\XDva323.sys []
S3 XDva327;XDva327; \??\H:\WINDOWS\system32\XDva327.sys []
S3 XDva336;XDva336; \??\H:\WINDOWS\system32\XDva336.sys []
S3 XDva346;XDva346; \??\H:\WINDOWS\system32\XDva346.sys []
S3 XDva347;XDva347; \??\H:\WINDOWS\system32\XDva347.sys []
S3 XDva349;XDva349; \??\H:\WINDOWS\system32\XDva349.sys []
S3 XDva352;XDva352; \??\H:\WINDOWS\system32\XDva352.sys []
S3 XDva392;XDva392; \??\H:\WINDOWS\system32\XDva392.sys []
S4 FileMonitor;FileMonitor; \??\H:\Program Files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5; H:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [2012-05-26 913792]
R2 Ati HotKey Poller;Ati HotKey Poller; H:\WINDOWS\system32\Ati2evxx.exe [2011-07-28 643072]
R2 avast! Antivirus;avast! Antivirus; H:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-10-30 44808]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance; H:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe [2009-02-28 81920]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; H:\Program Files\Java\jre6\bin\jqs.exe [2012-08-28 153584]
R2 McciCMService;McciCMService; H:\Program Files\Common Files\Motive\McciCMService.exe [2007-10-15 303104]
R2 Net Driver HPZ12;Net Driver HPZ12; H:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; H:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; H:\WINDOWS\system32\PnkBstrA.exe [2012-10-29 76888]
R2 SQLWriter;SQL Server VSS Writer; H:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance; H:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe [2009-02-28 2732032]
R3 hpqcxs08;hpqcxs08; H:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S2 MSSQL$SPRINXCRM;SQL Server (SPRINXCRM); H:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-25 29263712]
S2 NVSvc;NVIDIA Display Driver Service; H:\WINDOWS\system32\nvsvc32.exe [2008-10-07 163908]
S2 SkypeUpdate;Skype Updater; H:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S2 SQLBrowser;SQL Server Browser; H:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-25 239968]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-20 250808]
S3 aspnet_state;Stavová služba ASP.NET; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; H:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; H:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; H:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 npggsvc;nProtect GameGuard Service; H:\WINDOWS\system32\GameMon.des [2011-04-12 4400096]
S3 odserv;Microsoft Office Diagnostics Service; H:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; H:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 ServiceLayer;ServiceLayer; H:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-06-14 615936]
S3 SwitchBoard;SwitchBoard; H:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; H:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 Application Updater;Application Updater; H:\Program Files\Application Updater\ApplicationUpdater.exe [2011-08-17 402328]
S4 FLEXnet Licensing Service;FLEXnet Licensing Service; H:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-11-10 651720]
S4 GEST Service;GEST Service for program management.; H:\Program Files\GIGABYTE\EnergySaver\GSvr.exe [2008-07-11 80392]
S4 gupdate1ca8be9ec2b3198;Google Update Service (gupdate1ca8be9ec2b3198); H:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-02 133104]
S4 gupdatem;Služba Google Update (gupdatem); H:\Program Files\Google\Update\GoogleUpdate.exe [2010-01-02 133104]
S4 IMFservice;IMF Service; H:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [2011-07-20 820568]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; H:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-25 45408]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; H:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
ahoj,
1. obnov system k datumu pred "odvirovanim"
2. stiahni a uloz na plochu ComboFix
potom spust pod uctom s administratorskym opravnenim
akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie
Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.
po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)
1. obnov system k datumu pred "odvirovanim"
2. stiahni a uloz na plochu ComboFix
potom spust pod uctom s administratorskym opravnenim
akcia trva cca. 5-10 minut, niekedy i dlhsie -, Pocas scanu nespustaj ziadne ine aplikacie
Nie je dovod na paniku ak stroj bude restartovany
upozornenie: ak pouzivas antispyware s rezidentnim stitem, ten pred scanom vypni.
po restarte aplikacie vytvori log, ulozeny na C:\Combofix.txt (jeho obsah vloz sem)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
ComboFix 12-12-04.01 - Administrator 06.12.2012 10:07:47.5.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2533 [GMT 1:00]
Spuštěný z: h:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-06 do 2012-12-06 )))))))))))))))))))))))))))))))
.
.
2012-12-05 21:30 . 2012-12-05 21:30 -------- d-----w- H:\rsit
2012-12-05 21:30 . 2012-12-05 21:30 -------- d-----w- h:\program files\trend micro
2012-12-05 20:59 . 2012-12-05 21:22 -------- d-----w- h:\windows\SxsCaPendDel
2012-12-05 18:54 . 2012-12-05 18:54 -------- d-----w- h:\documents and settings\All Users\Oblíbené položky
2012-11-28 17:56 . 2012-11-28 17:56 -------- d-----w- h:\documents and settings\Administrator\Data aplikací\Apple Computer
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2012-11-27 20:22 . 2012-11-27 20:22 -------- d-----w- h:\documents and settings\Administrator\Local Settings\Data aplikací\Apple
2012-11-26 22:14 . 2012-11-26 22:26 -------- d-----w- h:\program files\CamStudio 2.6b
2012-11-26 22:14 . 2010-10-23 23:56 49664 ----a-w- h:\windows\system32\CamCodec.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-20 07:20 . 2012-04-05 20:43 697272 ----a-w- h:\windows\system32\FlashPlayerApp.exe
2012-11-20 07:20 . 2011-05-27 10:57 73656 ----a-w- h:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-06 15:42 . 2011-01-27 19:05 139096 ----a-w- h:\windows\system32\drivers\PnkBstrK.sys
2012-11-06 15:42 . 2011-01-27 19:05 281312 ----a-w- h:\windows\system32\PnkBstrB.exe
2012-11-06 15:42 . 2009-07-04 23:46 281312 ----a-w- h:\windows\system32\PnkBstrB.xtr
2012-11-05 19:28 . 2011-01-27 19:05 281312 ----a-w- h:\windows\system32\PnkBstrB.ex0
2012-10-30 22:51 . 2011-03-09 18:28 738504 ----a-w- h:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2011-01-15 11:50 361032 ----a-w- h:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2011-01-15 11:50 54232 ----a-w- h:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-01-15 11:50 35928 ----a-w- h:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2011-01-15 11:50 97608 ----a-w- h:\windows\system32\drivers\aswmon2.sys
2012-10-30 22:51 . 2011-01-15 11:50 89752 ----a-w- h:\windows\system32\drivers\aswmon.sys
2012-10-30 22:51 . 2011-01-15 11:50 21256 ----a-w- h:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2011-01-15 11:50 25256 ----a-w- h:\windows\system32\drivers\aavmker4.sys
2012-10-30 22:51 . 2011-01-15 11:50 41224 ----a-w- h:\windows\avastSS.scr
2012-10-30 22:50 . 2011-01-15 11:50 227648 ----a-w- h:\windows\system32\aswBoot.exe
2012-10-29 07:04 . 2011-01-27 19:05 76888 ----a-w- h:\windows\system32\PnkBstrA.exe
2012-10-26 15:55 . 2012-09-23 07:07 16400 ----a-w- h:\windows\system32\drivers\LNonPnP.sys
2010-02-16 10:46 . 2010-02-16 10:43 63 ----a-w- h:\program files\Namapuj.bat
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- h:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="h:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"StartCCC"="h:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 98304]
"Launch LCore"="h:\program files\Logitech Gaming Software\LCore.exe" [2012-07-24 5115192]
"RTSS"="h:\program files\MSI Afterburner\Bundle\OSDServer\RTSS.exe" [2012-10-30 166968]
"MSIAfterburner"="h:\program files\MSI Afterburner\MSIAfterburner.exe" [2012-10-30 408632]
"QuickTime Task"="h:\program files\QuickTime Alternative\QTTask.exe" [2011-10-24 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="h:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
h:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
HP Digital Imaging Monitor.lnk - h:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-18 15:11 11952 ----a-w- h:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 08:20 57344 ------r- h:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
2008-06-19 08:42 2808832 ------r- h:\windows\alcwzrd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp]
2008-08-15 16:33 1473536 ----a-w- h:\program files\TO2SSM\McciTrayApp.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"h:\\Program Files\\THQ\\Frontlines-Fuel of War\\Binaries\\FFOW.exe"=
"h:\\Program Files\\ICQ6.5\\ICQ.exe"=
"h:\\WINDOWS\\system32\\dpnsvr.exe"=
"h:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"h:\\Program Files\\Opera\\opera.exe"=
"h:\\Program Files\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe"=
"h:\\Program Files\\Metin2_CZ\\metin2.bin"=
"h:\\Program Files\\Metin2_CZ\\metin2client.bin"=
"h:\\Program Files\\ICQ7.0\\ICQ.exe"=
"h:\\Program Files\\ICQ7.0\\aolload.exe"=
"h:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"h:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"h:\\Program Files\\Electronic Arts\\Medal of Honor\\Binaries\\moh.exe"=
"h:\\Program Files\\Electronic Arts\\Medal of Honor\\MP\\MoHMPGame.exe"=
"h:\\Program Files\\GIGABYTE\\EnergySaver\\run.exe"=
"i:\\Games\\Ubi Soft\\Hawx\\HAWX.exe"=
"h:\\WINDOWS\\system32\\PnkBstrA.exe"=
"h:\\WINDOWS\\system32\\PnkBstrB.exe"=
"i:\\Games\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"i:\\Games\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"h:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"h:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"h:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"i:\\Games\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"=
"i:\\Games\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"=
"h:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2.exe"=
"h:\\Program Files\\UBISOFT\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"h:\\Program Files\\UBISOFT\\Tom Clancy's H.A.W.X. 2\\HAWX2.exe"=
"h:\\Program Files\\UBISOFT\\Tom Clancy's H.A.W.X. 2\\Data\\Browser\\UPlayBrowser.exe"=
"i:\\Games\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"h:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2OA.exe"=
"i:\\Games\\BlackBeanGames\\WRC2010\\Launcher.exe"=
"i:\\Games\\F1_2010\\F1_2010_game.exe"=
"h:\\Program Files\\uTorrent\\utorrent.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"i:\\Games\\Mass Effect 2\\Binaries\\MassEffect2.exe"=
"i:\\Games\\Mass Effect 2\\MassEffect2Launcher.exe"=
"i:\\Games\\Auran\\TS2010\\Trainz.exe"=
"i:\\Games\\Auran\\TS2010\\bin\\TADDaemon.exe"=
"h:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2oaserver.exe"=
"i:\\Games\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"h:\\Program Files\\Server\\USB server\\mysql\\bin\\mysqld_usbwv8.exe"=
"h:\\Program Files\\Server\\USB server\\apache\\bin\\httpd_usbwv8.exe"=
"h:\\Program Files\\Metin2_CZ\\metin2.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpiscnapp.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=
"i:\\Games\\Z8Games\\CrossFire\\CF_G4box.exe"=
"i:\\Games\\Battlefield 2142\\BF2142.exe"=
"h:\\Program Files\\Bohemia Interactive\\Take On Helicopters Demo\\TakeOnHDemo.exe"=
"h:\\Program Files\\Skype\\Phone\\Skype.exe"=
"i:\\Games\\Call of Duty - World at War\\CoDWaWmp.exe"=
"i:\\Games\\FlatOut2\\flatout2.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58888:TCP"= 58888:TCP:Pando Media Booster
"58888:UDP"= 58888:UDP:Pando Media Booster
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 SmartDefragDriver;SmartDefragDriver;h:\windows\system32\drivers\SmartDefragDriver.sys [7.8.2011 21:24 13496]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;h:\windows\system32\drivers\aswSnx.sys [9.3.2011 19:28 738504]
R1 aswSP;aswSP;h:\windows\system32\drivers\aswSP.sys [15.1.2011 12:50 361032]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;h:\windows\system32\drivers\avgldx86.sys [19.5.2009 19:41 335240]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;h:\program files\IObit\Advanced SystemCare 5\ASCService.exe [12.8.2012 22:33 913792]
R2 aswFsBlk;aswFsBlk;h:\windows\system32\drivers\aswFsBlk.sys [15.1.2011 12:50 21256]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;h:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [14.1.2010 18:58 81920]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;h:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [14.1.2010 18:58 2732032]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;h:\windows\system32\drivers\LGBusEnum.sys [23.9.2012 8:07 19720]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;h:\windows\system32\drivers\LGSHidFilt.Sys [23.9.2012 8:07 42008]
S1 AvgTdiX;AVG Free8 Network Redirector;h:\windows\system32\drivers\avgtdix.sys [19.5.2009 19:41 108552]
S1 cc2209c0;cc2209c0;h:\windows\system32\drivers\cc2209c0.sys [17.5.2009 12:20 0]
S2 MSSQL$SPRINXCRM;SQL Server (SPRINXCRM);h:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [25.11.2008 7:31 29263712]
S2 SkypeUpdate;Skype Updater;h:\program files\Skype\Updater\Updater.exe [13.7.2012 12:28 160944]
S3 cpuz130;cpuz130;\??\h:\docume~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> h:\docume~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 EagleXNt;EagleXNt;\??\h:\windows\system32\drivers\EagleXNt.sys --> h:\windows\system32\drivers\EagleXNt.sys [?]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;h:\windows\system32\drivers\LGVirHid.sys [23.9.2012 8:07 14856]
S3 npggsvc;nProtect GameGuard Service;h:\windows\system32\GameMon.des -service --> h:\windows\system32\GameMon.des -service [?]
S3 pcouffin;VSO Software pcouffin;h:\windows\system32\drivers\pcouffin.sys [29.5.2009 18:26 47360]
S3 RegFilter;RegFilter;h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [1.8.2011 6:18 30368]
S3 SMCWPCIG;SMCWPCI-G 54Mbps Wireless PCI adapter Service;h:\windows\system32\DRIVERS\SMCWPCIG.sys --> h:\windows\system32\DRIVERS\SMCWPCIG.sys [?]
S3 SwitchBoard;SwitchBoard;h:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 UrlFilter;UrlFilter;h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [1.8.2011 6:18 16080]
S3 wlanndi5;wlanndi5 NDIS Protocol Driver;h:\windows\system32\wlanndi5.sys [21.4.2004 17:51 16384]
S3 XDva317;XDva317;\??\h:\windows\system32\XDva317.sys --> h:\windows\system32\XDva317.sys [?]
S3 XDva321;XDva321;\??\h:\windows\system32\XDva321.sys --> h:\windows\system32\XDva321.sys [?]
S3 XDva323;XDva323;\??\h:\windows\system32\XDva323.sys --> h:\windows\system32\XDva323.sys [?]
S3 XDva327;XDva327;\??\h:\windows\system32\XDva327.sys --> h:\windows\system32\XDva327.sys [?]
S3 XDva336;XDva336;\??\h:\windows\system32\XDva336.sys --> h:\windows\system32\XDva336.sys [?]
S3 XDva346;XDva346;\??\h:\windows\system32\XDva346.sys --> h:\windows\system32\XDva346.sys [?]
S3 XDva347;XDva347;\??\h:\windows\system32\XDva347.sys --> h:\windows\system32\XDva347.sys [?]
S3 XDva349;XDva349;\??\h:\windows\system32\XDva349.sys --> h:\windows\system32\XDva349.sys [?]
S3 XDva352;XDva352;\??\h:\windows\system32\XDva352.sys --> h:\windows\system32\XDva352.sys [?]
S3 XDva392;XDva392;\??\h:\windows\system32\XDva392.sys --> h:\windows\system32\XDva392.sys [?]
S4 Application Updater;Application Updater;h:\program files\Application Updater\ApplicationUpdater.exe [17.8.2011 12:00 402328]
S4 FileMonitor;FileMonitor;h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [1.8.2011 6:18 239600]
S4 GEST Service;GEST Service for program management.;h:\program files\GIGABYTE\EnergySaver\GSvr.exe [21.3.2009 1:30 80392]
S4 gupdate1ca8be9ec2b3198;Google Update Service (gupdate1ca8be9ec2b3198);h:\program files\Google\Update\GoogleUpdate.exe [2.1.2010 21:26 133104]
S4 IMFservice;IMF Service;h:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [20.6.2011 21:58 820568]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - RTCore32
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-20 h:\windows\Tasks\Adobe Flash Player Updater.job
- h:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 07:20]
.
2012-12-06 h:\windows\Tasks\avast! Emergency Update.job
- h:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-09 22:50]
.
2012-09-19 h:\windows\Tasks\Game_Booster_Startup.job
- h:\program files\IObit\Game Booster\gbtray.exe [2011-01-15 12:51]
.
2012-09-19 h:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- h:\program files\Google\Update\GoogleUpdate.exe [2010-01-02 20:26]
.
2012-09-19 h:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- h:\program files\Google\Update\GoogleUpdate.exe [2010-01-02 20:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - h:\windows\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-06 10:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="h:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a1,e9,ff,fc,57,70,38,45,aa,cf,5d,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a1,e9,ff,fc,57,70,38,45,aa,cf,5d,\
.
[HKEY_USERS\S-1-5-21-2052111302-1993962763-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,26,84,ff,0a,1d,d4,8e,4a,9a,19,14,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,9c,4e,96,e1,22,24,49,40,9b,26,72,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2a,bc,30,8d,29,7c,24,48,a8,dd,b4,\
.
[HKEY_USERS\S-1-5-21-2052111302-1993962763-725345543-500\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e9,52,98,e2,eb,b9,d2,19,2b,34,0e,42,3a,54,01,9a,6a,47,68,6d,d0,b5,41,
bf,76,71,5f,bb,84,7f,e2,b0,ff,d5,bf,58,0d,fe,90,2b,7e,45,f5,f4,a7,81,16,69,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-2052111302-1993962763-725345543-500\Software\SecuROM\License information*]
"datasecu"=hex:f2,9a,58,e0,ba,aa,7b,b1,d0,cb,bd,77,be,e9,6d,6c,cd,b5,4b,36,15,
58,6b,41,d8,cc,a5,05,3a,94,b5,8c,1b,f3,00,41,48,41,e3,f1,71,b9,5f,bd,72,7f,\
"rkeysecu"=hex:cb,a0,c9,05,19,b2,dd,29,cb,84,e9,bd,2d,46,30,81
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(812)
h:\windows\system32\Ati2evxx.dll
h:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(2240)
h:\windows\system32\msi.dll
h:\windows\system32\webcheck.dll
h:\windows\system32\WPDShServiceObj.dll
h:\windows\system32\PortableDeviceTypes.dll
h:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2012-12-06 10:17:05
ComboFix-quarantined-files.txt 2012-12-06 09:17
ComboFix2.txt 2012-12-05 20:51
ComboFix3.txt 2012-12-05 19:30
ComboFix4.txt 2012-12-05 19:10
.
Před spuštěním: Volných bajtů: 205 732 642 816
Po spuštění: Volných bajtů: 205 719 564 288
.
- - End Of File - - CE673CD57E8E5918021B9F26BB7C1094
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2533 [GMT 1:00]
Spuštěný z: h:\documents and settings\Administrator\Plocha\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-06 do 2012-12-06 )))))))))))))))))))))))))))))))
.
.
2012-12-05 21:30 . 2012-12-05 21:30 -------- d-----w- H:\rsit
2012-12-05 21:30 . 2012-12-05 21:30 -------- d-----w- h:\program files\trend micro
2012-12-05 20:59 . 2012-12-05 21:22 -------- d-----w- h:\windows\SxsCaPendDel
2012-12-05 18:54 . 2012-12-05 18:54 -------- d-----w- h:\documents and settings\All Users\Oblíbené položky
2012-11-28 17:56 . 2012-11-28 17:56 -------- d-----w- h:\documents and settings\Administrator\Data aplikací\Apple Computer
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2012-11-27 20:22 . 2012-11-27 20:22 -------- d-----w- h:\documents and settings\Administrator\Local Settings\Data aplikací\Apple
2012-11-26 22:14 . 2012-11-26 22:26 -------- d-----w- h:\program files\CamStudio 2.6b
2012-11-26 22:14 . 2010-10-23 23:56 49664 ----a-w- h:\windows\system32\CamCodec.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-20 07:20 . 2012-04-05 20:43 697272 ----a-w- h:\windows\system32\FlashPlayerApp.exe
2012-11-20 07:20 . 2011-05-27 10:57 73656 ----a-w- h:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-06 15:42 . 2011-01-27 19:05 139096 ----a-w- h:\windows\system32\drivers\PnkBstrK.sys
2012-11-06 15:42 . 2011-01-27 19:05 281312 ----a-w- h:\windows\system32\PnkBstrB.exe
2012-11-06 15:42 . 2009-07-04 23:46 281312 ----a-w- h:\windows\system32\PnkBstrB.xtr
2012-11-05 19:28 . 2011-01-27 19:05 281312 ----a-w- h:\windows\system32\PnkBstrB.ex0
2012-10-30 22:51 . 2011-03-09 18:28 738504 ----a-w- h:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2011-01-15 11:50 361032 ----a-w- h:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2011-01-15 11:50 54232 ----a-w- h:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-01-15 11:50 35928 ----a-w- h:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2011-01-15 11:50 97608 ----a-w- h:\windows\system32\drivers\aswmon2.sys
2012-10-30 22:51 . 2011-01-15 11:50 89752 ----a-w- h:\windows\system32\drivers\aswmon.sys
2012-10-30 22:51 . 2011-01-15 11:50 21256 ----a-w- h:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2011-01-15 11:50 25256 ----a-w- h:\windows\system32\drivers\aavmker4.sys
2012-10-30 22:51 . 2011-01-15 11:50 41224 ----a-w- h:\windows\avastSS.scr
2012-10-30 22:50 . 2011-01-15 11:50 227648 ----a-w- h:\windows\system32\aswBoot.exe
2012-10-29 07:04 . 2011-01-27 19:05 76888 ----a-w- h:\windows\system32\PnkBstrA.exe
2012-10-26 15:55 . 2012-09-23 07:07 16400 ----a-w- h:\windows\system32\drivers\LNonPnP.sys
2010-02-16 10:46 . 2010-02-16 10:43 63 ----a-w- h:\program files\Namapuj.bat
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- h:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="h:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"StartCCC"="h:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 98304]
"Launch LCore"="h:\program files\Logitech Gaming Software\LCore.exe" [2012-07-24 5115192]
"RTSS"="h:\program files\MSI Afterburner\Bundle\OSDServer\RTSS.exe" [2012-10-30 166968]
"MSIAfterburner"="h:\program files\MSI Afterburner\MSIAfterburner.exe" [2012-10-30 408632]
"QuickTime Task"="h:\program files\QuickTime Alternative\QTTask.exe" [2011-10-24 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="h:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
h:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
HP Digital Imaging Monitor.lnk - h:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-08-18 15:11 11952 ----a-w- h:\windows\system32\avgrsstx.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 08:20 57344 ------r- h:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
2008-06-19 08:42 2808832 ------r- h:\windows\alcwzrd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp]
2008-08-15 16:33 1473536 ----a-w- h:\program files\TO2SSM\McciTrayApp.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"h:\\Program Files\\THQ\\Frontlines-Fuel of War\\Binaries\\FFOW.exe"=
"h:\\Program Files\\ICQ6.5\\ICQ.exe"=
"h:\\WINDOWS\\system32\\dpnsvr.exe"=
"h:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"h:\\Program Files\\Opera\\opera.exe"=
"h:\\Program Files\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe"=
"h:\\Program Files\\Metin2_CZ\\metin2.bin"=
"h:\\Program Files\\Metin2_CZ\\metin2client.bin"=
"h:\\Program Files\\ICQ7.0\\ICQ.exe"=
"h:\\Program Files\\ICQ7.0\\aolload.exe"=
"h:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"h:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"h:\\Program Files\\Electronic Arts\\Medal of Honor\\Binaries\\moh.exe"=
"h:\\Program Files\\Electronic Arts\\Medal of Honor\\MP\\MoHMPGame.exe"=
"h:\\Program Files\\GIGABYTE\\EnergySaver\\run.exe"=
"i:\\Games\\Ubi Soft\\Hawx\\HAWX.exe"=
"h:\\WINDOWS\\system32\\PnkBstrA.exe"=
"h:\\WINDOWS\\system32\\PnkBstrB.exe"=
"i:\\Games\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"i:\\Games\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"h:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"h:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"h:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"i:\\Games\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"=
"i:\\Games\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"=
"h:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2.exe"=
"h:\\Program Files\\UBISOFT\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"h:\\Program Files\\UBISOFT\\Tom Clancy's H.A.W.X. 2\\HAWX2.exe"=
"h:\\Program Files\\UBISOFT\\Tom Clancy's H.A.W.X. 2\\Data\\Browser\\UPlayBrowser.exe"=
"i:\\Games\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"h:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2OA.exe"=
"i:\\Games\\BlackBeanGames\\WRC2010\\Launcher.exe"=
"i:\\Games\\F1_2010\\F1_2010_game.exe"=
"h:\\Program Files\\uTorrent\\utorrent.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"i:\\Games\\Mass Effect 2\\Binaries\\MassEffect2.exe"=
"i:\\Games\\Mass Effect 2\\MassEffect2Launcher.exe"=
"i:\\Games\\Auran\\TS2010\\Trainz.exe"=
"i:\\Games\\Auran\\TS2010\\bin\\TADDaemon.exe"=
"h:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2oaserver.exe"=
"i:\\Games\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"h:\\Program Files\\Server\\USB server\\mysql\\bin\\mysqld_usbwv8.exe"=
"h:\\Program Files\\Server\\USB server\\apache\\bin\\httpd_usbwv8.exe"=
"h:\\Program Files\\Metin2_CZ\\metin2.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpiscnapp.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=
"i:\\Games\\Z8Games\\CrossFire\\CF_G4box.exe"=
"i:\\Games\\Battlefield 2142\\BF2142.exe"=
"h:\\Program Files\\Bohemia Interactive\\Take On Helicopters Demo\\TakeOnHDemo.exe"=
"h:\\Program Files\\Skype\\Phone\\Skype.exe"=
"i:\\Games\\Call of Duty - World at War\\CoDWaWmp.exe"=
"i:\\Games\\FlatOut2\\flatout2.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58888:TCP"= 58888:TCP:Pando Media Booster
"58888:UDP"= 58888:UDP:Pando Media Booster
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 SmartDefragDriver;SmartDefragDriver;h:\windows\system32\drivers\SmartDefragDriver.sys [7.8.2011 21:24 13496]
R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]
R1 aswSnx;aswSnx;h:\windows\system32\drivers\aswSnx.sys [9.3.2011 19:28 738504]
R1 aswSP;aswSP;h:\windows\system32\drivers\aswSP.sys [15.1.2011 12:50 361032]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;h:\windows\system32\drivers\avgldx86.sys [19.5.2009 19:41 335240]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;h:\program files\IObit\Advanced SystemCare 5\ASCService.exe [12.8.2012 22:33 913792]
R2 aswFsBlk;aswFsBlk;h:\windows\system32\drivers\aswFsBlk.sys [15.1.2011 12:50 21256]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;h:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [14.1.2010 18:58 81920]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;h:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [14.1.2010 18:58 2732032]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;h:\windows\system32\drivers\LGBusEnum.sys [23.9.2012 8:07 19720]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;h:\windows\system32\drivers\LGSHidFilt.Sys [23.9.2012 8:07 42008]
S1 AvgTdiX;AVG Free8 Network Redirector;h:\windows\system32\drivers\avgtdix.sys [19.5.2009 19:41 108552]
S1 cc2209c0;cc2209c0;h:\windows\system32\drivers\cc2209c0.sys [17.5.2009 12:20 0]
S2 MSSQL$SPRINXCRM;SQL Server (SPRINXCRM);h:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [25.11.2008 7:31 29263712]
S2 SkypeUpdate;Skype Updater;h:\program files\Skype\Updater\Updater.exe [13.7.2012 12:28 160944]
S3 cpuz130;cpuz130;\??\h:\docume~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys --> h:\docume~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [?]
S3 EagleXNt;EagleXNt;\??\h:\windows\system32\drivers\EagleXNt.sys --> h:\windows\system32\drivers\EagleXNt.sys [?]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;h:\windows\system32\drivers\LGVirHid.sys [23.9.2012 8:07 14856]
S3 npggsvc;nProtect GameGuard Service;h:\windows\system32\GameMon.des -service --> h:\windows\system32\GameMon.des -service [?]
S3 pcouffin;VSO Software pcouffin;h:\windows\system32\drivers\pcouffin.sys [29.5.2009 18:26 47360]
S3 RegFilter;RegFilter;h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys [1.8.2011 6:18 30368]
S3 SMCWPCIG;SMCWPCI-G 54Mbps Wireless PCI adapter Service;h:\windows\system32\DRIVERS\SMCWPCIG.sys --> h:\windows\system32\DRIVERS\SMCWPCIG.sys [?]
S3 SwitchBoard;SwitchBoard;h:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [19.2.2010 13:37 517096]
S3 UrlFilter;UrlFilter;h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys [1.8.2011 6:18 16080]
S3 wlanndi5;wlanndi5 NDIS Protocol Driver;h:\windows\system32\wlanndi5.sys [21.4.2004 17:51 16384]
S3 XDva317;XDva317;\??\h:\windows\system32\XDva317.sys --> h:\windows\system32\XDva317.sys [?]
S3 XDva321;XDva321;\??\h:\windows\system32\XDva321.sys --> h:\windows\system32\XDva321.sys [?]
S3 XDva323;XDva323;\??\h:\windows\system32\XDva323.sys --> h:\windows\system32\XDva323.sys [?]
S3 XDva327;XDva327;\??\h:\windows\system32\XDva327.sys --> h:\windows\system32\XDva327.sys [?]
S3 XDva336;XDva336;\??\h:\windows\system32\XDva336.sys --> h:\windows\system32\XDva336.sys [?]
S3 XDva346;XDva346;\??\h:\windows\system32\XDva346.sys --> h:\windows\system32\XDva346.sys [?]
S3 XDva347;XDva347;\??\h:\windows\system32\XDva347.sys --> h:\windows\system32\XDva347.sys [?]
S3 XDva349;XDva349;\??\h:\windows\system32\XDva349.sys --> h:\windows\system32\XDva349.sys [?]
S3 XDva352;XDva352;\??\h:\windows\system32\XDva352.sys --> h:\windows\system32\XDva352.sys [?]
S3 XDva392;XDva392;\??\h:\windows\system32\XDva392.sys --> h:\windows\system32\XDva392.sys [?]
S4 Application Updater;Application Updater;h:\program files\Application Updater\ApplicationUpdater.exe [17.8.2011 12:00 402328]
S4 FileMonitor;FileMonitor;h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys [1.8.2011 6:18 239600]
S4 GEST Service;GEST Service for program management.;h:\program files\GIGABYTE\EnergySaver\GSvr.exe [21.3.2009 1:30 80392]
S4 gupdate1ca8be9ec2b3198;Google Update Service (gupdate1ca8be9ec2b3198);h:\program files\Google\Update\GoogleUpdate.exe [2.1.2010 21:26 133104]
S4 IMFservice;IMF Service;h:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [20.6.2011 21:58 820568]
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - RTCore32
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-20 h:\windows\Tasks\Adobe Flash Player Updater.job
- h:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 07:20]
.
2012-12-06 h:\windows\Tasks\avast! Emergency Update.job
- h:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-09 22:50]
.
2012-09-19 h:\windows\Tasks\Game_Booster_Startup.job
- h:\program files\IObit\Game Booster\gbtray.exe [2011-01-15 12:51]
.
2012-09-19 h:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- h:\program files\Google\Update\GoogleUpdate.exe [2010-01-02 20:26]
.
2012-09-19 h:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- h:\program files\Google\Update\GoogleUpdate.exe [2010-01-02 20:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - h:\windows\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
.
.
------- Asociace souborů -------
.
.scr=AutoCADScriptFile
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-06 10:15
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="h:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a1,e9,ff,fc,57,70,38,45,aa,cf,5d,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a1,e9,ff,fc,57,70,38,45,aa,cf,5d,\
.
[HKEY_USERS\S-1-5-21-2052111302-1993962763-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,26,84,ff,0a,1d,d4,8e,4a,9a,19,14,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,9c,4e,96,e1,22,24,49,40,9b,26,72,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2a,bc,30,8d,29,7c,24,48,a8,dd,b4,\
.
[HKEY_USERS\S-1-5-21-2052111302-1993962763-725345543-500\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e9,52,98,e2,eb,b9,d2,19,2b,34,0e,42,3a,54,01,9a,6a,47,68,6d,d0,b5,41,
bf,76,71,5f,bb,84,7f,e2,b0,ff,d5,bf,58,0d,fe,90,2b,7e,45,f5,f4,a7,81,16,69,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-2052111302-1993962763-725345543-500\Software\SecuROM\License information*]
"datasecu"=hex:f2,9a,58,e0,ba,aa,7b,b1,d0,cb,bd,77,be,e9,6d,6c,cd,b5,4b,36,15,
58,6b,41,d8,cc,a5,05,3a,94,b5,8c,1b,f3,00,41,48,41,e3,f1,71,b9,5f,bd,72,7f,\
"rkeysecu"=hex:cb,a0,c9,05,19,b2,dd,29,cb,84,e9,bd,2d,46,30,81
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(812)
h:\windows\system32\Ati2evxx.dll
h:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(2240)
h:\windows\system32\msi.dll
h:\windows\system32\webcheck.dll
h:\windows\system32\WPDShServiceObj.dll
h:\windows\system32\PortableDeviceTypes.dll
h:\windows\system32\PortableDeviceApi.dll
.
Celkový čas: 2012-12-06 10:17:05
ComboFix-quarantined-files.txt 2012-12-06 09:17
ComboFix2.txt 2012-12-05 20:51
ComboFix3.txt 2012-12-05 19:30
ComboFix4.txt 2012-12-05 19:10
.
Před spuštěním: Volných bajtů: 205 732 642 816
Po spuštění: Volných bajtů: 205 719 564 288
.
- - End Of File - - CE673CD57E8E5918021B9F26BB7C1094
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
Presun ComboFix
na plochu (ak tam este nie je)
otvor si Poznamkovy blok - notepad
do neho zkopiruj skript z nasledujiceho okna:
uloz vytvoreny textovy soubor ako CFScript.txt na plochu
po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:
po aplikacii by mal vzniknut dalsi log, ten vloz sem
na plochu (ak tam este nie je)
otvor si Poznamkovy blok - notepad
do neho zkopiruj skript z nasledujiceho okna:
Kód: Vybrat vše
Folder::
h:\program files\IObit
Driver::
AvgLdx86
AdvancedSystemCareService5
AvgTdiX
XDva317
XDva321
XDva323
XDva327
XDva336
XDva346
XDva347
XDva349
XDva352
XDva392
Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
po ulozeni uchop vytvoreny skript lavym tlacitkom mysi a presun ho nad ikonu Combofixu, nad nim skript upust:
po aplikacii by mal vzniknut dalsi log, ten vloz sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
Po restartu vyskočila hláška: chybí disk - exception processing message c0000013 parameters 75b4bf7b 4 75b4bf7c 75b4bf7c
tady je log
ComboFix 12-12-04.01 - Administrator 06.12.2012 10:56:55.6.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2545 [GMT 1:00]
Spuštěný z: h:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: h:\documents and settings\Administrator\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
h:\program files\IObit
h:\program files\IObit\Advanced SystemCare 3\License.dat
h:\program files\IObit\Advanced SystemCare 3\Sut_SoftUninstal.exe
h:\program files\IObit\Advanced SystemCare 4\bugreport.txt
h:\program files\IObit\Advanced SystemCare 4\free-software-downloader.exe
h:\program files\IObit\Advanced SystemCare 4\checkinfo.txt
h:\program files\IObit\Advanced SystemCare 4\LatestNews\imagenews.png
h:\program files\IObit\Advanced SystemCare 4\LatestNews\LatestNews.ini
h:\program files\IObit\Advanced SystemCare 4\License.dat
h:\program files\IObit\Advanced SystemCare 4\Main.ini
h:\program files\IObit\Advanced SystemCare 4\tb.dat
h:\program files\IObit\Advanced SystemCare 4\Test.log
h:\program files\IObit\Advanced SystemCare 4\Update\Update.Ini
h:\program files\IObit\Advanced SystemCare 4\UpdateHistory.txt
h:\program files\IObit\Advanced SystemCare 5\About.dll
h:\program files\IObit\Advanced SystemCare 5\ActiveBoost.db
h:\program files\IObit\Advanced SystemCare 5\amc-remind.exe
h:\program files\IObit\Advanced SystemCare 5\ASC.exe
h:\program files\IObit\Advanced SystemCare 5\ASCInit.exe
h:\program files\IObit\Advanced SystemCare 5\ASCInit.log
h:\program files\IObit\Advanced SystemCare 5\ASCService.exe
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-21.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-22.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-23.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-24.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-25.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-26.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-27.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-28.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-29.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-30.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-01.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-02.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-03.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-04.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-05.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-06.log
h:\program files\IObit\Advanced SystemCare 5\ASCTooltips.exe
h:\program files\IObit\Advanced SystemCare 5\ASCTray.exe
h:\program files\IObit\Advanced SystemCare 5\ASCUpgrade.exe
h:\program files\IObit\Advanced SystemCare 5\ASCv5ComputerMenu.dll
h:\program files\IObit\Advanced SystemCare 5\ASCv5ComputerMenu_64.dll
h:\program files\IObit\Advanced SystemCare 5\ASCv5ExtMenu.dll
h:\program files\IObit\Advanced SystemCare 5\ASCv5ExtMenu_64.dll
h:\program files\IObit\Advanced SystemCare 5\AutoCare.exe
h:\program files\IObit\Advanced SystemCare 5\AutoSweep.exe
h:\program files\IObit\Advanced SystemCare 5\AutoUpdate.exe
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 16-10-42
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 19-16-08
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 19-28-26
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 20-38-03
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 20-58-26
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 21-33-58
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 22-28-59
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-06 07-32-34
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-06 10-04-40
h:\program files\IObit\Advanced SystemCare 5\Boottime\path.ini
h:\program files\IObit\Advanced SystemCare 5\Cus.dbd
h:\program files\IObit\Advanced SystemCare 5\cxLibraryD12.bpl
h:\program files\IObit\Advanced SystemCare 5\datastate.dll
h:\program files\IObit\Advanced SystemCare 5\Def.dbd
h:\program files\IObit\Advanced SystemCare 5\DelayLoad.exe
h:\program files\IObit\Advanced SystemCare 5\diskhelper.dll
h:\program files\IObit\Advanced SystemCare 5\DiskMap.dll
h:\program files\IObit\Advanced SystemCare 5\DiskScan.exe
h:\program files\IObit\Advanced SystemCare 5\DriverData.db
h:\program files\IObit\Advanced SystemCare 5\drivers\win7_amd64\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\win7_x86\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\wlh_amd64\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\wlh_x86\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\wnet_amd64\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\wnet_x86\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\wxp_amd64\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\wxp_x86\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\dxBarD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxComnD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxCoreD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxDockingD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxGDIPlusD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxhelper.dll
h:\program files\IObit\Advanced SystemCare 5\dxSkinOffice2007BlueD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxSkinsCoreD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxThemeD12.bpl
h:\program files\IObit\Advanced SystemCare 5\EULA.rtf
h:\program files\IObit\Advanced SystemCare 5\Ext.dbd
h:\program files\IObit\Advanced SystemCare 5\FfSweep.dll
h:\program files\IObit\Advanced SystemCare 5\help.html
h:\program files\IObit\Advanced SystemCare 5\ignore.dbd
h:\program files\IObit\Advanced SystemCare 5\Images\dcScreen.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\dcScreen2.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\icon-dc.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\icon-qc.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\icon-tb.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\icon-tbox.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\main.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\mainPro.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\toolboxscreen.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\turboboost.jpg
h:\program files\IObit\Advanced SystemCare 5\IObitLogon.dll
h:\program files\IObit\Advanced SystemCare 5\Language\Arabic.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Belarusian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Bulgarian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Czech.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Danish.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Dutch.lng
h:\program files\IObit\Advanced SystemCare 5\Language\English.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Finnish.lng
h:\program files\IObit\Advanced SystemCare 5\Language\French.lng
h:\program files\IObit\Advanced SystemCare 5\Language\German.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Greek.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Hebrew.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Hungarian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\ChineseSimp.lng
h:\program files\IObit\Advanced SystemCare 5\Language\ChineseTrad.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Italian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\japanese.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Korean.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Polish.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Portuguese(PT-BR).lng
h:\program files\IObit\Advanced SystemCare 5\Language\Portuguese(PT-PT).lng
h:\program files\IObit\Advanced SystemCare 5\Language\Romanian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Russian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Serbian (cyrillic).lng
h:\program files\IObit\Advanced SystemCare 5\Language\Serbian (latin).lng
h:\program files\IObit\Advanced SystemCare 5\Language\Slovenian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Spanish.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Swedish.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Turkish.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Vietnamese.lng
h:\program files\IObit\Advanced SystemCare 5\LatestNews\imagenews.png
h:\program files\IObit\Advanced SystemCare 5\LatestNews\LatestNews.ini
h:\program files\IObit\Advanced SystemCare 5\License.dat
h:\program files\IObit\Advanced SystemCare 5\madbasic_.bpl
h:\program files\IObit\Advanced SystemCare 5\maddisAsm_.bpl
h:\program files\IObit\Advanced SystemCare 5\madexcept_.bpl
h:\program files\IObit\Advanced SystemCare 5\NtfsData.dll
h:\program files\IObit\Advanced SystemCare 5\OFCommon.dll
h:\program files\IObit\Advanced SystemCare 5\OFCommon3.dll
h:\program files\IObit\Advanced SystemCare 5\PerformUpdate.exe
h:\program files\IObit\Advanced SystemCare 5\PMonitor.exe
h:\program files\IObit\Advanced SystemCare 5\Promote.exe
h:\program files\IObit\Advanced SystemCare 5\Reg.dbd
h:\program files\IObit\Advanced SystemCare 5\Register.exe
h:\program files\IObit\Advanced SystemCare 5\Reminder.exe
h:\program files\IObit\Advanced SystemCare 5\Report.exe
h:\program files\IObit\Advanced SystemCare 5\RescueCenter.exe
h:\program files\IObit\Advanced SystemCare 5\Restore.dbd
h:\program files\IObit\Advanced SystemCare 5\rtl120.bpl
h:\program files\IObit\Advanced SystemCare 5\Scan.dll
h:\program files\IObit\Advanced SystemCare 5\SecurityHoleScan.log
h:\program files\IObit\Advanced SystemCare 5\skin\black.rcc
h:\program files\IObit\Advanced SystemCare 5\skin\classic.rcc
h:\program files\IObit\Advanced SystemCare 5\skin\cute.rcc
h:\program files\IObit\Advanced SystemCare 5\skin\metal.rcc
h:\program files\IObit\Advanced SystemCare 5\skin\public.rcc
h:\program files\IObit\Advanced SystemCare 5\skin\white.rcc
h:\program files\IObit\Advanced SystemCare 5\sqlite3.dll
h:\program files\IObit\Advanced SystemCare 5\Suc10_RegistryCleaner.exe
h:\program files\IObit\Advanced SystemCare 5\Suc11_PrivacySweeper.exe
h:\program files\IObit\Advanced SystemCare 5\Suc12_Uninstal.exe
h:\program files\IObit\Advanced SystemCare 5\Suc13_DiskCleaner.exe
h:\program files\IObit\Advanced SystemCare 5\Suc14_FileShredder.exe
h:\program files\IObit\Advanced SystemCare 5\Sun10_ClonedFilesScanner.exe
h:\program files\IObit\Advanced SystemCare 5\Sun11_AutoShutdown.exe
h:\program files\IObit\Advanced SystemCare 5\Sun12_DiskExplorer.exe
h:\program files\IObit\Advanced SystemCare 5\Sun13_SystemInformation.exe
h:\program files\IObit\Advanced SystemCare 5\Sun14_EmptyFolderScanner.exe
h:\program files\IObit\Advanced SystemCare 5\Sun15_SystemControl.exe
h:\program files\IObit\Advanced SystemCare 5\Suo10_SmartRAM.exe
h:\program files\IObit\Advanced SystemCare 5\Suo11_InternetBooster.exe
h:\program files\IObit\Advanced SystemCare 5\Suo12_StartupManager.exe
h:\program files\IObit\Advanced SystemCare 5\Suo13_RegistryDefrag.exe
h:\program files\IObit\Advanced SystemCare 5\Suo14_SmartDefrag.exe
h:\program files\IObit\Advanced SystemCare 5\Suo15_GameBooster.exe
h:\program files\IObit\Advanced SystemCare 5\Sur10_Undelete.exe
h:\program files\IObit\Advanced SystemCare 5\Sur11_ShortcutFixer.exe
h:\program files\IObit\Advanced SystemCare 5\Sur12_DiskDoctor.exe
h:\program files\IObit\Advanced SystemCare 5\Sur13_WinFix.exe
h:\program files\IObit\Advanced SystemCare 5\Sur14_IEHelper.exe
h:\program files\IObit\Advanced SystemCare 5\Sus10_SysExplorer.exe
h:\program files\IObit\Advanced SystemCare 5\Sus11_SecurityHolesScanner.exe
h:\program files\IObit\Advanced SystemCare 5\Sus12_ProcessManager.exe
h:\program files\IObit\Advanced SystemCare 5\Sus13_DriverManager.exe
h:\program files\IObit\Advanced SystemCare 5\taskmgr.dll
h:\program files\IObit\Advanced SystemCare 5\TbFfSweep.dll
h:\program files\IObit\Advanced SystemCare 5\TbFileSweep.dll
h:\program files\IObit\Advanced SystemCare 5\ToolBox.exe
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Arabic.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Belarusian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Bulgarian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Czech.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Danish.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Dutch.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\English.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Finnish.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\French.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\German.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Greek.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Hebrew.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Hungarian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\ChineseSimp.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\ChineseTrad.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Italian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\japanese.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Korean.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Polish.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Portuguese(PT-BR).lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Portuguese(PT-PT).lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Romanian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Russian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Serbian (cyrillic).lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Serbian (latin).lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Slovenian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Spanish.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Swedish.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Turkish.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Vietnamese.lng
h:\program files\IObit\Advanced SystemCare 5\TurboBoost.exe
h:\program files\IObit\Advanced SystemCare 5\TurboBoostGame.dbd
h:\program files\IObit\Advanced SystemCare 5\Undelete.dll
h:\program files\IObit\Advanced SystemCare 5\unins000.dat
h:\program files\IObit\Advanced SystemCare 5\unins000.exe
h:\program files\IObit\Advanced SystemCare 5\unins000.msg
h:\program files\IObit\Advanced SystemCare 5\UninstallPromote.exe
h:\program files\IObit\Advanced SystemCare 5\Update History.txt
h:\program files\IObit\Advanced SystemCare 5\Update\LastCheck.Ini
h:\program files\IObit\Advanced SystemCare 5\Update\Update.Ini
h:\program files\IObit\Advanced SystemCare 5\Update\Update.tmp
h:\program files\IObit\Advanced SystemCare 5\UpdateHistory.txt
h:\program files\IObit\Advanced SystemCare 5\UPdateTest.log
h:\program files\IObit\Advanced SystemCare 5\UpgradeTip.exe
h:\program files\IObit\Advanced SystemCare 5\UpgradeTip.log
h:\program files\IObit\Advanced SystemCare 5\vcl120.bpl
h:\program files\IObit\Advanced SystemCare 5\vclx120.bpl
h:\program files\IObit\Advanced SystemCare 5\WebUI.dll
h:\program files\IObit\Advanced SystemCare 5\Wizard.exe
h:\program files\IObit\Advanced SystemCare 5\zlibwapi.dll
h:\program files\IObit\Game Booster\AutoUpdate.exe
h:\program files\IObit\Game Booster\bookmarks.exe
h:\program files\IObit\Game Booster\Boost.exe
h:\program files\IObit\Game Booster\fav.ico
h:\program files\IObit\Game Booster\Freeware\GB_FreeSoftwareDownloader.exe
h:\program files\IObit\Game Booster\Freeware\Check.dll
h:\program files\IObit\Game Booster\GameBooster.exe
h:\program files\IObit\Game Booster\GB_FreeSoftwareDownloader.exe
h:\program files\IObit\Game Booster\gbinit.exe
h:\program files\IObit\Game Booster\gbtray.exe
h:\program files\IObit\Game Booster\Language\Arabic.lng
h:\program files\IObit\Game Booster\Language\Catalan.lng
h:\program files\IObit\Game Booster\Language\Croatian.lng
h:\program files\IObit\Game Booster\Language\Czech.lng
h:\program files\IObit\Game Booster\Language\Dansk.lng
h:\program files\IObit\Game Booster\Language\Dutch.lng
h:\program files\IObit\Game Booster\Language\English.lng
h:\program files\IObit\Game Booster\Language\Finnish.lng
h:\program files\IObit\Game Booster\Language\French.lng
h:\program files\IObit\Game Booster\Language\German.lng
h:\program files\IObit\Game Booster\Language\Hungarian.lng
h:\program files\IObit\Game Booster\Language\ChineseSimp.lng
h:\program files\IObit\Game Booster\Language\ChineseTrad.lng
h:\program files\IObit\Game Booster\Language\Indonesian.lng
h:\program files\IObit\Game Booster\Language\Italian.lng
h:\program files\IObit\Game Booster\Language\Japanese.lng
h:\program files\IObit\Game Booster\Language\Korean.lng
h:\program files\IObit\Game Booster\Language\Polish.lng
h:\program files\IObit\Game Booster\Language\Portuguese(BRAZIL).lng
h:\program files\IObit\Game Booster\Language\Romanian.lng
h:\program files\IObit\Game Booster\Language\Russian.lng
h:\program files\IObit\Game Booster\Language\Slovenian.lng
h:\program files\IObit\Game Booster\Language\Spanish.lng
h:\program files\IObit\Game Booster\Language\Swedish.lng
h:\program files\IObit\Game Booster\Language\Turkish.lng
h:\program files\IObit\Game Booster\LatestNews\imagenews.png
h:\program files\IObit\Game Booster\LatestNews\LatestNews.ini
h:\program files\IObit\Game Booster\license.dat
h:\program files\IObit\Game Booster\madbasic_.bpl
h:\program files\IObit\Game Booster\maddisAsm_.bpl
h:\program files\IObit\Game Booster\madexcept_.bpl
h:\program files\IObit\Game Booster\PowerConfig.dll
h:\program files\IObit\Game Booster\rtl120.bpl
h:\program files\IObit\Game Booster\sqlite3.dll
h:\program files\IObit\Game Booster\taskMgr.dll
h:\program files\IObit\Game Booster\TaskSchedule.exe
h:\program files\IObit\Game Booster\unins000.dat
h:\program files\IObit\Game Booster\unins000.exe
h:\program files\IObit\Game Booster\unins000.msg
h:\program files\IObit\Game Booster\Update\Update.Ini
h:\program files\IObit\Game Booster\vcl120.bpl
h:\program files\IObit\Game Booster\vclx120.bpl
h:\program files\IObit\IObit Malware Fighter\BlueBirdInit.exe
h:\program files\IObit\IObit Malware Fighter\datastate.dll
h:\program files\IObit\IObit Malware Fighter\db\core000.def
h:\program files\IObit\IObit Malware Fighter\db\core001.def
h:\program files\IObit\IObit Malware Fighter\db\core002.def
h:\program files\IObit\IObit Malware Fighter\db\core003.def
h:\program files\IObit\IObit Malware Fighter\db\core004.def
h:\program files\IObit\IObit Malware Fighter\db\core005.def
h:\program files\IObit\IObit Malware Fighter\db\core006.def
h:\program files\IObit\IObit Malware Fighter\db\core007.def
h:\program files\IObit\IObit Malware Fighter\db\core008.def
h:\program files\IObit\IObit Malware Fighter\db\core009.def
h:\program files\IObit\IObit Malware Fighter\db\core010.def
h:\program files\IObit\IObit Malware Fighter\db\core011.def
h:\program files\IObit\IObit Malware Fighter\db\core012.def
h:\program files\IObit\IObit Malware Fighter\DebugOutput_IMF.exe.txt
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_ia64\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_ia64\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_ia64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_x86\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_x86\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_x86\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_ia64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\EULA.rtf
h:\program files\IObit\IObit Malware Fighter\fav.ico
h:\program files\IObit\IObit Malware Fighter\FileMonitor.dll
h:\program files\IObit\IObit Malware Fighter\Freeware\Check.dll
h:\program files\IObit\IObit Malware Fighter\Freeware\IMF_FreeSoftwareDownloader.exe
h:\program files\IObit\IObit Malware Fighter\help\help.html
h:\program files\IObit\IObit Malware Fighter\help\img\cloud.png
h:\program files\IObit\IObit Malware Fighter\help\img\main-cloud.png
h:\program files\IObit\IObit Malware Fighter\help\img\main-free.png
h:\program files\IObit\IObit Malware Fighter\help\img\main-pro.png
h:\program files\IObit\IObit Malware Fighter\help\img\main-protect.png
h:\program files\IObit\IObit Malware Fighter\help\img\main-scan.png
h:\program files\IObit\IObit Malware Fighter\help\img\overview.png
h:\program files\IObit\IObit Malware Fighter\help\img\protect.png
h:\program files\IObit\IObit Malware Fighter\help\img\scan.png
h:\program files\IObit\IObit Malware Fighter\IMF.exe
h:\program files\IObit\IObit Malware Fighter\IMFShellExt.dll
h:\program files\IObit\IObit Malware Fighter\IMFsrv.exe
h:\program files\IObit\IObit Malware Fighter\IMFUpdater.exe
h:\program files\IObit\IObit Malware Fighter\IntegrateFilter.dll
h:\program files\IObit\IObit Malware Fighter\IObitUninstal.exe
h:\program files\IObit\IObit Malware Fighter\Language\Arabic.lng
h:\program files\IObit\IObit Malware Fighter\Language\cache
h:\program files\IObit\IObit Malware Fighter\Language\Czech.lng
h:\program files\IObit\IObit Malware Fighter\Language\English.lng
h:\program files\IObit\IObit Malware Fighter\Language\French.lng
h:\program files\IObit\IObit Malware Fighter\Language\German.lng
h:\program files\IObit\IObit Malware Fighter\Language\Hungarian.lng
h:\program files\IObit\IObit Malware Fighter\Language\ChineseSimp.lng
h:\program files\IObit\IObit Malware Fighter\Language\ChineseTrad.lng
h:\program files\IObit\IObit Malware Fighter\Language\Italian.lng
h:\program files\IObit\IObit Malware Fighter\Language\Japanese.lng
h:\program files\IObit\IObit Malware Fighter\Language\Korean.lng
h:\program files\IObit\IObit Malware Fighter\Language\Latvian.lng
h:\program files\IObit\IObit Malware Fighter\Language\Polish.lng
h:\program files\IObit\IObit Malware Fighter\Language\Portuguese(PT-BR).lng
h:\program files\IObit\IObit Malware Fighter\Language\Russian.lng
h:\program files\IObit\IObit Malware Fighter\Language\Serbian.lng
h:\program files\IObit\IObit Malware Fighter\Language\Spanish.lng
h:\program files\IObit\IObit Malware Fighter\Language\Swedish.lng
h:\program files\IObit\IObit Malware Fighter\Language\Turkish.lng
h:\program files\IObit\IObit Malware Fighter\Language\Vietnamese.lng
h:\program files\IObit\IObit Malware Fighter\LatestNews\LatestNews.ini
h:\program files\IObit\IObit Malware Fighter\license.dat
h:\program files\IObit\IObit Malware Fighter\ProtectorLog.log
h:\program files\IObit\IObit Malware Fighter\Quarantine Zone\atfthcxm
h:\program files\IObit\IObit Malware Fighter\Quarantine Zone\info.db
h:\program files\IObit\IObit Malware Fighter\RegFilter.dll
h:\program files\IObit\IObit Malware Fighter\rtl120.bpl
h:\program files\IObit\IObit Malware Fighter\Scan.dll
h:\program files\IObit\IObit Malware Fighter\StartMenu.exe
h:\program files\IObit\IObit Malware Fighter\taskmgr.dll
h:\program files\IObit\IObit Malware Fighter\TaskSchedule.exe
h:\program files\IObit\IObit Malware Fighter\unins001.dat
h:\program files\IObit\IObit Malware Fighter\unins001.exe
h:\program files\IObit\IObit Malware Fighter\unins001.msg
h:\program files\IObit\IObit Malware Fighter\unrar.dll
h:\program files\IObit\IObit Malware Fighter\URLFilter.dll
h:\program files\IObit\IObit Malware Fighter\vcl120.bpl
h:\program files\IObit\IObit Malware Fighter\vclx120.bpl
h:\program files\IObit\IObit Malware Fighter\zlibwapi.dll
h:\program files\IObit\IObit Security 360\IS360DataBase.db
h:\program files\IObit\IObit Security 360\Quarantine Zone\eshcnnzx
h:\program files\IObit\IObit Security 360\Quarantine Zone\info.db
h:\program files\IObit\IObit Security 360\Quarantine Zone\rramfwkm
h:\program files\IObit\IObit Security 360\Quarantine Zone\wxzxoetz
h:\program files\IObit\IObit Security 360\Quarantine Zone\zrueytee
h:\program files\IObit\IObit Security 360\Quarantine Zone\zybsayxb
h:\program files\IObit\IObit Security 360\UpdateLog.txt
h:\program files\IObit\Protected Folder\help\images\pic01.png
h:\program files\IObit\Protected Folder\help\images\pic02.png
h:\program files\IObit\Protected Folder\help\images\pic03.png
h:\program files\IObit\Protected Folder\help\images\pic04.png
h:\program files\IObit\Protected Folder\help\images\pic05.png
h:\program files\IObit\Protected Folder\help\images\pic06.png
h:\program files\IObit\Protected Folder\help\index.html
h:\program files\IObit\Protected Folder\Language\Arabic.lng
h:\program files\IObit\Protected Folder\Language\Brazilian.lng
h:\program files\IObit\Protected Folder\Language\Bulgarian.lng
h:\program files\IObit\Protected Folder\Language\Czech.lng
h:\program files\IObit\Protected Folder\Language\English.lng
h:\program files\IObit\Protected Folder\Language\French.lng
h:\program files\IObit\Protected Folder\Language\German.lng
h:\program files\IObit\Protected Folder\Language\Hungarian.lng
h:\program files\IObit\Protected Folder\Language\ChineseSimp.lng
h:\program files\IObit\Protected Folder\Language\ChineseTrad.lng
h:\program files\IObit\Protected Folder\Language\Korean.lng
h:\program files\IObit\Protected Folder\Language\Malay.lng
h:\program files\IObit\Protected Folder\Language\Moldova.lng
h:\program files\IObit\Protected Folder\Language\Polish.lng
h:\program files\IObit\Protected Folder\Language\Portuguese.lng
h:\program files\IObit\Protected Folder\Language\Russian.lng
h:\program files\IObit\Protected Folder\Language\Slovak.lng
h:\program files\IObit\Protected Folder\Language\Spanish.lng
h:\program files\IObit\Protected Folder\Language\Swedish.lng
h:\program files\IObit\Protected Folder\Language\Turkish.lng
h:\program files\IObit\Protected Folder\pffilter.sys
h:\program files\IObit\Protected Folder\PfCheckService.exe
h:\program files\IObit\Protected Folder\PfShellExtension.dll
h:\program files\IObit\Protected Folder\ProtectedFolder.exe
h:\program files\IObit\Protected Folder\unins000.dat
h:\program files\IObit\Protected Folder\unins000.exe
h:\program files\IObit\Smart Defrag 2\drivers\win7_x64\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\win7_x64\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\win7_x86\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\win7_x86\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\wlh_x64\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\wlh_x64\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\wlh_x86\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\wlh_x86\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\wnet_x64\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\wnet_x64\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\wnet_x86\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\wnet_x86\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\wxp_x64\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\wxp_x64\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\wxp_x86\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\wxp_x86\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\EULA.rtf
h:\program files\IObit\Smart Defrag 2\fav.ico
h:\program files\IObit\Smart Defrag 2\Freeware\Check.dll
h:\program files\IObit\Smart Defrag 2\Freeware\SD_FreeSoftwareDownloader.exe
h:\program files\IObit\Smart Defrag 2\Help\Images\001.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\002.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\003.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\004.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\005.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\006.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\007.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\008.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\009.jpg
h:\program files\IObit\Smart Defrag 2\Help\Index.html
h:\program files\IObit\Smart Defrag 2\Language\Albanian.lng
h:\program files\IObit\Smart Defrag 2\Language\Arabic.lng
h:\program files\IObit\Smart Defrag 2\Language\Bulgarian.lng
h:\program files\IObit\Smart Defrag 2\Language\Czech.lng
h:\program files\IObit\Smart Defrag 2\Language\Danish.lng
h:\program files\IObit\Smart Defrag 2\Language\Dutch.lng
h:\program files\IObit\Smart Defrag 2\Language\English.lng
h:\program files\IObit\Smart Defrag 2\Language\Finnish.lng
h:\program files\IObit\Smart Defrag 2\Language\Flemish.lng
h:\program files\IObit\Smart Defrag 2\Language\French.lng
h:\program files\IObit\Smart Defrag 2\Language\Georgian.lng
h:\program files\IObit\Smart Defrag 2\Language\German.lng
h:\program files\IObit\Smart Defrag 2\Language\Greek.lng
h:\program files\IObit\Smart Defrag 2\Language\Hebrew.lng
h:\program files\IObit\Smart Defrag 2\Language\Hungarian.lng
h:\program files\IObit\Smart Defrag 2\Language\ChineseSimp.lng
h:\program files\IObit\Smart Defrag 2\Language\ChineseTrad.lng
h:\program files\IObit\Smart Defrag 2\Language\Italian.lng
h:\program files\IObit\Smart Defrag 2\Language\Japanese.lng
h:\program files\IObit\Smart Defrag 2\Language\Korean.lng
h:\program files\IObit\Smart Defrag 2\Language\Kurdish.lng
h:\program files\IObit\Smart Defrag 2\Language\Malay.lng
h:\program files\IObit\Smart Defrag 2\Language\Malayalam.lng
h:\program files\IObit\Smart Defrag 2\Language\Norwegian.lng
h:\program files\IObit\Smart Defrag 2\Language\Polish.lng
h:\program files\IObit\Smart Defrag 2\Language\Portuguese(Brazil).lng
h:\program files\IObit\Smart Defrag 2\Language\Portuguese(Portugal).lng
h:\program files\IObit\Smart Defrag 2\Language\Romanian.lng
h:\program files\IObit\Smart Defrag 2\Language\Russian.lng
h:\program files\IObit\Smart Defrag 2\Language\Slovak.lng
h:\program files\IObit\Smart Defrag 2\Language\Slovenian.lng
h:\program files\IObit\Smart Defrag 2\Language\Spanish.lng
h:\program files\IObit\Smart Defrag 2\Language\Swedish.lng
h:\program files\IObit\Smart Defrag 2\Language\Turkish.lng
h:\program files\IObit\Smart Defrag 2\Language\Vietnamese.lng
h:\program files\IObit\Smart Defrag 2\LatestNews\LatestNews.ini
h:\program files\IObit\Smart Defrag 2\NtfsData.dll
h:\program files\IObit\Smart Defrag 2\rtl120.bpl
h:\program files\IObit\Smart Defrag 2\SDDriverMgr.dll
h:\program files\IObit\Smart Defrag 2\SDInit.exe
h:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Shadow.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Center.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Close_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Close_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\ColumnDivider.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\ColumnHeader.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Bottom_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Bottom_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Top_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Top_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Bottom.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Left_Top.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Right_Top.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Top.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Hide.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Checked.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Unchecked.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Item_Selected.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Layout.ini
h:\program files\IObit\Smart Defrag 2\Skins\Black\line.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Logo.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Maximize_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Maximize_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Minimize_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Minimize_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\News_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\News_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\News_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Page_Body.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Restore_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Restore_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Setting_Text_Shadow.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Show.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Statistics.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Title.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Top.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Add_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Add_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Add_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Add_Shadow.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\center.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Close_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Close_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\ColumnDivider.png
h:\program files\IObit\Smart Defrag 2\Skins\White\ColumnHeader.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Bottom_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Bottom_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Top_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Top_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Bottom.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Left_Top.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Right_Top.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Top.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Hide.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Checked.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Unchecked.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Item_Selected.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Layout.ini
h:\program files\IObit\Smart Defrag 2\Skins\White\line.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Logo.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Maximize_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Maximize_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Minimize_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Minimize_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\News_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\News_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\White\News_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Page_Body.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Restore_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Restore_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Setting_Text_Shadow.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Show.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Statistics.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Title.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Top.png
h:\program files\IObit\Smart Defrag 2\SmartDefrag.exe
h:\program files\IObit\Smart Defrag 2\taskMgr.dll
h:\program files\IObit\Smart Defrag 2\unins000.dat
h:\program files\IObit\Smart Defrag 2\unins000.exe
h:\program files\IObit\Smart Defrag 2\unins000.msg
h:\program files\IObit\Smart Defrag 2\vcl120.bpl
h:\program files\IObit\Smart Defrag 2\vclx120.bpl
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ADVANCEDSYSTEMCARESERVICE5
-------\Legacy_AVGLDX86
-------\Legacy_AVGTDIX
-------\Legacy_XDVA317
-------\Legacy_XDVA321
-------\Legacy_XDVA323
-------\Legacy_XDVA327
-------\Legacy_XDVA336
-------\Legacy_XDVA346
-------\Legacy_XDVA347
-------\Legacy_XDVA349
-------\Legacy_XDVA352
-------\Legacy_XDVA392
-------\Service_AdvancedSystemCareService5
-------\Service_AvgLdx86
-------\Service_AvgTdiX
-------\Service_XDva317
-------\Service_XDva321
-------\Service_XDva323
-------\Service_XDva327
-------\Service_XDva336
-------\Service_XDva346
-------\Service_XDva347
-------\Service_XDva349
-------\Service_XDva352
-------\Service_XDva392
-------\Legacy_FileMonitor
-------\Legacy_IMFservice
-------\Legacy_RegFilter
-------\Legacy_UrlFilter
-------\Legacy_FileMonitor
-------\Legacy_IMFservice
-------\Legacy_RegFilter
-------\Legacy_UrlFilter
-------\Service_FileMonitor
-------\Service_IMFservice
-------\Service_RegFilter
-------\Service_UrlFilter
-------\Service_FileMonitor
-------\Service_IMFservice
-------\Service_RegFilter
-------\Service_UrlFilter
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-06 do 2012-12-06 )))))))))))))))))))))))))))))))
.
.
2012-12-05 21:30 . 2012-12-05 21:30 -------- d-----w- H:\rsit
2012-12-05 21:30 . 2012-12-05 21:30 -------- d-----w- h:\program files\trend micro
2012-12-05 20:59 . 2012-12-05 21:22 -------- d-----w- h:\windows\SxsCaPendDel
2012-12-05 18:54 . 2012-12-05 18:54 -------- d-----w- h:\documents and settings\All Users\Oblíbené položky
2012-11-28 17:56 . 2012-11-28 17:56 -------- d-----w- h:\documents and settings\Administrator\Data aplikací\Apple Computer
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2012-11-27 20:22 . 2012-11-27 20:22 -------- d-----w- h:\documents and settings\Administrator\Local Settings\Data aplikací\Apple
2012-11-26 22:14 . 2012-11-26 22:26 -------- d-----w- h:\program files\CamStudio 2.6b
2012-11-26 22:14 . 2010-10-23 23:56 49664 ----a-w- h:\windows\system32\CamCodec.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-20 07:20 . 2012-04-05 20:43 697272 ----a-w- h:\windows\system32\FlashPlayerApp.exe
2012-11-20 07:20 . 2011-05-27 10:57 73656 ----a-w- h:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-06 15:42 . 2011-01-27 19:05 139096 ----a-w- h:\windows\system32\drivers\PnkBstrK.sys
2012-11-06 15:42 . 2011-01-27 19:05 281312 ----a-w- h:\windows\system32\PnkBstrB.exe
2012-11-06 15:42 . 2009-07-04 23:46 281312 ----a-w- h:\windows\system32\PnkBstrB.xtr
2012-11-05 19:28 . 2011-01-27 19:05 281312 ----a-w- h:\windows\system32\PnkBstrB.ex0
2012-10-30 22:51 . 2011-03-09 18:28 738504 ----a-w- h:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2011-01-15 11:50 361032 ----a-w- h:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2011-01-15 11:50 54232 ----a-w- h:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-01-15 11:50 35928 ----a-w- h:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2011-01-15 11:50 97608 ----a-w- h:\windows\system32\drivers\aswmon2.sys
2012-10-30 22:51 . 2011-01-15 11:50 89752 ----a-w- h:\windows\system32\drivers\aswmon.sys
2012-10-30 22:51 . 2011-01-15 11:50 21256 ----a-w- h:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2011-01-15 11:50 25256 ----a-w- h:\windows\system32\drivers\aavmker4.sys
2012-10-30 22:51 . 2011-01-15 11:50 41224 ----a-w- h:\windows\avastSS.scr
2012-10-30 22:50 . 2011-01-15 11:50 227648 ----a-w- h:\windows\system32\aswBoot.exe
2012-10-29 07:04 . 2011-01-27 19:05 76888 ----a-w- h:\windows\system32\PnkBstrA.exe
2012-10-26 15:55 . 2012-09-23 07:07 16400 ----a-w- h:\windows\system32\drivers\LNonPnP.sys
2010-02-16 10:46 . 2010-02-16 10:43 63 ----a-w- h:\program files\Namapuj.bat
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- h:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="h:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"StartCCC"="h:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 98304]
"Launch LCore"="h:\program files\Logitech Gaming Software\LCore.exe" [2012-07-24 5115192]
"RTSS"="h:\program files\MSI Afterburner\Bundle\OSDServer\RTSS.exe" [2012-10-30 166968]
"MSIAfterburner"="h:\program files\MSI Afterburner\MSIAfterburner.exe" [2012-10-30 408632]
"QuickTime Task"="h:\program files\QuickTime Alternative\QTTask.exe" [2011-10-24 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="h:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
h:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
HP Digital Imaging Monitor.lnk - h:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 08:20 57344 ------r- h:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
2008-06-19 08:42 2808832 ------r- h:\windows\alcwzrd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp]
2008-08-15 16:33 1473536 ----a-w- h:\program files\TO2SSM\McciTrayApp.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"h:\\Program Files\\THQ\\Frontlines-Fuel of War\\Binaries\\FFOW.exe"=
"h:\\Program Files\\ICQ6.5\\ICQ.exe"=
"h:\\WINDOWS\\system32\\dpnsvr.exe"=
"h:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"h:\\Program Files\\Opera\\opera.exe"=
"h:\\Program Files\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe"=
"h:\\Program Files\\Metin2_CZ\\metin2.bin"=
"h:\\Program Files\\Metin2_CZ\\metin2client.bin"=
"h:\\Program Files\\ICQ7.0\\ICQ.exe"=
"h:\\Program Files\\ICQ7.0\\aolload.exe"=
"h:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"h:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"h:\\Program Files\\Electronic Arts\\Medal of Honor\\Binaries\\moh.exe"=
"h:\\Program Files\\Electronic Arts\\Medal of Honor\\MP\\MoHMPGame.exe"=
"h:\\Program Files\\GIGABYTE\\EnergySaver\\run.exe"=
"i:\\Games\\Ubi Soft\\Hawx\\HAWX.exe"=
"h:\\WINDOWS\\system32\\PnkBstrA.exe"=
"h:\\WINDOWS\\system32\\PnkBstrB.exe"=
"i:\\Games\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"i:\\Games\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"h:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"h:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"h:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"i:\\Games\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"=
"i:\\Games\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"=
"h:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2.exe"=
"h:\\Program Files\\UBISOFT\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"h:\\Program Files\\UBISOFT\\Tom Clancy's H.A.W.X. 2\\HAWX2.exe"=
"h:\\Program Files\\UBISOFT\\Tom Clancy's H.A.W.X. 2\\Data\\Browser\\UPlayBrowser.exe"=
"i:\\Games\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"h:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2OA.exe"=
"i:\\Games\\BlackBeanGames\\WRC2010\\Launcher.exe"=
"i:\\Games\\F1_2010\\F1_2010_game.exe"=
"h:\\Program Files\\uTorrent\\utorrent.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"i:\\Games\\Mass Effect 2\\Binaries\\MassEffect2.exe"=
"i:\\Games\\Mass Effect 2\\MassEffect2Launcher.exe"=
"i:\\Games\\Auran\\TS2010\\Trainz.exe"=
"i:\\Games\\Auran\\TS2010\\bin\\TADDaemon.exe"=
"h:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2oaserver.exe"=
"i:\\Games\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"h:\\Program Files\\Server\\USB server\\mysql\\bin\\mysqld_usbwv8.exe"=
"h:\\Program Files\\Server\\USB server\\apache\\bin\\httpd_usbwv8.exe"=
"h:\\Program Files\\Metin2_CZ\\metin2.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpiscnapp.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=
"i:\\Games\\Z8Games\\CrossFire\\CF_G4box.exe"=
"i:\\Games\\Battlefield 2142\\BF2142.exe"=
"h:\\Program Files\\Bohemia Interactive\\Take On Helicopters Demo\\TakeOnHDemo.exe"=
"h:\\Program Files\\Skype\\Phone\\Skype.exe"=
"i:\\Games\\Call of Duty - World at War\\CoDWaWmp.exe"=
"i:\\Games\\FlatOut2\\flatout2.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58888:TCP"= 58888:TCP:Pando Media Booster
"58888:UDP"= 58888:UDP:Pando Media Booster
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R1 cc2209c0;cc2209c0;h:\windows\System32\drivers\cc2209c0.sys [x]
R2 MSSQL$SPRINXCRM;SQL Server (SPRINXCRM);h:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
R2 SkypeUpdate;Skype Updater;h:\program files\Skype\Updater\Updater.exe [x]
R3 cpuz130;cpuz130;h:\docume~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [x]
R3 EagleXNt;EagleXNt;h:\windows\system32\drivers\EagleXNt.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;h:\windows\system32\drivers\LGVirHid.sys [x]
R3 npggsvc;nProtect GameGuard Service;h:\windows\system32\GameMon.des [x]
R3 pcouffin;VSO Software pcouffin;h:\windows\system32\Drivers\pcouffin.sys [x]
R3 SMCWPCIG;SMCWPCI-G 54Mbps Wireless PCI adapter Service;h:\windows\system32\DRIVERS\SMCWPCIG.sys [x]
R3 SwitchBoard;SwitchBoard;h:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 wlanndi5;wlanndi5 NDIS Protocol Driver;h:\windows\system32\wlanndi5.SYS [x]
R4 Application Updater;Application Updater;h:\program files\Application Updater\ApplicationUpdater.exe [x]
R4 GEST Service;GEST Service for program management.;h:\program files\GIGABYTE\EnergySaver\GSvr.exe [x]
R4 gupdate1ca8be9ec2b3198;Google Update Service (gupdate1ca8be9ec2b3198);h:\program files\Google\Update\GoogleUpdate.exe [x]
S0 SmartDefragDriver;SmartDefragDriver;h:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;h:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;h:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;h:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;h:\windows\system32\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;h:\windows\system32\DRIVERS\LGSHidFilt.Sys [x]
S3 RTCore32;RTCore32;h:\program files\MSI Afterburner\RTCore32.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - RTCORE32
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-20 h:\windows\Tasks\Adobe Flash Player Updater.job
- h:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 07:20]
.
2012-12-06 h:\windows\Tasks\avast! Emergency Update.job
- h:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-09 22:50]
.
2012-09-19 h:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- h:\program files\Google\Update\GoogleUpdate.exe [2010-01-02 20:26]
.
2012-09-19 h:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- h:\program files\Google\Update\GoogleUpdate.exe [2010-01-02 20:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - h:\windows\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-Wdf01000.sys
SafeBoot-IMFservice
AddRemove-Advanced SystemCare 5_is1 - h:\program files\IObit\Advanced SystemCare 5\unins000.exe
AddRemove-Game Booster_is1 - h:\program files\IObit\Game Booster\unins000.exe
AddRemove-IObit Malware Fighter_is1 - h:\program files\IObit\IObit Malware Fighter\unins001.exe
AddRemove-Smart Defrag 2_is1 - h:\program files\IObit\Smart Defrag 2\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-06 11:06
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="h:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a1,e9,ff,fc,57,70,38,45,aa,cf,5d,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a1,e9,ff,fc,57,70,38,45,aa,cf,5d,\
.
[HKEY_USERS\S-1-5-21-2052111302-1993962763-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,26,84,ff,0a,1d,d4,8e,4a,9a,19,14,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,9c,4e,96,e1,22,24,49,40,9b,26,72,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2a,bc,30,8d,29,7c,24,48,a8,dd,b4,\
.
[HKEY_USERS\S-1-5-21-2052111302-1993962763-725345543-500\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e9,52,98,e2,eb,b9,d2,19,2b,34,0e,42,3a,54,01,9a,6a,47,68,6d,d0,b5,41,
bf,76,71,5f,bb,84,7f,e2,b0,ff,d5,bf,58,0d,fe,90,2b,7e,45,f5,f4,a7,81,16,69,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-2052111302-1993962763-725345543-500\Software\SecuROM\License information*]
"datasecu"=hex:f2,9a,58,e0,ba,aa,7b,b1,d0,cb,bd,77,be,e9,6d,6c,cd,b5,4b,36,15,
58,6b,41,d8,cc,a5,05,3a,94,b5,8c,1b,f3,00,41,48,41,e3,f1,71,b9,5f,bd,72,7f,\
"rkeysecu"=hex:cb,a0,c9,05,19,b2,dd,29,cb,84,e9,bd,2d,46,30,81
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(812)
h:\windows\system32\Ati2evxx.dll
h:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(3040)
h:\program files\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
h:\windows\system32\msi.dll
h:\windows\system32\webcheck.dll
h:\windows\system32\WPDShServiceObj.dll
h:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
h:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
h:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
h:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
h:\windows\system32\PortableDeviceTypes.dll
h:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
h:\windows\system32\Ati2evxx.exe
h:\windows\system32\Ati2evxx.exe
h:\program files\Alwil Software\Avast5\AvastSvc.exe
h:\program files\Java\jre6\bin\jqs.exe
h:\program files\Common Files\Motive\McciCMService.exe
h:\windows\system32\PnkBstrA.exe
h:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
h:\windows\RTHDCPL.EXE
h:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
h:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
h:\windows\system32\wscntfy.exe
h:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2012-12-06 11:08:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-12-06 10:08
ComboFix2.txt 2012-12-06 09:17
ComboFix3.txt 2012-12-05 20:51
ComboFix4.txt 2012-12-05 19:30
ComboFix5.txt 2012-12-06 09:56
.
Před spuštěním: Volných bajtů: 205 725 208 576
Po spuštění: Volných bajtů: 205 502 947 328
.
- - End Of File - - 4D6A7C80E2B94CA90EB3DC0452E2B92F
tady je log
ComboFix 12-12-04.01 - Administrator 06.12.2012 10:56:55.6.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.3326.2545 [GMT 1:00]
Spuštěný z: h:\documents and settings\Administrator\Plocha\ComboFix.exe
Použité ovládací přepínače :: h:\documents and settings\Administrator\Plocha\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: AVG Anti-Virus Free *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
h:\program files\IObit
h:\program files\IObit\Advanced SystemCare 3\License.dat
h:\program files\IObit\Advanced SystemCare 3\Sut_SoftUninstal.exe
h:\program files\IObit\Advanced SystemCare 4\bugreport.txt
h:\program files\IObit\Advanced SystemCare 4\free-software-downloader.exe
h:\program files\IObit\Advanced SystemCare 4\checkinfo.txt
h:\program files\IObit\Advanced SystemCare 4\LatestNews\imagenews.png
h:\program files\IObit\Advanced SystemCare 4\LatestNews\LatestNews.ini
h:\program files\IObit\Advanced SystemCare 4\License.dat
h:\program files\IObit\Advanced SystemCare 4\Main.ini
h:\program files\IObit\Advanced SystemCare 4\tb.dat
h:\program files\IObit\Advanced SystemCare 4\Test.log
h:\program files\IObit\Advanced SystemCare 4\Update\Update.Ini
h:\program files\IObit\Advanced SystemCare 4\UpdateHistory.txt
h:\program files\IObit\Advanced SystemCare 5\About.dll
h:\program files\IObit\Advanced SystemCare 5\ActiveBoost.db
h:\program files\IObit\Advanced SystemCare 5\amc-remind.exe
h:\program files\IObit\Advanced SystemCare 5\ASC.exe
h:\program files\IObit\Advanced SystemCare 5\ASCInit.exe
h:\program files\IObit\Advanced SystemCare 5\ASCInit.log
h:\program files\IObit\Advanced SystemCare 5\ASCService.exe
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-21.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-22.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-23.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-24.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-25.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-26.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-27.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-28.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-29.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-11-30.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-01.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-02.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-03.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-04.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-05.log
h:\program files\IObit\Advanced SystemCare 5\ASCServiceLog\2012-12-06.log
h:\program files\IObit\Advanced SystemCare 5\ASCTooltips.exe
h:\program files\IObit\Advanced SystemCare 5\ASCTray.exe
h:\program files\IObit\Advanced SystemCare 5\ASCUpgrade.exe
h:\program files\IObit\Advanced SystemCare 5\ASCv5ComputerMenu.dll
h:\program files\IObit\Advanced SystemCare 5\ASCv5ComputerMenu_64.dll
h:\program files\IObit\Advanced SystemCare 5\ASCv5ExtMenu.dll
h:\program files\IObit\Advanced SystemCare 5\ASCv5ExtMenu_64.dll
h:\program files\IObit\Advanced SystemCare 5\AutoCare.exe
h:\program files\IObit\Advanced SystemCare 5\AutoSweep.exe
h:\program files\IObit\Advanced SystemCare 5\AutoUpdate.exe
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 16-10-42
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 19-16-08
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 19-28-26
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 20-38-03
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 20-58-26
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 21-33-58
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-05 22-28-59
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-06 07-32-34
h:\program files\IObit\Advanced SystemCare 5\Boottime\BootTimeData\2012-12-06 10-04-40
h:\program files\IObit\Advanced SystemCare 5\Boottime\path.ini
h:\program files\IObit\Advanced SystemCare 5\Cus.dbd
h:\program files\IObit\Advanced SystemCare 5\cxLibraryD12.bpl
h:\program files\IObit\Advanced SystemCare 5\datastate.dll
h:\program files\IObit\Advanced SystemCare 5\Def.dbd
h:\program files\IObit\Advanced SystemCare 5\DelayLoad.exe
h:\program files\IObit\Advanced SystemCare 5\diskhelper.dll
h:\program files\IObit\Advanced SystemCare 5\DiskMap.dll
h:\program files\IObit\Advanced SystemCare 5\DiskScan.exe
h:\program files\IObit\Advanced SystemCare 5\DriverData.db
h:\program files\IObit\Advanced SystemCare 5\drivers\win7_amd64\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\win7_x86\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\wlh_amd64\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\wlh_x86\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\wnet_amd64\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\wnet_x86\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\wxp_amd64\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\drivers\wxp_x86\RegistryDefragBootTime.exe
h:\program files\IObit\Advanced SystemCare 5\dxBarD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxComnD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxCoreD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxDockingD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxGDIPlusD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxhelper.dll
h:\program files\IObit\Advanced SystemCare 5\dxSkinOffice2007BlueD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxSkinsCoreD12.bpl
h:\program files\IObit\Advanced SystemCare 5\dxThemeD12.bpl
h:\program files\IObit\Advanced SystemCare 5\EULA.rtf
h:\program files\IObit\Advanced SystemCare 5\Ext.dbd
h:\program files\IObit\Advanced SystemCare 5\FfSweep.dll
h:\program files\IObit\Advanced SystemCare 5\help.html
h:\program files\IObit\Advanced SystemCare 5\ignore.dbd
h:\program files\IObit\Advanced SystemCare 5\Images\dcScreen.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\dcScreen2.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\icon-dc.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\icon-qc.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\icon-tb.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\icon-tbox.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\main.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\mainPro.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\toolboxscreen.jpg
h:\program files\IObit\Advanced SystemCare 5\Images\turboboost.jpg
h:\program files\IObit\Advanced SystemCare 5\IObitLogon.dll
h:\program files\IObit\Advanced SystemCare 5\Language\Arabic.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Belarusian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Bulgarian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Czech.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Danish.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Dutch.lng
h:\program files\IObit\Advanced SystemCare 5\Language\English.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Finnish.lng
h:\program files\IObit\Advanced SystemCare 5\Language\French.lng
h:\program files\IObit\Advanced SystemCare 5\Language\German.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Greek.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Hebrew.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Hungarian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\ChineseSimp.lng
h:\program files\IObit\Advanced SystemCare 5\Language\ChineseTrad.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Italian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\japanese.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Korean.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Polish.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Portuguese(PT-BR).lng
h:\program files\IObit\Advanced SystemCare 5\Language\Portuguese(PT-PT).lng
h:\program files\IObit\Advanced SystemCare 5\Language\Romanian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Russian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Serbian (cyrillic).lng
h:\program files\IObit\Advanced SystemCare 5\Language\Serbian (latin).lng
h:\program files\IObit\Advanced SystemCare 5\Language\Slovenian.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Spanish.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Swedish.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Turkish.lng
h:\program files\IObit\Advanced SystemCare 5\Language\Vietnamese.lng
h:\program files\IObit\Advanced SystemCare 5\LatestNews\imagenews.png
h:\program files\IObit\Advanced SystemCare 5\LatestNews\LatestNews.ini
h:\program files\IObit\Advanced SystemCare 5\License.dat
h:\program files\IObit\Advanced SystemCare 5\madbasic_.bpl
h:\program files\IObit\Advanced SystemCare 5\maddisAsm_.bpl
h:\program files\IObit\Advanced SystemCare 5\madexcept_.bpl
h:\program files\IObit\Advanced SystemCare 5\NtfsData.dll
h:\program files\IObit\Advanced SystemCare 5\OFCommon.dll
h:\program files\IObit\Advanced SystemCare 5\OFCommon3.dll
h:\program files\IObit\Advanced SystemCare 5\PerformUpdate.exe
h:\program files\IObit\Advanced SystemCare 5\PMonitor.exe
h:\program files\IObit\Advanced SystemCare 5\Promote.exe
h:\program files\IObit\Advanced SystemCare 5\Reg.dbd
h:\program files\IObit\Advanced SystemCare 5\Register.exe
h:\program files\IObit\Advanced SystemCare 5\Reminder.exe
h:\program files\IObit\Advanced SystemCare 5\Report.exe
h:\program files\IObit\Advanced SystemCare 5\RescueCenter.exe
h:\program files\IObit\Advanced SystemCare 5\Restore.dbd
h:\program files\IObit\Advanced SystemCare 5\rtl120.bpl
h:\program files\IObit\Advanced SystemCare 5\Scan.dll
h:\program files\IObit\Advanced SystemCare 5\SecurityHoleScan.log
h:\program files\IObit\Advanced SystemCare 5\skin\black.rcc
h:\program files\IObit\Advanced SystemCare 5\skin\classic.rcc
h:\program files\IObit\Advanced SystemCare 5\skin\cute.rcc
h:\program files\IObit\Advanced SystemCare 5\skin\metal.rcc
h:\program files\IObit\Advanced SystemCare 5\skin\public.rcc
h:\program files\IObit\Advanced SystemCare 5\skin\white.rcc
h:\program files\IObit\Advanced SystemCare 5\sqlite3.dll
h:\program files\IObit\Advanced SystemCare 5\Suc10_RegistryCleaner.exe
h:\program files\IObit\Advanced SystemCare 5\Suc11_PrivacySweeper.exe
h:\program files\IObit\Advanced SystemCare 5\Suc12_Uninstal.exe
h:\program files\IObit\Advanced SystemCare 5\Suc13_DiskCleaner.exe
h:\program files\IObit\Advanced SystemCare 5\Suc14_FileShredder.exe
h:\program files\IObit\Advanced SystemCare 5\Sun10_ClonedFilesScanner.exe
h:\program files\IObit\Advanced SystemCare 5\Sun11_AutoShutdown.exe
h:\program files\IObit\Advanced SystemCare 5\Sun12_DiskExplorer.exe
h:\program files\IObit\Advanced SystemCare 5\Sun13_SystemInformation.exe
h:\program files\IObit\Advanced SystemCare 5\Sun14_EmptyFolderScanner.exe
h:\program files\IObit\Advanced SystemCare 5\Sun15_SystemControl.exe
h:\program files\IObit\Advanced SystemCare 5\Suo10_SmartRAM.exe
h:\program files\IObit\Advanced SystemCare 5\Suo11_InternetBooster.exe
h:\program files\IObit\Advanced SystemCare 5\Suo12_StartupManager.exe
h:\program files\IObit\Advanced SystemCare 5\Suo13_RegistryDefrag.exe
h:\program files\IObit\Advanced SystemCare 5\Suo14_SmartDefrag.exe
h:\program files\IObit\Advanced SystemCare 5\Suo15_GameBooster.exe
h:\program files\IObit\Advanced SystemCare 5\Sur10_Undelete.exe
h:\program files\IObit\Advanced SystemCare 5\Sur11_ShortcutFixer.exe
h:\program files\IObit\Advanced SystemCare 5\Sur12_DiskDoctor.exe
h:\program files\IObit\Advanced SystemCare 5\Sur13_WinFix.exe
h:\program files\IObit\Advanced SystemCare 5\Sur14_IEHelper.exe
h:\program files\IObit\Advanced SystemCare 5\Sus10_SysExplorer.exe
h:\program files\IObit\Advanced SystemCare 5\Sus11_SecurityHolesScanner.exe
h:\program files\IObit\Advanced SystemCare 5\Sus12_ProcessManager.exe
h:\program files\IObit\Advanced SystemCare 5\Sus13_DriverManager.exe
h:\program files\IObit\Advanced SystemCare 5\taskmgr.dll
h:\program files\IObit\Advanced SystemCare 5\TbFfSweep.dll
h:\program files\IObit\Advanced SystemCare 5\TbFileSweep.dll
h:\program files\IObit\Advanced SystemCare 5\ToolBox.exe
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Arabic.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Belarusian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Bulgarian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Czech.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Danish.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Dutch.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\English.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Finnish.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\French.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\German.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Greek.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Hebrew.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Hungarian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\ChineseSimp.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\ChineseTrad.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Italian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\japanese.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Korean.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Polish.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Portuguese(PT-BR).lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Portuguese(PT-PT).lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Romanian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Russian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Serbian (cyrillic).lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Serbian (latin).lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Slovenian.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Spanish.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Swedish.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Turkish.lng
h:\program files\IObit\Advanced SystemCare 5\Toolbox_Language\Vietnamese.lng
h:\program files\IObit\Advanced SystemCare 5\TurboBoost.exe
h:\program files\IObit\Advanced SystemCare 5\TurboBoostGame.dbd
h:\program files\IObit\Advanced SystemCare 5\Undelete.dll
h:\program files\IObit\Advanced SystemCare 5\unins000.dat
h:\program files\IObit\Advanced SystemCare 5\unins000.exe
h:\program files\IObit\Advanced SystemCare 5\unins000.msg
h:\program files\IObit\Advanced SystemCare 5\UninstallPromote.exe
h:\program files\IObit\Advanced SystemCare 5\Update History.txt
h:\program files\IObit\Advanced SystemCare 5\Update\LastCheck.Ini
h:\program files\IObit\Advanced SystemCare 5\Update\Update.Ini
h:\program files\IObit\Advanced SystemCare 5\Update\Update.tmp
h:\program files\IObit\Advanced SystemCare 5\UpdateHistory.txt
h:\program files\IObit\Advanced SystemCare 5\UPdateTest.log
h:\program files\IObit\Advanced SystemCare 5\UpgradeTip.exe
h:\program files\IObit\Advanced SystemCare 5\UpgradeTip.log
h:\program files\IObit\Advanced SystemCare 5\vcl120.bpl
h:\program files\IObit\Advanced SystemCare 5\vclx120.bpl
h:\program files\IObit\Advanced SystemCare 5\WebUI.dll
h:\program files\IObit\Advanced SystemCare 5\Wizard.exe
h:\program files\IObit\Advanced SystemCare 5\zlibwapi.dll
h:\program files\IObit\Game Booster\AutoUpdate.exe
h:\program files\IObit\Game Booster\bookmarks.exe
h:\program files\IObit\Game Booster\Boost.exe
h:\program files\IObit\Game Booster\fav.ico
h:\program files\IObit\Game Booster\Freeware\GB_FreeSoftwareDownloader.exe
h:\program files\IObit\Game Booster\Freeware\Check.dll
h:\program files\IObit\Game Booster\GameBooster.exe
h:\program files\IObit\Game Booster\GB_FreeSoftwareDownloader.exe
h:\program files\IObit\Game Booster\gbinit.exe
h:\program files\IObit\Game Booster\gbtray.exe
h:\program files\IObit\Game Booster\Language\Arabic.lng
h:\program files\IObit\Game Booster\Language\Catalan.lng
h:\program files\IObit\Game Booster\Language\Croatian.lng
h:\program files\IObit\Game Booster\Language\Czech.lng
h:\program files\IObit\Game Booster\Language\Dansk.lng
h:\program files\IObit\Game Booster\Language\Dutch.lng
h:\program files\IObit\Game Booster\Language\English.lng
h:\program files\IObit\Game Booster\Language\Finnish.lng
h:\program files\IObit\Game Booster\Language\French.lng
h:\program files\IObit\Game Booster\Language\German.lng
h:\program files\IObit\Game Booster\Language\Hungarian.lng
h:\program files\IObit\Game Booster\Language\ChineseSimp.lng
h:\program files\IObit\Game Booster\Language\ChineseTrad.lng
h:\program files\IObit\Game Booster\Language\Indonesian.lng
h:\program files\IObit\Game Booster\Language\Italian.lng
h:\program files\IObit\Game Booster\Language\Japanese.lng
h:\program files\IObit\Game Booster\Language\Korean.lng
h:\program files\IObit\Game Booster\Language\Polish.lng
h:\program files\IObit\Game Booster\Language\Portuguese(BRAZIL).lng
h:\program files\IObit\Game Booster\Language\Romanian.lng
h:\program files\IObit\Game Booster\Language\Russian.lng
h:\program files\IObit\Game Booster\Language\Slovenian.lng
h:\program files\IObit\Game Booster\Language\Spanish.lng
h:\program files\IObit\Game Booster\Language\Swedish.lng
h:\program files\IObit\Game Booster\Language\Turkish.lng
h:\program files\IObit\Game Booster\LatestNews\imagenews.png
h:\program files\IObit\Game Booster\LatestNews\LatestNews.ini
h:\program files\IObit\Game Booster\license.dat
h:\program files\IObit\Game Booster\madbasic_.bpl
h:\program files\IObit\Game Booster\maddisAsm_.bpl
h:\program files\IObit\Game Booster\madexcept_.bpl
h:\program files\IObit\Game Booster\PowerConfig.dll
h:\program files\IObit\Game Booster\rtl120.bpl
h:\program files\IObit\Game Booster\sqlite3.dll
h:\program files\IObit\Game Booster\taskMgr.dll
h:\program files\IObit\Game Booster\TaskSchedule.exe
h:\program files\IObit\Game Booster\unins000.dat
h:\program files\IObit\Game Booster\unins000.exe
h:\program files\IObit\Game Booster\unins000.msg
h:\program files\IObit\Game Booster\Update\Update.Ini
h:\program files\IObit\Game Booster\vcl120.bpl
h:\program files\IObit\Game Booster\vclx120.bpl
h:\program files\IObit\IObit Malware Fighter\BlueBirdInit.exe
h:\program files\IObit\IObit Malware Fighter\datastate.dll
h:\program files\IObit\IObit Malware Fighter\db\core000.def
h:\program files\IObit\IObit Malware Fighter\db\core001.def
h:\program files\IObit\IObit Malware Fighter\db\core002.def
h:\program files\IObit\IObit Malware Fighter\db\core003.def
h:\program files\IObit\IObit Malware Fighter\db\core004.def
h:\program files\IObit\IObit Malware Fighter\db\core005.def
h:\program files\IObit\IObit Malware Fighter\db\core006.def
h:\program files\IObit\IObit Malware Fighter\db\core007.def
h:\program files\IObit\IObit Malware Fighter\db\core008.def
h:\program files\IObit\IObit Malware Fighter\db\core009.def
h:\program files\IObit\IObit Malware Fighter\db\core010.def
h:\program files\IObit\IObit Malware Fighter\db\core011.def
h:\program files\IObit\IObit Malware Fighter\db\core012.def
h:\program files\IObit\IObit Malware Fighter\DebugOutput_IMF.exe.txt
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_ia64\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_ia64\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_ia64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_amd64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_ia64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_x86\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wlh_x86\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_amd64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_ia64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_x86\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_x86\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wnet_x86\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_ia64\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\FileMonitor.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\RegFilter.sys
h:\program files\IObit\IObit Malware Fighter\Drivers\wxp_x86\UrlFilter.sys
h:\program files\IObit\IObit Malware Fighter\EULA.rtf
h:\program files\IObit\IObit Malware Fighter\fav.ico
h:\program files\IObit\IObit Malware Fighter\FileMonitor.dll
h:\program files\IObit\IObit Malware Fighter\Freeware\Check.dll
h:\program files\IObit\IObit Malware Fighter\Freeware\IMF_FreeSoftwareDownloader.exe
h:\program files\IObit\IObit Malware Fighter\help\help.html
h:\program files\IObit\IObit Malware Fighter\help\img\cloud.png
h:\program files\IObit\IObit Malware Fighter\help\img\main-cloud.png
h:\program files\IObit\IObit Malware Fighter\help\img\main-free.png
h:\program files\IObit\IObit Malware Fighter\help\img\main-pro.png
h:\program files\IObit\IObit Malware Fighter\help\img\main-protect.png
h:\program files\IObit\IObit Malware Fighter\help\img\main-scan.png
h:\program files\IObit\IObit Malware Fighter\help\img\overview.png
h:\program files\IObit\IObit Malware Fighter\help\img\protect.png
h:\program files\IObit\IObit Malware Fighter\help\img\scan.png
h:\program files\IObit\IObit Malware Fighter\IMF.exe
h:\program files\IObit\IObit Malware Fighter\IMFShellExt.dll
h:\program files\IObit\IObit Malware Fighter\IMFsrv.exe
h:\program files\IObit\IObit Malware Fighter\IMFUpdater.exe
h:\program files\IObit\IObit Malware Fighter\IntegrateFilter.dll
h:\program files\IObit\IObit Malware Fighter\IObitUninstal.exe
h:\program files\IObit\IObit Malware Fighter\Language\Arabic.lng
h:\program files\IObit\IObit Malware Fighter\Language\cache
h:\program files\IObit\IObit Malware Fighter\Language\Czech.lng
h:\program files\IObit\IObit Malware Fighter\Language\English.lng
h:\program files\IObit\IObit Malware Fighter\Language\French.lng
h:\program files\IObit\IObit Malware Fighter\Language\German.lng
h:\program files\IObit\IObit Malware Fighter\Language\Hungarian.lng
h:\program files\IObit\IObit Malware Fighter\Language\ChineseSimp.lng
h:\program files\IObit\IObit Malware Fighter\Language\ChineseTrad.lng
h:\program files\IObit\IObit Malware Fighter\Language\Italian.lng
h:\program files\IObit\IObit Malware Fighter\Language\Japanese.lng
h:\program files\IObit\IObit Malware Fighter\Language\Korean.lng
h:\program files\IObit\IObit Malware Fighter\Language\Latvian.lng
h:\program files\IObit\IObit Malware Fighter\Language\Polish.lng
h:\program files\IObit\IObit Malware Fighter\Language\Portuguese(PT-BR).lng
h:\program files\IObit\IObit Malware Fighter\Language\Russian.lng
h:\program files\IObit\IObit Malware Fighter\Language\Serbian.lng
h:\program files\IObit\IObit Malware Fighter\Language\Spanish.lng
h:\program files\IObit\IObit Malware Fighter\Language\Swedish.lng
h:\program files\IObit\IObit Malware Fighter\Language\Turkish.lng
h:\program files\IObit\IObit Malware Fighter\Language\Vietnamese.lng
h:\program files\IObit\IObit Malware Fighter\LatestNews\LatestNews.ini
h:\program files\IObit\IObit Malware Fighter\license.dat
h:\program files\IObit\IObit Malware Fighter\ProtectorLog.log
h:\program files\IObit\IObit Malware Fighter\Quarantine Zone\atfthcxm
h:\program files\IObit\IObit Malware Fighter\Quarantine Zone\info.db
h:\program files\IObit\IObit Malware Fighter\RegFilter.dll
h:\program files\IObit\IObit Malware Fighter\rtl120.bpl
h:\program files\IObit\IObit Malware Fighter\Scan.dll
h:\program files\IObit\IObit Malware Fighter\StartMenu.exe
h:\program files\IObit\IObit Malware Fighter\taskmgr.dll
h:\program files\IObit\IObit Malware Fighter\TaskSchedule.exe
h:\program files\IObit\IObit Malware Fighter\unins001.dat
h:\program files\IObit\IObit Malware Fighter\unins001.exe
h:\program files\IObit\IObit Malware Fighter\unins001.msg
h:\program files\IObit\IObit Malware Fighter\unrar.dll
h:\program files\IObit\IObit Malware Fighter\URLFilter.dll
h:\program files\IObit\IObit Malware Fighter\vcl120.bpl
h:\program files\IObit\IObit Malware Fighter\vclx120.bpl
h:\program files\IObit\IObit Malware Fighter\zlibwapi.dll
h:\program files\IObit\IObit Security 360\IS360DataBase.db
h:\program files\IObit\IObit Security 360\Quarantine Zone\eshcnnzx
h:\program files\IObit\IObit Security 360\Quarantine Zone\info.db
h:\program files\IObit\IObit Security 360\Quarantine Zone\rramfwkm
h:\program files\IObit\IObit Security 360\Quarantine Zone\wxzxoetz
h:\program files\IObit\IObit Security 360\Quarantine Zone\zrueytee
h:\program files\IObit\IObit Security 360\Quarantine Zone\zybsayxb
h:\program files\IObit\IObit Security 360\UpdateLog.txt
h:\program files\IObit\Protected Folder\help\images\pic01.png
h:\program files\IObit\Protected Folder\help\images\pic02.png
h:\program files\IObit\Protected Folder\help\images\pic03.png
h:\program files\IObit\Protected Folder\help\images\pic04.png
h:\program files\IObit\Protected Folder\help\images\pic05.png
h:\program files\IObit\Protected Folder\help\images\pic06.png
h:\program files\IObit\Protected Folder\help\index.html
h:\program files\IObit\Protected Folder\Language\Arabic.lng
h:\program files\IObit\Protected Folder\Language\Brazilian.lng
h:\program files\IObit\Protected Folder\Language\Bulgarian.lng
h:\program files\IObit\Protected Folder\Language\Czech.lng
h:\program files\IObit\Protected Folder\Language\English.lng
h:\program files\IObit\Protected Folder\Language\French.lng
h:\program files\IObit\Protected Folder\Language\German.lng
h:\program files\IObit\Protected Folder\Language\Hungarian.lng
h:\program files\IObit\Protected Folder\Language\ChineseSimp.lng
h:\program files\IObit\Protected Folder\Language\ChineseTrad.lng
h:\program files\IObit\Protected Folder\Language\Korean.lng
h:\program files\IObit\Protected Folder\Language\Malay.lng
h:\program files\IObit\Protected Folder\Language\Moldova.lng
h:\program files\IObit\Protected Folder\Language\Polish.lng
h:\program files\IObit\Protected Folder\Language\Portuguese.lng
h:\program files\IObit\Protected Folder\Language\Russian.lng
h:\program files\IObit\Protected Folder\Language\Slovak.lng
h:\program files\IObit\Protected Folder\Language\Spanish.lng
h:\program files\IObit\Protected Folder\Language\Swedish.lng
h:\program files\IObit\Protected Folder\Language\Turkish.lng
h:\program files\IObit\Protected Folder\pffilter.sys
h:\program files\IObit\Protected Folder\PfCheckService.exe
h:\program files\IObit\Protected Folder\PfShellExtension.dll
h:\program files\IObit\Protected Folder\ProtectedFolder.exe
h:\program files\IObit\Protected Folder\unins000.dat
h:\program files\IObit\Protected Folder\unins000.exe
h:\program files\IObit\Smart Defrag 2\drivers\win7_x64\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\win7_x64\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\win7_x86\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\win7_x86\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\wlh_x64\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\wlh_x64\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\wlh_x86\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\wlh_x86\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\wnet_x64\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\wnet_x64\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\wnet_x86\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\wnet_x86\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\wxp_x64\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\wxp_x64\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\drivers\wxp_x86\SmartDefragBootTime.exe
h:\program files\IObit\Smart Defrag 2\drivers\wxp_x86\SmartDefragDriver.sys
h:\program files\IObit\Smart Defrag 2\EULA.rtf
h:\program files\IObit\Smart Defrag 2\fav.ico
h:\program files\IObit\Smart Defrag 2\Freeware\Check.dll
h:\program files\IObit\Smart Defrag 2\Freeware\SD_FreeSoftwareDownloader.exe
h:\program files\IObit\Smart Defrag 2\Help\Images\001.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\002.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\003.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\004.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\005.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\006.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\007.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\008.jpg
h:\program files\IObit\Smart Defrag 2\Help\Images\009.jpg
h:\program files\IObit\Smart Defrag 2\Help\Index.html
h:\program files\IObit\Smart Defrag 2\Language\Albanian.lng
h:\program files\IObit\Smart Defrag 2\Language\Arabic.lng
h:\program files\IObit\Smart Defrag 2\Language\Bulgarian.lng
h:\program files\IObit\Smart Defrag 2\Language\Czech.lng
h:\program files\IObit\Smart Defrag 2\Language\Danish.lng
h:\program files\IObit\Smart Defrag 2\Language\Dutch.lng
h:\program files\IObit\Smart Defrag 2\Language\English.lng
h:\program files\IObit\Smart Defrag 2\Language\Finnish.lng
h:\program files\IObit\Smart Defrag 2\Language\Flemish.lng
h:\program files\IObit\Smart Defrag 2\Language\French.lng
h:\program files\IObit\Smart Defrag 2\Language\Georgian.lng
h:\program files\IObit\Smart Defrag 2\Language\German.lng
h:\program files\IObit\Smart Defrag 2\Language\Greek.lng
h:\program files\IObit\Smart Defrag 2\Language\Hebrew.lng
h:\program files\IObit\Smart Defrag 2\Language\Hungarian.lng
h:\program files\IObit\Smart Defrag 2\Language\ChineseSimp.lng
h:\program files\IObit\Smart Defrag 2\Language\ChineseTrad.lng
h:\program files\IObit\Smart Defrag 2\Language\Italian.lng
h:\program files\IObit\Smart Defrag 2\Language\Japanese.lng
h:\program files\IObit\Smart Defrag 2\Language\Korean.lng
h:\program files\IObit\Smart Defrag 2\Language\Kurdish.lng
h:\program files\IObit\Smart Defrag 2\Language\Malay.lng
h:\program files\IObit\Smart Defrag 2\Language\Malayalam.lng
h:\program files\IObit\Smart Defrag 2\Language\Norwegian.lng
h:\program files\IObit\Smart Defrag 2\Language\Polish.lng
h:\program files\IObit\Smart Defrag 2\Language\Portuguese(Brazil).lng
h:\program files\IObit\Smart Defrag 2\Language\Portuguese(Portugal).lng
h:\program files\IObit\Smart Defrag 2\Language\Romanian.lng
h:\program files\IObit\Smart Defrag 2\Language\Russian.lng
h:\program files\IObit\Smart Defrag 2\Language\Slovak.lng
h:\program files\IObit\Smart Defrag 2\Language\Slovenian.lng
h:\program files\IObit\Smart Defrag 2\Language\Spanish.lng
h:\program files\IObit\Smart Defrag 2\Language\Swedish.lng
h:\program files\IObit\Smart Defrag 2\Language\Turkish.lng
h:\program files\IObit\Smart Defrag 2\Language\Vietnamese.lng
h:\program files\IObit\Smart Defrag 2\LatestNews\LatestNews.ini
h:\program files\IObit\Smart Defrag 2\NtfsData.dll
h:\program files\IObit\Smart Defrag 2\rtl120.bpl
h:\program files\IObit\Smart Defrag 2\SDDriverMgr.dll
h:\program files\IObit\Smart Defrag 2\SDInit.exe
h:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Add_Shadow.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Analyze_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Center.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Close_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Close_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\ColumnDivider.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\ColumnHeader.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Bottom_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Bottom_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Top_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Corner_Top_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Defrag_Option_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Bottom.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Left_Top.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Right_Top.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Frame_Top.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Hide.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Checked.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Checkbox_Unchecked.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Item_Selected.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Layout.ini
h:\program files\IObit\Smart Defrag 2\Skins\Black\line.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Logo.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Maximize_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Maximize_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Minimize_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Minimize_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\News_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\News_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\News_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Page_Body.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Pause_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Bg_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Progress_Fg_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Restore_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Restore_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Setting_Text_Shadow.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Show.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Statistics.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Stop_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Tab_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Title.png
h:\program files\IObit\Smart Defrag 2\Skins\Black\Top.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Add_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Add_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Add_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Add_Shadow.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Analyze_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\center.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Close_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Close_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\ColumnDivider.png
h:\program files\IObit\Smart Defrag 2\Skins\White\ColumnHeader.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Bottom_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Bottom_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Top_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Corner_Top_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Defrag_Option_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Bottom.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Left_Top.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Right_Top.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Frame_Top.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Hide.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Checked.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Checkbox_Unchecked.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Item_Selected.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Layout.ini
h:\program files\IObit\Smart Defrag 2\Skins\White\line.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Logo.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Maximize_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Maximize_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Minimize_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Minimize_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\News_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\News_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\White\News_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Page_Body.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Pause_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Bg_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Left.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Middle.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Progress_Fg_Right.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Restore_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Restore_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Setting_Text_Shadow.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Show.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Statistics.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Disable.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Stop_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Focus.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Hot.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Tab_Normal.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Title.png
h:\program files\IObit\Smart Defrag 2\Skins\White\Top.png
h:\program files\IObit\Smart Defrag 2\SmartDefrag.exe
h:\program files\IObit\Smart Defrag 2\taskMgr.dll
h:\program files\IObit\Smart Defrag 2\unins000.dat
h:\program files\IObit\Smart Defrag 2\unins000.exe
h:\program files\IObit\Smart Defrag 2\unins000.msg
h:\program files\IObit\Smart Defrag 2\vcl120.bpl
h:\program files\IObit\Smart Defrag 2\vclx120.bpl
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ADVANCEDSYSTEMCARESERVICE5
-------\Legacy_AVGLDX86
-------\Legacy_AVGTDIX
-------\Legacy_XDVA317
-------\Legacy_XDVA321
-------\Legacy_XDVA323
-------\Legacy_XDVA327
-------\Legacy_XDVA336
-------\Legacy_XDVA346
-------\Legacy_XDVA347
-------\Legacy_XDVA349
-------\Legacy_XDVA352
-------\Legacy_XDVA392
-------\Service_AdvancedSystemCareService5
-------\Service_AvgLdx86
-------\Service_AvgTdiX
-------\Service_XDva317
-------\Service_XDva321
-------\Service_XDva323
-------\Service_XDva327
-------\Service_XDva336
-------\Service_XDva346
-------\Service_XDva347
-------\Service_XDva349
-------\Service_XDva352
-------\Service_XDva392
-------\Legacy_FileMonitor
-------\Legacy_IMFservice
-------\Legacy_RegFilter
-------\Legacy_UrlFilter
-------\Legacy_FileMonitor
-------\Legacy_IMFservice
-------\Legacy_RegFilter
-------\Legacy_UrlFilter
-------\Service_FileMonitor
-------\Service_IMFservice
-------\Service_RegFilter
-------\Service_UrlFilter
-------\Service_FileMonitor
-------\Service_IMFservice
-------\Service_RegFilter
-------\Service_UrlFilter
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-11-06 do 2012-12-06 )))))))))))))))))))))))))))))))
.
.
2012-12-05 21:30 . 2012-12-05 21:30 -------- d-----w- H:\rsit
2012-12-05 21:30 . 2012-12-05 21:30 -------- d-----w- h:\program files\trend micro
2012-12-05 20:59 . 2012-12-05 21:22 -------- d-----w- h:\windows\SxsCaPendDel
2012-12-05 18:54 . 2012-12-05 18:54 -------- d-----w- h:\documents and settings\All Users\Oblíbené položky
2012-11-28 17:56 . 2012-11-28 17:56 -------- d-----w- h:\documents and settings\Administrator\Data aplikací\Apple Computer
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2012-11-27 20:22 . 2012-11-27 20:22 159744 ----a-w- h:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2012-11-27 20:22 . 2012-11-27 20:22 -------- d-----w- h:\documents and settings\Administrator\Local Settings\Data aplikací\Apple
2012-11-26 22:14 . 2012-11-26 22:26 -------- d-----w- h:\program files\CamStudio 2.6b
2012-11-26 22:14 . 2010-10-23 23:56 49664 ----a-w- h:\windows\system32\CamCodec.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-20 07:20 . 2012-04-05 20:43 697272 ----a-w- h:\windows\system32\FlashPlayerApp.exe
2012-11-20 07:20 . 2011-05-27 10:57 73656 ----a-w- h:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-06 15:42 . 2011-01-27 19:05 139096 ----a-w- h:\windows\system32\drivers\PnkBstrK.sys
2012-11-06 15:42 . 2011-01-27 19:05 281312 ----a-w- h:\windows\system32\PnkBstrB.exe
2012-11-06 15:42 . 2009-07-04 23:46 281312 ----a-w- h:\windows\system32\PnkBstrB.xtr
2012-11-05 19:28 . 2011-01-27 19:05 281312 ----a-w- h:\windows\system32\PnkBstrB.ex0
2012-10-30 22:51 . 2011-03-09 18:28 738504 ----a-w- h:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51 . 2011-01-15 11:50 361032 ----a-w- h:\windows\system32\drivers\aswSP.sys
2012-10-30 22:51 . 2011-01-15 11:50 54232 ----a-w- h:\windows\system32\drivers\aswTdi.sys
2012-10-30 22:51 . 2011-01-15 11:50 35928 ----a-w- h:\windows\system32\drivers\aswRdr.sys
2012-10-30 22:51 . 2011-01-15 11:50 97608 ----a-w- h:\windows\system32\drivers\aswmon2.sys
2012-10-30 22:51 . 2011-01-15 11:50 89752 ----a-w- h:\windows\system32\drivers\aswmon.sys
2012-10-30 22:51 . 2011-01-15 11:50 21256 ----a-w- h:\windows\system32\drivers\aswFsBlk.sys
2012-10-30 22:51 . 2011-01-15 11:50 25256 ----a-w- h:\windows\system32\drivers\aavmker4.sys
2012-10-30 22:51 . 2011-01-15 11:50 41224 ----a-w- h:\windows\avastSS.scr
2012-10-30 22:50 . 2011-01-15 11:50 227648 ----a-w- h:\windows\system32\aswBoot.exe
2012-10-29 07:04 . 2011-01-27 19:05 76888 ----a-w- h:\windows\system32\PnkBstrA.exe
2012-10-26 15:55 . 2012-09-23 07:07 16400 ----a-w- h:\windows\system32\drivers\LNonPnP.sys
2010-02-16 10:46 . 2010-02-16 10:43 63 ----a-w- h:\program files\Namapuj.bat
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 121528 ----a-w- h:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="h:\program files\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2008-06-27 16875008]
"StartCCC"="h:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-28 98304]
"Launch LCore"="h:\program files\Logitech Gaming Software\LCore.exe" [2012-07-24 5115192]
"RTSS"="h:\program files\MSI Afterburner\Bundle\OSDServer\RTSS.exe" [2012-10-30 166968]
"MSIAfterburner"="h:\program files\MSI Afterburner\MSIAfterburner.exe" [2012-10-30 408632]
"QuickTime Task"="h:\program files\QuickTime Alternative\QTTask.exe" [2011-10-24 421888]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="h:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
h:\documents and settings\All Users\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
HP Digital Imaging Monitor.lnk - h:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\
Logitech . Registrace produktu.lnk - h:\program files\Logitech Gaming Software\EReg\eReg.exe [2012-9-23 517384]
.
h:\documents and settings\Administrator\Nabídka Start\Programy\Po spuštění\AutorunsDisabled
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - h:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoPopUpsOnBoot"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
2008-06-19 08:20 57344 ------r- h:\windows\Alcmtr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcWzrd]
2008-06-19 08:42 2808832 ------r- h:\windows\alcwzrd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TO2SSM_McciTrayApp]
2008-08-15 16:33 1473536 ----a-w- h:\program files\TO2SSM\McciTrayApp.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"h:\\Program Files\\THQ\\Frontlines-Fuel of War\\Binaries\\FFOW.exe"=
"h:\\Program Files\\ICQ6.5\\ICQ.exe"=
"h:\\WINDOWS\\system32\\dpnsvr.exe"=
"h:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"h:\\Program Files\\Opera\\opera.exe"=
"h:\\Program Files\\Electronic Arts\\Need for Speed Carbon\\NFSC.exe"=
"h:\\Program Files\\Metin2_CZ\\metin2.bin"=
"h:\\Program Files\\Metin2_CZ\\metin2client.bin"=
"h:\\Program Files\\ICQ7.0\\ICQ.exe"=
"h:\\Program Files\\ICQ7.0\\aolload.exe"=
"h:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"h:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"h:\\Program Files\\Electronic Arts\\Medal of Honor\\Binaries\\moh.exe"=
"h:\\Program Files\\Electronic Arts\\Medal of Honor\\MP\\MoHMPGame.exe"=
"h:\\Program Files\\GIGABYTE\\EnergySaver\\run.exe"=
"i:\\Games\\Ubi Soft\\Hawx\\HAWX.exe"=
"h:\\WINDOWS\\system32\\PnkBstrA.exe"=
"h:\\WINDOWS\\system32\\PnkBstrB.exe"=
"i:\\Games\\Crytek\\Crysis\\Bin32\\Crysis.exe"=
"i:\\Games\\Crytek\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"h:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"h:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"h:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"i:\\Games\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\xrEngine.exe"=
"i:\\Games\\Deep Silver\\S.T.A.L.K.E.R. - Clear Sky\\bin\\dedicated\\xrEngine.exe"=
"h:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2.exe"=
"h:\\Program Files\\UBISOFT\\Ubisoft Game Launcher\\UbisoftGameLauncher.exe"=
"h:\\Program Files\\UBISOFT\\Tom Clancy's H.A.W.X. 2\\HAWX2.exe"=
"h:\\Program Files\\UBISOFT\\Tom Clancy's H.A.W.X. 2\\Data\\Browser\\UPlayBrowser.exe"=
"i:\\Games\\Crytek\\Crysis 2\\bin32\\Crysis2.exe"=
"h:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2OA.exe"=
"i:\\Games\\BlackBeanGames\\WRC2010\\Launcher.exe"=
"i:\\Games\\F1_2010\\F1_2010_game.exe"=
"h:\\Program Files\\uTorrent\\utorrent.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\ACBSP.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\ACBMP.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\AssassinsCreedBrotherhood.exe"=
"i:\\Games\\Ubisoft\\Assassin's Creed Brotherhood\\UPlayBrowser.exe"=
"i:\\Games\\Mass Effect 2\\Binaries\\MassEffect2.exe"=
"i:\\Games\\Mass Effect 2\\MassEffect2Launcher.exe"=
"i:\\Games\\Auran\\TS2010\\Trainz.exe"=
"i:\\Games\\Auran\\TS2010\\bin\\TADDaemon.exe"=
"h:\\Program Files\\Bohemia Interactive\\ArmA 2\\arma2oaserver.exe"=
"i:\\Games\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
"h:\\Program Files\\Server\\USB server\\mysql\\bin\\mysqld_usbwv8.exe"=
"h:\\Program Files\\Server\\USB server\\apache\\bin\\httpd_usbwv8.exe"=
"h:\\Program Files\\Metin2_CZ\\metin2.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqtra08.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqste08.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hposid01.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqscnvw.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpiscnapp.exe"=
"h:\\Program Files\\Hewlett-Packard\\Digital Imaging\\bin\\hpqkygrp.exe"=
"i:\\Games\\Z8Games\\CrossFire\\CF_G4box.exe"=
"i:\\Games\\Battlefield 2142\\BF2142.exe"=
"h:\\Program Files\\Bohemia Interactive\\Take On Helicopters Demo\\TakeOnHDemo.exe"=
"h:\\Program Files\\Skype\\Phone\\Skype.exe"=
"i:\\Games\\Call of Duty - World at War\\CoDWaWmp.exe"=
"i:\\Games\\FlatOut2\\flatout2.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"58888:TCP"= 58888:TCP:Pando Media Booster
"58888:UDP"= 58888:UDP:Pando Media Booster
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R1 cc2209c0;cc2209c0;h:\windows\System32\drivers\cc2209c0.sys [x]
R2 MSSQL$SPRINXCRM;SQL Server (SPRINXCRM);h:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
R2 SkypeUpdate;Skype Updater;h:\program files\Skype\Updater\Updater.exe [x]
R3 cpuz130;cpuz130;h:\docume~1\ADMINI~1\LOCALS~1\Temp\cpuz130\cpuz_x32.sys [x]
R3 EagleXNt;EagleXNt;h:\windows\system32\drivers\EagleXNt.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;h:\windows\system32\drivers\LGVirHid.sys [x]
R3 npggsvc;nProtect GameGuard Service;h:\windows\system32\GameMon.des [x]
R3 pcouffin;VSO Software pcouffin;h:\windows\system32\Drivers\pcouffin.sys [x]
R3 SMCWPCIG;SMCWPCI-G 54Mbps Wireless PCI adapter Service;h:\windows\system32\DRIVERS\SMCWPCIG.sys [x]
R3 SwitchBoard;SwitchBoard;h:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 wlanndi5;wlanndi5 NDIS Protocol Driver;h:\windows\system32\wlanndi5.SYS [x]
R4 Application Updater;Application Updater;h:\program files\Application Updater\ApplicationUpdater.exe [x]
R4 GEST Service;GEST Service for program management.;h:\program files\GIGABYTE\EnergySaver\GSvr.exe [x]
R4 gupdate1ca8be9ec2b3198;Google Update Service (gupdate1ca8be9ec2b3198);h:\program files\Google\Update\GoogleUpdate.exe [x]
S0 SmartDefragDriver;SmartDefragDriver;h:\windows\System32\Drivers\SmartDefragDriver.sys [x]
S0 sptd;sptd;h:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;h:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [x]
S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;h:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;h:\windows\system32\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;h:\windows\system32\DRIVERS\LGSHidFilt.Sys [x]
S3 RTCore32;RTCore32;h:\program files\MSI Afterburner\RTCore32.sys [x]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - RTCORE32
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Obsah adresáře 'Naplánované úlohy'
.
2012-11-20 h:\windows\Tasks\Adobe Flash Player Updater.job
- h:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-05 07:20]
.
2012-12-06 h:\windows\Tasks\avast! Emergency Update.job
- h:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2012-07-09 22:50]
.
2012-09-19 h:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- h:\program files\Google\Update\GoogleUpdate.exe [2010-01-02 20:26]
.
2012-09-19 h:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- h:\program files\Google\Update\GoogleUpdate.exe [2010-01-02 20:26]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - h:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - h:\windows\WebIE.dll
TCP: DhcpNameServer = 10.0.0.138
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
SafeBoot-Wdf01000.sys
SafeBoot-IMFservice
AddRemove-Advanced SystemCare 5_is1 - h:\program files\IObit\Advanced SystemCare 5\unins000.exe
AddRemove-Game Booster_is1 - h:\program files\IObit\Game Booster\unins000.exe
AddRemove-IObit Malware Fighter_is1 - h:\program files\IObit\IObit Malware Fighter\unins001.exe
AddRemove-Smart Defrag 2_is1 - h:\program files\IObit\Smart Defrag 2\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-06 11:06
Windows 5.1.2600 Service Pack 3 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="h:\windows\system32\GameMon.des -service"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a1,e9,ff,fc,57,70,38,45,aa,cf,5d,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a1,e9,ff,fc,57,70,38,45,aa,cf,5d,\
.
[HKEY_USERS\S-1-5-21-2052111302-1993962763-725345543-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,26,84,ff,0a,1d,d4,8e,4a,9a,19,14,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,9c,4e,96,e1,22,24,49,40,9b,26,72,\
"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2a,bc,30,8d,29,7c,24,48,a8,dd,b4,\
.
[HKEY_USERS\S-1-5-21-2052111302-1993962763-725345543-500\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:e9,52,98,e2,eb,b9,d2,19,2b,34,0e,42,3a,54,01,9a,6a,47,68,6d,d0,b5,41,
bf,76,71,5f,bb,84,7f,e2,b0,ff,d5,bf,58,0d,fe,90,2b,7e,45,f5,f4,a7,81,16,69,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-2052111302-1993962763-725345543-500\Software\SecuROM\License information*]
"datasecu"=hex:f2,9a,58,e0,ba,aa,7b,b1,d0,cb,bd,77,be,e9,6d,6c,cd,b5,4b,36,15,
58,6b,41,d8,cc,a5,05,3a,94,b5,8c,1b,f3,00,41,48,41,e3,f1,71,b9,5f,bd,72,7f,\
"rkeysecu"=hex:cb,a0,c9,05,19,b2,dd,29,cb,84,e9,bd,2d,46,30,81
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'winlogon.exe'(812)
h:\windows\system32\Ati2evxx.dll
h:\windows\system32\atiadlxx.dll
.
- - - - - - - > 'explorer.exe'(3040)
h:\program files\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
h:\windows\system32\msi.dll
h:\windows\system32\webcheck.dll
h:\windows\system32\WPDShServiceObj.dll
h:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
h:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
h:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_cze.nlr
h:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
h:\windows\system32\PortableDeviceTypes.dll
h:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
h:\windows\system32\Ati2evxx.exe
h:\windows\system32\Ati2evxx.exe
h:\program files\Alwil Software\Avast5\AvastSvc.exe
h:\program files\Java\jre6\bin\jqs.exe
h:\program files\Common Files\Motive\McciCMService.exe
h:\windows\system32\PnkBstrA.exe
h:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
h:\windows\RTHDCPL.EXE
h:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
h:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
h:\windows\system32\wscntfy.exe
h:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2012-12-06 11:08:27 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-12-06 10:08
ComboFix2.txt 2012-12-06 09:17
ComboFix3.txt 2012-12-05 20:51
ComboFix4.txt 2012-12-05 19:30
ComboFix5.txt 2012-12-06 09:56
.
Před spuštěním: Volných bajtů: 205 725 208 576
Po spuštění: Volných bajtů: 205 502 947 328
.
- - End Of File - - 4D6A7C80E2B94CA90EB3DC0452E2B92F
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
fajn, teraz vycisti PC s CCleanerom - hlavne registre, potom restart a napis ake su problemy s PC 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
v registru můžu opravit všechno beze strachu?)
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
bez obav - akciu zopakuj niekolko krat - az kym nebude bez chyb
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
restart proběhl v pořádku, jen ten dojesd win je delší. Stále je nedostupná síť, modem je ok, toto píšu z druhého pc
Tady je diagnostika sítě
Čas spuštění poslední diagnostiky: 12/05/12 23:02:15 Diagnostika rozhraní WinSock
Stav rozhraní WinSock
info V katalogu Winsock jsou všechny položky zprostředkovatele základní služby.
info Řetězy zprostředkovatelů služeb Winsock jsou platné.
error Položka zprostředkovatele MSAFD Tcpip [TCP/IP] nemohla provést jednoduchou komunikaci zpětnou smyčkou. Chyba 10050.
error Položka zprostředkovatele MSAFD Tcpip [UDP/IP] nemohla provést jednoduchou komunikaci zpětnou smyčkou. Chyba 10050.
error Položka zprostředkovatele RSVP UDP Service Provider nemohla provést jednoduchou komunikaci zpětnou smyčkou. Chyba 10091.
error Položka zprostředkovatele RSVP TCP Service Provider nemohla provést jednoduchou komunikaci zpětnou smyčkou. Chyba 10091.
error Nainstalovaný zprostředkovatel LSP má potíže s připojením.
action Automatická oprava: Obnovit katalog rozhraní WinSock
action Úspěšně spuštěn příkaz: netsh winsock reset catalog
info Je třeba restartovat systém.
Diagnostika síťového adaptéru
Rozpoznávání umístění v síti
info Použití domácího připojení k síti Internet
Identifikace síťového adaptéru
info Síťové připojení: Název = Připojení k místní síti, Zařízení = Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC, MediaType = Místní síť (LAN), SubMediaType = Místní síť (LAN)
info Bylo vybráno připojení typu Ethernet.
Stav síťového adaptéru
info Stav připojení k síti: Připojeno
Diagnostika protokolů HTTP, HTTPS a FTP
Připojení protokoly HTTP, HTTPS a FTP
warn FTP (pasivní): Došlo k chybě 12007 při připojování k ftp.microsoft.com: The server name or address could not be resolved
warn Protokol HTTP: Došlo k chybě 12007 při připojování k www.microsoft.com: The server name or address could not be resolved
warn Protokol HTTPS: Došlo k chybě 12007 při připojování k www.microsoft.com: The server name or address could not be resolved
warn FTP (aktivní): Došlo k chybě 12007 při připojování k ftp.microsoft.com: The server name or address could not be resolved
warn Protokol HTTP: Došlo k chybě 12007 při připojování k www.hotmail.com: The server name or address could not be resolved
warn Protokol HTTPS: Došlo k chybě 12007 při připojování k www.passport.net: The server name or address could not be resolved
error Nepodařilo se vytvořit připojení Protokol HTTP.
error Nepodařilo se vytvořit připojení Protokol HTTPS.
error Nepodařilo se vytvořit připojení FTP.
Tady je diagnostika sítě
Čas spuštění poslední diagnostiky: 12/05/12 23:02:15 Diagnostika rozhraní WinSock
Stav rozhraní WinSock
info V katalogu Winsock jsou všechny položky zprostředkovatele základní služby.
info Řetězy zprostředkovatelů služeb Winsock jsou platné.
error Položka zprostředkovatele MSAFD Tcpip [TCP/IP] nemohla provést jednoduchou komunikaci zpětnou smyčkou. Chyba 10050.
error Položka zprostředkovatele MSAFD Tcpip [UDP/IP] nemohla provést jednoduchou komunikaci zpětnou smyčkou. Chyba 10050.
error Položka zprostředkovatele RSVP UDP Service Provider nemohla provést jednoduchou komunikaci zpětnou smyčkou. Chyba 10091.
error Položka zprostředkovatele RSVP TCP Service Provider nemohla provést jednoduchou komunikaci zpětnou smyčkou. Chyba 10091.
error Nainstalovaný zprostředkovatel LSP má potíže s připojením.
action Automatická oprava: Obnovit katalog rozhraní WinSock
action Úspěšně spuštěn příkaz: netsh winsock reset catalog
info Je třeba restartovat systém.
Diagnostika síťového adaptéru
Rozpoznávání umístění v síti
info Použití domácího připojení k síti Internet
Identifikace síťového adaptéru
info Síťové připojení: Název = Připojení k místní síti, Zařízení = Realtek RTL8168C(P)/8111C(P) PCI-E Gigabit Ethernet NIC, MediaType = Místní síť (LAN), SubMediaType = Místní síť (LAN)
info Bylo vybráno připojení typu Ethernet.
Stav síťového adaptéru
info Stav připojení k síti: Připojeno
Diagnostika protokolů HTTP, HTTPS a FTP
Připojení protokoly HTTP, HTTPS a FTP
warn FTP (pasivní): Došlo k chybě 12007 při připojování k ftp.microsoft.com: The server name or address could not be resolved
warn Protokol HTTP: Došlo k chybě 12007 při připojování k www.microsoft.com: The server name or address could not be resolved
warn Protokol HTTPS: Došlo k chybě 12007 při připojování k www.microsoft.com: The server name or address could not be resolved
warn FTP (aktivní): Došlo k chybě 12007 při připojování k ftp.microsoft.com: The server name or address could not be resolved
warn Protokol HTTP: Došlo k chybě 12007 při připojování k www.hotmail.com: The server name or address could not be resolved
warn Protokol HTTPS: Došlo k chybě 12007 při připojování k www.passport.net: The server name or address could not be resolved
error Nepodařilo se vytvořit připojení Protokol HTTP.
error Nepodařilo se vytvořit připojení Protokol HTTPS.
error Nepodařilo se vytvořit připojení FTP.
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
skontroluj spravnost nastaveni TCP/IP - ak je spravne, skus preinstalovat sietovy ovladac
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
Stále nejde(( nanačítá prototokoly TCP/IP, odinstaloval jsem ovladač a resnul PC, pořád stejné.
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
IP i maska jsou prázdné, nejde ani oprava sítě
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
skus pouzit WSF http://www.softpedia.com/get/Tweak/Netw ... kFix.shtml
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
provedeno, resnuto, problém přetrvává. Připojeno, ale není ip, odeslane pakety 6, přijato 0
Re: Prosím o kontrolu logu, odstraněn PERFLIB_PERFDATA
vloz aktualny log RSIT
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?