Problem s virama :-( Opět jsem v tom :-( Prosim o pomoc.
- solda1
- Začátečník
-
- Registrován: 15. dub 2007
- Bydliště: Hodonín
- Kontaktovat uživatele:
- BUBINO
- Začátečník
-
- Registrován: 12. čer 2007
- Bydliště: Mám
- solda1
- Začátečník
-
- Registrován: 15. dub 2007
- Bydliště: Hodonín
- Kontaktovat uživatele:
- BUBINO
- Začátečník
-
- Registrován: 12. čer 2007
- Bydliště: Mám
- solda1
- Začátečník
-
- Registrován: 15. dub 2007
- Bydliště: Hodonín
- Kontaktovat uživatele:
jeste to poradne nechapu,dufam,ze sem to udelal dobre...
ComboFix 08-02.05.3 - Administrator 2008-02-08 15:41:46.6 - NTFSx86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.841 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\.exe
.
((((((((((((((((((((((((( Files Created from 2008-01-08 to 2008-02-08 )))))))))))))))))))))))))))))))
.
2008-02-08 15:29 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-08 15:29 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-08 15:29 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-08 15:29 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-08 15:29 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-08 15:29 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-08 15:29 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-08 15:29 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-08 15:13 . 2008-02-08 15:13 67,584 --ahs---- C:\WINDOWS\system32\urdvxc.exe
2008-02-08 12:28 . 2008-02-08 12:28 <DIR> d-------- C:\WINDOWS\ERUNT
2008-02-08 12:23 . 2008-02-08 12:34 <DIR> d-------- C:\SDFix
2008-02-06 15:14 . 2008-02-06 15:14 19,711 --a------ C:\WINDOWS\system32\hpaqbp.exe
2008-02-06 15:14 . 2008-02-06 15:14 7,680 --a------ C:\WINDOWS\system32\idjwvv.exe
2008-02-06 14:22 . 2008-02-06 14:22 19,711 --a------ C:\WINDOWS\system32\optdemsi.exe
2008-02-06 14:22 . 2008-02-06 14:22 7,680 --a------ C:\WINDOWS\system32\irwtvua.exe
2008-02-06 12:52 . 2008-02-06 12:53 19,711 --a------ C:\WINDOWS\system32\ylahqvsv.exe
2008-02-06 12:52 . 2008-02-06 12:52 7,680 --a------ C:\WINDOWS\system32\hkvtfdei.exe
2008-02-06 12:50 . 2008-02-06 12:50 19,711 --a------ C:\WINDOWS\system32\uquaadsu.exe
2008-02-06 12:50 . 2008-02-06 12:50 7,680 --a------ C:\WINDOWS\system32\okhwoupw.exe
2008-02-06 11:23 . 2008-02-06 11:24 14,600 --ah----- C:\WINDOWS\system32\ofwmgwuy.exe
2008-02-06 11:11 . 2008-02-06 11:24 31,390 --ah----- C:\WINDOWS\system32\lbexu.exe
2008-02-06 10:01 . 2008-02-06 10:01 19,711 --a------ C:\WINDOWS\system32\bpwxj.exe
2008-02-06 10:01 . 2008-02-06 10:01 7,680 --a------ C:\WINDOWS\system32\cseuy.exe
2008-02-06 09:50 . 2008-02-06 09:50 19,711 --a------ C:\WINDOWS\system32\ejsgqcn.exe
2008-02-06 09:50 . 2008-02-06 09:50 7,680 --a------ C:\WINDOWS\system32\dqpagbj.exe
2008-02-05 22:38 . 2008-02-05 22:38 121 --a------ C:\WINDOWS\system32\vrzhr.bat
2008-02-05 22:37 . 2008-02-05 22:38 64,000 --ah----- C:\WINDOWS\system32\dprmsf.exe
2008-02-05 21:03 . 2008-02-05 21:03 19,711 --a------ C:\WINDOWS\system32\qyoxpai.exe
2008-02-05 21:03 . 2008-02-05 21:03 7,680 --a------ C:\WINDOWS\system32\hiwq.exe
2008-02-05 20:07 . 2008-02-05 20:07 19,711 --a------ C:\WINDOWS\system32\fxazkrl.exe
2008-02-05 20:07 . 2008-02-05 20:07 7,680 --a------ C:\WINDOWS\system32\hvtebcl.exe
2008-02-05 17:27 . 2008-02-05 17:27 19,711 --a------ C:\WINDOWS\system32\tuzxmai.exe
2008-02-05 17:27 . 2008-02-05 17:27 7,680 --a------ C:\WINDOWS\system32\zywfp.exe
2008-02-05 17:26 . 2008-02-05 17:26 <DIR> d-------- C:\Documents and Settings\Guest\Data aplikací\Logitech
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d-------- C:\Documents and Settings\Guest\Plocha
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolní tiskárny
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolní síť
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Oblíbené položky
2008-02-05 17:25 . 2008-02-04 13:11 <DIR> d--h----- C:\Documents and Settings\Guest\Šablony
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> dr------- C:\Documents and Settings\Guest\Nabídka Start
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Dokumenty
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr-h----- C:\Documents and Settings\Guest\Data aplikací
2008-02-05 17:15 . 2004-03-10 19:00 595,968 -----c--- C:\WINDOWS\system32\dllcache\xpsp2res.dll
2008-02-05 16:58 . 2003-02-28 16:34 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2008-02-05 16:58 . 2003-02-28 18:26 171,280 --a------ C:\WINDOWS\system32\jit.dll
2008-02-05 16:58 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-02-05 16:58 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-02-05 16:58 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-02-05 16:58 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-02-05 16:38 . 2008-02-05 16:38 7,680 --a------ C:\WINDOWS\system32\dqogsv.exe
2008-02-05 15:57 . 2005-10-20 23:34 992,768 --a------ C:\WINDOWS\system32\esent.dll
2008-02-05 15:46 . 2008-02-05 15:46 7,680 --a------ C:\WINDOWS\system32\ksalfyc.exe
2008-02-05 15:44 . 2008-02-05 15:44 19,711 --a------ C:\WINDOWS\system32\zmar.exe
2008-02-05 15:44 . 2008-02-05 15:44 7,680 --a------ C:\WINDOWS\system32\ljwymzf.exe
2008-02-05 15:28 . 2008-02-05 15:28 19,711 --a------ C:\WINDOWS\system32\mjyatrr.exe
2008-02-05 15:28 . 2008-02-05 15:28 7,680 --a------ C:\WINDOWS\system32\jsjk.exe
2008-02-05 15:25 . 2008-02-05 15:25 <DIR> d-------- C:\WINDOWS\system32\bits
2008-02-05 15:25 . 2008-02-05 17:00 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-02-05 15:22 . 2004-07-01 23:10 360,448 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a--c--- C:\WINDOWS\system32\dllcache\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-02-05 14:11 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-02-05 14:11 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-02-05 14:11 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-02-05 14:11 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-02-05 14:11 . 2004-08-03 14:05 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-02-05 14:11 . 2004-08-03 13:59 168,216 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-02-05 14:11 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-02-05 13:53 . 2008-02-05 13:53 19,711 --a------ C:\WINDOWS\system32\oyyehrz.exe
2008-02-05 13:53 . 2008-02-05 13:53 7,680 --a------ C:\WINDOWS\system32\hfpkf.exe
2008-02-05 13:40 . 2008-02-05 13:41 33,792 --ah----- C:\WINDOWS\system32\ysbp.exe
2008-02-05 11:59 . 2008-02-05 11:59 <DIR> d---s---- C:\Documents and Settings\Administrator\UserData
2008-02-05 11:55 . 2008-02-05 12:23 <DIR> d-------- C:\Program Files\Ubisoft
2008-02-05 11:55 . 2000-05-22 01:00 140,488 --a------ C:\WINDOWS\system32\comdlg32.ocx
2008-02-05 11:55 . 1998-06-24 01:00 115,016 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-02-05 11:55 . 1998-06-18 01:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-02-05 11:55 . 2000-03-17 09:21 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
2008-02-05 11:55 . 2000-03-17 09:21 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
2008-02-05 11:55 . 2002-04-24 13:43 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
2008-02-05 11:55 . 2002-04-09 18:23 29,184 --a------ C:\WINDOWS\system32\MSINET.oca
2008-02-05 11:55 . 2002-10-17 11:35 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe
2008-02-05 11:55 . 2002-01-07 17:30 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-05 11:50 . 2008-02-05 11:50 <DIR> d-------- C:\WINDOWS\Cache
2008-02-05 11:41 . 2008-02-08 12:11 <DIR> d-------- C:\Program Files\AdVantage
2008-02-05 11:41 . 2008-02-05 11:41 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools
2008-02-05 11:38 . 2008-02-05 11:42 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-02-05 11:38 . 2008-02-05 11:38 19,711 --a------ C:\WINDOWS\system32\ccko.exe
2008-02-05 11:38 . 2008-02-05 11:38 7,680 --a------ C:\WINDOWS\system32\tjsp.exe
2008-02-05 11:36 . 2008-02-05 11:36 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-02-05 11:13 . 2008-02-05 11:13 19,711 --a------ C:\WINDOWS\system32\kmhe.exe
2008-02-05 11:13 . 2008-02-05 11:13 7,680 --a------ C:\WINDOWS\system32\qdycy.exe
2008-02-05 09:47 . 2008-02-05 09:47 19,711 --a------ C:\WINDOWS\system32\mdhgi.exe
2008-02-05 09:47 . 2008-02-05 09:47 7,680 --a------ C:\WINDOWS\system32\iugb.exe
2008-02-05 09:17 . 2008-02-05 09:17 19,711 --a------ C:\WINDOWS\system32\uaojnvwu.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-08 14:24 67,584 ----a-w C:\WINDOWS\Web\wcxnjhhj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\ssenjzlj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\stlvetct.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\stlvetct.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\stlvetct.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\stlvetct.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\hshlnlhk.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\hnvcxhls.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\zccewkkb.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\zcbjntbt.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\xttblnnn.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\cnvjlbvb.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\blbelbbj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\zkjckqle.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\wrsnrelv.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\rbjsrhhj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\qkjneslh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\kqwlwbxw.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\jlcehbkq.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\bttlteqt.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\bbekwlrs.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\tehxeecc.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\srljkjhs.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\wqqnvzet.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\sbsbzljh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\llehtbzr.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\jkvvjhhx.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\ehvhlqhw.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\vlewejke.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\rrjhbcnh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\ctrbnkts.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\wxklxbbh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\wnjeletk.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\nkbshxqh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\lscrknnq.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\jthchjjx.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\jrwbtbsl.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\wccnwsnz.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\rjewkstw.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\krbbjtbw.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\bxtxjsbv.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\rc\khhtevqk.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\panels\kqxqncte.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\panels\ekjekxll.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\tlwqjnbh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\tekstkzw.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\errors\brlkcjst.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\xjlnrbel.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\jkenjtvv.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\DFS\rllhnlsq.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\DFS\lzkknrkt.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\DFS\lthtlnwk.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\ttnejjkl.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\kshsbten.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\chlrtebt.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\csclcbtn.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\tsbjbtvn.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\tjnbzhbh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\lllknblj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\jjlenkbt.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\jbnshhqj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\hwexrtne.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\bzehxvnz.exe
2008-02-08 13:53 73,728 ----a-w C:\WINDOWS\DUMP5505.tmp
2008-02-05 11:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-05 10:56 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-02-04 20:33 --------- d-----w C:\Program Files\ATI Technologies
2008-02-04 13:59 --------- d-----w C:\Program Files\totalcmd
2008-02-04 13:47 --------- d-----w C:\Program Files\Alwil Software
2008-02-04 13:35 --------- d-----w C:\Program Files\ESET
2008-02-04 13:35 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\ESET
2008-02-04 13:16 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\ATI
2008-02-04 12:55 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\Logitech
2008-02-04 12:53 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2008-02-04 12:53 --------- d-----w C:\Program Files\Logitech
2008-02-04 12:52 --------- d-----w C:\Program Files\Common Files\Logitech
2008-02-04 12:37 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-04 12:36 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2008-02-04 12:29 423 ----a-w C:\Program Files\RHDSetup.log
2008-02-04 12:29 197 ----a-w C:\Program Files\csb.log
2008-02-04 12:28 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-04 12:28 --------- d-----w C:\Program Files\Realtek
2008-02-04 12:28 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2008-02-04 12:27 15,600 ----a-w C:\WINDOWS\gdrv.sys
2008-02-04 12:25 --------- d-----w C:\Program Files\Yahoo!
2008-02-04 12:25 --------- d-----w C:\Program Files\Intel
2008-02-04 12:15 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-04 12:14 558,142 ----a-w C:\WINDOWS\java\Packages\VTRHJZ5N.ZIP
2008-02-04 12:14 155,995 ----a-w C:\WINDOWS\java\Packages\OIJ7P773.ZIP
2007-12-21 03:53 2,843,136 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-21 03:09 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-12-21 03:08 272,384 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-12-21 03:02 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-12-21 02:59 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-12-21 02:59 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-12-21 02:59 147,456 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-12-21 02:59 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-12-21 02:58 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-12-21 02:57 512,000 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-12-21 02:56 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 18:05 13312]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-04 13:53 32768]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-08-27 13:42 517120]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-29 13:05 486856]
"AdVantage"="C:\Program Files\AdVantage\AdVantage.exe" [2007-11-05 11:12 884176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 12:45 49152 C:\WINDOWS\KHALMNPR.Exe]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-02-04 15:45 2776576]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 18:05 13312]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-02-04 13:53:14 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-02-04 13:52:38 434176]
S1 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 10:04]
S1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-02-04 15:47]
S2 MSWindows;Network Windows Service;"C:\WINDOWS\System32\urdvxc.exe" [2008-02-08 15:13]
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-02-04 13:27]
S3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 01:35]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-08 15:43:00
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-08 15:43:33
ComboFix-quarantined-files.txt 2008-02-08 14:43:20
ComboFix2.txt 2008-02-06 14:28:32
.
2008-02-05 16:23:01 --- E O F ---
ComboFix 08-02.05.3 - Administrator 2008-02-08 15:41:46.6 - NTFSx86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.841 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\.exe
.
((((((((((((((((((((((((( Files Created from 2008-01-08 to 2008-02-08 )))))))))))))))))))))))))))))))
.
2008-02-08 15:29 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-08 15:29 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-08 15:29 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-08 15:29 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-08 15:29 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-08 15:29 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-08 15:29 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-08 15:29 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-08 15:13 . 2008-02-08 15:13 67,584 --ahs---- C:\WINDOWS\system32\urdvxc.exe
2008-02-08 12:28 . 2008-02-08 12:28 <DIR> d-------- C:\WINDOWS\ERUNT
2008-02-08 12:23 . 2008-02-08 12:34 <DIR> d-------- C:\SDFix
2008-02-06 15:14 . 2008-02-06 15:14 19,711 --a------ C:\WINDOWS\system32\hpaqbp.exe
2008-02-06 15:14 . 2008-02-06 15:14 7,680 --a------ C:\WINDOWS\system32\idjwvv.exe
2008-02-06 14:22 . 2008-02-06 14:22 19,711 --a------ C:\WINDOWS\system32\optdemsi.exe
2008-02-06 14:22 . 2008-02-06 14:22 7,680 --a------ C:\WINDOWS\system32\irwtvua.exe
2008-02-06 12:52 . 2008-02-06 12:53 19,711 --a------ C:\WINDOWS\system32\ylahqvsv.exe
2008-02-06 12:52 . 2008-02-06 12:52 7,680 --a------ C:\WINDOWS\system32\hkvtfdei.exe
2008-02-06 12:50 . 2008-02-06 12:50 19,711 --a------ C:\WINDOWS\system32\uquaadsu.exe
2008-02-06 12:50 . 2008-02-06 12:50 7,680 --a------ C:\WINDOWS\system32\okhwoupw.exe
2008-02-06 11:23 . 2008-02-06 11:24 14,600 --ah----- C:\WINDOWS\system32\ofwmgwuy.exe
2008-02-06 11:11 . 2008-02-06 11:24 31,390 --ah----- C:\WINDOWS\system32\lbexu.exe
2008-02-06 10:01 . 2008-02-06 10:01 19,711 --a------ C:\WINDOWS\system32\bpwxj.exe
2008-02-06 10:01 . 2008-02-06 10:01 7,680 --a------ C:\WINDOWS\system32\cseuy.exe
2008-02-06 09:50 . 2008-02-06 09:50 19,711 --a------ C:\WINDOWS\system32\ejsgqcn.exe
2008-02-06 09:50 . 2008-02-06 09:50 7,680 --a------ C:\WINDOWS\system32\dqpagbj.exe
2008-02-05 22:38 . 2008-02-05 22:38 121 --a------ C:\WINDOWS\system32\vrzhr.bat
2008-02-05 22:37 . 2008-02-05 22:38 64,000 --ah----- C:\WINDOWS\system32\dprmsf.exe
2008-02-05 21:03 . 2008-02-05 21:03 19,711 --a------ C:\WINDOWS\system32\qyoxpai.exe
2008-02-05 21:03 . 2008-02-05 21:03 7,680 --a------ C:\WINDOWS\system32\hiwq.exe
2008-02-05 20:07 . 2008-02-05 20:07 19,711 --a------ C:\WINDOWS\system32\fxazkrl.exe
2008-02-05 20:07 . 2008-02-05 20:07 7,680 --a------ C:\WINDOWS\system32\hvtebcl.exe
2008-02-05 17:27 . 2008-02-05 17:27 19,711 --a------ C:\WINDOWS\system32\tuzxmai.exe
2008-02-05 17:27 . 2008-02-05 17:27 7,680 --a------ C:\WINDOWS\system32\zywfp.exe
2008-02-05 17:26 . 2008-02-05 17:26 <DIR> d-------- C:\Documents and Settings\Guest\Data aplikací\Logitech
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d-------- C:\Documents and Settings\Guest\Plocha
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolní tiskárny
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolní síť
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Oblíbené položky
2008-02-05 17:25 . 2008-02-04 13:11 <DIR> d--h----- C:\Documents and Settings\Guest\Šablony
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> dr------- C:\Documents and Settings\Guest\Nabídka Start
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Dokumenty
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr-h----- C:\Documents and Settings\Guest\Data aplikací
2008-02-05 17:15 . 2004-03-10 19:00 595,968 -----c--- C:\WINDOWS\system32\dllcache\xpsp2res.dll
2008-02-05 16:58 . 2003-02-28 16:34 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2008-02-05 16:58 . 2003-02-28 18:26 171,280 --a------ C:\WINDOWS\system32\jit.dll
2008-02-05 16:58 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-02-05 16:58 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-02-05 16:58 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-02-05 16:58 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-02-05 16:38 . 2008-02-05 16:38 7,680 --a------ C:\WINDOWS\system32\dqogsv.exe
2008-02-05 15:57 . 2005-10-20 23:34 992,768 --a------ C:\WINDOWS\system32\esent.dll
2008-02-05 15:46 . 2008-02-05 15:46 7,680 --a------ C:\WINDOWS\system32\ksalfyc.exe
2008-02-05 15:44 . 2008-02-05 15:44 19,711 --a------ C:\WINDOWS\system32\zmar.exe
2008-02-05 15:44 . 2008-02-05 15:44 7,680 --a------ C:\WINDOWS\system32\ljwymzf.exe
2008-02-05 15:28 . 2008-02-05 15:28 19,711 --a------ C:\WINDOWS\system32\mjyatrr.exe
2008-02-05 15:28 . 2008-02-05 15:28 7,680 --a------ C:\WINDOWS\system32\jsjk.exe
2008-02-05 15:25 . 2008-02-05 15:25 <DIR> d-------- C:\WINDOWS\system32\bits
2008-02-05 15:25 . 2008-02-05 17:00 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-02-05 15:22 . 2004-07-01 23:10 360,448 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a--c--- C:\WINDOWS\system32\dllcache\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-02-05 14:11 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-02-05 14:11 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-02-05 14:11 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-02-05 14:11 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-02-05 14:11 . 2004-08-03 14:05 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-02-05 14:11 . 2004-08-03 13:59 168,216 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-02-05 14:11 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-02-05 13:53 . 2008-02-05 13:53 19,711 --a------ C:\WINDOWS\system32\oyyehrz.exe
2008-02-05 13:53 . 2008-02-05 13:53 7,680 --a------ C:\WINDOWS\system32\hfpkf.exe
2008-02-05 13:40 . 2008-02-05 13:41 33,792 --ah----- C:\WINDOWS\system32\ysbp.exe
2008-02-05 11:59 . 2008-02-05 11:59 <DIR> d---s---- C:\Documents and Settings\Administrator\UserData
2008-02-05 11:55 . 2008-02-05 12:23 <DIR> d-------- C:\Program Files\Ubisoft
2008-02-05 11:55 . 2000-05-22 01:00 140,488 --a------ C:\WINDOWS\system32\comdlg32.ocx
2008-02-05 11:55 . 1998-06-24 01:00 115,016 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-02-05 11:55 . 1998-06-18 01:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-02-05 11:55 . 2000-03-17 09:21 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
2008-02-05 11:55 . 2000-03-17 09:21 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
2008-02-05 11:55 . 2002-04-24 13:43 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
2008-02-05 11:55 . 2002-04-09 18:23 29,184 --a------ C:\WINDOWS\system32\MSINET.oca
2008-02-05 11:55 . 2002-10-17 11:35 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe
2008-02-05 11:55 . 2002-01-07 17:30 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-05 11:50 . 2008-02-05 11:50 <DIR> d-------- C:\WINDOWS\Cache
2008-02-05 11:41 . 2008-02-08 12:11 <DIR> d-------- C:\Program Files\AdVantage
2008-02-05 11:41 . 2008-02-05 11:41 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools
2008-02-05 11:38 . 2008-02-05 11:42 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-02-05 11:38 . 2008-02-05 11:38 19,711 --a------ C:\WINDOWS\system32\ccko.exe
2008-02-05 11:38 . 2008-02-05 11:38 7,680 --a------ C:\WINDOWS\system32\tjsp.exe
2008-02-05 11:36 . 2008-02-05 11:36 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-02-05 11:13 . 2008-02-05 11:13 19,711 --a------ C:\WINDOWS\system32\kmhe.exe
2008-02-05 11:13 . 2008-02-05 11:13 7,680 --a------ C:\WINDOWS\system32\qdycy.exe
2008-02-05 09:47 . 2008-02-05 09:47 19,711 --a------ C:\WINDOWS\system32\mdhgi.exe
2008-02-05 09:47 . 2008-02-05 09:47 7,680 --a------ C:\WINDOWS\system32\iugb.exe
2008-02-05 09:17 . 2008-02-05 09:17 19,711 --a------ C:\WINDOWS\system32\uaojnvwu.exe
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-08 14:24 67,584 ----a-w C:\WINDOWS\Web\wcxnjhhj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\ssenjzlj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\stlvetct.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\stlvetct.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\stlvetct.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\stlvetct.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\hshlnlhk.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\hnvcxhls.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\zccewkkb.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\zcbjntbt.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\xttblnnn.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\cnvjlbvb.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\blbelbbj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\zkjckqle.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\wrsnrelv.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\rbjsrhhj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\qkjneslh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\kqwlwbxw.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\jlcehbkq.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\bttlteqt.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\bbekwlrs.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\tehxeecc.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\srljkjhs.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\wqqnvzet.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\sbsbzljh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\llehtbzr.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\jkvvjhhx.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\ehvhlqhw.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\vlewejke.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\rrjhbcnh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\ctrbnkts.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\wxklxbbh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\wnjeletk.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\nkbshxqh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\lscrknnq.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\jthchjjx.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\jrwbtbsl.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\wccnwsnz.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\rjewkstw.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\krbbjtbw.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\bxtxjsbv.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\rc\khhtevqk.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\panels\kqxqncte.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\panels\ekjekxll.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\tlwqjnbh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\tekstkzw.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\errors\brlkcjst.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\xjlnrbel.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\jkenjtvv.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\DFS\rllhnlsq.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\DFS\lzkknrkt.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\DFS\lthtlnwk.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\ttnejjkl.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\kshsbten.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\chlrtebt.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\csclcbtn.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\tsbjbtvn.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\tjnbzhbh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\lllknblj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\jjlenkbt.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\jbnshhqj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\hwexrtne.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\bzehxvnz.exe
2008-02-08 13:53 73,728 ----a-w C:\WINDOWS\DUMP5505.tmp
2008-02-05 11:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-05 10:56 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-02-04 20:33 --------- d-----w C:\Program Files\ATI Technologies
2008-02-04 13:59 --------- d-----w C:\Program Files\totalcmd
2008-02-04 13:47 --------- d-----w C:\Program Files\Alwil Software
2008-02-04 13:35 --------- d-----w C:\Program Files\ESET
2008-02-04 13:35 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\ESET
2008-02-04 13:16 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\ATI
2008-02-04 12:55 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\Logitech
2008-02-04 12:53 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2008-02-04 12:53 --------- d-----w C:\Program Files\Logitech
2008-02-04 12:52 --------- d-----w C:\Program Files\Common Files\Logitech
2008-02-04 12:37 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-04 12:36 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2008-02-04 12:29 423 ----a-w C:\Program Files\RHDSetup.log
2008-02-04 12:29 197 ----a-w C:\Program Files\csb.log
2008-02-04 12:28 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-04 12:28 --------- d-----w C:\Program Files\Realtek
2008-02-04 12:28 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2008-02-04 12:27 15,600 ----a-w C:\WINDOWS\gdrv.sys
2008-02-04 12:25 --------- d-----w C:\Program Files\Yahoo!
2008-02-04 12:25 --------- d-----w C:\Program Files\Intel
2008-02-04 12:15 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-04 12:14 558,142 ----a-w C:\WINDOWS\java\Packages\VTRHJZ5N.ZIP
2008-02-04 12:14 155,995 ----a-w C:\WINDOWS\java\Packages\OIJ7P773.ZIP
2007-12-21 03:53 2,843,136 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-21 03:09 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-12-21 03:08 272,384 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-12-21 03:02 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-12-21 02:59 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-12-21 02:59 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-12-21 02:59 147,456 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-12-21 02:59 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-12-21 02:58 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-12-21 02:57 512,000 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-12-21 02:56 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 18:05 13312]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-04 13:53 32768]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-08-27 13:42 517120]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-29 13:05 486856]
"AdVantage"="C:\Program Files\AdVantage\AdVantage.exe" [2007-11-05 11:12 884176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 12:45 49152 C:\WINDOWS\KHALMNPR.Exe]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-02-04 15:45 2776576]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 18:05 13312]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-02-04 13:53:14 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-02-04 13:52:38 434176]
S1 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 10:04]
S1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-02-04 15:47]
S2 MSWindows;Network Windows Service;"C:\WINDOWS\System32\urdvxc.exe" [2008-02-08 15:13]
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-02-04 13:27]
S3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 01:35]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-08 15:43:00
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-08 15:43:33
ComboFix-quarantined-files.txt 2008-02-08 14:43:20
ComboFix2.txt 2008-02-06 14:28:32
.
2008-02-05 16:23:01 --- E O F ---
- BUBINO
- Začátečník
-
- Registrován: 12. čer 2007
- Bydliště: Mám
Toto skpiruj do poznamkoveho bloku :
Uloz ako CFScript a s mysou ho chyt. Presun nad combofix a pusti. Viditelny obrazok dole.
Som tam pridal veci.KillAll::
Driver::
Client Server Runtime Process
Advanced DHTML Enable
File::
C:\WINDOWS\system32\hpaqbp.exe
C:\WINDOWS\system32\idjwvv.exe
C:\WINDOWS\system32\optdemsi.exe
C:\WINDOWS\system32\irwtvua.exe
C:\WINDOWS\system32\ylahqvsv.exe
C:\WINDOWS\system32\hkvtfdei.exe
C:\WINDOWS\system32\uquaadsu.exe
C:\WINDOWS\system32\okhwoupw.exe
C:\WINDOWS\system32\ofwmgwuy.exe
C:\WINDOWS\system32\lbexu.exe
C:\WINDOWS\system32\bpwxj.exe
C:\WINDOWS\system32\cseuy.exe
C:\WINDOWS\system32\ejsgqcn.exe
C:\WINDOWS\system32\dqpagbj.exe
C:\WINDOWS\system32\vrzhr.bat
C:\WINDOWS\system32\dprmsf.exe
C:\WINDOWS\system32\qyoxpai.exe
C:\WINDOWS\system32\hiwq.exe
C:\WINDOWS\system32\fxazkrl.exe
C:\WINDOWS\system32\hvtebcl.exe
C:\WINDOWS\system32\tuzxmai.exe
C:\WINDOWS\system32\zywfp.exe
C:\WINDOWS\system32\ksalfyc.exe
C:\WINDOWS\system32\zmar.exe
C:\WINDOWS\system32\ljwymzf.exe
C:\WINDOWS\system32\mjyatrr.exe
C:\WINDOWS\system32\jsjk.exe
C:\WINDOWS\system32\oyyehrz.exe
C:\WINDOWS\system32\hfpkf.exe
C:\WINDOWS\system32\ysbp.exe
C:\WINDOWS\system32\comdlg32.ocx
C:\WINDOWS\system32\ccko.exe
C:\WINDOWS\system32\tjsp.exe
C:\WINDOWS\system32\drivers\sptd.sys
C:\WINDOWS\system32\kmhe.exe
C:\WINDOWS\system32\qdycy.exe
C:\WINDOWS\system32\mdhgi.exe
C:\WINDOWS\system32\iugb.exe
C:\WINDOWS\system32\uaojnvwu.exe
C:\WINDOWS\system32\ewistj.exe
C:\WINDOWS\System32\csrs.exe
Folder::
C:\Documents and Settings\Administrator\UserData
C:\Program Files\Ubisoft
C:\WINDOWS\PCHealth
Uloz ako CFScript a s mysou ho chyt. Presun nad combofix a pusti. Viditelny obrazok dole.
- solda1
- Začátečník
-
- Registrován: 15. dub 2007
- Bydliště: Hodonín
- Kontaktovat uživatele:
Uz sem to pochopil,jak snadne kdyz clovek ví 
Jelo to solidne.
Tu to je :
ComboFix 08-02.05.3 - Administrator 2008-02-08 16:10:24.8 - NTFSx86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.844 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Plocha\CFScript.txt
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE
C:\WINDOWS\system32\bpwxj.exe
C:\WINDOWS\system32\ccko.exe
C:\WINDOWS\system32\comdlg32.ocx
C:\WINDOWS\system32\cseuy.exe
C:\WINDOWS\System32\csrs.exe
C:\WINDOWS\system32\dprmsf.exe
C:\WINDOWS\system32\dqpagbj.exe
C:\WINDOWS\system32\drivers\sptd.sys
C:\WINDOWS\system32\ejsgqcn.exe
C:\WINDOWS\system32\ewistj.exe
C:\WINDOWS\system32\fxazkrl.exe
C:\WINDOWS\system32\hfpkf.exe
C:\WINDOWS\system32\hiwq.exe
C:\WINDOWS\system32\hkvtfdei.exe
C:\WINDOWS\system32\hpaqbp.exe
C:\WINDOWS\system32\hvtebcl.exe
C:\WINDOWS\system32\idjwvv.exe
C:\WINDOWS\system32\irwtvua.exe
C:\WINDOWS\system32\iugb.exe
C:\WINDOWS\system32\jsjk.exe
C:\WINDOWS\system32\kmhe.exe
C:\WINDOWS\system32\ksalfyc.exe
C:\WINDOWS\system32\lbexu.exe
C:\WINDOWS\system32\ljwymzf.exe
C:\WINDOWS\system32\mdhgi.exe
C:\WINDOWS\system32\mjyatrr.exe
C:\WINDOWS\system32\ofwmgwuy.exe
C:\WINDOWS\system32\okhwoupw.exe
C:\WINDOWS\system32\optdemsi.exe
C:\WINDOWS\system32\oyyehrz.exe
C:\WINDOWS\system32\qdycy.exe
C:\WINDOWS\system32\qyoxpai.exe
C:\WINDOWS\system32\tjsp.exe
C:\WINDOWS\system32\tuzxmai.exe
C:\WINDOWS\system32\uaojnvwu.exe
C:\WINDOWS\system32\uquaadsu.exe
C:\WINDOWS\system32\vrzhr.bat
C:\WINDOWS\system32\ylahqvsv.exe
C:\WINDOWS\system32\ysbp.exe
C:\WINDOWS\system32\zmar.exe
C:\WINDOWS\system32\zywfp.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Administrator\UserData
C:\Documents and Settings\Administrator\UserData\2VQNYT67\oWindowsUpdate[1].xml
C:\Documents and Settings\Administrator\UserData\index.dat
C:\Program Files\Ubisoft
C:\Program Files\Ubisoft\Crytek\Far Cry\FCData\Localized\english1.pak
C:\Program Files\Ubisoft\Register\config.xml
C:\Program Files\Ubisoft\Register\register.exe
C:\Program Files\Ubisoft\Register\schedule.exe
C:\WINDOWS\PCHealth\HelpCtr\BATCH\
C:\WINDOWS\PCHealth\HelpCtr\Binaries\brpinfo.dll
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HCAppRes.dll
C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HscUpd.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\hscxpsp1.cab
C:\WINDOWS\PCHealth\HelpCtr\Binaries\msconfig.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\msinfo.dll
C:\WINDOWS\PCHealth\HelpCtr\Binaries\notiflag.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_w3.cab
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchshell.dll
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Professional_32_1029.dat.bak
C:\WINDOWS\PCHealth\HelpCtr\Config\Cntstore.bin
C:\WINDOWS\PCHealth\HelpCtr\Config\dataspec.xml
C:\WINDOWS\PCHealth\HelpCtr\Config\NewsSet.xml
C:\WINDOWS\PCHealth\HelpCtr\Config\SAFStore.xml
C:\WINDOWS\PCHealth\HelpCtr\Config\sereg.xml
C:\WINDOWS\PCHealth\HelpCtr\Database\HCdata.edb
C:\WINDOWS\PCHealth\HelpCtr\Indices\merged.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_2.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_3.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_4.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_5.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_6.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_7.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_8.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_9.hhk
C:\WINDOWS\PCHealth\HelpCtr\Logs\hcupdate.log
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\index.dat
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000000.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000001.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000002.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000004.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000005.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000006.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000008.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000009.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000000a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000000c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000000e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000000f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000010.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000012.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000013.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000014.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000016.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000017.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000018.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000001a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000001b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000001c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000001d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000001e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000020.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000021.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000022.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000024.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000025.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000026.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000028.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000029.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000002a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000002c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000002d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000002e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000030.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000031.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000032.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000034.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000035.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000036.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000038.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000039.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000003a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000003c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000003e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000003f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000040.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000042.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000043.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000044.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000046.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000047.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000048.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000004a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000004b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000004c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000004d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000004e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000050.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000051.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000052.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000054.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000055.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000056.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000058.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000059.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000005a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000005c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000005e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000005f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000060.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000062.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000063.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000064.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000065.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000066.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000068.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000006a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000006b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000006c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000006d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000006e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000070.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000072.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000073.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000074.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000075.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000076.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000078.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000007a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000007b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000007c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000007e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000007f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000080.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000082.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000083.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000084.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000086.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000087.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000088.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000008a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000008b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000008c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000008e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000008f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000090.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000092.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000093.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000094.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000095.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000096.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000098.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000009a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000009b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000009c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000009e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000009f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000aa.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ab.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ac.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ae.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000af.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ba.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000bb.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000bc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000be.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000bf.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c5.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c9.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ca.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000cc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ce.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000cf.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000da.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000db.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000dc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000de.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000df.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ea.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000eb.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ec.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ee.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ef.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f1.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f5.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f9.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000fa.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000fc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000fe.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ff.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000100.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000102.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000103.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000104.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000106.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000107.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000108.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000010c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000010d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000010e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000110.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000112.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000113.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000114.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000116.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000117.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000118.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000119.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000011a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000011b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000011c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000011e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000011f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000120.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000122.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000123.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000124.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000128.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000129.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000012a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000012c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000012d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000012e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000130.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000131.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000132.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000134.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000135.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000136.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000138.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000139.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000013a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000013c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000013e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000013f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000140.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000142.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000143.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000144.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000145.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000146.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000148.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000014a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000014b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000014c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000014e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000014f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000150.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000152.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000153.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000154.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000156.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000157.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000158.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000159.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000015a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000015c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000015e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000015f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000160.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000162.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000163.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000164.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000166.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000167.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000168.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000016a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000016b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000016c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000016e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000016f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000170.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000172.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000173.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000174.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000175.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000176.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000178.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000017a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000017b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000017c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000017e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000017f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000180.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000182.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000183.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000184.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000186.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000187.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000188.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000189.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000018a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000018b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000018c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000018e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000018f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000190.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000192.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000193.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000194.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000196.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000197.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000198.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000019a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000019b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000019c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000019d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000019e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a1.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001aa.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ab.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ac.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ad.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ae.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ba.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001bb.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001bc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001be.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001bf.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ca.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001cb.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001cc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ce.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001cf.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001dc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001dd.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001de.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e1.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ea.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001eb.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ec.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f5.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f9.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001fa.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001fc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001fd.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001fe.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000200.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000201.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000202.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000204.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000206.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000207.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000208.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000209.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000020a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000020b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000020c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000020d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000020e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000210.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000211.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000212.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000214.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000216.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000217.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000218.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000219.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000021a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000021c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000021d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000021e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000220.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000222.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000223.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000224.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000226.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000227.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000228.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000022a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000022b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000022c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000022e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000022f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000230.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000231.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000232.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000234.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000236.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000237.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000238.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000023a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000023b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000023c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000023e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000023f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000240.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000241.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000242.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000244.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000245.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000246.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000248.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000024a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000024b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000024c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000024e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000024f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000250.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000252.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000253.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000254.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000256.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000257.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000258.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000259.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000025a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000025c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000025e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000025f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000260.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000261.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000262.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000264.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000265.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000266.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000268.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000026a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000026b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000026c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000026e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000026f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000270.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000271.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000272.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000274.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000276.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000277.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000278.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000027a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000027b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000027c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000027e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000027f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000280.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000282.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000283.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000284.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000285.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000286.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000287.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000288.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000028a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000028b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000028c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000028e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000028f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000290.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000292.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000293.query
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\CRC_Disk
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\instance_Professional_32_1029.cab
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_1.cab
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_2.cab
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_3.cab
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_4.cab
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_5.cab
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\SkuStore.bin
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\about_support.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\Favorites.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\ftshelp.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\History.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\Index.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\isupport.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\keywordhelp.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\options.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\searchblurb.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\searchtips.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\tools.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\watermark_300x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\windows_newsgroups.htm
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\AboutCompat.htm
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\CompatMode.htm
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\CompatOffline.htm
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\csclcbtn.exe
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\chlrtebt.exe
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\kshsbten.exe
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\LearnCompat.htm
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\ttnejjkl.exe
C:\WINDOWS\PCHealth\HelpCtr\System\css\Behaviors.css
C:\WINDOWS\PCHealth\HelpCtr\System\css\Layout.css
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\lthtlnwk.exe
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\lzkknrkt.exe
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\privacy.htm
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\rllhnlsq.exe
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\uplddrvinfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\viewmode.xml
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\xmldialog.htm
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\xmldisplay.xsl
C:\WINDOWS\PCHealth\HelpCtr\System\dialogs\DlgLib.js
C:\WINDOWS\PCHealth\HelpCtr\System\dialogs\Print.dlg
C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\dvdupgrd.htm
C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\dvdupgrd.js
C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\jkenjtvv.exe
C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\stripe.jpg
C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\ErrorMessagesOffline.htm
C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\xjlnrbel.exe
C:\WINDOWS\PCHealth\HelpCtr\System\errors\badurl.htm
C:\WINDOWS\PCHealth\HelpCtr\System\errors\brlkcjst.exe
C:\WINDOWS\PCHealth\HelpCtr\System\errors\connection.htm
C:\WINDOWS\PCHealth\HelpCtr\System\errors\indexfirstlevel.htm
C:\WINDOWS\PCHealth\HelpCtr\System\errors\notfound.htm
C:\WINDOWS\PCHealth\HelpCtr\System\errors\offline.htm
C:\WINDOWS\PCHealth\HelpCtr\System\errors\redirect.htm
C:\WINDOWS\PCHealth\HelpCtr\System\errors\unreachable.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Headlines.htm
C:\WINDOWS\PCHealth\HelpCtr\System\HelpCtr.mmf
C:\WINDOWS\PCHealth\HelpCtr\System\HomePage__DESKTOP.htm
C:\WINDOWS\PCHealth\HelpCtr\System\HomePage__SERVER.htm
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\arrow_blue_normal_shadow.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\arrow_green_normal_shadow.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\compat.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\errmsg.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\support.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\tools.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\update.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\warning.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\24x24\arrow_green_mousedown.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\24x24\arrow_green_mouseover.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\24x24\arrow_green_normal.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\32x32\logo.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\desktop_icon_01.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\desktop_icon_02.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\desktop_icon_03.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\desktop_icon_04.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\desktop_icon_generic.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\blue_arrow.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\Connect.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\IULogo.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\Uabrand.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\error.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\collapsed.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\endnode.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\expanded.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\helpdoc.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\feedback.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\flyout_arrow.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\get_conn.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\icon_articles_12x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\icon_blank_12x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\icon_newwindow_12x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\icon_onlineinline_12x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\icon_tours_12x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\icon_tutorials_12x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\info.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\progbar.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\warning.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\wrapperhelp.gif
C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\dglogs.htm
C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\dglogshelp.htm
C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\tekstkzw.exe
C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\tlwqjnbh.exe
C:\WINDOWS\PCHealth\HelpCtr\System\panels\AdvSearch.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\Context.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\ekjekxll.exe
C:\WINDOWS\PCHealth\HelpCtr\System\panels\firstpage.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\HHWrapper.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\kqxqncte.exe
C:\WINDOWS\PCHealth\HelpCtr\System\panels\MiniNavBar.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\MiniNavBar.xml
C:\WINDOWS\PCHealth\HelpCtr\System\panels\NavBar.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\NavBar.xml
C:\WINDOWS\PCHealth\HelpCtr\System\panels\Options.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\RemoteHelp.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\ShareHelp.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\Favorites.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\History.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\Channels.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\Index.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\Options.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\Search.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\Subsite.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\Topics.htm
C:\WINDOWS\PCHealth\HelpCtr\System\rc\khhtevqk.exe
C:\WINDOWS\PCHealth\HelpCtr\System\rc\rcRequest.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\bxtxjsbv.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\common.js
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\ConnIssue.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\constants.js
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\icon_information_32x.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\icon_warning_32x.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\krbbjtbw.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\LearnInternet.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\RAHelp.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\RCMoreInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\rjewkstw.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\wccnwsnz.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Css\RAChat.css
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Css\rc.css
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Css\rcbuddy.css
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\ding.wav
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\helpeeaccept.htm
Jelo to solidne.Tu to je :
ComboFix 08-02.05.3 - Administrator 2008-02-08 16:10:24.8 - NTFSx86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.844 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Plocha\CFScript.txt
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE
C:\WINDOWS\system32\bpwxj.exe
C:\WINDOWS\system32\ccko.exe
C:\WINDOWS\system32\comdlg32.ocx
C:\WINDOWS\system32\cseuy.exe
C:\WINDOWS\System32\csrs.exe
C:\WINDOWS\system32\dprmsf.exe
C:\WINDOWS\system32\dqpagbj.exe
C:\WINDOWS\system32\drivers\sptd.sys
C:\WINDOWS\system32\ejsgqcn.exe
C:\WINDOWS\system32\ewistj.exe
C:\WINDOWS\system32\fxazkrl.exe
C:\WINDOWS\system32\hfpkf.exe
C:\WINDOWS\system32\hiwq.exe
C:\WINDOWS\system32\hkvtfdei.exe
C:\WINDOWS\system32\hpaqbp.exe
C:\WINDOWS\system32\hvtebcl.exe
C:\WINDOWS\system32\idjwvv.exe
C:\WINDOWS\system32\irwtvua.exe
C:\WINDOWS\system32\iugb.exe
C:\WINDOWS\system32\jsjk.exe
C:\WINDOWS\system32\kmhe.exe
C:\WINDOWS\system32\ksalfyc.exe
C:\WINDOWS\system32\lbexu.exe
C:\WINDOWS\system32\ljwymzf.exe
C:\WINDOWS\system32\mdhgi.exe
C:\WINDOWS\system32\mjyatrr.exe
C:\WINDOWS\system32\ofwmgwuy.exe
C:\WINDOWS\system32\okhwoupw.exe
C:\WINDOWS\system32\optdemsi.exe
C:\WINDOWS\system32\oyyehrz.exe
C:\WINDOWS\system32\qdycy.exe
C:\WINDOWS\system32\qyoxpai.exe
C:\WINDOWS\system32\tjsp.exe
C:\WINDOWS\system32\tuzxmai.exe
C:\WINDOWS\system32\uaojnvwu.exe
C:\WINDOWS\system32\uquaadsu.exe
C:\WINDOWS\system32\vrzhr.bat
C:\WINDOWS\system32\ylahqvsv.exe
C:\WINDOWS\system32\ysbp.exe
C:\WINDOWS\system32\zmar.exe
C:\WINDOWS\system32\zywfp.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\Administrator\UserData
C:\Documents and Settings\Administrator\UserData\2VQNYT67\oWindowsUpdate[1].xml
C:\Documents and Settings\Administrator\UserData\index.dat
C:\Program Files\Ubisoft
C:\Program Files\Ubisoft\Crytek\Far Cry\FCData\Localized\english1.pak
C:\Program Files\Ubisoft\Register\config.xml
C:\Program Files\Ubisoft\Register\register.exe
C:\Program Files\Ubisoft\Register\schedule.exe
C:\WINDOWS\PCHealth\HelpCtr\BATCH\
C:\WINDOWS\PCHealth\HelpCtr\Binaries\brpinfo.dll
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HCAppRes.dll
C:\WINDOWS\PCHealth\HelpCtr\Binaries\helpctr.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HscUpd.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\hscxpsp1.cab
C:\WINDOWS\PCHealth\HelpCtr\Binaries\msconfig.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\msinfo.dll
C:\WINDOWS\PCHealth\HelpCtr\Binaries\notiflag.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchdt_w3.cab
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchshell.dll
C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
C:\WINDOWS\PCHealth\HelpCtr\Config\Cache\Professional_32_1029.dat.bak
C:\WINDOWS\PCHealth\HelpCtr\Config\Cntstore.bin
C:\WINDOWS\PCHealth\HelpCtr\Config\dataspec.xml
C:\WINDOWS\PCHealth\HelpCtr\Config\NewsSet.xml
C:\WINDOWS\PCHealth\HelpCtr\Config\SAFStore.xml
C:\WINDOWS\PCHealth\HelpCtr\Config\sereg.xml
C:\WINDOWS\PCHealth\HelpCtr\Database\HCdata.edb
C:\WINDOWS\PCHealth\HelpCtr\Indices\merged.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_2.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_3.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_4.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_5.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_6.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_7.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_8.hhk
C:\WINDOWS\PCHealth\HelpCtr\Indices\scoped_9.hhk
C:\WINDOWS\PCHealth\HelpCtr\Logs\hcupdate.log
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\index.dat
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000000.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000001.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000002.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000004.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000005.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000006.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000008.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000009.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000000a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000000c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000000e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000000f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000010.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000012.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000013.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000014.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000016.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000017.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000018.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000001a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000001b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000001c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000001d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000001e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000020.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000021.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000022.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000024.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000025.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000026.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000028.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000029.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000002a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000002c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000002d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000002e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000030.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000031.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000032.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000034.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000035.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000036.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000038.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000039.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000003a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000003c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000003e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000003f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000040.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000042.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000043.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000044.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000046.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000047.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000048.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000004a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000004b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000004c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000004d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000004e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000050.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000051.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000052.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000054.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000055.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000056.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000058.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000059.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000005a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000005c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000005e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000005f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000060.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000062.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000063.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000064.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000065.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000066.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000068.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000006a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000006b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000006c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000006d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000006e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000070.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000072.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000073.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000074.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000075.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000076.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000078.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000007a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000007b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000007c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000007e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000007f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000080.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000082.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000083.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000084.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000086.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000087.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000088.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000008a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000008b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000008c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000008e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000008f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000090.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000092.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000093.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000094.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000095.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000096.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000098.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000009a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000009b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000009c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000009e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000009f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000a8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000aa.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ab.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ac.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ae.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000af.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000b8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ba.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000bb.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000bc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000be.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000bf.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c5.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000c9.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ca.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000cc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ce.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000cf.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000d8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000da.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000db.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000dc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000de.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000df.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000e8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ea.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000eb.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ec.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ee.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ef.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f1.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f5.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000f9.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000fa.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000fc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000fe.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000000ff.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000100.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000102.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000103.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000104.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000106.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000107.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000108.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000010c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000010d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000010e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000110.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000112.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000113.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000114.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000116.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000117.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000118.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000119.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000011a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000011b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000011c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000011e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000011f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000120.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000122.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000123.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000124.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000128.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000129.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000012a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000012c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000012d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000012e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000130.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000131.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000132.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000134.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000135.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000136.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000138.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000139.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000013a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000013c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000013e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000013f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000140.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000142.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000143.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000144.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000145.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000146.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000148.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000014a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000014b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000014c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000014e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000014f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000150.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000152.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000153.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000154.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000156.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000157.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000158.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000159.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000015a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000015c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000015e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000015f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000160.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000162.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000163.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000164.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000166.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000167.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000168.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000016a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000016b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000016c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000016e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000016f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000170.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000172.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000173.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000174.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000175.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000176.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000178.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000017a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000017b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000017c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000017e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000017f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000180.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000182.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000183.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000184.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000186.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000187.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000188.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000189.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000018a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000018b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000018c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000018e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000018f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000190.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000192.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000193.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000194.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000196.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000197.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000198.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000019a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000019b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000019c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000019d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000019e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a1.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001a8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001aa.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ab.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ac.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ad.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ae.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001b8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ba.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001bb.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001bc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001be.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001bf.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001c8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ca.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001cb.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001cc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ce.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001cf.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001d8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001dc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001dd.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001de.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e1.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e7.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001e8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ea.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001eb.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001ec.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f0.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f2.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f3.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f4.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f5.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f6.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f8.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001f9.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001fa.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001fc.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001fd.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\000001fe.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000200.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000201.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000202.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000204.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000206.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000207.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000208.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000209.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000020a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000020b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000020c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000020d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000020e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000210.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000211.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000212.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000214.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000216.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000217.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000218.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000219.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000021a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000021c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000021d.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000021e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000220.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000222.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000223.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000224.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000226.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000227.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000228.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000022a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000022b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000022c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000022e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000022f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000230.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000231.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000232.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000234.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000236.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000237.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000238.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000023a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000023b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000023c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000023e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000023f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000240.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000241.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000242.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000244.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000245.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000246.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000248.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000024a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000024b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000024c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000024e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000024f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000250.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000252.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000253.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000254.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000256.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000257.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000258.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000259.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000025a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000025c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000025e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000025f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000260.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000261.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000262.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000264.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000265.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000266.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000268.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000026a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000026b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000026c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000026e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000026f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000270.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000271.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000272.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000274.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000276.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000277.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000278.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000027a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000027b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000027c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000027e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000027f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000280.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000282.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000283.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000284.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000285.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000286.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000287.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000288.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000028a.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000028b.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000028c.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000028e.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\0000028f.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000290.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000292.query
C:\WINDOWS\PCHealth\HelpCtr\OfflineCache\Professional_32#0405\00000293.query
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\CRC_Disk
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\instance_Professional_32_1029.cab
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_1.cab
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_2.cab
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_3.cab
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_4.cab
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\package_5.cab
C:\WINDOWS\PCHealth\HelpCtr\PackageStore\SkuStore.bin
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\about_support.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\Favorites.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\ftshelp.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\History.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\Index.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\isupport.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\keywordhelp.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\options.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\searchblurb.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\searchtips.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\tools.htm
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\watermark_300x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\blurbs\windows_newsgroups.htm
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\AboutCompat.htm
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\CompatMode.htm
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\CompatOffline.htm
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\csclcbtn.exe
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\chlrtebt.exe
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\kshsbten.exe
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\LearnCompat.htm
C:\WINDOWS\PCHealth\HelpCtr\System\CompatCtr\ttnejjkl.exe
C:\WINDOWS\PCHealth\HelpCtr\System\css\Behaviors.css
C:\WINDOWS\PCHealth\HelpCtr\System\css\Layout.css
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\lthtlnwk.exe
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\lzkknrkt.exe
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\privacy.htm
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\rllhnlsq.exe
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\uplddrvinfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\viewmode.xml
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\xmldialog.htm
C:\WINDOWS\PCHealth\HelpCtr\System\DFS\xmldisplay.xsl
C:\WINDOWS\PCHealth\HelpCtr\System\dialogs\DlgLib.js
C:\WINDOWS\PCHealth\HelpCtr\System\dialogs\Print.dlg
C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\dvdupgrd.htm
C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\dvdupgrd.js
C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\jkenjtvv.exe
C:\WINDOWS\PCHealth\HelpCtr\System\DVDUpgrd\stripe.jpg
C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\ErrorMessagesOffline.htm
C:\WINDOWS\PCHealth\HelpCtr\System\ErrMsg\xjlnrbel.exe
C:\WINDOWS\PCHealth\HelpCtr\System\errors\badurl.htm
C:\WINDOWS\PCHealth\HelpCtr\System\errors\brlkcjst.exe
C:\WINDOWS\PCHealth\HelpCtr\System\errors\connection.htm
C:\WINDOWS\PCHealth\HelpCtr\System\errors\indexfirstlevel.htm
C:\WINDOWS\PCHealth\HelpCtr\System\errors\notfound.htm
C:\WINDOWS\PCHealth\HelpCtr\System\errors\offline.htm
C:\WINDOWS\PCHealth\HelpCtr\System\errors\redirect.htm
C:\WINDOWS\PCHealth\HelpCtr\System\errors\unreachable.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Headlines.htm
C:\WINDOWS\PCHealth\HelpCtr\System\HelpCtr.mmf
C:\WINDOWS\PCHealth\HelpCtr\System\HomePage__DESKTOP.htm
C:\WINDOWS\PCHealth\HelpCtr\System\HomePage__SERVER.htm
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\arrow_blue_normal_shadow.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\arrow_green_normal_shadow.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\compat.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\errmsg.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\support.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\tools.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\update.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\16x16\warning.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\24x24\arrow_green_mousedown.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\24x24\arrow_green_mouseover.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\24x24\arrow_green_normal.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\32x32\logo.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\desktop_icon_01.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\desktop_icon_02.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\desktop_icon_03.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\desktop_icon_04.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\48x48\desktop_icon_generic.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\blue_arrow.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\Connect.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\IULogo.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Centers\Uabrand.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\error.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\collapsed.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\endnode.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\expanded.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\Expando\helpdoc.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\feedback.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\flyout_arrow.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\get_conn.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\icon_articles_12x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\icon_blank_12x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\icon_newwindow_12x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\icon_onlineinline_12x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\icon_tours_12x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\icon_tutorials_12x.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\images\info.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\progbar.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\warning.gif
C:\WINDOWS\PCHealth\HelpCtr\System\images\wrapperhelp.gif
C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\dglogs.htm
C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\dglogshelp.htm
C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\tekstkzw.exe
C:\WINDOWS\PCHealth\HelpCtr\System\NetDiag\tlwqjnbh.exe
C:\WINDOWS\PCHealth\HelpCtr\System\panels\AdvSearch.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\Context.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\ekjekxll.exe
C:\WINDOWS\PCHealth\HelpCtr\System\panels\firstpage.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\HHWrapper.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\kqxqncte.exe
C:\WINDOWS\PCHealth\HelpCtr\System\panels\MiniNavBar.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\MiniNavBar.xml
C:\WINDOWS\PCHealth\HelpCtr\System\panels\NavBar.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\NavBar.xml
C:\WINDOWS\PCHealth\HelpCtr\System\panels\Options.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\RemoteHelp.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\ShareHelp.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\Favorites.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\History.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\Channels.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\Index.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\Options.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\Search.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\subpanels\Subsite.htm
C:\WINDOWS\PCHealth\HelpCtr\System\panels\Topics.htm
C:\WINDOWS\PCHealth\HelpCtr\System\rc\khhtevqk.exe
C:\WINDOWS\PCHealth\HelpCtr\System\rc\rcRequest.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\bxtxjsbv.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\common.js
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\ConnIssue.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\constants.js
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\icon_information_32x.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\icon_warning_32x.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\krbbjtbw.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\LearnInternet.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\RAHelp.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\RCMoreInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\rjewkstw.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Common\wccnwsnz.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Css\RAChat.css
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Css\rc.css
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Css\rcbuddy.css
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\ding.wav
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\helpeeaccept.htm
Naposledy upravil(a) solda1 dne pát 8. úno 2008, 16:34, celkem upraveno 2 x.
- BUBINO
- Začátečník
-
- Registrován: 12. čer 2007
- Bydliště: Mám
- solda1
- Začátečník
-
- Registrován: 15. dub 2007
- Bydliště: Hodonín
- Kontaktovat uživatele:
Se tam nevlezlo,tu je zbytek
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\Animation.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\combobox_line.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\connected.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\DividerBar.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\DividerBar.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\DownArrow.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\jrwbtbsl.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\jthchjjx.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\lscrknnq.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\nkbshxqh.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAClient.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAClient.js
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAChatClient.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAStatusBar.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAToolBar.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAToolBar.xml
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\rcscreen6_head.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\rctoolScreen1.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\setting.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\TakeControl.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\TakeControl.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\UpArrow.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\wnjeletk.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\wxklxbbh.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\ctrbnkts.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\ErrorMsgs.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\HelpCenter.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\HelpCenter.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\hide-chat.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\info.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\Options.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\Options.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\Quit.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\Quit.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\RAControl.js
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\RCFileXfer.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\rrjhbcnh.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\SendFile.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\SendFile.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\SendChat.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\SendVoice.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\SendVoice.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\SendVoiceOn.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\show-chat.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\vlewejke.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\VOIPMsgs.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\DividerBar1.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\DividerBar2.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\ehvhlqhw.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\ESC_key.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\Helpee_line.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\jkvvjhhx.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\llehtbzr.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\RAChatServer.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\RAServer.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\RAServer.js
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\RAServerToolBar.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\sbsbzljh.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\SettingServer.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\StopControl.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\StopControl.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\TakeControlMsgs.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\wqqnvzet.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\RAClientLayout.xml
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\RAHelpeeAcceptLayout.xml
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\RAIMLayout.xml
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\RAStartPage.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\RAURA.xml
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\rcBuddy.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\srljkjhs.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\tehxeecc.exe
C:\WINDOWS\PCHealth\HelpCtr\System\scripts\Common.js
C:\WINDOWS\PCHealth\HelpCtr\System\scripts\HomePage__DESKTOP.js
C:\WINDOWS\PCHealth\HelpCtr\System\scripts\HomePage__SERVER.js
C:\WINDOWS\PCHealth\HelpCtr\System\scripts\HomePage__SHARED.js
C:\WINDOWS\PCHealth\HelpCtr\System\scripts\wrapperparam.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\bbekwlrs.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\bttlteqt.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\commonFunc.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\0_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\10_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\100_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\15_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\20_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\25_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\30_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\35_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\40_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\45_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\5_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\50_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\55_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\60_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\65_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\70_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\75_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\80_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\85_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\90_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\95_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\0_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\10_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\100_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\15_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\20_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\25_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\30_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\35_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\40_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\45_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\5_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\50_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\55_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\60_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\65_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\70_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\75_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\80_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\85_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\90_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\95_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\alert.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\BArrow.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\card.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\cd.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\down.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\drive.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\error.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\floppy.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\GArrow.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\gears.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\greendot.jpg
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\check.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\chip.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\info.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\monitor.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\personalizing.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\PieGrey.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\PieChart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\PieWhite.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\printer.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\r1_c1.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\r1_c2.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\r1_c3.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\r3_c2.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\spacer.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\system.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\Untitled.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\up.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\usb.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\windows.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\jlcehbkq.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\kqwlwbxw.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\loc_strings.xml
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\msinfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\msinfo.xml
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\msinfohss.css
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\qkjneslh.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\rbjsrhhj.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\RSoP.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\RSoP.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysComponentInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysComponentInfo.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysConfigLaunch.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysDiskTS.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysEvtLogInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysHealthInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysHealthInfo.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysInfoLaunch.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysinfomain.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysinfosum.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysRemoteInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysServicesInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysSoftwareInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysSoftwareInfo.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\wmi_data.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\wrsnrelv.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\zkjckqle.exe
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\AboutWU.htm
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\blbelbbj.exe
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\cnvjlbvb.exe
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\Learn.htm
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\LearnInternet.htm
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\learnWU.htm
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\updatecenter.htm
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\xttblnnn.exe
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\zcbjntbt.exe
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\zccewkkb.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Connection.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\GArrow.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\GRect.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\hnvcxhls.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\hshlnlhk.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Info_Icon.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\OfflineDC.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\OfflineOptions.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\PSS.css
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\pss_getting_worldwide_help.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\pssmachinesnapshot-less.xml
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\pssmachinesnapshot-wo-com.xml
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\pssmachinesnapshot.xml
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\r1_c1.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\r1_c2.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\r1_c3.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\r3_c2.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\common.js
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\ConnIssue.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\constants.js
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\icon_information_32x.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\icon_warning_32x.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\LearnInternet.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\RAHelp.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\RCMoreInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\stlvetct.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\confirm.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Css\RAChat.css
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Css\rc.css
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Css\rcbuddy.css
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\address_book.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\arrow.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\attention.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\buddy.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\buddy_attention.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\buddy_away.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\buddy_busy.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\buddy_none.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\buddy_offline.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\Envelope.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\floppy.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\generic_mail.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\icon_extweb.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\IM_icon.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\info.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\logon_anim.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\messenger_big.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\monitor_left.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\monitor_right.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\outlook.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\outlook_express.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcConnection.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcscreen1.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcscreen2.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcscreen3.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\Remote_Assistance_Graphic.png
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\square_bullet.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\stlvetct.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\help.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\check.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcDetails.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcInviteStatus.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen4.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen5.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen6.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen6_head.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen7.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen8.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen9.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreenshot3.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\stlvetct.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Unsolicited\UnSolicitedRCUI.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\rcstatus.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\stlvetct.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\spacer.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\ssenjzlj.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\status_ok.gif
C:\WINDOWS\PCHealth\UploadLB\Binaries\UploadM.exe
C:\WINDOWS\PCHealth\UploadLB\Config\config.xml
C:\WINDOWS\system32\.exe
C:\WINDOWS\system32\bpwxj.exe
C:\WINDOWS\system32\ccko.exe
C:\WINDOWS\system32\comdlg32.ocx
C:\WINDOWS\system32\cseuy.exe
C:\WINDOWS\system32\dprmsf.exe
C:\WINDOWS\system32\dqpagbj.exe
C:\WINDOWS\system32\drivers\sptd.sys
C:\WINDOWS\system32\ejsgqcn.exe
C:\WINDOWS\system32\ewistj.exe
C:\WINDOWS\system32\fxazkrl.exe
C:\WINDOWS\system32\hfpkf.exe
C:\WINDOWS\system32\hiwq.exe
C:\WINDOWS\system32\hkvtfdei.exe
C:\WINDOWS\system32\hpaqbp.exe
C:\WINDOWS\system32\hvtebcl.exe
C:\WINDOWS\system32\idjwvv.exe
C:\WINDOWS\system32\irwtvua.exe
C:\WINDOWS\system32\iugb.exe
C:\WINDOWS\system32\jsjk.exe
C:\WINDOWS\system32\kmhe.exe
C:\WINDOWS\system32\ksalfyc.exe
C:\WINDOWS\system32\lbexu.exe
C:\WINDOWS\system32\ljwymzf.exe
C:\WINDOWS\system32\mdhgi.exe
C:\WINDOWS\system32\mjyatrr.exe
C:\WINDOWS\system32\ofwmgwuy.exe
C:\WINDOWS\system32\okhwoupw.exe
C:\WINDOWS\system32\optdemsi.exe
C:\WINDOWS\system32\oyyehrz.exe
C:\WINDOWS\system32\qdycy.exe
C:\WINDOWS\system32\qyoxpai.exe
C:\WINDOWS\system32\tjsp.exe
C:\WINDOWS\system32\tuzxmai.exe
C:\WINDOWS\system32\uaojnvwu.exe
C:\WINDOWS\system32\uquaadsu.exe
C:\WINDOWS\system32\vrzhr.bat
C:\WINDOWS\system32\ylahqvsv.exe
C:\WINDOWS\system32\ysbp.exe
C:\WINDOWS\system32\zmar.exe
C:\WINDOWS\system32\zywfp.exe
C:\WINDOWS\PCHealth . . . . failed to delete
.
((((((((((((((((((((((((( Files Created from 2008-01-08 to 2008-02-08 )))))))))))))))))))))))))))))))
.
2008-02-08 16:16 . 2008-02-08 16:16 <DIR> d-------- C:\WINDOWS\pchealth
2008-02-08 15:51 . 2001-10-25 13:00 376,832 --a------ C:\kmd.exe
2008-02-08 15:29 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-08 15:29 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-08 15:29 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-08 15:29 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-08 15:29 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-08 15:29 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-08 15:29 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-08 15:29 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-08 12:28 . 2008-02-08 12:28 <DIR> d-------- C:\WINDOWS\ERUNT
2008-02-08 12:23 . 2008-02-08 12:34 <DIR> d-------- C:\SDFix
2008-02-05 17:25 . 2008-02-04 13:11 <DIR> d--h----- C:\Documents and Settings\Guest\ćablony
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d-------- C:\Documents and Settings\Guest\Plocha
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolnˇ tisk rny
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolnˇ sˇś
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Oblˇben‚ polo§ky
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> dr------- C:\Documents and Settings\Guest\Nabˇdka Start
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Dokumenty
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr-h----- C:\Documents and Settings\Guest\Data aplikacˇ
2008-02-05 17:15 . 2004-03-10 19:00 595,968 -----c--- C:\WINDOWS\system32\dllcache\xpsp2res.dll
2008-02-05 16:58 . 2003-02-28 16:34 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2008-02-05 16:58 . 2003-02-28 18:26 171,280 --a------ C:\WINDOWS\system32\jit.dll
2008-02-05 16:58 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-02-05 16:58 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-02-05 16:58 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-02-05 16:58 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-02-05 16:38 . 2008-02-05 16:38 7,680 --a------ C:\WINDOWS\system32\dqogsv.exe
2008-02-05 15:57 . 2005-10-20 23:34 992,768 --a------ C:\WINDOWS\system32\esent.dll
2008-02-05 15:25 . 2008-02-05 15:25 <DIR> d-------- C:\WINDOWS\system32\bits
2008-02-05 15:25 . 2008-02-05 17:00 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-02-05 15:22 . 2004-07-01 23:10 360,448 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a--c--- C:\WINDOWS\system32\dllcache\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-02-05 14:11 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-02-05 14:11 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-02-05 14:11 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-02-05 14:11 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-02-05 14:11 . 2004-08-03 14:05 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-02-05 14:11 . 2004-08-03 13:59 168,216 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-02-05 14:11 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-02-05 11:55 . 1998-06-24 01:00 115,016 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-02-05 11:55 . 1998-06-18 01:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-02-05 11:55 . 2000-03-17 09:21 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
2008-02-05 11:55 . 2000-03-17 09:21 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
2008-02-05 11:55 . 2002-04-24 13:43 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
2008-02-05 11:55 . 2002-04-09 18:23 29,184 --a------ C:\WINDOWS\system32\MSINET.oca
2008-02-05 11:55 . 2002-10-17 11:35 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe
2008-02-05 11:55 . 2002-01-07 17:30 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-05 11:50 . 2008-02-05 11:50 <DIR> d-------- C:\WINDOWS\Cache
2008-02-05 11:41 . 2008-02-08 12:11 <DIR> d-------- C:\Program Files\AdVantage
2008-02-05 11:38 . 2008-02-05 11:42 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-02-04 22:25 . 2008-02-04 22:26 <DIR> d-------- C:\Program Files\ComboFix
2008-02-04 22:17 . 2008-02-04 22:17 <DIR> d-------- C:\Program Files\avenger
2008-02-04 21:38 . 2008-02-04 21:38 <DIR> d-------- C:\Program Files\Ray Adams
2008-02-04 20:41 . 2008-02-04 23:14 <DIR> d-------- C:\Program Files\QooBox
2008-02-04 18:27 . 2008-02-05 21:01 <DIR> d-------- C:\Downloads
2008-02-04 18:27 . 2008-02-04 18:27 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
2008-02-04 18:26 . 2008-02-04 19:19 <DIR> d-------- C:\Program Files\BitComet
2008-02-04 17:54 . 2008-02-04 17:54 <DIR> d-------- C:\Program Files\QIP
2008-02-04 15:47 . 2008-02-04 15:47 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-02-04 15:44 . 2008-02-04 15:44 <DIR> d-------- C:\Program Files\Crawler
2008-02-04 15:43 . 2008-02-06 14:49 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-02-04 15:21 . 2008-02-04 15:21 <DIR> d-------- C:\Program Files\Lavalys
2008-02-04 15:12 . 2008-02-08 15:15 <DIR> d-------- C:\Program Files\ICQToolbar
2008-02-04 15:12 . 2008-02-04 15:12 <DIR> d-------- C:\Program Files\ICQLite
2008-02-04 15:09 . 2008-02-04 15:09 1,158 --a------ C:\WINDOWS\mozver.dat
2008-02-04 15:08 . 2008-02-04 15:08 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-04 15:06 . 2008-02-04 15:06 <DIR> d-------- C:\Program Files\Webteh
2008-02-04 15:05 . 2008-02-06 11:01 <DIR> d-------- C:\Program Files\Opera
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-08 14:24 67,584 ----a-w C:\WINDOWS\Web\wcxnjhhj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\tsbjbtvn.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\tjnbzhbh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\lllknblj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\jjlenkbt.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\jbnshhqj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\hwexrtne.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\bzehxvnz.exe
2008-02-08 13:53 73,728 ----a-w C:\WINDOWS\DUMP5505.tmp
2008-02-05 11:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-05 10:56 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-02-04 20:33 --------- d-----w C:\Program Files\ATI Technologies
2008-02-04 13:59 --------- d-----w C:\Program Files\totalcmd
2008-02-04 13:47 --------- d-----w C:\Program Files\Alwil Software
2008-02-04 13:35 --------- d-----w C:\Program Files\ESET
2008-02-04 12:53 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2008-02-04 12:53 --------- d-----w C:\Program Files\Logitech
2008-02-04 12:52 --------- d-----w C:\Program Files\Common Files\Logitech
2008-02-04 12:37 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-04 12:36 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2008-02-04 12:29 423 ----a-w C:\Program Files\RHDSetup.log
2008-02-04 12:29 197 ----a-w C:\Program Files\csb.log
2008-02-04 12:28 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-04 12:28 --------- d-----w C:\Program Files\Realtek
2008-02-04 12:27 15,600 ----a-w C:\WINDOWS\gdrv.sys
2008-02-04 12:25 --------- d-----w C:\Program Files\Yahoo!
2008-02-04 12:25 --------- d-----w C:\Program Files\Intel
2008-02-04 12:15 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-04 12:14 558,142 ----a-w C:\WINDOWS\java\Packages\VTRHJZ5N.ZIP
2008-02-04 12:14 155,995 ----a-w C:\WINDOWS\java\Packages\OIJ7P773.ZIP
2007-12-21 03:53 2,843,136 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-21 03:09 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-12-21 03:08 272,384 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-12-21 03:02 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-12-21 02:59 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-12-21 02:59 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-12-21 02:59 147,456 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-12-21 02:59 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-12-21 02:58 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-12-21 02:57 512,000 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-12-21 02:56 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2007-12-21 02:53 9,826,304 ----a-w C:\WINDOWS\system32\atioglx2.dll
2007-12-21 02:47 3,120,640 ----a-w C:\WINDOWS\system32\ati3duag.dll
2007-12-21 02:36 1,661,696 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2007-12-21 02:24 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2007-12-21 02:20 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
2007-12-21 02:20 385,024 ----a-w C:\WINDOWS\system32\atikvmag.dll
2007-12-21 02:18 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2007-12-21 02:17 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2007-12-21 02:15 159,744 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2007-12-21 02:11 499,712 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2007-12-20 20:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 18:05 13312]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-04 13:53 32768]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-08-27 13:42 517120]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-29 13:05 486856]
"AdVantage"="C:\Program Files\AdVantage\AdVantage.exe" [2007-11-05 11:12 884176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 12:45 49152 C:\WINDOWS\KHALMNPR.Exe]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-02-04 15:45 2776576]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 18:05 13312]
R1 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 10:04]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-02-04 15:47]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 01:35]
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-02-04 13:27]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-08 16:16:44
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2800.1106]
-> C:\Program Files\Logitech\SetPoint\GameHook.dll
-> C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Completion time: 2008-02-08 16:17:46 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-08 15:17:43
ComboFix2.txt 2008-02-08 14:53:20
ComboFix3.txt 2008-02-08 14:43:34
ComboFix4.txt 2008-02-06 14:28:32
.
2008-02-05 16:23:01 --- E O F ---
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\Animation.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\combobox_line.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\connected.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\DividerBar.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\DividerBar.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\DownArrow.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\jrwbtbsl.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\jthchjjx.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\lscrknnq.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\nkbshxqh.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAClient.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAClient.js
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAChatClient.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAStatusBar.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAToolBar.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\RAToolBar.xml
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\rcscreen6_head.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\rctoolScreen1.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\setting.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\TakeControl.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\TakeControl.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\UpArrow.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\wnjeletk.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Client\wxklxbbh.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\ctrbnkts.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\ErrorMsgs.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\HelpCenter.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\HelpCenter.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\hide-chat.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\info.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\Options.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\Options.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\Quit.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\Quit.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\RAControl.js
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\RCFileXfer.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\rrjhbcnh.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\SendFile.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\SendFile.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\SendChat.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\SendVoice.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\SendVoice.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\SendVoiceOn.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\show-chat.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\vlewejke.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Common\VOIPMsgs.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\DividerBar1.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\DividerBar2.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\ehvhlqhw.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\ESC_key.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\Helpee_line.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\jkvvjhhx.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\llehtbzr.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\RAChatServer.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\RAServer.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\RAServer.js
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\RAServerToolBar.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\sbsbzljh.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\SettingServer.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\StopControl.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\StopControl.gif
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\TakeControlMsgs.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\Interaction\Server\wqqnvzet.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\RAClientLayout.xml
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\RAHelpeeAcceptLayout.xml
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\RAIMLayout.xml
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\RAStartPage.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\RAURA.xml
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\rcBuddy.htm
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\srljkjhs.exe
C:\WINDOWS\PCHealth\HelpCtr\System\Remote Assistance\tehxeecc.exe
C:\WINDOWS\PCHealth\HelpCtr\System\scripts\Common.js
C:\WINDOWS\PCHealth\HelpCtr\System\scripts\HomePage__DESKTOP.js
C:\WINDOWS\PCHealth\HelpCtr\System\scripts\HomePage__SERVER.js
C:\WINDOWS\PCHealth\HelpCtr\System\scripts\HomePage__SHARED.js
C:\WINDOWS\PCHealth\HelpCtr\System\scripts\wrapperparam.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\bbekwlrs.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\bttlteqt.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\commonFunc.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\0_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\10_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\100_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\15_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\20_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\25_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\30_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\35_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\40_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\45_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\5_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\50_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\55_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\60_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\65_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\70_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\75_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\80_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\85_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\90_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\33x16pie\95_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\0_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\10_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\100_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\15_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\20_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\25_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\30_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\35_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\40_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\45_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\5_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\50_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\55_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\60_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\65_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\70_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\75_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\80_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\85_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\90_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\47x24pie\95_chart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\alert.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\BArrow.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\card.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\cd.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\down.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\drive.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\error.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\floppy.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\GArrow.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\gears.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\greendot.jpg
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\check.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\chip.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\info.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\monitor.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\personalizing.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\PieGrey.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\PieChart.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\PieWhite.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\printer.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\r1_c1.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\r1_c2.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\r1_c3.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\r3_c2.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\spacer.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\system.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\Untitled.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\up.bmp
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\usb.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\graphics\windows.gif
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\jlcehbkq.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\kqwlwbxw.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\loc_strings.xml
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\msinfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\msinfo.xml
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\msinfohss.css
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\qkjneslh.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\rbjsrhhj.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\RSoP.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\RSoP.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysComponentInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysComponentInfo.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysConfigLaunch.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysDiskTS.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysEvtLogInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysHealthInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysHealthInfo.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysInfoLaunch.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysinfomain.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysinfosum.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysRemoteInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysServicesInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysSoftwareInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\sysSoftwareInfo.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\wmi_data.js
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\wrsnrelv.exe
C:\WINDOWS\PCHealth\HelpCtr\System\sysinfo\zkjckqle.exe
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\AboutWU.htm
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\blbelbbj.exe
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\cnvjlbvb.exe
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\Learn.htm
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\LearnInternet.htm
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\learnWU.htm
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\updatecenter.htm
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\xttblnnn.exe
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\zcbjntbt.exe
C:\WINDOWS\PCHealth\HelpCtr\System\UpdateCtr\zccewkkb.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Connection.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\GArrow.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\GRect.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\hnvcxhls.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\hshlnlhk.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Info_Icon.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\OfflineDC.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\OfflineOptions.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\PSS.css
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\pss_getting_worldwide_help.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\pssmachinesnapshot-less.xml
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\pssmachinesnapshot-wo-com.xml
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\pssmachinesnapshot.xml
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\r1_c1.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\r1_c2.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\r1_c3.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\r3_c2.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\common.js
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\ConnIssue.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\constants.js
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\icon_information_32x.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\icon_warning_32x.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\LearnInternet.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\RAHelp.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\RCMoreInfo.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Common\stlvetct.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\confirm.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Css\RAChat.css
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Css\rc.css
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Css\rcbuddy.css
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\address_book.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\arrow.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\attention.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\buddy.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\buddy_attention.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\buddy_away.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\buddy_busy.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\buddy_none.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\buddy_offline.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\Envelope.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\floppy.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\generic_mail.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\icon_extweb.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\IM_icon.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\info.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\logon_anim.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\messenger_big.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\monitor_left.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\monitor_right.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\outlook.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\outlook_express.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcConnection.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcscreen1.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcscreen2.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\rcscreen3.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\Remote_Assistance_Graphic.png
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\square_bullet.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Common\stlvetct.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\help.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\check.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcDetails.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcInviteStatus.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen4.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen5.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen6.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen6_head.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen7.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen8.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreen9.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\rcscreenshot3.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Email\stlvetct.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\Escalation\Unsolicited\UnSolicitedRCUI.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\rcstatus.htm
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\Remote Assistance\stlvetct.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\spacer.gif
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\ssenjzlj.exe
C:\WINDOWS\PCHealth\HelpCtr\Vendors\CN=Microsoft Corporation,L=Redmond,S=Washington,C=US\status_ok.gif
C:\WINDOWS\PCHealth\UploadLB\Binaries\UploadM.exe
C:\WINDOWS\PCHealth\UploadLB\Config\config.xml
C:\WINDOWS\system32\.exe
C:\WINDOWS\system32\bpwxj.exe
C:\WINDOWS\system32\ccko.exe
C:\WINDOWS\system32\comdlg32.ocx
C:\WINDOWS\system32\cseuy.exe
C:\WINDOWS\system32\dprmsf.exe
C:\WINDOWS\system32\dqpagbj.exe
C:\WINDOWS\system32\drivers\sptd.sys
C:\WINDOWS\system32\ejsgqcn.exe
C:\WINDOWS\system32\ewistj.exe
C:\WINDOWS\system32\fxazkrl.exe
C:\WINDOWS\system32\hfpkf.exe
C:\WINDOWS\system32\hiwq.exe
C:\WINDOWS\system32\hkvtfdei.exe
C:\WINDOWS\system32\hpaqbp.exe
C:\WINDOWS\system32\hvtebcl.exe
C:\WINDOWS\system32\idjwvv.exe
C:\WINDOWS\system32\irwtvua.exe
C:\WINDOWS\system32\iugb.exe
C:\WINDOWS\system32\jsjk.exe
C:\WINDOWS\system32\kmhe.exe
C:\WINDOWS\system32\ksalfyc.exe
C:\WINDOWS\system32\lbexu.exe
C:\WINDOWS\system32\ljwymzf.exe
C:\WINDOWS\system32\mdhgi.exe
C:\WINDOWS\system32\mjyatrr.exe
C:\WINDOWS\system32\ofwmgwuy.exe
C:\WINDOWS\system32\okhwoupw.exe
C:\WINDOWS\system32\optdemsi.exe
C:\WINDOWS\system32\oyyehrz.exe
C:\WINDOWS\system32\qdycy.exe
C:\WINDOWS\system32\qyoxpai.exe
C:\WINDOWS\system32\tjsp.exe
C:\WINDOWS\system32\tuzxmai.exe
C:\WINDOWS\system32\uaojnvwu.exe
C:\WINDOWS\system32\uquaadsu.exe
C:\WINDOWS\system32\vrzhr.bat
C:\WINDOWS\system32\ylahqvsv.exe
C:\WINDOWS\system32\ysbp.exe
C:\WINDOWS\system32\zmar.exe
C:\WINDOWS\system32\zywfp.exe
C:\WINDOWS\PCHealth . . . . failed to delete
.
((((((((((((((((((((((((( Files Created from 2008-01-08 to 2008-02-08 )))))))))))))))))))))))))))))))
.
2008-02-08 16:16 . 2008-02-08 16:16 <DIR> d-------- C:\WINDOWS\pchealth
2008-02-08 15:51 . 2001-10-25 13:00 376,832 --a------ C:\kmd.exe
2008-02-08 15:29 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-08 15:29 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-08 15:29 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-08 15:29 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-08 15:29 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-08 15:29 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-08 15:29 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-08 15:29 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-08 12:28 . 2008-02-08 12:28 <DIR> d-------- C:\WINDOWS\ERUNT
2008-02-08 12:23 . 2008-02-08 12:34 <DIR> d-------- C:\SDFix
2008-02-05 17:25 . 2008-02-04 13:11 <DIR> d--h----- C:\Documents and Settings\Guest\ćablony
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d-------- C:\Documents and Settings\Guest\Plocha
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolnˇ tisk rny
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolnˇ sˇś
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Oblˇben‚ polo§ky
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> dr------- C:\Documents and Settings\Guest\Nabˇdka Start
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Dokumenty
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr-h----- C:\Documents and Settings\Guest\Data aplikacˇ
2008-02-05 17:15 . 2004-03-10 19:00 595,968 -----c--- C:\WINDOWS\system32\dllcache\xpsp2res.dll
2008-02-05 16:58 . 2003-02-28 16:34 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2008-02-05 16:58 . 2003-02-28 18:26 171,280 --a------ C:\WINDOWS\system32\jit.dll
2008-02-05 16:58 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-02-05 16:58 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-02-05 16:58 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-02-05 16:58 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-02-05 16:38 . 2008-02-05 16:38 7,680 --a------ C:\WINDOWS\system32\dqogsv.exe
2008-02-05 15:57 . 2005-10-20 23:34 992,768 --a------ C:\WINDOWS\system32\esent.dll
2008-02-05 15:25 . 2008-02-05 15:25 <DIR> d-------- C:\WINDOWS\system32\bits
2008-02-05 15:25 . 2008-02-05 17:00 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-02-05 15:22 . 2004-07-01 23:10 360,448 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a--c--- C:\WINDOWS\system32\dllcache\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-02-05 14:11 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-02-05 14:11 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-02-05 14:11 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-02-05 14:11 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-02-05 14:11 . 2004-08-03 14:05 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-02-05 14:11 . 2004-08-03 13:59 168,216 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-02-05 14:11 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-02-05 11:55 . 1998-06-24 01:00 115,016 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-02-05 11:55 . 1998-06-18 01:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-02-05 11:55 . 2000-03-17 09:21 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
2008-02-05 11:55 . 2000-03-17 09:21 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
2008-02-05 11:55 . 2002-04-24 13:43 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
2008-02-05 11:55 . 2002-04-09 18:23 29,184 --a------ C:\WINDOWS\system32\MSINET.oca
2008-02-05 11:55 . 2002-10-17 11:35 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe
2008-02-05 11:55 . 2002-01-07 17:30 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-05 11:50 . 2008-02-05 11:50 <DIR> d-------- C:\WINDOWS\Cache
2008-02-05 11:41 . 2008-02-08 12:11 <DIR> d-------- C:\Program Files\AdVantage
2008-02-05 11:38 . 2008-02-05 11:42 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-02-04 22:25 . 2008-02-04 22:26 <DIR> d-------- C:\Program Files\ComboFix
2008-02-04 22:17 . 2008-02-04 22:17 <DIR> d-------- C:\Program Files\avenger
2008-02-04 21:38 . 2008-02-04 21:38 <DIR> d-------- C:\Program Files\Ray Adams
2008-02-04 20:41 . 2008-02-04 23:14 <DIR> d-------- C:\Program Files\QooBox
2008-02-04 18:27 . 2008-02-05 21:01 <DIR> d-------- C:\Downloads
2008-02-04 18:27 . 2008-02-04 18:27 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
2008-02-04 18:26 . 2008-02-04 19:19 <DIR> d-------- C:\Program Files\BitComet
2008-02-04 17:54 . 2008-02-04 17:54 <DIR> d-------- C:\Program Files\QIP
2008-02-04 15:47 . 2008-02-04 15:47 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-02-04 15:44 . 2008-02-04 15:44 <DIR> d-------- C:\Program Files\Crawler
2008-02-04 15:43 . 2008-02-06 14:49 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-02-04 15:21 . 2008-02-04 15:21 <DIR> d-------- C:\Program Files\Lavalys
2008-02-04 15:12 . 2008-02-08 15:15 <DIR> d-------- C:\Program Files\ICQToolbar
2008-02-04 15:12 . 2008-02-04 15:12 <DIR> d-------- C:\Program Files\ICQLite
2008-02-04 15:09 . 2008-02-04 15:09 1,158 --a------ C:\WINDOWS\mozver.dat
2008-02-04 15:08 . 2008-02-04 15:08 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-04 15:06 . 2008-02-04 15:06 <DIR> d-------- C:\Program Files\Webteh
2008-02-04 15:05 . 2008-02-06 11:01 <DIR> d-------- C:\Program Files\Opera
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-08 14:24 67,584 ----a-w C:\WINDOWS\Web\wcxnjhhj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\tsbjbtvn.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\tjnbzhbh.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\lllknblj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\jjlenkbt.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\jbnshhqj.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\hwexrtne.exe
2008-02-08 14:18 67,584 ----a-w C:\WINDOWS\Help\bzehxvnz.exe
2008-02-08 13:53 73,728 ----a-w C:\WINDOWS\DUMP5505.tmp
2008-02-05 11:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-05 10:56 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-02-04 20:33 --------- d-----w C:\Program Files\ATI Technologies
2008-02-04 13:59 --------- d-----w C:\Program Files\totalcmd
2008-02-04 13:47 --------- d-----w C:\Program Files\Alwil Software
2008-02-04 13:35 --------- d-----w C:\Program Files\ESET
2008-02-04 12:53 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2008-02-04 12:53 --------- d-----w C:\Program Files\Logitech
2008-02-04 12:52 --------- d-----w C:\Program Files\Common Files\Logitech
2008-02-04 12:37 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-04 12:36 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2008-02-04 12:29 423 ----a-w C:\Program Files\RHDSetup.log
2008-02-04 12:29 197 ----a-w C:\Program Files\csb.log
2008-02-04 12:28 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-04 12:28 --------- d-----w C:\Program Files\Realtek
2008-02-04 12:27 15,600 ----a-w C:\WINDOWS\gdrv.sys
2008-02-04 12:25 --------- d-----w C:\Program Files\Yahoo!
2008-02-04 12:25 --------- d-----w C:\Program Files\Intel
2008-02-04 12:15 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-04 12:14 558,142 ----a-w C:\WINDOWS\java\Packages\VTRHJZ5N.ZIP
2008-02-04 12:14 155,995 ----a-w C:\WINDOWS\java\Packages\OIJ7P773.ZIP
2007-12-21 03:53 2,843,136 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-21 03:09 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-12-21 03:08 272,384 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-12-21 03:02 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-12-21 02:59 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-12-21 02:59 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-12-21 02:59 147,456 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-12-21 02:59 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-12-21 02:58 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-12-21 02:57 512,000 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-12-21 02:56 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2007-12-21 02:53 9,826,304 ----a-w C:\WINDOWS\system32\atioglx2.dll
2007-12-21 02:47 3,120,640 ----a-w C:\WINDOWS\system32\ati3duag.dll
2007-12-21 02:36 1,661,696 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2007-12-21 02:24 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2007-12-21 02:20 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
2007-12-21 02:20 385,024 ----a-w C:\WINDOWS\system32\atikvmag.dll
2007-12-21 02:18 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2007-12-21 02:17 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2007-12-21 02:15 159,744 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2007-12-21 02:11 499,712 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2007-12-20 20:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 18:05 13312]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-04 13:53 32768]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-08-27 13:42 517120]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-29 13:05 486856]
"AdVantage"="C:\Program Files\AdVantage\AdVantage.exe" [2007-11-05 11:12 884176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 12:45 49152 C:\WINDOWS\KHALMNPR.Exe]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-02-04 15:45 2776576]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 18:05 13312]
R1 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 10:04]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-02-04 15:47]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 01:35]
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-02-04 13:27]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-08 16:16:44
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\Explorer.EXE [6.00.2800.1106]
-> C:\Program Files\Logitech\SetPoint\GameHook.dll
-> C:\Program Files\Ray Adams\ATI Tray Tools\raphook.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\PROGRA~1\SPYWAR~1\sp_rsser.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
.
**************************************************************************
.
Completion time: 2008-02-08 16:17:46 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-08 15:17:43
ComboFix2.txt 2008-02-08 14:53:20
ComboFix3.txt 2008-02-08 14:43:34
ComboFix4.txt 2008-02-06 14:28:32
.
2008-02-05 16:23:01 --- E O F ---
- BUBINO
- Začátečník
-
- Registrován: 12. čer 2007
- Bydliště: Mám
Uz je to omnoho lepsie.
Do poznamkoveho bloku teraz skopiruj toto a operaciu so scriptom urob este raz.:
Toto otestuj na virustotal.com:
C:\kmd.exe
C:\WINDOWS\system32\esent.dll
C:\WINDOWS\jautoexp.dat
C:\WINDOWS\system32\javasup.vxd
C:\WINDOWS\setdebug.exe
Do poznamkoveho bloku teraz skopiruj toto a operaciu so scriptom urob este raz.:
File::
C:\WINDOWS\Web\wcxnjhhj.exe
C:\WINDOWS\Help\tsbjbtvn.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\tjnbzhbh.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\lllknblj.exe
C:\WINDOWS\Help\jjlenkbt.exe
c:\WINDOWS\Help\jbnshhqj.exe
C:\WINDOWS\Help\hwexrtne.exe
C:\WINDOWS\Help\bzehxvnz.exe
C:\WINDOWS\DUMP5505.tmp
C:\WINDOWS\system32\dqogsv.exe
Toto otestuj na virustotal.com:
C:\kmd.exe
C:\WINDOWS\system32\esent.dll
C:\WINDOWS\jautoexp.dat
C:\WINDOWS\system32\javasup.vxd
C:\WINDOWS\setdebug.exe
- solda1
- Začátečník
-
- Registrován: 15. dub 2007
- Bydliště: Hodonín
- Kontaktovat uživatele:
jak mam pojmenovat ten poznamkovej blok ? to je jedno ? 
tak asi CFScript ?
Hm asi jo: Takto sem to udelal:
ComboFix 08-02.05.3 - Administrator 2008-02-08 19:15:45.9 - NTFSx86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.843 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Plocha\CFScript.txt
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE
C:\WINDOWS\DUMP5505.tmp
C:\WINDOWS\Help\bzehxvnz.exe
C:\WINDOWS\Help\hwexrtne.exe
c:\WINDOWS\Help\jbnshhqj.exe
C:\WINDOWS\Help\jjlenkbt.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\lllknblj.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\tjnbzhbh.exe
C:\WINDOWS\Help\tsbjbtvn.exe
C:\WINDOWS\system32\dqogsv.exe
C:\WINDOWS\Web\wcxnjhhj.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\DUMP5505.tmp
C:\WINDOWS\Help\bzehxvnz.exe
C:\WINDOWS\Help\hwexrtne.exe
c:\WINDOWS\Help\jbnshhqj.exe
C:\WINDOWS\Help\jjlenkbt.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\lllknblj.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\tjnbzhbh.exe
C:\WINDOWS\Help\tsbjbtvn.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\system32\.exe
C:\WINDOWS\system32\dqogsv.exe
C:\WINDOWS\Web\wcxnjhhj.exe
.
((((((((((((((((((((((((( Files Created from 2008-01-08 to 2008-02-08 )))))))))))))))))))))))))))))))
.
2008-02-08 16:16 . 2008-02-08 16:16 <DIR> d-------- C:\WINDOWS\pchealth
2008-02-08 16:09 . 2001-10-25 13:00 376,832 --a------ C:\kmd.exe
2008-02-08 15:29 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-08 15:29 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-08 15:29 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-08 15:29 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-08 15:29 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-08 15:29 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-08 15:29 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-08 15:29 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-08 12:28 . 2008-02-08 12:28 <DIR> d-------- C:\WINDOWS\ERUNT
2008-02-08 12:23 . 2008-02-08 12:34 <DIR> d-------- C:\SDFix
2008-02-05 17:26 . 2008-02-05 17:26 <DIR> d-------- C:\Documents and Settings\Guest\Data aplikací\Logitech
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d-------- C:\Documents and Settings\Guest\Plocha
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolní tiskárny
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolní síť
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Oblíbené položky
2008-02-05 17:25 . 2008-02-04 13:11 <DIR> d--h----- C:\Documents and Settings\Guest\Šablony
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> dr------- C:\Documents and Settings\Guest\Nabídka Start
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Dokumenty
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr-h----- C:\Documents and Settings\Guest\Data aplikací
2008-02-05 17:15 . 2004-03-10 19:00 595,968 -----c--- C:\WINDOWS\system32\dllcache\xpsp2res.dll
2008-02-05 16:58 . 2003-02-28 16:34 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2008-02-05 16:58 . 2003-02-28 18:26 171,280 --a------ C:\WINDOWS\system32\jit.dll
2008-02-05 16:58 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-02-05 16:58 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-02-05 16:58 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-02-05 16:58 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-02-05 15:57 . 2005-10-20 23:34 992,768 --a------ C:\WINDOWS\system32\esent.dll
2008-02-05 15:25 . 2008-02-05 15:25 <DIR> d-------- C:\WINDOWS\system32\bits
2008-02-05 15:25 . 2008-02-05 17:00 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-02-05 15:22 . 2004-07-01 23:10 360,448 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a--c--- C:\WINDOWS\system32\dllcache\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-02-05 14:11 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-02-05 14:11 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-02-05 14:11 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-02-05 14:11 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-02-05 14:11 . 2004-08-03 14:05 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-02-05 14:11 . 2004-08-03 13:59 168,216 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-02-05 14:11 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-02-05 11:55 . 1998-06-24 01:00 115,016 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-02-05 11:55 . 1998-06-18 01:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-02-05 11:55 . 2000-03-17 09:21 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
2008-02-05 11:55 . 2000-03-17 09:21 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
2008-02-05 11:55 . 2002-04-24 13:43 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
2008-02-05 11:55 . 2002-04-09 18:23 29,184 --a------ C:\WINDOWS\system32\MSINET.oca
2008-02-05 11:55 . 2002-10-17 11:35 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe
2008-02-05 11:55 . 2002-01-07 17:30 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-05 11:50 . 2008-02-05 11:50 <DIR> d-------- C:\WINDOWS\Cache
2008-02-05 11:41 . 2008-02-08 12:11 <DIR> d-------- C:\Program Files\AdVantage
2008-02-05 11:41 . 2008-02-08 16:16 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools
2008-02-05 11:38 . 2008-02-05 11:42 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-02-04 22:25 . 2008-02-04 22:26 <DIR> d-------- C:\Program Files\ComboFix
2008-02-04 22:17 . 2008-02-04 22:17 <DIR> d-------- C:\Program Files\avenger
2008-02-04 21:39 . 2008-02-04 21:39 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\atitray
2008-02-04 21:38 . 2008-02-04 21:38 <DIR> d-------- C:\Program Files\Ray Adams
2008-02-04 20:41 . 2008-02-04 23:14 <DIR> d-------- C:\Program Files\QooBox
2008-02-04 20:11 . 2008-02-04 20:11 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\ICQ Toolbar
2008-02-04 18:27 . 2008-02-05 21:01 <DIR> d-------- C:\Downloads
2008-02-04 18:27 . 2008-02-04 18:27 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
2008-02-04 18:26 . 2008-02-04 19:19 <DIR> d-------- C:\Program Files\BitComet
2008-02-04 18:18 . 2008-02-04 18:20 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2008-02-04 17:54 . 2008-02-08 16:43 <DIR> d-------- C:\Program Files\QIP
2008-02-04 15:47 . 2008-02-04 15:47 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-02-04 15:44 . 2008-02-04 15:44 <DIR> d-------- C:\Program Files\Crawler
2008-02-04 15:44 . 2008-02-05 11:21 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-02-04 15:43 . 2008-02-06 14:49 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-02-04 15:21 . 2008-02-04 15:21 <DIR> d-------- C:\Program Files\Lavalys
2008-02-04 15:12 . 2008-02-08 15:15 <DIR> d-------- C:\Program Files\ICQToolbar
2008-02-04 15:12 . 2008-02-04 15:12 <DIR> d-------- C:\Program Files\ICQLite
2008-02-04 15:12 . 2008-02-04 15:12 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\ICQLite
2008-02-04 15:09 . 2008-02-04 15:09 1,158 --a------ C:\WINDOWS\mozver.dat
2008-02-04 15:08 . 2008-02-04 15:08 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-04 15:06 . 2008-02-04 15:06 <DIR> d-------- C:\Program Files\Webteh
2008-02-04 15:05 . 2008-02-06 11:01 <DIR> d-------- C:\Program Files\Opera
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-08 16:10 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
2008-02-08 16:10 16,896 ----a-w C:\WINDOWS\system32\tftp.exe
2008-02-08 16:07 133,120 ----a-w C:\WINDOWS\system32\sfc_os.dll
2008-02-05 11:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-05 10:56 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-02-04 20:33 --------- d-----w C:\Program Files\ATI Technologies
2008-02-04 13:59 --------- d-----w C:\Program Files\totalcmd
2008-02-04 13:47 --------- d-----w C:\Program Files\Alwil Software
2008-02-04 13:35 --------- d-----w C:\Program Files\ESET
2008-02-04 13:35 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\ESET
2008-02-04 13:16 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\ATI
2008-02-04 12:55 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\Logitech
2008-02-04 12:53 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2008-02-04 12:53 --------- d-----w C:\Program Files\Logitech
2008-02-04 12:52 --------- d-----w C:\Program Files\Common Files\Logitech
2008-02-04 12:37 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-04 12:36 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2008-02-04 12:29 423 ----a-w C:\Program Files\RHDSetup.log
2008-02-04 12:29 197 ----a-w C:\Program Files\csb.log
2008-02-04 12:28 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-04 12:28 --------- d-----w C:\Program Files\Realtek
2008-02-04 12:28 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2008-02-04 12:27 15,600 ----a-w C:\WINDOWS\gdrv.sys
2008-02-04 12:25 --------- d-----w C:\Program Files\Yahoo!
2008-02-04 12:25 --------- d-----w C:\Program Files\Intel
2008-02-04 12:15 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-04 12:14 558,142 ----a-w C:\WINDOWS\java\Packages\VTRHJZ5N.ZIP
2008-02-04 12:14 155,995 ----a-w C:\WINDOWS\java\Packages\OIJ7P773.ZIP
2007-12-21 03:53 2,843,136 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-21 03:09 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-12-21 03:08 272,384 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-12-21 03:02 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-12-21 02:59 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-12-21 02:59 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-12-21 02:59 147,456 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-12-21 02:59 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-12-21 02:58 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-12-21 02:57 512,000 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-12-21 02:56 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2007-12-21 02:53 9,826,304 ----a-w C:\WINDOWS\system32\atioglx2.dll
2007-12-21 02:47 3,120,640 ----a-w C:\WINDOWS\system32\ati3duag.dll
2007-12-21 02:36 1,661,696 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2007-12-21 02:24 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2007-12-21 02:20 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
2007-12-21 02:20 385,024 ----a-w C:\WINDOWS\system32\atikvmag.dll
2007-12-21 02:18 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2007-12-21 02:17 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2007-12-21 02:15 159,744 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2007-12-21 02:11 499,712 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2007-12-20 20:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 18:05 13312]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-04 13:53 32768]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-08-27 13:42 517120]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-29 13:05 486856]
"AdVantage"="C:\Program Files\AdVantage\AdVantage.exe" [2007-11-05 11:12 884176]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-27 19:12 3142236]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 12:45 49152 C:\WINDOWS\KHALMNPR.Exe]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-02-04 15:45 2776576]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 18:05 13312]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-02-04 13:53:14 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-02-04 13:52:38 434176]
S1 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 10:04]
S1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-02-04 15:47]
S2 Generic Host Process for Win-32 Service;Generic Host Process for Win-32 Service;"C:\WINDOWS\svchost.exe" []
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-02-04 13:27]
S3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 01:35]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-08 19:16:59
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-08 19:17:26
ComboFix-quarantined-files.txt 2008-02-08 18:17:25
ComboFix2.txt 2008-02-08 15:17:46
ComboFix3.txt 2008-02-08 14:53:20
ComboFix4.txt 2008-02-08 14:43:34
ComboFix5.txt 2008-02-06 14:28:32
.
2008-02-05 16:23:01 --- E O F ---
Zbytek analyzuju zejtra,ted du s kamoskou ven,diky za pomoc,fakt moc jsem ti vdecnej.zatim ahoj
tak asi CFScript ?Hm asi jo: Takto sem to udelal:
ComboFix 08-02.05.3 - Administrator 2008-02-08 19:15:45.9 - NTFSx86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.843 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Plocha\CFScript.txt
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE
C:\WINDOWS\DUMP5505.tmp
C:\WINDOWS\Help\bzehxvnz.exe
C:\WINDOWS\Help\hwexrtne.exe
c:\WINDOWS\Help\jbnshhqj.exe
C:\WINDOWS\Help\jjlenkbt.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\lllknblj.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\tjnbzhbh.exe
C:\WINDOWS\Help\tsbjbtvn.exe
C:\WINDOWS\system32\dqogsv.exe
C:\WINDOWS\Web\wcxnjhhj.exe
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\DUMP5505.tmp
C:\WINDOWS\Help\bzehxvnz.exe
C:\WINDOWS\Help\hwexrtne.exe
c:\WINDOWS\Help\jbnshhqj.exe
C:\WINDOWS\Help\jjlenkbt.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Audio\lllknblj.exe
C:\WINDOWS\Help\Tours\WindowsMediaPlayer\Cnt\tjnbzhbh.exe
C:\WINDOWS\Help\tsbjbtvn.exe
C:\WINDOWS\svchost.exe
C:\WINDOWS\system32\.exe
C:\WINDOWS\system32\dqogsv.exe
C:\WINDOWS\Web\wcxnjhhj.exe
.
((((((((((((((((((((((((( Files Created from 2008-01-08 to 2008-02-08 )))))))))))))))))))))))))))))))
.
2008-02-08 16:16 . 2008-02-08 16:16 <DIR> d-------- C:\WINDOWS\pchealth
2008-02-08 16:09 . 2001-10-25 13:00 376,832 --a------ C:\kmd.exe
2008-02-08 15:29 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-08 15:29 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-08 15:29 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-08 15:29 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-08 15:29 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-08 15:29 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-08 15:29 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-08 15:29 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-08 12:28 . 2008-02-08 12:28 <DIR> d-------- C:\WINDOWS\ERUNT
2008-02-08 12:23 . 2008-02-08 12:34 <DIR> d-------- C:\SDFix
2008-02-05 17:26 . 2008-02-05 17:26 <DIR> d-------- C:\Documents and Settings\Guest\Data aplikací\Logitech
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d-------- C:\Documents and Settings\Guest\Plocha
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolní tiskárny
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolní síť
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Oblíbené položky
2008-02-05 17:25 . 2008-02-04 13:11 <DIR> d--h----- C:\Documents and Settings\Guest\Šablony
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> dr------- C:\Documents and Settings\Guest\Nabídka Start
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Dokumenty
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr-h----- C:\Documents and Settings\Guest\Data aplikací
2008-02-05 17:15 . 2004-03-10 19:00 595,968 -----c--- C:\WINDOWS\system32\dllcache\xpsp2res.dll
2008-02-05 16:58 . 2003-02-28 16:34 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2008-02-05 16:58 . 2003-02-28 18:26 171,280 --a------ C:\WINDOWS\system32\jit.dll
2008-02-05 16:58 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-02-05 16:58 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-02-05 16:58 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-02-05 16:58 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-02-05 15:57 . 2005-10-20 23:34 992,768 --a------ C:\WINDOWS\system32\esent.dll
2008-02-05 15:25 . 2008-02-05 15:25 <DIR> d-------- C:\WINDOWS\system32\bits
2008-02-05 15:25 . 2008-02-05 17:00 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-02-05 15:22 . 2004-07-01 23:10 360,448 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a--c--- C:\WINDOWS\system32\dllcache\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-02-05 14:11 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-02-05 14:11 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-02-05 14:11 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-02-05 14:11 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-02-05 14:11 . 2004-08-03 14:05 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-02-05 14:11 . 2004-08-03 13:59 168,216 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-02-05 14:11 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-02-05 11:55 . 1998-06-24 01:00 115,016 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-02-05 11:55 . 1998-06-18 01:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-02-05 11:55 . 2000-03-17 09:21 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
2008-02-05 11:55 . 2000-03-17 09:21 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
2008-02-05 11:55 . 2002-04-24 13:43 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
2008-02-05 11:55 . 2002-04-09 18:23 29,184 --a------ C:\WINDOWS\system32\MSINET.oca
2008-02-05 11:55 . 2002-10-17 11:35 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe
2008-02-05 11:55 . 2002-01-07 17:30 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-05 11:50 . 2008-02-05 11:50 <DIR> d-------- C:\WINDOWS\Cache
2008-02-05 11:41 . 2008-02-08 12:11 <DIR> d-------- C:\Program Files\AdVantage
2008-02-05 11:41 . 2008-02-08 16:16 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\DAEMON Tools
2008-02-05 11:38 . 2008-02-05 11:42 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-02-04 22:25 . 2008-02-04 22:26 <DIR> d-------- C:\Program Files\ComboFix
2008-02-04 22:17 . 2008-02-04 22:17 <DIR> d-------- C:\Program Files\avenger
2008-02-04 21:39 . 2008-02-04 21:39 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\atitray
2008-02-04 21:38 . 2008-02-04 21:38 <DIR> d-------- C:\Program Files\Ray Adams
2008-02-04 20:41 . 2008-02-04 23:14 <DIR> d-------- C:\Program Files\QooBox
2008-02-04 20:11 . 2008-02-04 20:11 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\ICQ Toolbar
2008-02-04 18:27 . 2008-02-05 21:01 <DIR> d-------- C:\Downloads
2008-02-04 18:27 . 2008-02-04 18:27 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
2008-02-04 18:26 . 2008-02-04 19:19 <DIR> d-------- C:\Program Files\BitComet
2008-02-04 18:18 . 2008-02-04 18:20 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\uTorrent
2008-02-04 17:54 . 2008-02-08 16:43 <DIR> d-------- C:\Program Files\QIP
2008-02-04 15:47 . 2008-02-04 15:47 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-02-04 15:44 . 2008-02-04 15:44 <DIR> d-------- C:\Program Files\Crawler
2008-02-04 15:44 . 2008-02-05 11:21 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\Spyware Terminator
2008-02-04 15:43 . 2008-02-06 14:49 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-02-04 15:21 . 2008-02-04 15:21 <DIR> d-------- C:\Program Files\Lavalys
2008-02-04 15:12 . 2008-02-08 15:15 <DIR> d-------- C:\Program Files\ICQToolbar
2008-02-04 15:12 . 2008-02-04 15:12 <DIR> d-------- C:\Program Files\ICQLite
2008-02-04 15:12 . 2008-02-04 15:12 <DIR> d-------- C:\Documents and Settings\Administrator\Data aplikací\ICQLite
2008-02-04 15:09 . 2008-02-04 15:09 1,158 --a------ C:\WINDOWS\mozver.dat
2008-02-04 15:08 . 2008-02-04 15:08 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-04 15:06 . 2008-02-04 15:06 <DIR> d-------- C:\Program Files\Webteh
2008-02-04 15:05 . 2008-02-06 11:01 <DIR> d-------- C:\Program Files\Opera
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-08 16:10 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
2008-02-08 16:10 16,896 ----a-w C:\WINDOWS\system32\tftp.exe
2008-02-08 16:07 133,120 ----a-w C:\WINDOWS\system32\sfc_os.dll
2008-02-05 11:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-05 10:56 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-02-04 20:33 --------- d-----w C:\Program Files\ATI Technologies
2008-02-04 13:59 --------- d-----w C:\Program Files\totalcmd
2008-02-04 13:47 --------- d-----w C:\Program Files\Alwil Software
2008-02-04 13:35 --------- d-----w C:\Program Files\ESET
2008-02-04 13:35 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\ESET
2008-02-04 13:16 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\ATI
2008-02-04 12:55 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\Logitech
2008-02-04 12:53 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2008-02-04 12:53 --------- d-----w C:\Program Files\Logitech
2008-02-04 12:52 --------- d-----w C:\Program Files\Common Files\Logitech
2008-02-04 12:37 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-04 12:36 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2008-02-04 12:29 423 ----a-w C:\Program Files\RHDSetup.log
2008-02-04 12:29 197 ----a-w C:\Program Files\csb.log
2008-02-04 12:28 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-04 12:28 --------- d-----w C:\Program Files\Realtek
2008-02-04 12:28 --------- d-----w C:\Documents and Settings\Administrator\Data aplikací\InstallShield
2008-02-04 12:27 15,600 ----a-w C:\WINDOWS\gdrv.sys
2008-02-04 12:25 --------- d-----w C:\Program Files\Yahoo!
2008-02-04 12:25 --------- d-----w C:\Program Files\Intel
2008-02-04 12:15 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-04 12:14 558,142 ----a-w C:\WINDOWS\java\Packages\VTRHJZ5N.ZIP
2008-02-04 12:14 155,995 ----a-w C:\WINDOWS\java\Packages\OIJ7P773.ZIP
2007-12-21 03:53 2,843,136 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-21 03:09 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-12-21 03:08 272,384 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-12-21 03:02 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-12-21 02:59 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-12-21 02:59 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-12-21 02:59 147,456 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-12-21 02:59 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-12-21 02:58 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-12-21 02:57 512,000 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-12-21 02:56 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2007-12-21 02:53 9,826,304 ----a-w C:\WINDOWS\system32\atioglx2.dll
2007-12-21 02:47 3,120,640 ----a-w C:\WINDOWS\system32\ati3duag.dll
2007-12-21 02:36 1,661,696 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2007-12-21 02:24 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2007-12-21 02:20 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
2007-12-21 02:20 385,024 ----a-w C:\WINDOWS\system32\atikvmag.dll
2007-12-21 02:18 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2007-12-21 02:17 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2007-12-21 02:15 159,744 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2007-12-21 02:11 499,712 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2007-12-20 20:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 18:05 13312]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-04 13:53 32768]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-08-27 13:42 517120]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-29 13:05 486856]
"AdVantage"="C:\Program Files\AdVantage\AdVantage.exe" [2007-11-05 11:12 884176]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2006-07-27 19:12 3142236]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 12:45 49152 C:\WINDOWS\KHALMNPR.Exe]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-02-04 15:45 2776576]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 18:05 13312]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2008-02-04 13:53:14 450560]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2008-02-04 13:52:38 434176]
S1 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 10:04]
S1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-02-04 15:47]
S2 Generic Host Process for Win-32 Service;Generic Host Process for Win-32 Service;"C:\WINDOWS\svchost.exe" []
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-02-04 13:27]
S3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 01:35]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-08 19:16:59
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-08 19:17:26
ComboFix-quarantined-files.txt 2008-02-08 18:17:25
ComboFix2.txt 2008-02-08 15:17:46
ComboFix3.txt 2008-02-08 14:53:20
ComboFix4.txt 2008-02-08 14:43:34
ComboFix5.txt 2008-02-06 14:28:32
.
2008-02-05 16:23:01 --- E O F ---
Zbytek analyzuju zejtra,ted du s kamoskou ven,diky za pomoc,fakt moc jsem ti vdecnej.zatim ahoj
- BUBINO
- Začátečník
-
- Registrován: 12. čer 2007
- Bydliště: Mám
- solda1
- Začátečník
-
- Registrován: 15. dub 2007
- Bydliště: Hodonín
- Kontaktovat uživatele:
- solda1
- Začátečník
-
- Registrován: 15. dub 2007
- Bydliště: Hodonín
- Kontaktovat uživatele:
vsechny soubory to ukazalo ze jsou okej....
ale :
http://img252.imageshack.us/my.php?image=kurvaan3.jpg
http://img520.imageshack.us/my.php?image=picais4.jpg
http://img264.imageshack.us/my.php?image=dfdfdig8.jpg
Zas se komp chova uplne na pi*U ty vole ja mam nervy z toho uz jak prase to prohodim okne pi*a uz
Proste nejaky dalsi vir ktery me znehibni vse,nemuzu na nic klikat proste nic muzu jen ress PC,fakt penim a vře ve me krev 
ale :
http://img252.imageshack.us/my.php?image=kurvaan3.jpg
http://img520.imageshack.us/my.php?image=picais4.jpg
http://img264.imageshack.us/my.php?image=dfdfdig8.jpg
Zas se komp chova uplne na pi*U ty vole ja mam nervy z toho uz jak prase to prohodim okne pi*a uz
Proste nejaky dalsi vir ktery me znehibni vse,nemuzu na nic klikat proste nic muzu jen ress PC,fakt penim a vře ve me krev - BUBINO
- Začátečník
-
- Registrován: 12. čer 2007
- Bydliště: Mám
Este urob v nudzovom script s tymto :
c:\combofix
c:\quarantine zraruj a odosli na bubu1@centrum.sk
Veci v c:\avengerKillAll::
File::
c:\windows\system32\niywktif.exe
c:\windows\system32\pqzfumzt.exe
c:\windows\system32\drivers\etc\hosts
Folder::
c:\windows\system32\drivers\etc\hosts
c:\combofix
c:\quarantine zraruj a odosli na bubu1@centrum.sk
- solda1
- Začátečník
-
- Registrován: 15. dub 2007
- Bydliště: Hodonín
- Kontaktovat uživatele:
chapu jen to ze to mam dat do bloku a prepsat ho na sripta a to dalsi ne,teda rikam to dobre ? Trosku podrobneji,sem lampion To mam vlozit do avangera bo ne ? To co si tam vypsal nebo do bloku a ten blok pretahnut v nuzovem rezime na combofix...
Toto sem vubec nezachapal
Veci v c:\avenger
c:\combofix
c:\quarantine
Jeste mam jeden vir,myslim ze se menuje windows.exe bo jak,je tam trojan,ale ten me znehybni vse,tak ze nemuzu nic delat,jen hybat mysou to je cele,musim ress pc
To mam vlozit do avangera bo ne ? To co si tam vypsal nebo do bloku a ten blok pretahnut v nuzovem rezime na combofix...Toto sem vubec nezachapal
Veci v c:\avenger
c:\combofix
c:\quarantine
Jeste mam jeden vir,myslim ze se menuje windows.exe bo jak,je tam trojan,ale ten me znehybni vse,tak ze nemuzu nic delat,jen hybat mysou to je cele,musim ress pc
- BUBINO
- Začátečník
-
- Registrován: 12. čer 2007
- Bydliště: Mám
Ako si robil tie prve scripty. Do poznamkoveho bloku skopci
c:\avenger
c:\combofix
c:\quarantine
Zraruj winrarom, zahesluj, heslo daj INFECTED a odosli na bubu1@centrum.sk
Uloz ako cfscript.txt a s mysou pretiahni nad combofix a pusti. Presne tak, ako si to robil prvy krat. Kde sa ten trojan nachadza? AK vies cestu, tak ju dopis pod File::KillAll::
File::
c:\windows\system32\niywktif.exe
c:\windows\system32\pqzfumzt.exe
c:\windows\system32\drivers\etc\hosts
Folder::
c:\windows\system32\drivers\etc\hosts
c:\avenger
c:\combofix
c:\quarantine
Zraruj winrarom, zahesluj, heslo daj INFECTED a odosli na bubu1@centrum.sk
- solda1
- Začátečník
-
- Registrován: 15. dub 2007
- Bydliště: Hodonín
- Kontaktovat uživatele:
BUBINO píše:Ako si robil tie prve scripty. Do poznamkoveho bloku skopci
Uloz ako cfscript.txt a s mysou pretiahni nad combofix a pusti. Presne tak, ako si to robil prvy krat. Kde sa ten trojan nachadza? AK vies cestu, tak ju dopis pod File::KillAll::
File::
c:\windows\system32\niywktif.exe
c:\windows\system32\pqzfumzt.exe
c:\windows\system32\drivers\etc\hosts
Folder::
c:\windows\system32\drivers\etc\hosts
c:\avenger
c:\combofix
c:\quarantine
Zraruj winrarom, zahesluj, heslo daj INFECTED a odosli na bubu1@centrum.sk
Toto fakt nechapu co to ma za vyznam,zadne combo ani quarantine ani avanger tam nemam,myslim bloky,ten log...fakt sorry,ale toto fakt nevim,nemuzem to udelat jinak ?
- BUBINO
- Začátečník
-
- Registrován: 12. čer 2007
- Bydliště: Mám
- solda1
- Začátečník
-
- Registrován: 15. dub 2007
- Bydliště: Hodonín
- Kontaktovat uživatele:
ComboFix 08-02.05.3 - Administrator 2008-02-09 15:56:02.10 - NTFSx86 MINIMAL
Systém Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.845 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Plocha\cfscript.txt.txt
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE
c:\windows\system32\drivers\etc\hosts
c:\windows\system32\niywktif.exe
c:\windows\system32\pqzfumzt.exe
.
((((((((((((((((((((((((( Files Created from 2008-01-09 to 2008-02-09 )))))))))))))))))))))))))))))))
.
2008-02-09 14:26 . 2008-02-09 14:44 12,288 --ah----- C:\WINDOWS\system32\eciqzl.exe
2008-02-09 13:37 . 2008-02-09 13:37 19,711 --a------ C:\WINDOWS\system32\lfndv.exe
2008-02-09 13:37 . 2008-02-09 13:37 7,680 --a------ C:\WINDOWS\system32\balru.exe
2008-02-09 13:28 . 2008-02-09 13:30 82,882 --ah----- C:\WINDOWS\system32\hzbsuvo.exe
2008-02-09 13:10 . 2008-02-09 13:10 16,896 --ah----- C:\WINDOWS\system32\yilc.exe
2008-02-09 12:51 . 2008-02-09 12:51 19,711 --a------ C:\WINDOWS\system32\xoehfuo.exe
2008-02-09 12:51 . 2008-02-09 12:51 7,680 --a------ C:\WINDOWS\system32\jlrkbcj.exe
2008-02-09 12:40 . 2008-02-09 13:30 126 --a------ C:\WINDOWS\system32\wurefyu.bat
2008-02-09 12:36 . 2008-02-09 12:40 82,882 --ah----- C:\WINDOWS\system32\brwglrx.exe
2008-02-09 12:01 . 2008-02-09 12:01 19,711 --a------ C:\WINDOWS\system32\jsxx.exe
2008-02-09 12:01 . 2008-02-09 12:01 7,680 --a------ C:\WINDOWS\system32\khgeql.exe
2008-02-09 11:11 . 2008-02-09 11:11 19,711 --a------ C:\WINDOWS\system32\zbnqftc.exe
2008-02-09 11:11 . 2008-02-09 11:11 7,680 --a------ C:\WINDOWS\system32\uvhava.exe
2008-02-09 11:04 . 2008-02-09 11:07 23,552 --ah----- C:\WINDOWS\system32\dzkml.exe
2008-02-09 10:01 . 2008-02-09 10:02 20,992 --ah----- C:\WINDOWS\system32\frtheq.exe
2008-02-09 09:52 . 2008-02-09 09:52 19,711 --a------ C:\WINDOWS\system32\qbblwf.exe
2008-02-09 09:52 . 2008-02-09 09:52 7,680 --a------ C:\WINDOWS\system32\guje.exe
2008-02-08 19:41 . 2008-02-08 19:41 122 --a------ C:\WINDOWS\system32\wvgpme.bat
2008-02-08 19:39 . 2008-02-08 19:41 64,000 --ah----- C:\WINDOWS\system32\euletm.exe
2008-02-08 19:21 . 2008-02-08 19:21 <DIR> d-------- C:\Temp
2008-02-08 16:16 . 2008-02-08 16:16 <DIR> d-------- C:\WINDOWS\pchealth
2008-02-08 15:29 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-08 15:29 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-08 15:29 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-08 15:29 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-08 15:29 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-08 15:29 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-08 15:29 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-08 15:29 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-08 12:28 . 2008-02-08 12:28 <DIR> d-------- C:\WINDOWS\ERUNT
2008-02-08 12:23 . 2008-02-08 12:34 <DIR> d-------- C:\SDFix
2008-02-05 17:25 . 2008-02-04 13:11 <DIR> d--h----- C:\Documents and Settings\Guest\ćablony
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d-------- C:\Documents and Settings\Guest\Plocha
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolnˇ tisk rny
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolnˇ sˇś
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Oblˇben‚ polo§ky
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> dr------- C:\Documents and Settings\Guest\Nabˇdka Start
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Dokumenty
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr-h----- C:\Documents and Settings\Guest\Data aplikacˇ
2008-02-05 17:15 . 2004-03-10 19:00 595,968 -----c--- C:\WINDOWS\system32\dllcache\xpsp2res.dll
2008-02-05 16:58 . 2003-02-28 16:34 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2008-02-05 16:58 . 2003-02-28 18:26 171,280 --a------ C:\WINDOWS\system32\jit.dll
2008-02-05 16:58 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-02-05 16:58 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-02-05 16:58 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-02-05 16:58 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-02-05 15:57 . 2005-10-20 23:34 992,768 --a------ C:\WINDOWS\system32\esent.dll
2008-02-05 15:25 . 2008-02-05 15:25 <DIR> d-------- C:\WINDOWS\system32\bits
2008-02-05 15:25 . 2008-02-05 17:00 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-02-05 15:22 . 2004-07-01 23:10 360,448 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a--c--- C:\WINDOWS\system32\dllcache\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-02-05 14:11 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-02-05 14:11 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-02-05 14:11 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-02-05 14:11 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-02-05 14:11 . 2004-08-03 14:05 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-02-05 14:11 . 2004-08-03 13:59 168,216 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-02-05 14:11 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-02-05 11:55 . 1998-06-24 01:00 115,016 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-02-05 11:55 . 1998-06-18 01:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-02-05 11:55 . 2000-03-17 09:21 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
2008-02-05 11:55 . 2000-03-17 09:21 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
2008-02-05 11:55 . 2002-04-24 13:43 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
2008-02-05 11:55 . 2002-04-09 18:23 29,184 --a------ C:\WINDOWS\system32\MSINET.oca
2008-02-05 11:55 . 2002-10-17 11:35 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe
2008-02-05 11:55 . 2002-01-07 17:30 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-05 11:50 . 2008-02-05 11:50 <DIR> d-------- C:\WINDOWS\Cache
2008-02-05 11:41 . 2008-02-09 09:44 <DIR> d-------- C:\Program Files\AdVantage
2008-02-05 11:38 . 2008-02-05 11:42 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-02-04 22:25 . 2008-02-04 22:26 <DIR> d-------- C:\Program Files\ComboFix
2008-02-04 22:17 . 2008-02-04 22:17 <DIR> d-------- C:\Program Files\avenger
2008-02-04 21:38 . 2008-02-04 21:38 <DIR> d-------- C:\Program Files\Ray Adams
2008-02-04 20:41 . 2008-02-04 23:14 <DIR> d-------- C:\Program Files\QooBox
2008-02-04 18:27 . 2008-02-09 11:15 <DIR> d-------- C:\Downloads
2008-02-04 18:27 . 2008-02-04 18:27 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
2008-02-04 18:26 . 2008-02-04 19:19 <DIR> d-------- C:\Program Files\BitComet
2008-02-04 17:54 . 2008-02-08 16:43 <DIR> d-------- C:\Program Files\QIP
2008-02-04 15:47 . 2008-02-04 15:47 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-02-04 15:44 . 2008-02-04 15:44 <DIR> d-------- C:\Program Files\Crawler
2008-02-04 15:43 . 2008-02-06 14:49 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-02-04 15:21 . 2008-02-04 15:21 <DIR> d-------- C:\Program Files\Lavalys
2008-02-04 15:12 . 2008-02-08 15:15 <DIR> d-------- C:\Program Files\ICQToolbar
2008-02-04 15:12 . 2008-02-09 10:36 <DIR> d-------- C:\Program Files\ICQLite
2008-02-04 15:09 . 2008-02-04 15:09 1,158 --a------ C:\WINDOWS\mozver.dat
2008-02-04 15:08 . 2008-02-04 15:08 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-04 15:06 . 2008-02-04 15:06 <DIR> d-------- C:\Program Files\Webteh
2008-02-04 15:05 . 2008-02-06 11:01 <DIR> d-------- C:\Program Files\Opera
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-08 16:10 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
2008-02-08 16:10 16,896 ----a-w C:\WINDOWS\system32\tftp.exe
2008-02-08 16:07 133,120 ----a-w C:\WINDOWS\system32\sfc_os.dll
2008-02-05 11:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-05 10:56 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-02-04 20:33 --------- d-----w C:\Program Files\ATI Technologies
2008-02-04 13:59 --------- d-----w C:\Program Files\totalcmd
2008-02-04 13:47 --------- d-----w C:\Program Files\Alwil Software
2008-02-04 13:35 --------- d-----w C:\Program Files\ESET
2008-02-04 12:53 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2008-02-04 12:53 --------- d-----w C:\Program Files\Logitech
2008-02-04 12:52 --------- d-----w C:\Program Files\Common Files\Logitech
2008-02-04 12:37 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-04 12:36 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2008-02-04 12:29 423 ----a-w C:\Program Files\RHDSetup.log
2008-02-04 12:29 197 ----a-w C:\Program Files\csb.log
2008-02-04 12:28 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-04 12:28 --------- d-----w C:\Program Files\Realtek
2008-02-04 12:27 15,600 ----a-w C:\WINDOWS\gdrv.sys
2008-02-04 12:25 --------- d-----w C:\Program Files\Yahoo!
2008-02-04 12:25 --------- d-----w C:\Program Files\Intel
2008-02-04 12:15 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-04 12:14 558,142 ----a-w C:\WINDOWS\java\Packages\VTRHJZ5N.ZIP
2008-02-04 12:14 155,995 ----a-w C:\WINDOWS\java\Packages\OIJ7P773.ZIP
2007-12-21 03:53 2,843,136 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-21 03:09 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-12-21 03:08 272,384 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-12-21 03:02 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-12-21 02:59 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-12-21 02:59 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-12-21 02:59 147,456 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-12-21 02:59 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-12-21 02:58 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-12-21 02:57 512,000 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-12-21 02:56 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2007-12-21 02:53 9,826,304 ----a-w C:\WINDOWS\system32\atioglx2.dll
2007-12-21 02:47 3,120,640 ----a-w C:\WINDOWS\system32\ati3duag.dll
2007-12-21 02:36 1,661,696 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2007-12-21 02:24 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2007-12-21 02:20 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
2007-12-21 02:20 385,024 ----a-w C:\WINDOWS\system32\atikvmag.dll
2007-12-21 02:18 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2007-12-21 02:17 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2007-12-21 02:15 159,744 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2007-12-21 02:11 499,712 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2007-12-20 20:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 18:05 13312]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-04 13:53 32768]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-08-27 13:42 517120]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-29 13:05 486856]
"AdVantage"="C:\Program Files\AdVantage\AdVantage.exe" [2007-11-05 11:12 884176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 12:45 49152 C:\WINDOWS\KHALMNPR.Exe]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-02-04 15:45 2776576]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"Windows Logon Application"="C:\WINDOWS\System32\winIogon.exe" [2002-09-20 18:05 82882]
"Advanced DHTML Enable"="C:\WINDOWS\System32\lfndv.exe" [2008-02-09 13:37 19711]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 18:05 13312]
S1 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 10:04]
S1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-02-04 15:47]
S2 Generic Host Process for Win-32 Service;Generic Host Process for Win-32 Service;"C:\WINDOWS\svchost.exe" []
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-02-04 13:27]
S3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 01:35]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-09 16:01:14
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-09 16:02:10 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-09 15:02:06
ComboFix2.txt 2008-02-08 15:17:46
ComboFix3.txt 2008-02-08 14:53:20
ComboFix4.txt 2008-02-08 14:43:34
ComboFix5.txt 2008-02-06 14:28:32
.
2008-02-05 16:23:01 --- E O F ---
A zapnu kompa a udela me to :
http://img252.imageshack.us/my.php?image=kurvaan3.jpg
Systém Microsoft Windows XP Professional 5.1.2600.1.1250.1.1029.18.845 [GMT 1:00]
Running from: C:\Documents and Settings\Administrator\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Plocha\cfscript.txt.txt
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
FILE
c:\windows\system32\drivers\etc\hosts
c:\windows\system32\niywktif.exe
c:\windows\system32\pqzfumzt.exe
.
((((((((((((((((((((((((( Files Created from 2008-01-09 to 2008-02-09 )))))))))))))))))))))))))))))))
.
2008-02-09 14:26 . 2008-02-09 14:44 12,288 --ah----- C:\WINDOWS\system32\eciqzl.exe
2008-02-09 13:37 . 2008-02-09 13:37 19,711 --a------ C:\WINDOWS\system32\lfndv.exe
2008-02-09 13:37 . 2008-02-09 13:37 7,680 --a------ C:\WINDOWS\system32\balru.exe
2008-02-09 13:28 . 2008-02-09 13:30 82,882 --ah----- C:\WINDOWS\system32\hzbsuvo.exe
2008-02-09 13:10 . 2008-02-09 13:10 16,896 --ah----- C:\WINDOWS\system32\yilc.exe
2008-02-09 12:51 . 2008-02-09 12:51 19,711 --a------ C:\WINDOWS\system32\xoehfuo.exe
2008-02-09 12:51 . 2008-02-09 12:51 7,680 --a------ C:\WINDOWS\system32\jlrkbcj.exe
2008-02-09 12:40 . 2008-02-09 13:30 126 --a------ C:\WINDOWS\system32\wurefyu.bat
2008-02-09 12:36 . 2008-02-09 12:40 82,882 --ah----- C:\WINDOWS\system32\brwglrx.exe
2008-02-09 12:01 . 2008-02-09 12:01 19,711 --a------ C:\WINDOWS\system32\jsxx.exe
2008-02-09 12:01 . 2008-02-09 12:01 7,680 --a------ C:\WINDOWS\system32\khgeql.exe
2008-02-09 11:11 . 2008-02-09 11:11 19,711 --a------ C:\WINDOWS\system32\zbnqftc.exe
2008-02-09 11:11 . 2008-02-09 11:11 7,680 --a------ C:\WINDOWS\system32\uvhava.exe
2008-02-09 11:04 . 2008-02-09 11:07 23,552 --ah----- C:\WINDOWS\system32\dzkml.exe
2008-02-09 10:01 . 2008-02-09 10:02 20,992 --ah----- C:\WINDOWS\system32\frtheq.exe
2008-02-09 09:52 . 2008-02-09 09:52 19,711 --a------ C:\WINDOWS\system32\qbblwf.exe
2008-02-09 09:52 . 2008-02-09 09:52 7,680 --a------ C:\WINDOWS\system32\guje.exe
2008-02-08 19:41 . 2008-02-08 19:41 122 --a------ C:\WINDOWS\system32\wvgpme.bat
2008-02-08 19:39 . 2008-02-08 19:41 64,000 --ah----- C:\WINDOWS\system32\euletm.exe
2008-02-08 19:21 . 2008-02-08 19:21 <DIR> d-------- C:\Temp
2008-02-08 16:16 . 2008-02-08 16:16 <DIR> d-------- C:\WINDOWS\pchealth
2008-02-08 15:29 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-08 15:29 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-08 15:29 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-08 15:29 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-08 15:29 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-08 15:29 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-08 15:29 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-08 15:29 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-08 12:28 . 2008-02-08 12:28 <DIR> d-------- C:\WINDOWS\ERUNT
2008-02-08 12:23 . 2008-02-08 12:34 <DIR> d-------- C:\SDFix
2008-02-05 17:25 . 2008-02-04 13:11 <DIR> d--h----- C:\Documents and Settings\Guest\ćablony
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d-------- C:\Documents and Settings\Guest\Plocha
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolnˇ tisk rny
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> d--h----- C:\Documents and Settings\Guest\Okolnˇ sˇś
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Oblˇben‚ polo§ky
2008-02-05 17:25 . 2008-02-04 14:06 <DIR> dr------- C:\Documents and Settings\Guest\Nabˇdka Start
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr------- C:\Documents and Settings\Guest\Dokumenty
2008-02-05 17:25 . 2008-02-05 17:26 <DIR> dr-h----- C:\Documents and Settings\Guest\Data aplikacˇ
2008-02-05 17:15 . 2004-03-10 19:00 595,968 -----c--- C:\WINDOWS\system32\dllcache\xpsp2res.dll
2008-02-05 16:58 . 2003-02-28 16:34 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2008-02-05 16:58 . 2003-02-28 18:26 171,280 --a------ C:\WINDOWS\system32\jit.dll
2008-02-05 16:58 . 2003-02-28 18:26 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2008-02-05 16:58 . 2003-02-28 18:26 46,352 --a------ C:\WINDOWS\setdebug.exe
2008-02-05 16:58 . 2003-02-28 16:54 7,315 --a------ C:\WINDOWS\system32\javasup.vxd
2008-02-05 16:58 . 2003-02-28 16:35 6,550 --a------ C:\WINDOWS\jautoexp.dat
2008-02-05 15:57 . 2005-10-20 23:34 992,768 --a------ C:\WINDOWS\system32\esent.dll
2008-02-05 15:25 . 2008-02-05 15:25 <DIR> d-------- C:\WINDOWS\system32\bits
2008-02-05 15:25 . 2008-02-05 17:00 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2008-02-05 15:22 . 2004-07-01 23:10 360,448 --a--c--- C:\WINDOWS\system32\dllcache\qmgr.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a------ C:\WINDOWS\system32\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 331,776 --a--c--- C:\WINDOWS\system32\dllcache\winhttp.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 17,408 --a--c--- C:\WINDOWS\system32\dllcache\qmgrprxy.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 -----c--- C:\WINDOWS\system32\dllcache\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,680 --------- C:\WINDOWS\system32\bitsprx2.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 -----c--- C:\WINDOWS\system32\dllcache\bitsprx3.dll
2008-02-05 15:22 . 2004-07-01 23:10 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2008-02-05 14:11 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-02-05 14:11 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-02-05 14:11 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-02-05 14:11 . 2007-07-30 19:19 203,096 --a------ C:\WINDOWS\system32\wuweb.dll
2008-02-05 14:11 . 2004-08-03 14:05 186,136 --a------ C:\WINDOWS\system32\wuaueng1.dll
2008-02-05 14:11 . 2004-08-03 13:59 168,216 --a------ C:\WINDOWS\system32\wuauclt1.exe
2008-02-05 14:11 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll
2008-02-05 11:55 . 1998-06-24 01:00 115,016 --a------ C:\WINDOWS\system32\MSINET.OCX
2008-02-05 11:55 . 1998-06-18 01:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
2008-02-05 11:55 . 2000-03-17 09:21 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
2008-02-05 11:55 . 2000-03-17 09:21 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
2008-02-05 11:55 . 2002-04-24 13:43 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
2008-02-05 11:55 . 2002-04-09 18:23 29,184 --a------ C:\WINDOWS\system32\MSINET.oca
2008-02-05 11:55 . 2002-10-17 11:35 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe
2008-02-05 11:55 . 2002-01-07 17:30 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-05 11:50 . 2008-02-05 11:50 <DIR> d-------- C:\WINDOWS\Cache
2008-02-05 11:41 . 2008-02-09 09:44 <DIR> d-------- C:\Program Files\AdVantage
2008-02-05 11:38 . 2008-02-05 11:42 <DIR> d-------- C:\Program Files\DAEMON Tools Lite
2008-02-04 22:25 . 2008-02-04 22:26 <DIR> d-------- C:\Program Files\ComboFix
2008-02-04 22:17 . 2008-02-04 22:17 <DIR> d-------- C:\Program Files\avenger
2008-02-04 21:38 . 2008-02-04 21:38 <DIR> d-------- C:\Program Files\Ray Adams
2008-02-04 20:41 . 2008-02-04 23:14 <DIR> d-------- C:\Program Files\QooBox
2008-02-04 18:27 . 2008-02-09 11:15 <DIR> d-------- C:\Downloads
2008-02-04 18:27 . 2008-02-04 18:27 2,560 --a------ C:\WINDOWS\system32\bitcometres.dll
2008-02-04 18:26 . 2008-02-04 19:19 <DIR> d-------- C:\Program Files\BitComet
2008-02-04 17:54 . 2008-02-08 16:43 <DIR> d-------- C:\Program Files\QIP
2008-02-04 15:47 . 2008-02-04 15:47 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2008-02-04 15:44 . 2008-02-04 15:44 <DIR> d-------- C:\Program Files\Crawler
2008-02-04 15:43 . 2008-02-06 14:49 <DIR> d-------- C:\Program Files\Spyware Terminator
2008-02-04 15:21 . 2008-02-04 15:21 <DIR> d-------- C:\Program Files\Lavalys
2008-02-04 15:12 . 2008-02-08 15:15 <DIR> d-------- C:\Program Files\ICQToolbar
2008-02-04 15:12 . 2008-02-09 10:36 <DIR> d-------- C:\Program Files\ICQLite
2008-02-04 15:09 . 2008-02-04 15:09 1,158 --a------ C:\WINDOWS\mozver.dat
2008-02-04 15:08 . 2008-02-04 15:08 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-04 15:06 . 2008-02-04 15:06 <DIR> d-------- C:\Program Files\Webteh
2008-02-04 15:05 . 2008-02-06 11:01 <DIR> d-------- C:\Program Files\Opera
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-08 16:10 42,496 ----a-w C:\WINDOWS\system32\ftp.exe
2008-02-08 16:10 16,896 ----a-w C:\WINDOWS\system32\tftp.exe
2008-02-08 16:07 133,120 ----a-w C:\WINDOWS\system32\sfc_os.dll
2008-02-05 11:06 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-05 10:56 11,973 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2008-02-04 20:33 --------- d-----w C:\Program Files\ATI Technologies
2008-02-04 13:59 --------- d-----w C:\Program Files\totalcmd
2008-02-04 13:47 --------- d-----w C:\Program Files\Alwil Software
2008-02-04 13:35 --------- d-----w C:\Program Files\ESET
2008-02-04 12:53 118,784 ------r C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
2008-02-04 12:53 --------- d-----w C:\Program Files\Logitech
2008-02-04 12:52 --------- d-----w C:\Program Files\Common Files\Logitech
2008-02-04 12:37 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-02-04 12:36 --------- d-----w C:\Program Files\Common Files\ATI Technologies
2008-02-04 12:29 423 ----a-w C:\Program Files\RHDSetup.log
2008-02-04 12:29 197 ----a-w C:\Program Files\csb.log
2008-02-04 12:28 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-02-04 12:28 --------- d-----w C:\Program Files\Realtek
2008-02-04 12:27 15,600 ----a-w C:\WINDOWS\gdrv.sys
2008-02-04 12:25 --------- d-----w C:\Program Files\Yahoo!
2008-02-04 12:25 --------- d-----w C:\Program Files\Intel
2008-02-04 12:15 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-04 12:14 558,142 ----a-w C:\WINDOWS\java\Packages\VTRHJZ5N.ZIP
2008-02-04 12:14 155,995 ----a-w C:\WINDOWS\java\Packages\OIJ7P773.ZIP
2007-12-21 03:53 2,843,136 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-12-21 03:09 368,640 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-12-21 03:08 272,384 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-12-21 03:02 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-12-21 02:59 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-12-21 02:59 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-12-21 02:59 147,456 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-12-21 02:59 122,880 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-12-21 02:58 122,880 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-12-21 02:57 512,000 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-12-21 02:56 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2007-12-21 02:53 9,826,304 ----a-w C:\WINDOWS\system32\atioglx2.dll
2007-12-21 02:47 3,120,640 ----a-w C:\WINDOWS\system32\ati3duag.dll
2007-12-21 02:36 1,661,696 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2007-12-21 02:24 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
2007-12-21 02:20 5,435,392 ----a-w C:\WINDOWS\system32\atioglxx.dll
2007-12-21 02:20 385,024 ----a-w C:\WINDOWS\system32\atikvmag.dll
2007-12-21 02:18 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2007-12-21 02:17 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2007-12-21 02:15 159,744 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2007-12-21 02:11 499,712 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2007-12-20 20:05 593,920 ------w C:\WINDOWS\system32\ati2sgag.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-09-20 18:05 13312]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2008-02-04 13:53 32768]
"AtiTrayTools"="C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe" [2007-08-27 13:42 517120]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-29 13:05 486856]
"AdVantage"="C:\Program Files\AdVantage\AdVantage.exe" [2007-11-05 11:12 884176]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 10:33 16132608 C:\WINDOWS\RTHDCPL.exe]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2004-12-10 12:45 49152 C:\WINDOWS\KHALMNPR.Exe]
"SpywareTerminator"="C:\PROGRA~1\SPYWAR~1\SpywareTerminatorShield.exe" [2008-02-04 15:45 2776576]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"Windows Logon Application"="C:\WINDOWS\System32\winIogon.exe" [2002-09-20 18:05 82882]
"Advanced DHTML Enable"="C:\WINDOWS\System32\lfndv.exe" [2008-02-09 13:37 19711]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-09-20 18:05 13312]
S1 atitray;atitray;C:\Program Files\Ray Adams\ATI Tray Tools\atitray.sys [2007-05-22 10:04]
S1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\System32\drivers\sp_rsdrv2.sys [2008-02-04 15:47]
S2 Generic Host Process for Win-32 Service;Generic Host Process for Win-32 Service;"C:\WINDOWS\svchost.exe" []
S3 gdrv;gdrv;C:\WINDOWS\gdrv.sys [2008-02-04 13:27]
S3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\System32\DRIVERS\psched.sys [2002-08-29 01:35]
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-09 16:01:14
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-09 16:02:10 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-09 15:02:06
ComboFix2.txt 2008-02-08 15:17:46
ComboFix3.txt 2008-02-08 14:53:20
ComboFix4.txt 2008-02-08 14:43:34
ComboFix5.txt 2008-02-06 14:28:32
.
2008-02-05 16:23:01 --- E O F ---
A zapnu kompa a udela me to :
http://img252.imageshack.us/my.php?image=kurvaan3.jpg