Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to cure Abnormal Disable Security Center


  • This topic is locked This topic is locked
41 replies to this topic

#1 WinBMY

WinBMY

  • Members
  • 176 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 31 October 2012 - 08:14 AM

Hi,

I have 2 issues that I found. They are:
1. Avast Left Over after uninstall failure.
2. My AV said I have one abnormal system setting --- Disable Security Center. And try full day to kill this issue, but it comes back again and again.

Here is my DSS log.

DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2
Run by ASUS at 21:03:17 on 2012-10-31
Microsoft Windows 7 家用進階版 6.1.7601.1.950.886.1028.18.8103.6011 [GMT 8:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: COMODO Antivirus *Enabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: COMODO Antivirus *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
D:\Virus Protection Course\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\ExpressGateUtil\VAWinService.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Windows\vsnp2uvc.exe
D:\Virus Protection Course\COMODO\COMODO Internet Security\CisTray.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
D:\Virus Protection Course\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\system32\SearchProtocolHost.exe
D:\Virus Protection Course\COMODO\COMODO Internet Security\cis.exe
D:\Virus Protection Course\COMODO\COMODO Internet Security\cce.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://asus.msn.com
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe /S
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
mRun: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
mRun: [RemoteControl10] "C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
mRun: [UpdatePSTShortCut] "C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Cyberlink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
mRun: [FLxHCIm64] "C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe"
mRun: [IME14 CHT Setup] C:\PROGRA~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /CHT /Log
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:34
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:34
mPolicies-Explorer: NoDriveAutoRun = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: 傳送至 OneNote(&N) - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: 匯出至 Microsoft Excel(&X) - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab
TCP: NameServer = 192.168.43.1
TCP: Interfaces\{F4A2FC8E-77EF-476A-A47D-62299D31A988} : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{F4A2FC8E-77EF-476A-A47D-62299D31A988}\14355535 : DHCPNameServer = 192.168.1.1 168.95.192.1
TCP: Interfaces\{F4A2FC8E-77EF-476A-A47D-62299D31A988}\143555350245543545 : DHCPNameServer = 192.168.11.1
TCP: Interfaces\{F4A2FC8E-77EF-476A-A47D-62299D31A988}\35D696478656 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F4A2FC8E-77EF-476A-A47D-62299D31A988}\754523 : DHCPNameServer = 139.175.55.244 139.175.252.16
TCP: Interfaces\{F4A2FC8E-77EF-476A-A47D-62299D31A988}\A416E63757B416C62696 : DHCPNameServer = 192.168.1.1 168.95.192.1
TCP: Interfaces\{F4A2FC8E-77EF-476A-A47D-62299D31A988}\A616E63757B616C62696 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3
x64-Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
x64-Run: [IME14 CHT Setup] C:\PROGRA~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /CHT /Log
x64-Run: [COMODO Internet Security] D:\Virus Protection Course\COMODO\COMODO Internet Security\cistray.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\f4o2kfyi.default\
FF - prefs.js: browser.startup.homepage - www.google.com.tw
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\ASUS\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2012-10-02 11:06; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\f4o2kfyi.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-11-7 25960]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-9-18 969200]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-9-18 359464]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-5-26 17536]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2012-10-9 22736]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2012-10-9 688104]
R1 cmdhlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2012-10-9 38656]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-14 59904]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2012-11-7 379520]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-3 15416]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-9-18 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-9-18 71600]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-3-14 138400]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2011-3-14 74912]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-9-18 44808]
R2 ImeDictUpdateService;Microsoft IME Dictionary Update;C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [2010-10-20 83312]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-11-7 1997416]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-4-17 13832]
R2 TurboBoost;Intel® Turbo Boost Technology Monitor;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-4-17 134928]
R2 VideAceWindowsService;VideAceWindowsService;C:\ExpressGateUtil\VAWinService.exe [2011-3-26 91464]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2011-3-14 36000]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2011-3-14 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2011-3-14 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2011-3-14 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2011-3-14 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2011-3-14 154272]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2011-3-14 280224]
R3 ETD;ELAN PS/2 Port Input Device;C:\Windows\System32\drivers\ETD.sys [2011-9-22 142632]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2012-1-10 219648]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\System32\drivers\FLxHCIh.sys [2012-1-10 65024]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-9-22 317440]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-9-22 169584]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2011-9-22 56344]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-8-26 202632]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-19 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-19 138576]
S2 DCService.exe;DCService.exe;C:\ProgramData\DatacardService\DCService.exe --> C:\ProgramData\DatacardService\DCService.exe [?]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-6-20 250808]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2010-5-3 44032]
S3 cmdvirth;COMODO Virtual Service Manager;D:\Virus Protection Course\COMODO\COMODO Internet Security\cmdvirth.exe [2012-10-9 145616]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2011-10-18 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe []
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-21 115168]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-11 56832]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-19 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-19 31232]
S3 WatAdminSvc;Windows 啟用技術服務;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-4-8 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-11-07 09:33:12 -------- d-----w- C:\ProgramData\CPA_VA
2012-11-07 09:31:48 -------- d-----w- C:\Windows\SysWow64\l蒪w砫滴`r俞videace
2012-11-07 09:30:14 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll
2012-11-07 09:30:14 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll
2012-11-07 08:36:36 -------- d-----w- C:\Users\ASUS\AppData\Roaming\FLEXnet
2012-11-07 08:36:34 -------- d-----w- C:\Users\ASUS\AppData\Roaming\Nuance
2012-11-07 08:33:10 -------- d-----w- C:\Users\ASUS\AppData\Roaming\Zeon
2012-11-07 08:13:19 -------- d-----w- C:\temp
2012-11-07 07:25:51 -------- d-----w- C:\Users\ASUS\AppData\Local\Mozilla
2012-11-07 07:14:05 -------- d-----w- C:\videace
2012-11-07 06:58:07 -------- d-----w- C:\ProgramData\DataCardService
2012-11-07 06:58:06 1721576 ----a-w- C:\Windows\System32\drivers\WdfCoInstaller01009.dll
2012-11-06 21:37:52 -------- d-----w- C:\eSupport
2012-11-06 21:13:29 80512 ----a-w- C:\Windows\ASUS_N3_Series Uninstaller.exe
2012-11-06 21:13:28 64702955 ------w- C:\Windows\System32\ASUS_N3_Series.scr
2012-11-06 21:13:27 3058304 ----a-w- C:\Windows\AsScrPro.exe
2012-11-06 21:11:14 505128 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2012-11-06 21:11:14 353576 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2012-11-06 21:11:14 29480 ----a-w- C:\Windows\SysWow64\msxml3a.dll
2012-11-06 21:06:36 -------- d-----w- C:\ExpressGateUtil
2012-11-06 21:03:42 155648 ----a-w- C:\Windows\SysWow64\ACEngSvr.exe
2012-11-06 21:01:25 379520 ----a-w- C:\Windows\System32\FBAgent.exe
2012-11-06 21:01:25 -------- d-----w- C:\Program Files\ASUS
2012-11-06 20:59:31 -------- d-----w- C:\ProgramData\P4G
2012-11-06 20:59:31 -------- d-----w- C:\Program Files\P4G
2012-11-06 20:56:16 -------- d-----w- C:\Program Files (x86)\Common Files\Atheros
2012-11-06 20:56:15 -------- d-----w- C:\Program Files (x86)\Bluetooth Suite
2012-11-06 20:55:38 2228736 ----a-w- C:\Windows\System32\drivers\athrx.sys
2012-11-06 20:55:38 2228736 ----a-w- C:\Windows\System32\athrx.sys
2012-11-06 20:55:38 -------- d-----w- C:\Program Files (x86)\Atheros
2012-11-06 20:55:32 -------- d-----w- C:\ProgramData\Atheros
2012-11-06 20:53:31 -------- d-----w- C:\Program Files\Elantech
2012-11-06 20:53:24 -------- d-----w- C:\Program Files\Fresco Logic Inc
2012-11-06 20:53:20 -------- d-----w- C:\ProgramData\AmUStor
2012-11-06 20:53:20 -------- d-----w- C:\Program Files (x86)\AmIcoSingLun
2012-11-06 20:52:34 -------- d-----w- C:\Windows\SysWow64\NV
2012-11-06 20:52:34 -------- d-----w- C:\Windows\System32\NV
2012-11-06 20:51:06 -------- d-----w- C:\ProgramData\SonicFocus
2012-11-06 20:51:04 -------- d-----w- C:\Program Files\Realtek
2012-11-06 20:51:03 -------- d-----w- C:\Windows\SysWow64\RTCOM
2012-11-06 20:49:53 2207336 ----a-w- C:\Windows\System32\nvapi64.dll
2012-11-06 20:46:54 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2012-11-06 20:46:50 -------- d-----w- C:\Intel
2012-11-06 20:44:03 180736 ----a-w- C:\Windows\System32\ifsutil.dll
2012-11-06 20:44:03 148992 ----a-w- C:\Windows\SysWow64\ifsutil.dll
2012-11-06 07:24:36 -------- d-----w- C:\Windows\SysWow64\l綖w砫rw€tvideace
2012-11-06 07:02:06 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2012-11-06 07:02:00 -------- d-----w- C:\Program Files\Fresco Logic
2012-11-06 06:56:55 -------- d-----w- C:\ProgramData\ASUS
2012-11-06 06:56:54 -------- d-----w- C:\Users\ASUS\AppData\Local\ASUS
2012-11-06 06:55:55 746984 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-11-06 06:55:39 -------- d-----w- C:\ProgramData\PassMark
2012-11-06 06:54:21 -------- d-----w- C:\Users\ASUS\AppData\Roaming\ASUS WebStorage
2012-11-06 06:35:43 -------- d-----w- C:\Users\ASUS\AppData\Local\BMExplorer
2012-11-06 06:34:13 -------- d-----w- C:\Users\ASUS\AppData\Local\Power2Go
2012-11-06 06:33:42 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe
2012-11-06 06:33:38 -------- d-----w- C:\Users\ASUS\AppData\Local\VirtualStore
2012-11-06 06:33:31 -------- d--h--w- C:\ASUS.DAT
2012-11-06 06:33:31 -------- d-----w- C:\ProgramData\FolderView
2012-11-06 06:33:23 -------- d-sh--we C:\Users\ASUS\AppData\Local\Temporary Internet Files
2012-11-06 06:33:23 -------- d-sh--we C:\Users\ASUS\AppData\Local\History
2012-11-06 06:33:23 -------- d-sh--we C:\Users\ASUS\AppData\Local\Application Data
2012-11-06 06:33:23 -------- d-----w- C:\Users\ASUS\AppData\Local\Temp
2012-11-06 06:33:23 -------- d-----w- C:\Users\ASUS\AppData\Local\Microsoft
2012-10-31 12:58:45 -------- d-sh--w- C:\$RECYCLE.BIN
2012-10-31 12:58:45 -------- d-----w- C:\Windows\SysWow64\#w蠉#wxt苒videace
2012-10-31 11:22:48 -------- d-----w- C:\Program Files\COMODO
2012-10-31 11:17:56 -------- d-----w- C:\Windows\SysWow64\莇蠉莇xt淚videace
2012-10-31 11:10:07 -------- d-----w- C:\Windows\SysWow64\蠉xt柦videace
2012-10-31 10:54:53 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-10-31 10:54:53 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-10-31 10:09:58 -------- d-----w- C:\Windows\SysWow64\uw蠉uwxt琵videace
2012-10-31 08:41:23 -------- d-----w- C:\Windows\SysWow64\-w蠉-wxt璞videace
2012-10-31 08:40:04 146264 ----a-w- C:\Windows\System32\drivers\ovanvq.sys
2012-10-31 08:35:51 146264 ----a-w- C:\Windows\System32\drivers\zlnimc.sys
2012-10-31 08:33:14 -------- d-----w- C:\Windows\SysWow64\蠉xtvideace
2012-10-31 08:26:51 -------- d-----w- C:\Windows\SysWow64\蠉xt縷videace
2012-10-31 08:25:43 146264 ----a-w- C:\Windows\System32\drivers\icquni.sys
2012-10-31 08:23:31 -------- d-----w- C:\Windows\SysWow64\(w蠉(wxtvideace
2012-10-31 08:20:18 146264 ----a-w- C:\Windows\System32\drivers\dlhynz.sys
2012-10-31 08:14:45 -------- d-----w- C:\Windows\SysWow64\蠉xt佢videace
2012-10-31 02:14:13 146264 ----a-w- C:\Windows\System32\drivers\mtqjxm.sys
2012-10-30 11:06:57 -------- d-----w- C:\Windows\SysWow64\Jw蠉Jwxt綅videace
2012-10-30 07:45:14 -------- d-----w- C:\Windows\SysWow64\zw蠉zwxt滜videace
2012-10-30 07:06:22 -------- d-----w- C:\Windows\SysWow64\蠉xt閱videace
2012-10-30 05:20:37 -------- d-----w- C:\Windows\SysWow64\洄蠉洄xt螰videace
2012-10-29 11:35:33 -------- d-----w- C:\Windows\SysWow64\'w蠉'wxt閱videace
2012-10-29 11:18:24 -------- d-----w- C:\Windows\SysWow64\漙蠉漙xt黠videace
2012-10-29 11:08:33 -------- d-----w- C:\Windows\SysWow64\眨蠉眨xt螰videace
2012-10-29 07:32:45 -------- d-----w- C:\Windows\SysWow64\蓹蠉蓹xt苒videace
2012-10-29 07:20:20 98816 ----a-w- C:\Windows\sed.exe
2012-10-29 07:20:20 256000 ----a-w- C:\Windows\PEV.exe
2012-10-29 07:20:20 208896 ----a-w- C:\Windows\MBR.exe
2012-10-29 06:50:04 -------- d-----w- C:\Windows\SysWow64\肓蠉肓xt汻videace
2012-10-29 05:48:40 -------- d-----w- C:\Users\ASUS\AppData\Roaming\VSRevoGroup
2012-10-29 05:44:28 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2012-10-29 05:33:52 -------- d-----w- C:\Windows\SysWow64\;w蠉;wxt偅videace
2012-10-28 12:00:44 -------- d-----w- C:\Windows\SysWow64\]w蠉]wxt么videace
2012-10-27 11:15:26 -------- d-----w- C:\Windows\SysWow64\逕蠉逕xtvideace
2012-10-26 23:58:38 -------- d-----w- C:\Program Files\CCleaner
2012-10-26 23:53:12 -------- d-----w- C:\Windows\SysWow64\jw蠉jwxt跚videace
2012-10-25 10:55:53 -------- d-----w- C:\Windows\SysWow64\儡蠉儡xt歿videace
2012-10-22 11:20:07 -------- d-----w- C:\Windows\SysWow64\ㄈ蠉ㄈxtvideace
2012-10-22 11:16:24 -------- d-----w- C:\Windows\SysWow64\ww蠉wwxt愧videace
2012-10-21 13:11:21 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-10-21 12:58:33 -------- d-----w- C:\Windows\SysWow64\Kw蠉Kwxt狖videace
2012-10-21 00:45:46 -------- d-----w- C:\Windows\SysWow64\aw蠉awxtvideace
2012-10-21 00:41:14 -------- d-----w- C:\Comodo
2012-10-20 00:38:19 -------- d-----w- C:\Windows\SysWow64\鈖蠉鈖xt胐videace
2012-10-18 04:41:24 -------- d-----w- C:\Windows\SysWow64\镽蠉镽xtvideace
2012-10-17 11:43:34 -------- d-----w- C:\Windows\SysWow64\暈蠉暈xtαvideace
2012-10-17 02:52:43 -------- d-----w- C:\123
2012-10-17 02:07:51 -------- d-----w- C:\Windows\SysWow64\蠉xt佢videace
2012-10-11 02:15:12 95208 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2012-10-11 01:25:07 -------- d-----w- C:\Windows\SysWow64\煂蠉煂xt廄videace
2012-10-10 12:01:48 -------- d-----w- C:\Users\ASUS\AppData\Roaming\Comodo
2012-10-10 11:06:02 -------- d-----w- C:\VTRoot
2012-10-10 08:37:23 -------- d-----w- C:\ProgramData\Comodo Downloader
2012-10-10 06:32:57 -------- d-s---w- C:\ProgramData\Shared Space
2012-10-10 06:29:42 -------- d-----w- C:\Windows\SysWow64\鴳蠉鴳xtαvideace
2012-10-10 06:02:57 220160 ----a-w- C:\Windows\System32\wintrust.dll
2012-10-10 06:02:57 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll
2012-10-10 06:02:51 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2012-10-10 06:02:51 2048 ----a-w- C:\Windows\System32\tzres.dll
2012-10-10 06:02:47 715776 ----a-w- C:\Windows\System32\kerberos.dll
2012-10-10 06:02:47 542208 ----a-w- C:\Windows\SysWow64\kerberos.dll
2012-10-10 06:01:46 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2012-10-10 06:01:46 1464320 ----a-w- C:\Windows\System32\crypt32.dll
2012-10-10 06:01:46 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2012-10-10 06:01:46 140288 ----a-w- C:\Windows\System32\cryptnet.dll
2012-10-10 06:01:46 1159680 ----a-w- C:\Windows\SysWow64\crypt32.dll
2012-10-10 06:01:45 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2012-10-09 11:30:24 38656 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2012-10-09 11:30:22 688104 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2012-10-09 11:30:22 22736 ----a-w- C:\Windows\System32\drivers\cmderd.sys
2012-10-09 11:30:00 42264 ----a-w- C:\Windows\System32\cmdcsr.dll
2012-10-09 11:29:54 313112 ----a-w- C:\Windows\System32\guard64.dll
2012-10-09 11:29:54 240488 ----a-w- C:\Windows\SysWow64\guard32.dll
2012-10-09 11:29:40 153808 ----a-w- C:\Windows\System32\cmdvrt64.dll
2012-10-09 11:29:34 128720 ----a-w- C:\Windows\SysWow64\cmdvrt32.dll
2012-10-09 03:19:59 -------- d-----w- C:\Users\ASUS\AppData\Local\ElevatedDiagnostics
2012-10-08 02:48:34 -------- d-----w- C:\Windows\SysWow64\琋蠉琋xt岤videace
2012-10-08 02:31:19 -------- d-----w- C:\Windows\SysWow64\Qw蠉Qwxt孀videace
2012-10-08 01:28:52 -------- d-----w- C:\Windows\SysWow64\'w蠉'wxt罡videace
2012-10-03 01:24:19 -------- d-----w- C:\Windows\SysWow64\蠉xt許videace
.
==================== Find3M ====================
.
2012-10-11 02:15:08 821736 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-10-10 11:26:47 73656 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-10 11:26:47 696760 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-09-04 12:22:54 39424 ----a-w- C:\Windows\System32\cmdkbd64.dll
2012-09-04 12:07:00 34304 ----a-w- C:\Windows\SysWow64\cmdkbd32.dll
2012-08-31 18:19:35 1659760 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2012-08-30 18:03:45 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-08-30 17:12:02 3968880 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-08-24 10:31:32 2312704 ----a-w- C:\Windows\System32\jscript9.dll
2012-08-24 10:21:18 1392128 ----a-w- C:\Windows\System32\wininet.dll
2012-08-24 10:20:11 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-08-24 10:14:45 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-08-24 10:13:29 599040 ----a-w- C:\Windows\System32\vbscript.dll
2012-08-24 10:09:42 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2012-08-24 06:59:17 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- C:\Windows\SysWow64\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-08-22 18:12:50 1913200 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-08-22 18:12:40 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2012-08-22 18:12:40 376688 ----a-w- C:\Windows\System32\drivers\netio.sys
2012-08-22 18:12:33 288624 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS
2012-08-21 21:01:00 245760 ----a-w- C:\Windows\System32\OxpsConverter.exe
2012-08-21 09:13:13 969200 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2012-08-21 09:13:12 71600 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2012-08-21 09:12:33 41224 ------w- C:\Windows\avastSS.scr
2012-08-20 18:48:44 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-08-20 18:48:44 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-08-20 18:48:44 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-08-20 18:48:43 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-08-20 18:48:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-08-20 18:48:35 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-08-20 18:46:22 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-08-20 17:40:21 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-08-20 17:38:44 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2012-08-20 17:38:26 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-08-20 17:37:19 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-08-20 17:37:18 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-08-20 15:38:21 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-08-20 15:38:20 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-08-20 15:33:28 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-08-20 15:33:28 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-08-20 15:33:28 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-08-20 15:33:28 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-08-02 17:58:52 574464 ----a-w- C:\Windows\System32\d3d10level9.dll
2012-08-02 16:57:20 490496 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
.
============= FINISH: 21:03:50.51 ===============




And her is the Attach log:
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-10-19.01)
.
Microsoft Windows 7 家用進階版
Boot Device: \Device\HarddiskVolume2
Install Date: 2012/11/6 14:33:20
System Uptime: 2012/10/31 20:58:17 (1 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | N43SL
Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz | CPU 1 | 2301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 200 GiB total, 146.466 GiB free.
D: is FIXED (NTFS) - 241 GiB total, 216.097 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP97: 2012/10/18 12:46:01 - 裝置驅動程式套件安裝: COMODO Network Service
RP98: 2012/10/18 13:11:20 - Removed GeekBuddy.
RP99: 2012/10/27 07:40:48 - avast! Free Antivirus 安裝
RP100: 2012/10/27 07:41:05 - avast! Free Antivirus 安裝
RP101: 2012/10/27 07:49:57 - avast! Free Antivirus 安裝
RP102: 2012/10/27 07:50:17 - avast! Free Antivirus 安裝
RP103: 2012/10/27 15:34:27 - avast! Free Antivirus 安裝
RP104: 2012/10/27 15:34:41 - avast! Free Antivirus 安裝
RP105: 2012/10/29 09:09:03 - 裝置驅動程式套件安裝: COMODO Network Service
RP106: 2012/10/29 12:46:20 - 裝置驅動程式套件安裝: COMODO Network Service
RP107: 2012/10/29 13:45:28 - Revo Uninstaller's restore point - ESET Online Scanner v3
RP108: 2012/10/30 22:27:56 - Revo Uninstaller's restore point - ESET Online Scanner v3
RP109: 2012/10/31 19:39:19 - Removed GeekBuddy.
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Adobe Flash Player 11 Plugin
Adobe Shockwave Player 11.6
Alcor Micro USB Card Reader
ASUS AI Recovery
ASUS FancyStart
ASUS LifeFrame3
ASUS Power4Gear Hybrid
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Video Magic
ASUS Virtual Camera
ASUS WebStorage
ASUS_N3_Series
Atheros Client Installation Program
ATK Package
Bluetooth Win7 Suite (64)
CCleaner
Comodo Dragon
COMODO Internet Security Beta
Control ActiveX de Windows Live Mesh para conexiones remotas
Controle ActiveX Windows Live Mesh pour connexions a distance
Controlo ActiveX do Windows Live Mesh para Ligacoes Remotas
CutePDF Writer 2.8
CyberLink LabelPrint
CyberLink MediaEspresso
CyberLink Power2Go
CyberLink PowerDirector
CyberLink PowerDVD 10
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
ETDWare PS/2-X64 8.0.5.3_WHQL
ExpressGateCloud
Fast Boot
Fresco Logic USB3.0 Host Controller
Galeria de Fotografias do Windows Live
Galeria fotografica de Windows Live
Galerie de photos Windows Live
Intel® Control Center
Intel® Processor Graphics
Intel® Turbo Boost Technology Monitor
Java 7 Update 7
Java Auto Updater
JavaFX 2.1.1
Junk Mail filter update
Malwarebytes Anti-Malware 版本 1.65.1.1000
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (Chinese (Traditional)) 2010
Microsoft Office Excel MUI (Chinese (Traditional)) 2010
Microsoft Office Home and Student 2010
Microsoft Office IME (Chinese (Traditional)) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (Chinese (Traditional)) 2010
Microsoft Office Outlook MUI (Chinese (Traditional)) 2010
Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2010
Microsoft Office Proof (Chinese (Traditional)) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proofing (Chinese (Traditional)) 2010
Microsoft Office Publisher MUI (Chinese (Traditional)) 2010
Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2010
Microsoft Office Shared MUI (Chinese (Traditional)) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (Chinese (Traditional)) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 11.0 (x86 zh-TW)
Mozilla Firefox 16.0.1 (x86 zh-TW)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Nuance PDF Reader
NVIDIA Control Panel 268.83
NVIDIA Graphics Driver 268.83
NVIDIA Install Application
NVIDIA Optimus 1.0.23
NVIDIA Update Components
Realtek High Definition Audio Driver
Revo Uninstaller 1.94
Sandboxie 3.74 (64-bit)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2553488) 32-Bit Edition
SonicMaster
swMSM
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598241) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
USB2.0 UVC 2M WebCam
Windows Live
Windows Live ?件包
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Live 程式集
Windows Live 照片?
Windows Live 影像中心
Windows Media Player Firefox Plugin
WinFlash
Wireless Console 3
用于?程?接的 Windows Live Mesh ActiveX 控件(?体中文)
適用遠端連線的 Windows Live Mesh ActiveX 控制項
.
==== End Of File ===========================

BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 40,749 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:46 PM

Posted 03 November 2012 - 09:16 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

AVG does not give up easy.

Run their uninstaller.

Please download the AVG Remover and Save it to your Desktop.
  • Close all programs and double-click avgremover.exe then click Run
  • In Vista/Win7, right-click and choose 'Run as administrator'.
  • Follow the on-screen instructions.
  • Restart your computer if asked.
  • Then delete avgremover.exe from your desktop.
===

To make sure every thing us gone run this tool also and remove any trace of the program.

Revo Uninstaller helps you to remove any unwanted application installed on your computer.

Download Revo Uninstaller and remove any programs you are having difficulties in completing the removal using the Add/Remove Programs list.

http://majorgeeks.com/Revo_Uninstaller_d5706.html
===

Lets continue with the clean-up.

Third party programs if not up to date can be an open door for an infection.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
===

Search of the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

Please download AdwCleaner by Xplode onto your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Search.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Rn].txt (n is a number).

Please post the logs and let me know what problem persists with this computer.

#3 WinBMY

WinBMY
  • Topic Starter

  • Members
  • 176 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 04 November 2012 - 09:23 AM

Hello, nasdaq,

Your name is quite interesting. A well-known stock & future exchange Center.

Well here is the AVG remover scan log:

2012-11-04 14:07:02,308 ERROR Wrong application platform. Use corresponding application version for 32bit or 64bit systems


And here is the Security Check log:
Results of screen317's Security Check version 0.99.54
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
COMODO Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware 版本 1.65.1.1000
JavaFX 2.1.1
Java 7 Update 7
Java version out of Date!
Adobe Flash Player 11.4.402.287
Mozilla Firefox (16.0.1)
Google Chrome 20.0.1132.47
Google Chrome 20.0.1132.57
Google Chrome 22.0.1229.79
Google Chrome 22.0.1229.92
````````Process Check: objlist.exe by Laurent````````
Comodo Firewall cmdagent.exe
COMODO COMODO Internet Security CisTray.exe
COMODO COMODO Internet Security cavwp.exe
COMODO COMODO Internet Security cis.exe
COMODO COMODO Internet Security cmdvirth.exe
COMODO COMODO Internet Security virtkiosk.exe
COMODO COMODO Internet Security cis.exe
AVAST Software Avast AvastSvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

And here is the AdwCleaner scan log:
# AdwCleaner v2.006 - Logfile created 11/04/2012 at 22:12:11
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : ASUS - ASUS-PC
# Boot Mode : Normal
# Running from : C:\Users\ASUS\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Users\ASUS\AppData\Local\Conduit
Folder Found : C:\Users\ASUS\AppData\LocalLow\Conduit
Folder Found : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\f4o2kfyi.default\Smartbar
Folder Found : C:\Users\ASUS\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (zh-TW)

Profile name : default
File : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\f4o2kfyi.default\prefs.js

Found : user_pref("CT2504091.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2504091.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Found : user_pref("CT2504091.FirstTime", "true");
Found : user_pref("CT2504091.FirstTimeFF3", "true");
Found : user_pref("CT2504091.UserID", "UN51549306807440437");
Found : user_pref("CT2504091.addressBarTakeOverEnabledInHidden", "true");
Found : user_pref("CT2504091.autoDisableScopes", -1);
Found : user_pref("CT2504091.cbcountry_001", "TW");
Found : user_pref("CT2504091.cbfirsttime", "Wed Jun 13 2012 13:02:33 GMT+0800");
Found : user_pref("CT2504091.defaultSearch", "false");
Found : user_pref("CT2504091.embeddedsData", "[{\"appId\":\"129079840422026594\",\"apiPermissions\":{\"cross[...]
Found : user_pref("CT2504091.enableAlerts", "false");
Found : user_pref("CT2504091.enableSearchFromAddressBar", "true");
Found : user_pref("CT2504091.firstTimeDialogOpened", "true");
Found : user_pref("CT2504091.fixPageNotFoundError", "true");
Found : user_pref("CT2504091.fixPageNotFoundErrorInHidden", "true");
Found : user_pref("CT2504091.installId", "ConduitNSISIntegration");
Found : user_pref("CT2504091.installType", "ConduitNSISIntegration");
Found : user_pref("CT2504091.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2504091.isNewTabEnabled", true);
Found : user_pref("CT2504091.isPerformedSmartBarTransition", "true");
Found : user_pref("CT2504091.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Found : user_pref("CT2504091.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Found : user_pref("CT2504091.openThankYouPage", "false");
Found : user_pref("CT2504091.openUninstallPage", "false");
Found : user_pref("CT2504091.search.searchAppId", "129079840422026594");
Found : user_pref("CT2504091.search.searchCount", "0");
Found : user_pref("CT2504091.searchInNewTabEnabledInHidden", "true");
Found : user_pref("CT2504091.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Found : user_pref("CT2504091.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Found : user_pref("CT2504091.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Found : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Found : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Found : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Found : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Found : user_pref("CT2504091.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1339563750900");
Found : user_pref("CT2504091.serviceLayer_services_appTracking_lastUpdate", "1339563751437");
Found : user_pref("CT2504091.serviceLayer_services_appsMetadata_lastUpdate", "1339563750796");
Found : user_pref("CT2504091.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1339563751104");
Found : user_pref("CT2504091.serviceLayer_services_login_10.10.2.10_lastUpdate", "1339563752892");
Found : user_pref("CT2504091.serviceLayer_services_optimizer_lastUpdate", "1339563751030");
Found : user_pref("CT2504091.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1339563751158");
Found : user_pref("CT2504091.serviceLayer_services_searchAPI_lastUpdate", "1339563747154");
Found : user_pref("CT2504091.serviceLayer_services_serviceMap_lastUpdate", "1339563746008");
Found : user_pref("CT2504091.serviceLayer_services_toolbarContextMenu_lastUpdate", "1339563750965");
Found : user_pref("CT2504091.serviceLayer_services_toolbarSettings_lastUpdate", "1339563748505");
Found : user_pref("CT2504091.serviceLayer_services_translation_lastUpdate", "1339563751363");
Found : user_pref("CT2504091.settingsINI", true);
Found : user_pref("CT2504091.shouldFirstTimeDialog", "false");
Found : user_pref("CT2504091.smartbar.CTID", "CT2504091");
Found : user_pref("CT2504091.smartbar.Uninstall", "0");
Found : user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote ");
Found : user_pref("CT2504091.startPage", "false");
Found : user_pref("CT2504091.toolbarBornServerTime", "13-6-2012");
Found : user_pref("CT2504091.toolbarCurrentServerTime", "13-6-2012");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [5894 octets] - [04/11/2012 22:12:11]

########## EOF - C:\AdwCleaner[R1].txt - [5954 octets] ##########

#4 nasdaq

nasdaq

  • Malware Response Team
  • 40,749 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:46 PM

Posted 04 November 2012 - 10:38 AM

The AVG removal tools will now be found here.

http://www.avg.com/us-en/utilities

Select the proper tool for your operating system and version of AVG.

I have changed my canned speech accordingly. Thanks.
===

Secure your system by updating 3rd party programs.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.

Check your present version and update as recommended.
https://www.java.com/en/download/installed.jsp

If present remove the old version(s) of Java using the Add/Remove Programs applet.


Java 7 Update 7


===

Remove the AdWare, PUP (Potentially Unwanted Program) installed on your computer.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Everything that was found will be deleted.
  • Follow the prompts to reboot the computer. A text file will open after the restart.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number)..

Please post the logs and let me know of any issue with this computer.

#5 WinBMY

WinBMY
  • Topic Starter

  • Members
  • 176 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 05 November 2012 - 02:28 AM

Hello, Nasdaq,

The issue still there:
1. Avast still has some uninstallation left-over.
2. Abnormal System Setting - Disable Security Center.

Update Java to the new version.

The AVG Remover Log and AdwCleaner log file are too big to upload.
What should I do next?


#6 nasdaq

nasdaq

  • Malware Response Team
  • 40,749 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:46 PM

Posted 05 November 2012 - 09:14 AM

You should be able to remove all remnant items of Java with this tool.

Revo Uninstaller helps you to remove any unwanted application installed on your computer.

Download Revo Uninstaller and remove any programs you are having difficulties in completing the removal using the Add/Remove Programs list.

http://majorgeeks.com/Revo_Uninstaller_d5706.html

p.s.
I do not need to see the AVG or Reno logs.

Post the AdwCleaner log if too long attach it to your next replay.

Let me know what problem persists.

#7 WinBMY

WinBMY
  • Topic Starter

  • Members
  • 176 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 05 November 2012 - 11:55 PM

Hi, Nasdaq.

# AdwCleaner v2.006 - Logfile created 11/05/2012 at 15:02:43
# Updated 30/10/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : ASUS - ASUS-PC
# Boot Mode : Normal
# Running from : C:\Users\ASUS\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Users\ASUS\AppData\Local\Conduit
Folder Deleted : C:\Users\ASUS\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\f4o2kfyi.default\Smartbar
Folder Deleted : C:\Users\ASUS\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v16.0.1 (zh-TW)

Profile name : default
File : C:\Users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\f4o2kfyi.default\prefs.js

Deleted : user_pref("CT2504091.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2504091.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT2504091.FirstTime", "true");
Deleted : user_pref("CT2504091.FirstTimeFF3", "true");
Deleted : user_pref("CT2504091.UserID", "UN51549306807440437");
Deleted : user_pref("CT2504091.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT2504091.autoDisableScopes", -1);
Deleted : user_pref("CT2504091.cbcountry_001", "TW");
Deleted : user_pref("CT2504091.cbfirsttime", "Wed Jun 13 2012 13:02:33 GMT+0800");
Deleted : user_pref("CT2504091.defaultSearch", "false");
Deleted : user_pref("CT2504091.embeddedsData", "[{\"appId\":\"129079840422026594\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT2504091.enableAlerts", "false");
Deleted : user_pref("CT2504091.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT2504091.firstTimeDialogOpened", "true");
Deleted : user_pref("CT2504091.fixPageNotFoundError", "true");
Deleted : user_pref("CT2504091.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT2504091.installId", "ConduitNSISIntegration");
Deleted : user_pref("CT2504091.installType", "ConduitNSISIntegration");
Deleted : user_pref("CT2504091.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2504091.isNewTabEnabled", true);
Deleted : user_pref("CT2504091.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT2504091.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT2504091.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Deleted : user_pref("CT2504091.openThankYouPage", "false");
Deleted : user_pref("CT2504091.openUninstallPage", "false");
Deleted : user_pref("CT2504091.search.searchAppId", "129079840422026594");
Deleted : user_pref("CT2504091.search.searchCount", "0");
Deleted : user_pref("CT2504091.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT2504091.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT2504091.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT2504091.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT2504091.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT2504091.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1339563750900");
Deleted : user_pref("CT2504091.serviceLayer_services_appTracking_lastUpdate", "1339563751437");
Deleted : user_pref("CT2504091.serviceLayer_services_appsMetadata_lastUpdate", "1339563750796");
Deleted : user_pref("CT2504091.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1339563751104");
Deleted : user_pref("CT2504091.serviceLayer_services_login_10.10.2.10_lastUpdate", "1339563752892");
Deleted : user_pref("CT2504091.serviceLayer_services_optimizer_lastUpdate", "1339563751030");
Deleted : user_pref("CT2504091.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1339563751158");
Deleted : user_pref("CT2504091.serviceLayer_services_searchAPI_lastUpdate", "1339563747154");
Deleted : user_pref("CT2504091.serviceLayer_services_serviceMap_lastUpdate", "1339563746008");
Deleted : user_pref("CT2504091.serviceLayer_services_toolbarContextMenu_lastUpdate", "1339563750965");
Deleted : user_pref("CT2504091.serviceLayer_services_toolbarSettings_lastUpdate", "1339563748505");
Deleted : user_pref("CT2504091.serviceLayer_services_translation_lastUpdate", "1339563751363");
Deleted : user_pref("CT2504091.settingsINI", true);
Deleted : user_pref("CT2504091.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT2504091.smartbar.CTID", "CT2504091");
Deleted : user_pref("CT2504091.smartbar.Uninstall", "0");
Deleted : user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote ");
Deleted : user_pref("CT2504091.startPage", "false");
Deleted : user_pref("CT2504091.toolbarBornServerTime", "13-6-2012");
Deleted : user_pref("CT2504091.toolbarCurrentServerTime", "13-6-2012");

-\\ Google Chrome v [Unable to get version]

File : C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6023 octets] - [04/11/2012 22:12:11]
AdwCleaner[R2].txt - [6083 octets] - [05/11/2012 15:01:54]
AdwCleaner[S1].txt - [6086 octets] - [05/11/2012 15:02:43]

#8 WinBMY

WinBMY
  • Topic Starter

  • Members
  • 176 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 05 November 2012 - 11:56 PM

Above reply is AdwCleaner's deletion log.

#9 nasdaq

nasdaq

  • Malware Response Team
  • 40,749 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:46 PM

Posted 06 November 2012 - 08:52 AM

Any remaining issues?

#10 WinBMY

WinBMY
  • Topic Starter

  • Members
  • 176 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 06 November 2012 - 10:00 PM

Hello, Nasdaq,

Same issues.

The Revo-uninstallation program could not find Avast left-over programs. But it active some left-over program while using PC.

The abnormal system setting - disable security center come back after cure.

I notice one program call MSCTF.dll was called several times before close the PC.

I summary DDS report the left-over Avast running processes and Service/Driver as following:

============== Running Processes ===============
C:\Program Files\AVAST Software\Avast\AvastSvc.exe

============== Pseudo HJT Report ===============
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

============= SERVICES / DRIVERS ===============
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-9-18 969200]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-9-18 359464]R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-9-18 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-9-18 71600]R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-9-18 44808]

#11 nasdaq

nasdaq

  • Malware Response Team
  • 40,749 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:46 PM

Posted 07 November 2012 - 09:54 AM

It will be easy to remove these Avast entries with this tool.

Please download ComboFix from any of the links below, and save it to your desktop. For information regarding this download, please visit this web page: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

IMPORTANT....

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Do not install any other programs until this if fixed.


How to : Disable Anti-virus and Firewall...
http://www.bleepingcomputer.com/forums/topic114351.html

Double click on ComboFix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt
Note:
Do not mouse click ComboFix's window while it's running. That may cause it to stall


Note: If you have difficulty properly disabling your protective programs, refer to this link --> http://www.bleepingcomputer.com/forums/topic114351.html

Post the log and wait for further instructions.

=========

I notice one program call MSCTF.dll was called several times before close the PC.


The module msctf.dll file extends the functionalities drawn by the Microsoft Text Services. Among its basic functions is the implementation of advanced text input and text processing. The functionality offered by the msctf.dll file allows for bidirectional communication between application and text services. As part of the Microsoft Windows Text Services framework, the msctf.dll file proves essential in running a simple and scalable framework for text input and natural language technologies. This module provides multilingual support and can deliver various text services.

Hope that helps.

#12 WinBMY

WinBMY
  • Topic Starter

  • Members
  • 176 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 07 November 2012 - 09:14 PM

Hi, Nasdaq,

Thanks for providing informative message.
And here is the combofix log.
ComboFix 12-11-06.03 - ASUS 2/11/08 週四 10:00:45.22.4 - x64
Microsoft Windows 7 家用進階版 6.1.7601.1.950.886.1028.18.8103.5994 [GMT 8:00]
執行位置: c:\users\ASUS\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: COMODO Antivirus *Enabled/Updated* {458BB331-2324-0753-3D5F-1472EB102AC0}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: COMODO Antivirus *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( 2012-10-08 至 2012-11-08 的新的檔案 )))))))))))))))))))))))))))))))
.
.
2012-11-08 02:05 . 2012-11-08 02:05 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-08 02:05 . 2012-11-08 02:05 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-07 11:41 . 2012-11-07 11:41 -------- d-----w- c:\windows\SysWow64\肄蠉肄xt岤videace
2012-11-07 11:39 . 2012-11-07 11:39 -------- d-----w- c:\windows\SysWow64\xw蠉xwxtvideace
2012-11-07 09:33 . 2012-11-07 09:33 -------- d-----w- c:\programdata\CPA_VA
2012-11-07 09:31 . 2012-11-07 09:31 -------- d-----w- c:\windows\SysWow64\l蒪w砫滴`r俞videace
2012-11-07 09:30 . 2012-11-07 09:30 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-11-07 09:30 . 2012-11-07 09:30 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2012-11-07 08:13 . 2012-11-07 08:13 -------- d-----w- C:\temp
2012-11-07 07:14 . 2012-11-07 07:14 -------- d-----w- C:\videace
2012-11-07 06:58 . 2012-10-06 03:17 -------- d-----w- c:\programdata\DataCardService
2012-11-07 06:58 . 2009-07-14 06:21 1721576 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01009.dll
2012-11-07 05:49 . 2012-11-07 05:49 -------- d-----w- c:\windows\SysWow64\Xw蠉Xwxt淚videace
2012-11-07 05:46 . 2012-11-07 05:46 -------- d-----w- c:\windows\SysWow64\.w蠉.wxt吭videace
2012-11-06 21:37 . 2012-11-06 21:01 -------- d-----w- C:\eSupport
2012-11-06 21:13 . 2012-11-06 21:13 80512 ----a-w- c:\windows\ASUS_N3_Series Uninstaller.exe
2012-11-06 21:13 . 2010-06-22 14:26 64702955 ------w- c:\windows\system32\ASUS_N3_Series.scr
2012-11-06 21:13 . 2012-11-06 21:13 3058304 ----a-w- c:\windows\AsScrPro.exe
2012-11-06 21:11 . 2012-11-06 21:11 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-11-06 21:11 . 2012-11-06 21:11 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-11-06 21:11 . 2012-11-06 21:11 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-11-06 21:07 . 2012-11-06 21:15 -------- d-----w- c:\program files (x86)\CyberLink
2012-11-06 21:07 . 2012-11-06 21:15 -------- d-----w- c:\programdata\CyberLink
2012-11-06 21:06 . 2012-10-29 22:48 -------- d-----w- C:\ExpressGateUtil
2012-11-06 21:03 . 2011-05-30 21:48 155648 ----a-w- c:\windows\SysWow64\ACEngSvr.exe
2012-11-06 21:01 . 2012-11-06 21:01 -------- d-----w- c:\program files\ASUS
2012-11-06 21:01 . 2011-03-04 00:57 379520 ----a-w- c:\windows\system32\FBAgent.exe
2012-11-06 20:59 . 2012-11-06 21:01 -------- d-----w- c:\program files\P4G
2012-11-06 20:59 . 2012-11-06 20:59 -------- d-----w- c:\programdata\P4G
2012-11-06 20:59 . 2012-11-06 20:59 -------- d-----w- c:\program files\Intel
2012-11-06 20:56 . 2012-11-06 20:56 -------- d-----w- c:\program files (x86)\Common Files\Atheros
2012-11-06 20:56 . 2012-11-06 20:56 -------- d-----w- c:\program files (x86)\Bluetooth Suite
2012-11-06 20:55 . 2012-11-06 20:55 -------- d-----w- c:\program files (x86)\Atheros
2012-11-06 20:55 . 2010-07-08 10:03 2228736 ----a-w- c:\windows\system32\drivers\athrx.sys
2012-11-06 20:55 . 2010-07-08 10:03 2228736 ----a-w- c:\windows\system32\athrx.sys
2012-11-06 20:55 . 2012-11-06 06:35 -------- d-----w- c:\programdata\Atheros
2012-11-06 20:53 . 2012-11-06 20:53 -------- d-----w- c:\program files\Elantech
2012-11-06 20:53 . 2012-11-06 06:53 -------- d-----w- c:\program files\Fresco Logic Inc
2012-11-06 20:53 . 2012-11-06 20:53 -------- d-----w- c:\programdata\AmUStor
2012-11-06 20:53 . 2012-11-06 20:53 -------- d-----w- c:\program files (x86)\AmIcoSingLun
2012-11-06 20:52 . 2012-11-06 20:52 -------- d-----w- c:\programdata\Intel
2012-11-06 20:52 . 2012-11-06 20:55 -------- d-----w- c:\windows\SysWow64\NV
2012-11-06 20:52 . 2012-11-06 20:55 -------- d-----w- c:\windows\system32\NV
2012-11-06 20:51 . 2012-11-06 20:51 -------- d-----w- c:\programdata\SonicFocus
2012-11-06 20:51 . 2012-11-06 20:51 -------- d-----w- c:\program files\Realtek
2012-11-06 20:51 . 2012-11-06 20:51 -------- d-----w- c:\windows\SysWow64\RTCOM
2012-11-06 20:49 . 2011-06-04 23:22 2207336 ----a-w- c:\windows\system32\nvapi64.dll
2012-11-06 20:46 . 2010-10-04 05:02 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2012-11-06 20:46 . 2012-11-06 20:49 -------- d-----w- C:\Intel
2012-11-06 20:44 . 2011-01-28 19:03 180736 ----a-w- c:\windows\system32\ifsutil.dll
2012-11-06 20:44 . 2011-01-28 05:46 148992 ----a-w- c:\windows\SysWow64\ifsutil.dll
2012-11-06 12:48 . 2012-11-06 12:48 -------- d-----w- c:\windows\SysWow64\肓蠉肓xt璞videace
2012-11-06 12:45 . 2012-11-06 12:45 -------- d-----w- c:\windows\SysWow64\Sw蠉Swxt琵videace
2012-11-06 10:43 . 2012-11-06 10:43 -------- d-----w- c:\windows\SysWow64\蠉xt莍videace
2012-11-06 07:24 . 2012-11-06 07:24 -------- d-----w- c:\windows\SysWow64\l綖w砫rw€tvideace
2012-11-06 07:02 . 2012-11-06 07:02 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2012-11-06 07:02 . 2012-11-06 07:02 -------- d-----w- c:\program files\Fresco Logic
2012-11-06 06:56 . 2012-11-06 06:56 -------- d-----w- c:\programdata\ASUS
2012-11-06 06:55 . 2012-10-11 02:15 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-06 06:55 . 2012-11-06 06:55 -------- d-----w- c:\programdata\PassMark
2012-11-06 06:33 . 2012-11-07 11:42 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-11-06 06:33 . 2012-11-07 11:42 -------- d-----w- C:\ASUS.DAT
2012-11-06 06:33 . 2012-11-06 06:33 -------- d-----w- c:\programdata\FolderView
2012-11-06 06:33 . 2012-10-29 06:50 -------- d-----w- c:\users\ASUS
2012-11-06 04:46 . 2009-12-30 03:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2012-11-06 00:37 . 2012-11-06 00:37 -------- d-----w- c:\windows\SysWow64\蠉xt蓋videace
2012-11-06 00:27 . 2012-11-06 00:27 -------- d-----w- c:\windows\SysWow64\Xw蠉Xwxt琵videace
2012-11-05 07:04 . 2012-11-05 07:04 -------- d-----w- c:\windows\SysWow64\宨蠉宨xt璞videace
2012-11-05 07:00 . 2012-11-05 07:00 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-05 07:00 . 2012-11-05 07:00 289768 ----a-w- c:\windows\system32\javaws.exe
2012-11-05 07:00 . 2012-11-05 07:00 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-05 07:00 . 2012-11-05 07:00 189416 ----a-w- c:\windows\system32\javaw.exe
2012-11-05 07:00 . 2012-11-05 07:00 188904 ----a-w- c:\windows\system32\java.exe
2012-11-05 07:00 . 2012-11-05 07:00 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-11-05 07:00 . 2012-11-05 07:00 -------- d-----w- c:\program files\Java
2012-11-05 06:38 . 2012-11-05 06:38 -------- d-----w- c:\windows\SysWow64\蠉xt黠videace
2012-11-05 06:35 . 2012-11-05 06:35 -------- d-----w- c:\windows\SysWow64\nw蠉nwxt綅videace
2012-11-05 00:21 . 2012-11-05 00:21 -------- d-----w- c:\windows\SysWow64\+w蠉+wxt娖videace
2012-11-03 07:28 . 2012-11-03 07:28 -------- d-----w- c:\windows\SysWow64\qw蠉qwxt跚videace
2012-11-03 01:43 . 2012-11-03 01:43 -------- d-----w- c:\windows\SysWow64\蠉xt墦videace
2012-11-03 01:38 . 2012-11-03 01:38 -------- d-----w- c:\windows\SysWow64\繗蠉繗xt墦videace
2012-11-03 01:35 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\iswtwq.sys
2012-11-03 01:33 . 2012-11-03 01:33 -------- d-----w- c:\windows\SysWow64\憨蠉憨xt縷videace
2012-11-03 01:29 . 2012-11-03 01:29 -------- d-----w- c:\windows\SysWow64\Ow蠉Owxt髏videace
2012-11-03 01:28 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\zedltn.sys
2012-11-03 01:25 . 2012-11-03 01:25 -------- d-----w- c:\windows\SysWow64\zw蠉zwxt暝videace
2012-11-01 11:01 . 2012-11-01 11:01 -------- d-----w- c:\windows\SysWow64\烅蠉烅xt歿videace
2012-10-31 13:05 . 2012-10-31 13:05 -------- d-----w- c:\windows\SysWow64\漙蠉漙xt髏videace
2012-10-31 12:58 . 2012-10-31 12:58 -------- d-----w- c:\windows\SysWow64\#w蠉#wxt苒videace
2012-10-31 11:22 . 2012-10-31 11:22 -------- d-----w- c:\program files\COMODO
2012-10-31 11:17 . 2012-10-31 11:17 -------- d-----w- c:\windows\SysWow64\莇蠉莇xt淚videace
2012-10-31 11:10 . 2012-10-31 11:10 -------- d-----w- c:\windows\SysWow64\蠉xt柦videace
2012-10-31 10:54 . 2012-10-31 10:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-31 10:54 . 2012-09-29 11:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-31 10:09 . 2012-10-31 10:09 -------- d-----w- c:\windows\SysWow64\uw蠉uwxt琵videace
2012-10-31 08:41 . 2012-10-31 08:41 -------- d-----w- c:\windows\SysWow64\-w蠉-wxt璞videace
2012-10-31 08:40 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\ovanvq.sys
2012-10-31 08:35 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\zlnimc.sys
2012-10-31 08:33 . 2012-10-31 08:33 -------- d-----w- c:\windows\SysWow64\蠉xtvideace
2012-10-31 08:26 . 2012-10-31 08:26 -------- d-----w- c:\windows\SysWow64\蠉xt縷videace
2012-10-31 08:25 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\icquni.sys
2012-10-31 08:23 . 2012-10-31 08:23 -------- d-----w- c:\windows\SysWow64\(w蠉(wxtvideace
2012-10-31 08:20 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\dlhynz.sys
2012-10-31 08:14 . 2012-10-31 08:14 -------- d-----w- c:\windows\SysWow64\蠉xt佢videace
2012-10-31 02:14 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\mtqjxm.sys
2012-10-30 11:06 . 2012-10-30 11:06 -------- d-----w- c:\windows\SysWow64\Jw蠉Jwxt綅videace
2012-10-30 07:45 . 2012-10-30 07:45 -------- d-----w- c:\windows\SysWow64\zw蠉zwxt滜videace
2012-10-30 07:06 . 2012-10-30 07:06 -------- d-----w- c:\windows\SysWow64\蠉xt閱videace
2012-10-30 05:20 . 2012-10-30 05:20 -------- d-----w- c:\windows\SysWow64\洄蠉洄xt螰videace
2012-10-29 11:35 . 2012-10-29 11:35 -------- d-----w- c:\windows\SysWow64\'w蠉'wxt閱videace
2012-10-29 11:18 . 2012-10-29 11:18 -------- d-----w- c:\windows\SysWow64\漙蠉漙xt黠videace
2012-10-29 11:08 . 2012-10-29 11:08 -------- d-----w- c:\windows\SysWow64\眨蠉眨xt螰videace
2012-10-29 07:32 . 2012-10-29 07:32 -------- d-----w- c:\windows\SysWow64\蓹蠉蓹xt苒videace
2012-10-29 06:50 . 2012-10-29 06:50 -------- d-----w- c:\windows\SysWow64\肓蠉肓xt汻videace
2012-10-29 05:44 . 2012-11-06 04:42 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-10-29 05:33 . 2012-10-29 05:33 -------- d-----w- c:\windows\SysWow64\;w蠉;wxt偅videace
2012-10-28 12:00 . 2012-10-28 12:00 -------- d-----w- c:\windows\SysWow64\]w蠉]wxt么videace
2012-10-27 11:15 . 2012-10-27 11:15 -------- d-----w- c:\windows\SysWow64\逕蠉逕xtvideace
2012-10-26 23:58 . 2012-10-26 23:58 -------- d-----w- c:\program files\CCleaner
2012-10-26 23:53 . 2012-10-26 23:53 -------- d-----w- c:\windows\SysWow64\jw蠉jwxt跚videace
2012-10-25 10:55 . 2012-10-25 10:55 -------- d-----w- c:\windows\SysWow64\儡蠉儡xt歿videace
2012-10-22 11:20 . 2012-10-22 11:20 -------- d-----w- c:\windows\SysWow64\ㄈ蠉ㄈxtvideace
2012-10-22 11:16 . 2012-10-22 11:16 -------- d-----w- c:\windows\SysWow64\ww蠉wwxt愧videace
2012-10-21 13:11 . 2012-10-21 13:11 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-10-21 12:58 . 2012-10-21 12:58 -------- d-----w- c:\windows\SysWow64\Kw蠉Kwxt狖videace
.
.
(((((((((((((((((((((((((((((((((((((((( 在三個月內被修改的檔案 ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-11 02:15 . 2012-07-15 12:44 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-11 01:32 . 2012-04-07 10:48 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-10 11:26 . 2012-10-01 08:07 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-10 11:26 . 2012-10-01 08:07 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-09-04 12:22 . 2012-09-04 12:22 39424 ----a-w- c:\windows\system32\cmdkbd64.dll
2012-09-04 12:07 . 2012-09-04 12:07 34304 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2012-08-30 01:17 . 2011-03-29 01:36 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-08-24 11:15 . 2012-09-25 04:44 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-25 04:44 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-25 04:44 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-25 04:44 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-25 04:44 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-25 04:44 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-25 04:44 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-25 04:44 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-25 04:44 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-25 04:44 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-25 04:44 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-25 04:44 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-25 04:44 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-25 04:44 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-25 04:44 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-25 04:44 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-25 04:44 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-25 04:44 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-25 04:44 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-25 04:44 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-25 04:44 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-25 04:44 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 11:17 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 11:17 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:17 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:17 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-27 03:23 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 09:13 . 2012-09-18 13:04 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-09-18 13:04 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-09-18 12:47 71600 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2012-09-18 13:04 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2012-09-18 12:47 41224 ------w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-09-18 12:47 227648 ------w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2012-08-31 03:39 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-20 17:38 . 2012-10-10 06:03 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( 重要登入點 ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白與合法缺省登錄將不會被顯示
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-08-25 765200]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-10-18 3331312]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-24 1601536]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-04-08 45448]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504]
"FLxHCIm64"="c:\program files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe" [2012-01-15 48128]
"IME14 CHT Setup"="c:\progra~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE" [2012-03-13 81200]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2012-11-7 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
R0 mjvhhu;mjvhhu; [x]
R0 uezndl;uezndl; [x]
R0 vhjrap;vhjrap; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [x]
R2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-26 91464]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-05-03 44032]
R3 cnhvgf;cnhvgf;c:\program files\COMODO\COMODO Internet Security\ccekrnl.dat [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 WatAdminSvc;Windows 啟用技術服務;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-08 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-06-04 25960]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2012-10-09 22736]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-10-09 688104]
S1 cmdhlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-10-09 38656]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-04 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-08-21 71600]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
S2 ImeDictUpdateService;Microsoft IME Dictionary Update;c:\program files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [2010-10-20 83312]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-17 13832]
S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
S3 cmdvirth;COMODO Virtual Service Manager;d:\virus protection course\COMODO\COMODO Internet Security\cmdvirth.exe [2012-10-09 145616]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2011-04-12 142632]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2012-01-10 219648]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2012-01-10 65024]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - FXMECV
*Deregistered* - fxmecv
.
計劃任務 文件夾 裡的內容
.
2012-11-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 11:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-10 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-10 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-10 418328]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-10-13 2168424]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824]
"IME14 CHT Setup"="c:\progra~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE" [2012-03-13 110896]
"COMODO Internet Security"="d:\virus protection course\COMODO\COMODO Internet Security\cistray.exe" [2012-10-09 527568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\guard64.dll c:\windows\System32\guard64.dll
.
------- 而外的掃描 -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: 傳送至 OneNote(&N) - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: 匯出至 Microsoft Excel(&X) - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.43.1
FF - ProfilePath - c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\f4o2kfyi.default\
FF - prefs.js: browser.startup.homepage - www.google.com.tw
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-02 11:06; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\f4o2kfyi.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cnhvgf]
"ImagePath"="\??\c:\program files\COMODO\COMODO Internet Security\ccekrnl.dat"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\讄L?*C*C*l*e*a*n*e*r*\command]
@="c:\\Program Files\\CCleaner\\ccleaner.exe /AUTO"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\?_U *C*C*l*e*a*n*e*r*.*.*.*\command]
@="c:\\Program Files\\CCleaner\\ccleaner.exe"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Print\Printers\袈?*O*n*e*N*o*t*e* *2*0*1*0*\DsDriver]
"printBinNames"=multi:"\00\00"
"printCollate"=hex:00
"printColor"=hex:01
"printDuplexSupported"=hex:00
"printStaplingSupported"=hex:00
"printMaxXExtent"=dword:00000b9a
"printMaxYExtent"=dword:000010de
"printMinXExtent"=dword:000003d8
"printMinYExtent"=dword:00000771
"printMediaSupported"=multi:"Letter\00Tabloid\00Legal\00Executive\00A3\00A4\00B4 (JIS)\00B5 (JIS)\00Envelope #10\00Envelope Monarch\00\00"
"printMediaReady"=multi:"A4\00\00"
"printNumberUp"=dword:00000000
"printMemory"=dword:00008000
"printOrientationsSupported"=multi:"PORTRAIT\00LANDSCAPE\00\00"
"printMaxResolutionSupported"=dword:000004b0
"printLanguage"=multi:"\00\00"
"printRateUnit"=""
"driverVersion"=dword:00000401
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Print\Printers\袈?*O*n*e*N*o*t*e* *2*0*1*0*\DsSpooler]
"driverName"="Send To Microsoft OneNote 2010 Driver"
"portName"=multi:"nul:\00\00"
"printStartTime"=dword:00000000
"printEndTime"=dword:00000000
"printerName"="傳送至 OneNote 2010"
"printKeepPrintedJobs"=hex:00
"printSpooling"="PrintAfterSpooled"
"priority"=dword:00000001
"uNCName"="\\\\ASUS-PC\\傳送至 OneNote 2010"
"serverName"="ASUS-PC"
"shortServerName"="ASUS-PC"
"versionNumber"=dword:00000004
"flags"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Print\Printers\袈?*O*n*e*N*o*t*e* *2*0*1*0*\PrinterDriverData]
"InitDriverVersion"=dword:00000600
"Model"="Send To OneNote Driver"
"FreeMem"=hex:00,80,00,00
"PrinterDataSize"=dword:00000230
"PrinterData"=hex:00,06,30,02,81,08,00,00,00,f8,ba,01,00,00,00,00,00,00,00,00,
64,00,58,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,c2,ac,90,51,01,\
"FeatureKeywordSize"=dword:00000012
"FeatureKeyword"=hex:4d,65,6d,6f,72,79,00,33,32,37,36,38,4b,42,00,0a,00,00
"Forms?"=dword:5190acc2
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Print\Forms\E* *:\鱍]
"FormKeyword"=hex:45,5f,53,48,45,45,54,3a,48,50,00
"ResourceNameID"="@hpzstwn7.dll,3398"
.
完成時間: 2012-11-08 10:07:01
ComboFix-quarantined-files.txt 2012-11-08 02:07
ComboFix2.txt 2012-10-31 11:50
ComboFix3.txt 2012-10-29 07:29
ComboFix4.txt 2012-10-02 10:55
ComboFix5.txt 2012-11-08 01:43
.
Pre-Run: 156,117,975,040 位元組可用
Post-Run: 155,961,454,592 位元組可用
.
- - End Of File - - 0C3B9F6EE30E925ECA9C4EC94DBEC5BF

#13 nasdaq

nasdaq

  • Malware Response Team
  • 40,749 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:46 PM

Posted 08 November 2012 - 08:40 AM

Open notepad and copy/paste the text in the quote box below into it:

File::
c:\windows\system32\drivers\aswMonFlt.sys 

Folder::
C:\Program Files\AVAST Software

Driver::
mjvhhu
uezndl
vhjrap
aswSnx
aswSP
aswFsBlk
aswMonFlt
avast! Antivirus;avast! Antivirus

Registry::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"=-

ClearJavaCache::

SecCenter::
{2B2D1395-420B-D5C9-657E-930FE358FC3C}
{904CF271-6431-DA47-5FCE-A87D98DFB681}



Save this as CFScript.txt on your desktop.

Posted Image

Referring to the picture above, drag CFScript into ComboFix.exe
Then post the resultant log.

Please let me know of any issues with this computer.

#14 WinBMY

WinBMY
  • Topic Starter

  • Members
  • 176 posts
  • OFFLINE
  •  
  • Local time:08:46 PM

Posted 08 November 2012 - 08:05 PM

Hi, Nasdaq,

Well, Avast was clean this time. Thanks.
But Abnormal System Setting is still there.
Here is the combofix log.
ComboFix 12-11-06.03 - ASUS 2/11/09 週五 8:43.23.4 - x64 MINIMAL
Microsoft Windows 7 家用進階版 6.1.7601.1.950.886.1028.18.8103.6966 [GMT 8:00]
執行位置: c:\users\ASUS\Desktop\ComboFix.exe
Command switches used :: c:\users\ASUS\Desktop\CFSCRIPT.txt
AV: COMODO Antivirus *Enabled/Outdated* {458BB331-2324-0753-3D5F-1472EB102AC0}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
SP: COMODO Antivirus *Enabled/Updated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* 成功創造新還原點
.
FILE ::
"c:\windows\system32\drivers\aswMonFlt.sys"
.
.
((((((((((((((((((((((((((((((((((((((( 被刪除的檔案 )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\AVAST Software
c:\program files\AVAST Software\Avast\1028\aswClnTg.htm
c:\program files\AVAST Software\Avast\1028\aswClnTg.txt
c:\program files\AVAST Software\Avast\1028\aswInfTg.htm
c:\program files\AVAST Software\Avast\1028\aswInfTg.txt
c:\program files\AVAST Software\Avast\1028\Avast5_1028.chm
c:\program files\AVAST Software\Avast\1028\Base.dll
c:\program files\AVAST Software\Avast\1028\Boot.dll
c:\program files\AVAST Software\Avast\1028\uiLangRes.dll
c:\program files\AVAST Software\Avast\Aavm4h.dll
c:\program files\AVAST Software\Avast\AavmRpch.dll
c:\program files\AVAST Software\Avast\AavmRpch64.dll
c:\program files\AVAST Software\Avast\AhAScr.dll
c:\program files\AVAST Software\Avast\AhResJs.dll
c:\program files\AVAST Software\Avast\ashBase.dll
c:\program files\AVAST Software\Avast\ashQuick.exe
c:\program files\AVAST Software\Avast\ashServ.dll
c:\program files\AVAST Software\Avast\ashShA64.dll
c:\program files\AVAST Software\Avast\ashShell.dll
c:\program files\AVAST Software\Avast\ashTask.dll
c:\program files\AVAST Software\Avast\ashTaskEx.dll
c:\program files\AVAST Software\Avast\ashUpd.exe
c:\program files\AVAST Software\Avast\aswAra.dll
c:\program files\AVAST Software\Avast\aswAraSr.exe
c:\program files\AVAST Software\Avast\aswAux.dll
c:\program files\AVAST Software\Avast\aswChLic.exe
c:\program files\AVAST Software\Avast\aswCmnBS.dll
c:\program files\AVAST Software\Avast\aswCmnIS.dll
c:\program files\AVAST Software\Avast\aswCmnOS.dll
c:\program files\AVAST Software\Avast\aswData.dll
c:\program files\AVAST Software\Avast\aswDld.dll
c:\program files\AVAST Software\Avast\aswEngLdr.dll
c:\program files\AVAST Software\Avast\aswIdle.dll
c:\program files\AVAST Software\Avast\aswJsFlt.dll
c:\program files\AVAST Software\Avast\aswJsFlt.dll.sum
c:\program files\AVAST Software\Avast\aswJsFlt64.dll
c:\program files\AVAST Software\Avast\aswLog.dll
c:\program files\AVAST Software\Avast\aswMonDS.sys
c:\program files\AVAST Software\Avast\aswMonVD.dll
c:\program files\AVAST Software\Avast\aswProperty.dll
c:\program files\AVAST Software\Avast\aswRegSvr.exe
c:\program files\AVAST Software\Avast\aswRegSvr64.exe
c:\program files\AVAST Software\Avast\aswRunDll.exe
c:\program files\AVAST Software\Avast\aswSidebar.gadget
c:\program files\AVAST Software\Avast\aswSqLt.dll
c:\program files\AVAST Software\Avast\aswStrm.dll
c:\program files\AVAST Software\Avast\aswUtil.dll
c:\program files\AVAST Software\Avast\aswW8ntf.dll
c:\program files\AVAST Software\Avast\aswWebRepIE.dll
c:\program files\AVAST Software\Avast\aswWebRepIE64.dll
c:\program files\AVAST Software\Avast\AvastEmUpdate.exe
c:\program files\AVAST Software\Avast\AvastGUIProxy.dll
c:\program files\AVAST Software\Avast\AvastGUIProxy64.dll
c:\program files\AVAST Software\Avast\avastSS.dll
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\AVAST Software\Avast\AvastUI.exe
c:\program files\AVAST Software\Avast\AvSSHook.dll
c:\program files\AVAST Software\Avast\CommonRes.dll
c:\program files\AVAST Software\Avast\DATA\aswResp.dat
c:\program files\AVAST Software\Avast\DATA\Avast5.ini
c:\program files\AVAST Software\Avast\DATA\chest\index.xml
c:\program files\AVAST Software\Avast\DATA\journal\journal02D1BC51
c:\program files\AVAST Software\Avast\DATA\journal\journal181FF62B
c:\program files\AVAST Software\Avast\DATA\journal\journal28673AE4
c:\program files\AVAST Software\Avast\DATA\journal\journal3658F827
c:\program files\AVAST Software\Avast\DATA\journal\journal5926FD08
c:\program files\AVAST Software\Avast\DATA\journal\journal72EA4E51
c:\program files\AVAST Software\Avast\DATA\journal\journal7970B7DB
c:\program files\AVAST Software\Avast\DATA\journal\journal7ABFA2E9
c:\program files\AVAST Software\Avast\DATA\Log.db
c:\program files\AVAST Software\Avast\DATA\log\Chest.log
c:\program files\AVAST Software\Avast\DATA\log\Logging.log
c:\program files\AVAST Software\Avast\DATA\log\Resident.log
c:\program files\AVAST Software\Avast\DATA\log\selfdef.log
c:\program files\AVAST Software\Avast\DATA\URL.db
c:\program files\AVAST Software\Avast\defs\12102100\acshort.map
c:\program files\AVAST Software\Avast\defs\12102100\algo.dll
c:\program files\AVAST Software\Avast\defs\12102100\algo64.dll
c:\program files\AVAST Software\Avast\defs\12102100\ArPot.dll
c:\program files\AVAST Software\Avast\defs\12102100\aspColl.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswAR.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswBoot.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswBoot64.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswCleanerDLL.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswCmnBS.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswCmnIS.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswCmnIS64.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswCmnOS.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswEngin.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswFiDb.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswRawFS.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswRawFS64.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswRep.dll
c:\program files\AVAST Software\Avast\defs\12102100\aswScan.dll
c:\program files\AVAST Software\Avast\defs\12102100\certs.map
c:\program files\AVAST Software\Avast\defs\12102100\db_as.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_dex.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_dex.map
c:\program files\AVAST Software\Avast\defs\12102100\db_dyna.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_dyna.map
c:\program files\AVAST Software\Avast\defs\12102100\db_el.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_elf.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_elf.map
c:\program files\AVAST Software\Avast\defs\12102100\db_elfa.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_elfa.map
c:\program files\AVAST Software\Avast\defs\12102100\db_evope.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_java.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_java.map
c:\program files\AVAST Software\Avast\defs\12102100\db_js.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_js.map
c:\program files\AVAST Software\Avast\defs\12102100\db_mx4.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_mx4.map
c:\program files\AVAST Software\Avast\defs\12102100\db_mx95.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_mx95.map
c:\program files\AVAST Software\Avast\defs\12102100\db_o7.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_o7.map
c:\program files\AVAST Software\Avast\defs\12102100\db_ob2.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_pe2.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_pe3.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_sql.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_sql.map
c:\program files\AVAST Software\Avast\defs\12102100\db_swf.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_swf.map
c:\program files\AVAST Software\Avast\defs\12102100\db_tx.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_u.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_w6.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_w6.map
c:\program files\AVAST Software\Avast\defs\12102100\db_wh2.dat
c:\program files\AVAST Software\Avast\defs\12102100\db_xtn.map
c:\program files\AVAST Software\Avast\defs\12102100\def.ini
c:\program files\AVAST Software\Avast\defs\12102100\dllcc.dat
c:\program files\AVAST Software\Avast\defs\12102100\exts.dll
c:\program files\AVAST Software\Avast\defs\12102100\fwAux.dll
c:\program files\AVAST Software\Avast\defs\12102100\l_idx.map
c:\program files\AVAST Software\Avast\defs\12102100\l_nmp.map
c:\program files\AVAST Software\Avast\defs\12102100\list_d.txt
c:\program files\AVAST Software\Avast\defs\12102100\list_i.txt
c:\program files\AVAST Software\Avast\defs\12102100\lshe3.map
c:\program files\AVAST Software\Avast\defs\12102100\prodproc.bin
c:\program files\AVAST Software\Avast\defs\12102100\s_idx.map
c:\program files\AVAST Software\Avast\defs\12102100\s_nmp.map
c:\program files\AVAST Software\Avast\defs\12102100\sc_dst.dat
c:\program files\AVAST Software\Avast\defs\12102100\sc_src.dat
c:\program files\AVAST Software\Avast\defs\12102100\Sf.bin
c:\program files\AVAST Software\Avast\defs\12102100\Sf1.bin
c:\program files\AVAST Software\Avast\defs\12102100\sl_idx.map
c:\program files\AVAST Software\Avast\defs\12102100\sl_nmp.map
c:\program files\AVAST Software\Avast\defs\12102100\spmdb.dat
c:\program files\AVAST Software\Avast\defs\12102100\uiext.dll
c:\program files\AVAST Software\Avast\defs\12102100\whitelist.db
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000000.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000001.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000002.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000003.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000004.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000005.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000006.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000007.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000008.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000009.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg121021000000000a.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg121021000000000b.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg121021000000000c.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg121021000000000d.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg121021000000000e.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg121021000000000f.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000010.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000011.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000012.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000013.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000014.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000015.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000016.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000017.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000018.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg1210210000000019.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg121021000000001a.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg121021000000001b.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg121021000000001c.bin
c:\program files\AVAST Software\Avast\defs\12102100_stream\pkg121021000000001d.bin
c:\program files\AVAST Software\Avast\defs\12102101_stream\pkg1210210100000000.bin
c:\program files\AVAST Software\Avast\defs\12102101_stream\pkg1210210100000001.bin
c:\program files\AVAST Software\Avast\defs\12102101_stream\pkg1210210100000002.bin
c:\program files\AVAST Software\Avast\defs\12102101_stream\pkg1210210100000003.bin
c:\program files\AVAST Software\Avast\defs\12102101_stream\pkg1210210100000004.bin
c:\program files\AVAST Software\Avast\defs\12102101_stream\pkg1210210100000005.bin
c:\program files\AVAST Software\Avast\defs\12102101_stream\pkg1210210100000006.bin
c:\program files\AVAST Software\Avast\defs\12102101_stream\pkg1210210100000007.bin
c:\program files\AVAST Software\Avast\defs\12102101_stream\pkg1210210100000008.bin
c:\program files\AVAST Software\Avast\defs\12102101_stream\pkg1210210100000009.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000000.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000001.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000002.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000004.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000005.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000006.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000007.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000008.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000009.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg121022000000000a.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg121022000000000b.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg121022000000000c.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg121022000000000d.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg121022000000000e.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg121022000000000f.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000010.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000011.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000012.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000013.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000014.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000015.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000016.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000017.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000018.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000019.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg121022000000001a.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg121022000000001b.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg121022000000001c.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg121022000000001d.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg121022000000001e.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg121022000000001f.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000020.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000021.bin
c:\program files\AVAST Software\Avast\defs\12102200_stream\pkg1210220000000022.bin
c:\program files\AVAST Software\Avast\defs\12102201_stream\pkg1210220100000000.bin
c:\program files\AVAST Software\Avast\defs\12102201_stream\pkg1210220100000001.bin
c:\program files\AVAST Software\Avast\defs\12102201_stream\pkg1210220100000002.bin
c:\program files\AVAST Software\Avast\defs\12102201_stream\pkg1210220100000003.bin
c:\program files\AVAST Software\Avast\defs\12102201_stream\pkg1210220100000004.bin
c:\program files\AVAST Software\Avast\defs\12102201_stream\pkg1210220100000005.bin
c:\program files\AVAST Software\Avast\defs\12102201_stream\pkg1210220100000006.bin
c:\program files\AVAST Software\Avast\defs\12102201_stream\pkg1210220100000007.bin
c:\program files\AVAST Software\Avast\defs\12102201_stream\pkg1210220100000008.bin
c:\program files\AVAST Software\Avast\defs\12102201_stream\pkg1210220100000009.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg1210230000000000.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg1210230000000001.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg1210230000000002.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg1210230000000003.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg1210230000000004.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg1210230000000005.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg1210230000000006.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg1210230000000007.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg1210230000000008.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg1210230000000009.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg121023000000000a.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg121023000000000b.bin
c:\program files\AVAST Software\Avast\defs\12102300_stream\pkg121023000000000c.bin
c:\program files\AVAST Software\Avast\defs\12102301_stream\pkg1210230100000000.bin
c:\program files\AVAST Software\Avast\defs\12102301_stream\pkg1210230100000001.bin
c:\program files\AVAST Software\Avast\defs\12102301_stream\pkg1210230100000002.bin
c:\program files\AVAST Software\Avast\defs\12102301_stream\pkg1210230100000003.bin
c:\program files\AVAST Software\Avast\defs\12102301_stream\pkg1210230100000004.bin
c:\program files\AVAST Software\Avast\defs\12102301_stream\pkg1210230100000005.bin
c:\program files\AVAST Software\Avast\defs\12102301_stream\pkg1210230100000006.bin
c:\program files\AVAST Software\Avast\defs\12102301_stream\pkg1210230100000007.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000000.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000001.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000002.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000003.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000004.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000005.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000006.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000007.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000008.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000009.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg121023020000000a.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg121023020000000b.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg121023020000000c.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg121023020000000d.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg121023020000000e.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg121023020000000f.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000010.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000011.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000012.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000013.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000014.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000015.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000016.bin
c:\program files\AVAST Software\Avast\defs\12102302_stream\pkg1210230200000017.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000000.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000001.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000002.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000003.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000004.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000005.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000006.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000007.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000008.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000009.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg121024000000000a.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg121024000000000b.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg121024000000000c.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg121024000000000d.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg121024000000000e.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg121024000000000f.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000010.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000011.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000012.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000013.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000014.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000015.bin
c:\program files\AVAST Software\Avast\defs\12102400_stream\pkg1210240000000016.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg1210250000000000.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg1210250000000001.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg1210250000000002.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg1210250000000003.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg1210250000000004.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg1210250000000005.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg1210250000000006.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg1210250000000007.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg1210250000000008.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg1210250000000009.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg121025000000000a.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg121025000000000b.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg121025000000000c.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg121025000000000d.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg121025000000000e.bin
c:\program files\AVAST Software\Avast\defs\12102500_stream\pkg121025000000000f.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000000.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000001.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000002.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000003.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000004.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000005.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000006.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000007.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000008.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000009.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg121025010000000a.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg121025010000000b.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg121025010000000c.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg121025010000000d.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg121025010000000e.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg121025010000000f.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000010.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000011.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000012.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000013.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000014.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000015.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000016.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000017.bin
c:\program files\AVAST Software\Avast\defs\12102501_stream\pkg1210250100000018.bin
c:\program files\AVAST Software\Avast\defs\12102502_stream\pkg1210250200000000.bin
c:\program files\AVAST Software\Avast\defs\12102502_stream\pkg1210250200000001.bin
c:\program files\AVAST Software\Avast\defs\12102502_stream\pkg1210250200000002.bin
c:\program files\AVAST Software\Avast\defs\12102600_stream\pkg1210260000000000.bin
c:\program files\AVAST Software\Avast\defs\12102600_stream\pkg1210260000000001.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg1210260100000001.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg1210260100000002.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg1210260100000003.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg1210260100000004.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg1210260100000005.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg1210260100000006.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg1210260100000007.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg1210260100000008.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg1210260100000009.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg121026010000000a.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg121026010000000b.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg121026010000000c.bin
c:\program files\AVAST Software\Avast\defs\12102601_stream\pkg121026010000000d.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000000.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000001.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000002.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000003.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000004.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000005.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000006.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000007.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000008.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000009.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg121027000000000a.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg121027000000000b.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg121027000000000c.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg121027000000000d.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg121027000000000e.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg121027000000000f.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000010.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000011.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000012.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000013.bin
c:\program files\AVAST Software\Avast\defs\12102700_stream\pkg1210270000000019.bin
c:\program files\AVAST Software\Avast\defs\12102701_stream\pkg1210270100000000.bin
c:\program files\AVAST Software\Avast\defs\12102701_stream\pkg1210270100000001.bin
c:\program files\AVAST Software\Avast\defs\12102701_stream\pkg1210270100000002.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000000.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000001.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000002.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000003.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000004.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000005.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000006.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000007.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000008.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000009.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg121028000000000a.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg121028000000000b.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg121028000000000c.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg121028000000000d.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg121028000000000e.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg121028000000000f.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000010.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000011.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000012.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000013.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000014.bin
c:\program files\AVAST Software\Avast\defs\12102800_stream\pkg1210280000000015.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000000.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000001.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000002.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000003.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000004.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000005.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000006.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000007.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000008.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg1210280100000009.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg121028010000000a.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg121028010000000b.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg121028010000000c.bin
c:\program files\AVAST Software\Avast\defs\12102801_stream\pkg121028010000000d.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000000.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000001.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000002.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000003.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000004.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000005.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000006.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000007.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000008.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000009.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg121029000000000a.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg121029000000000b.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg121029000000000c.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg121029000000000d.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg121029000000000e.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg121029000000000f.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000010.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000011.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000012.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000013.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000014.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000015.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000016.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000017.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000018.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg1210290000000019.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg121029000000001a.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg121029000000001b.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg121029000000001c.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg121029000000001d.bin
c:\program files\AVAST Software\Avast\defs\12102900_stream\pkg121029000000001e.bin
c:\program files\AVAST Software\Avast\defs\12102901_stream\pkg1210290100000000.bin
c:\program files\AVAST Software\Avast\defs\12102901_stream\pkg1210290100000001.bin
c:\program files\AVAST Software\Avast\defs\12102901_stream\pkg1210290100000002.bin
c:\program files\AVAST Software\Avast\defs\12102901_stream\pkg1210290100000003.bin
c:\program files\AVAST Software\Avast\defs\12102901_stream\pkg1210290100000004.bin
c:\program files\AVAST Software\Avast\defs\12102901_stream\pkg1210290100000005.bin
c:\program files\AVAST Software\Avast\defs\12102901_stream\pkg1210290100000006.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000000.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000001.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000002.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000003.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000004.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000005.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000006.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000007.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000008.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000009.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg121030000000000a.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg121030000000000b.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg121030000000000c.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg121030000000000d.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg121030000000000e.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg121030000000000f.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000010.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000011.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000012.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000013.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000014.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000015.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000016.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000017.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000018.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000019.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg121030000000001a.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg121030000000001b.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg121030000000001c.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg121030000000001d.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg121030000000001e.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg121030000000001f.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000020.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000021.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000022.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000023.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000024.bin
c:\program files\AVAST Software\Avast\defs\12103000_stream\pkg1210300000000025.bin
c:\program files\AVAST Software\Avast\defs\12103001_stream\pkg1210300100000000.bin
c:\program files\AVAST Software\Avast\defs\12103001_stream\pkg1210300100000001.bin
c:\program files\AVAST Software\Avast\defs\12103001_stream\pkg1210300100000002.bin
c:\program files\AVAST Software\Avast\defs\12103001_stream\pkg1210300100000003.bin
c:\program files\AVAST Software\Avast\defs\12103001_stream\pkg1210300100000004.bin
c:\program files\AVAST Software\Avast\defs\12103001_stream\pkg1210300100000005.bin
c:\program files\AVAST Software\Avast\defs\12103001_stream\pkg1210300100000006.bin
c:\program files\AVAST Software\Avast\defs\12103001_stream\pkg1210300100000007.bin
c:\program files\AVAST Software\Avast\defs\12103001_stream\pkg1210300100000008.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000000.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000001.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000002.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000003.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000004.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000005.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000006.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000007.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000008.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000009.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg121031000000000a.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg121031000000000b.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg121031000000000c.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg121031000000000d.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg121031000000000e.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg121031000000000f.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000010.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000011.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000012.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000013.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000014.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000015.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000016.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000017.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000018.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000019.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg121031000000001a.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg121031000000001b.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg121031000000001c.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg121031000000001d.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg121031000000001e.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg121031000000001f.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000020.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000021.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000022.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000023.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000024.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000025.bin
c:\program files\AVAST Software\Avast\defs\12103100_stream\pkg1210310000000026.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000000.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000001.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000002.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000003.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000004.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000005.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000006.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000007.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000008.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000009.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg121031010000000a.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg121031010000000b.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg121031010000000c.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg121031010000000d.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg121031010000000e.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg121031010000000f.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000010.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000011.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000012.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000013.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000014.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000015.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000016.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000017.bin
c:\program files\AVAST Software\Avast\defs\12103101_stream\pkg1210310100000018.bin
c:\program files\AVAST Software\Avast\defs\12110201_stream\pkg1211020100000005.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000000.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000001.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000002.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000003.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000004.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000005.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000006.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000007.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000008.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000009.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg121103000000000a.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg121103000000000b.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg121103000000000c.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg121103000000000d.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg121103000000000e.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg121103000000000f.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000010.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000011.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000012.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000013.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000014.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000015.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000016.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000017.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000018.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg1211030000000019.bin
c:\program files\AVAST Software\Avast\defs\12110300_stream\pkg121103000000001a.bin
c:\program files\AVAST Software\Avast\defs\12110301_stream\pkg1211030100000000.bin
c:\program files\AVAST Software\Avast\defs\12110301_stream\pkg1211030100000001.bin
c:\program files\AVAST Software\Avast\defs\12110301_stream\pkg1211030100000002.bin
c:\program files\AVAST Software\Avast\defs\12110301_stream\pkg1211030100000003.bin
c:\program files\AVAST Software\Avast\defs\12110301_stream\pkg1211030100000004.bin
c:\program files\AVAST Software\Avast\defs\12110301_stream\pkg1211030100000005.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000000.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000001.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000002.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000003.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000004.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000005.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000006.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000007.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000008.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000009.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg121104000000000a.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg121104000000000b.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg121104000000000c.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg121104000000000d.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg121104000000000e.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg121104000000000f.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000010.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000011.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000012.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000013.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000014.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000015.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000016.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000017.bin
c:\program files\AVAST Software\Avast\defs\12110400_stream\pkg1211040000000018.bin
c:\program files\AVAST Software\Avast\defs\12110401_stream\pkg1211040100000000.bin
c:\program files\AVAST Software\Avast\defs\12110401_stream\pkg1211040100000001.bin
c:\program files\AVAST Software\Avast\defs\12110401_stream\pkg1211040100000002.bin
c:\program files\AVAST Software\Avast\defs\12110401_stream\pkg1211040100000003.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000007.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000008.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000009.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg121105000000000a.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg121105000000000b.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg121105000000000c.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg121105000000000d.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg121105000000000e.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg121105000000000f.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000010.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000011.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000012.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000013.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000014.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000015.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000016.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000017.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000018.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg1211050000000019.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg121105000000001a.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg121105000000001b.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg121105000000001c.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg121105000000001d.bin
c:\program files\AVAST Software\Avast\defs\12110500_stream\pkg121105000000001e.bin
c:\program files\AVAST Software\Avast\defs\12110600_stream\pkg1211060000000000.bin
c:\program files\AVAST Software\Avast\defs\12110600_stream\pkg1211060000000001.bin
c:\program files\AVAST Software\Avast\defs\12110600_stream\pkg1211060000000002.bin
c:\program files\AVAST Software\Avast\defs\12110600_stream\pkg1211060000000003.bin
c:\program files\AVAST Software\Avast\defs\12110600_stream\pkg1211060000000004.bin
c:\program files\AVAST Software\Avast\defs\12110600_stream\pkg1211060000000005.bin
c:\program files\AVAST Software\Avast\defs\aswdefs.ini
c:\program files\AVAST Software\Avast\flash\amcharts_key.txt
c:\program files\AVAST Software\Avast\flash\amline.swf
c:\program files\AVAST Software\Avast\flash\ammap\ammap.swf
c:\program files\AVAST Software\Avast\flash\ammap\ammap_key.txt
c:\program files\AVAST Software\Avast\flash\ammap\ammap_settings_summary.xml
c:\program files\AVAST Software\Avast\flash\ammap\ammap_settings_tracert.xml
c:\program files\AVAST Software\Avast\flash\ammap\empty_map.xml
c:\program files\AVAST Software\Avast\flash\ammap\icons\arrow.swf
c:\program files\AVAST Software\Avast\flash\ammap\icons\bubble.swf
c:\program files\AVAST Software\Avast\flash\ammap\icons\cross.swf
c:\program files\AVAST Software\Avast\flash\ammap\icons\flag.swf
c:\program files\AVAST Software\Avast\flash\ammap\icons\pin.swf
c:\program files\AVAST Software\Avast\flash\ammap\icons\zoom_out.swf
c:\program files\AVAST Software\Avast\flash\ammap\maps\world.swf
c:\program files\AVAST Software\Avast\License\EULA_Avast_Free.txt
c:\program files\AVAST Software\Avast\sched.exe
c:\program files\AVAST Software\Avast\screenhooks32.dll
c:\program files\AVAST Software\Avast\Setup\ais_core-4bd.vpx
c:\program files\AVAST Software\Avast\Setup\ais_dll_cht-3ed.vpx
c:\program files\AVAST Software\Avast\Setup\ais_res-404.vpx
c:\program files\AVAST Software\Avast\Setup\ais_x64-564.vpx
c:\program files\AVAST Software\Avast\Setup\avast.setup
c:\program files\AVAST Software\Avast\Setup\Components.ini
c:\program files\AVAST Software\Avast\Setup\history.ini
c:\program files\AVAST Software\Avast\Setup\INF\Aavmker4.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswFsBlk.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswKbd.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswMon.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswMon2.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswMonFlt.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswSnx.sys
c:\program files\AVAST Software\Avast\Setup\INF\aswSP.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\Aavmker4.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswBoot.exe
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswFsBlk.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswKbd.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswMon2.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswMonFlt.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswSnx.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\aswSP.sys
c:\program files\AVAST Software\Avast\Setup\INF\x64\netcfg_x64.exe
c:\program files\AVAST Software\Avast\Setup\jrog-a7.vpx
c:\program files\AVAST Software\Avast\Setup\jrog2-61a.vpx
c:\program files\AVAST Software\Avast\Setup\jrog2-61c-61b.vpx.dld
c:\program files\AVAST Software\Avast\Setup\part-jrog-a7.vpx
c:\program files\AVAST Software\Avast\Setup\part-jrog2-61c.vpx
c:\program files\AVAST Software\Avast\Setup\part-prg_ais-5ba.vpx
c:\program files\AVAST Software\Avast\Setup\part-setup_ais-5ba.vpx
c:\program files\AVAST Software\Avast\Setup\part-vps_win32-12102200.vpx
c:\program files\AVAST Software\Avast\Setup\prod-ais.vpx
c:\program files\AVAST Software\Avast\Setup\servers.def
c:\program files\AVAST Software\Avast\Setup\servers.def.lkg
c:\program files\AVAST Software\Avast\Setup\servers.def.vpx
c:\program files\AVAST Software\Avast\Setup\setif_ais-5ba.vpx
c:\program files\AVAST Software\Avast\Setup\setiface.dll
c:\program files\AVAST Software\Avast\Setup\setiface.ovr
c:\program files\AVAST Software\Avast\Setup\settings.ori
c:\program files\AVAST Software\Avast\Setup\setup.ini
c:\program files\AVAST Software\Avast\Setup\setup.log
c:\program files\AVAST Software\Avast\Setup\setup.ovr
c:\program files\AVAST Software\Avast\Setup\setup_ais-5ba.vpx
c:\program files\AVAST Software\Avast\Setup\summary.txt
c:\program files\AVAST Software\Avast\Setup\vps_32-923.vpx
c:\program files\AVAST Software\Avast\Setup\vps_win32-936.vpx
c:\program files\AVAST Software\Avast\Setup\vps_win64-5c6.vpx
c:\program files\AVAST Software\Avast\Setup\winsys-6.vpx
c:\program files\AVAST Software\Avast\snxhk.dll
c:\program files\AVAST Software\Avast\snxhk64.dll
c:\program files\AVAST Software\Avast\VisthAux.exe
c:\program files\AVAST Software\Avast\WebRep\Chrome\AswWebRepChrome.crx
c:\program files\AVAST Software\Avast\WebRep\Chrome\AswWebRepChrome.ver
c:\program files\AVAST Software\Avast\WebRep\FF\chrome.manifest
c:\program files\AVAST Software\Avast\WebRep\FF\content\about.xul
c:\program files\AVAST Software\Avast\WebRep\FF\content\dateFormat.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\jquery.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\log.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\overlay.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\overlay.xul
c:\program files\AVAST Software\Avast\WebRep\FF\content\pbj.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\protobuf.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\query.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\ratings.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\rules.js
c:\program files\AVAST Software\Avast\WebRep\FF\content\wrc_gpb.js
c:\program files\AVAST Software\Avast\WebRep\FF\defaults\preferences\pref.js
c:\program files\AVAST Software\Avast\WebRep\FF\install.rdf
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ar-SA\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ar-SA\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\be-BY\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\be-BY\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\bg-BG\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\bg-BG\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ca-ES\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ca-ES\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\cs-CZ\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\cs-CZ\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\da-DK\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\da-DK\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\de-DE\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\de-DE\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\el-GR\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\el-GR\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\en-GB\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\en-GB\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\en-US\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\en-US\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\es-ES\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\es-ES\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\et-EE\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\et-EE\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\fi-FI\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\fi-FI\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\fr-FR\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\fr-FR\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\he-IL\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\he-IL\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\hr-HR\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\hr-HR\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\hu-HU\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\hu-HU\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\id-ID\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\id-ID\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\it-IT\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\it-IT\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ja-JP\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ja-JP\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ko-KR\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ko-KR\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\nb-NO\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\nb-NO\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\nl-NL\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\nl-NL\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\pl-PL\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\pl-PL\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\pt-BR\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\pt-BR\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\pt-PT\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\pt-PT\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ro-RO\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ro-RO\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ru-RU\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ru-RU\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\sk-SK\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\sk-SK\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\sl-SI\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\sl-SI\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\sv-SE\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\sv-SE\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\th-TH\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\th-TH\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\tr-TR\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\tr-TR\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\uk-UA\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\uk-UA\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ur-PK\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\ur-PK\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\vi-VN\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\vi-VN\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\zh-CN\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\zh-CN\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\locale\zh-TW\wrc.dtd
c:\program files\AVAST Software\Avast\WebRep\FF\locale\zh-TW\wrc.properties
c:\program files\AVAST Software\Avast\WebRep\FF\skin\avast_logo.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\background-body.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\background-sitecorrect.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\close.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\green1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\green2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\green3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\grey0-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\grey3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\orange1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\orange2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\orange3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\red1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\red2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\red3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\yellow1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\yellow2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 16x16px\yellow3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\green1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\green2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\green3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\grey0-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\grey3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\orange1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\orange2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\orange3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\red1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\red2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\red3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\yellow1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\yellow2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\ico 24x24px\yellow3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\check-priority.jp
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\check-priority.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\close.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\green1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\green2.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\green3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\grey.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\orange1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\orange2.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\orange3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\red1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\red2.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\red3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-big.jp
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-big.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-small.jp
c:\program files\AVAST Software\Avast\WebRep\FF\skin\icons\shop-icon-small.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\logo.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\overlay.css
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\background-body.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\background-body.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\background-header.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\background-right-bottom.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\background-right-top.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\background-right.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\bg-window.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\Button-1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\button-middle.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\close-hover.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\close.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corner-left-bottom.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corner-left-top.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corner-right-bottom.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corner-right-top.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corporate-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corporate-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\corporate.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\drugs-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\drugs-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\drugs.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\gambling-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\gambling-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\gambling.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green-1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green-2.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green-3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green-hover.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green1-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green2-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\green3-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey-0.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey-3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey0-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey0-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\grey3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\horizontal-line-white.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\horizontal-line.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\icon_incorrect.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\illegal-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\illegal-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\illegal.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\it-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\it-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\it.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\kenny.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\limet-hover.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\limet-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\limet.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\line-dark-horizontal.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\line-light-horizontal.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\logo.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\news-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\news-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\news.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\orange-hover.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\orange-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\orange.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\pornography-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\pornography-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\pornography.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red-1-108.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red-1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red-2.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red-3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red-hover.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red1-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red2-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\red3-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\shopping-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\shopping-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\shopping.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\social-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\social-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\social.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\vertical-line.jpg
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\violence-small-disable.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\violence-small-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\violence.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\Warning.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\window-wrc.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-1.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-2.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-3.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-hover.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow-selected.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow1-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow1-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow1-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow2-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow2-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow2-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow3-16.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow3-24.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\png\yellow3-small.png
c:\program files\AVAST Software\Avast\WebRep\FF\skin\wrc ico 16x16px a 24x24px.zip
c:\program files\AVAST Software\Avast\WebRep\Opera\wrc.oex
c:\program files\AVAST Software\Avast\WebRep\Safari\wrc.safariextz
c:\windows\system32\drivers\aswMonFlt.sys
.
.
((((((((((((((((((((((((((((((((((((((( 驅動/服務 )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ASWFSBLK
-------\Legacy_ASWMONFLT
-------\Legacy_ASWSNX
-------\Legacy_ASWSP
-------\Legacy_MJVHHU
-------\Legacy_UEZNDL
-------\Legacy_VHJRAP
-------\Service_aswFsBlk
-------\Service_aswMonFlt
-------\Service_aswSnx
-------\Service_aswSP
-------\Service_mjvhhu
-------\Service_uezndl
-------\Service_vhjrap
.
.
((((((((((((((((((((((((( 2012-10-09 至 2012-11-09 的新的檔案 )))))))))))))))))))))))))))))))
.
.
2012-11-09 00:49 . 2012-11-09 00:49 -------- d-----w- c:\windows\SysWow64\蠉xt孀videace
2012-11-09 00:48 . 2012-11-09 00:48 -------- d-----w- c:\users\Public\AppData\Local\temp
2012-11-09 00:48 . 2012-11-09 00:48 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-09 00:37 . 2012-11-09 00:37 -------- d-----w- c:\windows\SysWow64\蠉xt汻videace
2012-11-07 11:41 . 2012-11-07 11:41 -------- d-----w- c:\windows\SysWow64\肄蠉肄xt岤videace
2012-11-07 11:39 . 2012-11-07 11:39 -------- d-----w- c:\windows\SysWow64\xw蠉xwxtvideace
2012-11-07 09:33 . 2012-11-07 09:33 -------- d-----w- c:\programdata\CPA_VA
2012-11-07 09:31 . 2012-11-07 09:31 -------- d-----w- c:\windows\SysWow64\l蒪w砫滴`r俞videace
2012-11-07 09:30 . 2012-11-07 09:30 1700352 ----a-w- c:\windows\SysWow64\gdiplus.dll
2012-11-07 09:30 . 2012-11-07 09:30 1060864 ----a-w- c:\windows\SysWow64\mfc71.dll
2012-11-07 08:13 . 2012-11-07 08:13 -------- d-----w- C:\temp
2012-11-07 07:14 . 2012-11-07 07:14 -------- d-----w- C:\videace
2012-11-07 06:58 . 2012-10-06 03:17 -------- d-----w- c:\programdata\DataCardService
2012-11-07 06:58 . 2009-07-14 06:21 1721576 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01009.dll
2012-11-07 05:49 . 2012-11-07 05:49 -------- d-----w- c:\windows\SysWow64\Xw蠉Xwxt淚videace
2012-11-07 05:46 . 2012-11-07 05:46 -------- d-----w- c:\windows\SysWow64\.w蠉.wxt吭videace
2012-11-06 21:37 . 2012-11-06 21:01 -------- d-----w- C:\eSupport
2012-11-06 21:13 . 2012-11-06 21:13 80512 ----a-w- c:\windows\ASUS_N3_Series Uninstaller.exe
2012-11-06 21:13 . 2010-06-22 14:26 64702955 ------w- c:\windows\system32\ASUS_N3_Series.scr
2012-11-06 21:13 . 2012-11-06 21:13 3058304 ----a-w- c:\windows\AsScrPro.exe
2012-11-06 21:11 . 2012-11-06 21:11 505128 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-11-06 21:11 . 2012-11-06 21:11 353576 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-11-06 21:11 . 2012-11-06 21:11 29480 ----a-w- c:\windows\SysWow64\msxml3a.dll
2012-11-06 21:07 . 2012-11-06 21:15 -------- d-----w- c:\program files (x86)\CyberLink
2012-11-06 21:07 . 2012-11-06 21:15 -------- d-----w- c:\programdata\CyberLink
2012-11-06 21:06 . 2012-10-29 22:48 -------- d-----w- C:\ExpressGateUtil
2012-11-06 21:03 . 2011-05-30 21:48 155648 ----a-w- c:\windows\SysWow64\ACEngSvr.exe
2012-11-06 21:01 . 2012-11-06 21:01 -------- d-----w- c:\program files\ASUS
2012-11-06 21:01 . 2011-03-04 00:57 379520 ----a-w- c:\windows\system32\FBAgent.exe
2012-11-06 20:59 . 2012-11-06 21:01 -------- d-----w- c:\program files\P4G
2012-11-06 20:59 . 2012-11-06 20:59 -------- d-----w- c:\programdata\P4G
2012-11-06 20:59 . 2012-11-06 20:59 -------- d-----w- c:\program files\Intel
2012-11-06 20:56 . 2012-11-06 20:56 -------- d-----w- c:\program files (x86)\Common Files\Atheros
2012-11-06 20:56 . 2012-11-06 20:56 -------- d-----w- c:\program files (x86)\Bluetooth Suite
2012-11-06 20:55 . 2012-11-06 20:55 -------- d-----w- c:\program files (x86)\Atheros
2012-11-06 20:55 . 2010-07-08 10:03 2228736 ----a-w- c:\windows\system32\drivers\athrx.sys
2012-11-06 20:55 . 2010-07-08 10:03 2228736 ----a-w- c:\windows\system32\athrx.sys
2012-11-06 20:55 . 2012-11-06 06:35 -------- d-----w- c:\programdata\Atheros
2012-11-06 20:53 . 2012-11-06 20:53 -------- d-----w- c:\program files\Elantech
2012-11-06 20:53 . 2012-11-06 06:53 -------- d-----w- c:\program files\Fresco Logic Inc
2012-11-06 20:53 . 2012-11-06 20:53 -------- d-----w- c:\programdata\AmUStor
2012-11-06 20:53 . 2012-11-06 20:53 -------- d-----w- c:\program files (x86)\AmIcoSingLun
2012-11-06 20:52 . 2012-11-06 20:52 -------- d-----w- c:\programdata\Intel
2012-11-06 20:52 . 2012-11-06 20:55 -------- d-----w- c:\windows\SysWow64\NV
2012-11-06 20:52 . 2012-11-06 20:55 -------- d-----w- c:\windows\system32\NV
2012-11-06 20:51 . 2012-11-06 20:51 -------- d-----w- c:\programdata\SonicFocus
2012-11-06 20:51 . 2012-11-06 20:51 -------- d-----w- c:\program files\Realtek
2012-11-06 20:51 . 2012-11-06 20:51 -------- d-----w- c:\windows\SysWow64\RTCOM
2012-11-06 20:49 . 2011-06-04 23:22 2207336 ----a-w- c:\windows\system32\nvapi64.dll
2012-11-06 20:46 . 2010-10-04 05:02 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2012-11-06 20:46 . 2012-11-06 20:49 -------- d-----w- C:\Intel
2012-11-06 20:44 . 2011-01-28 19:03 180736 ----a-w- c:\windows\system32\ifsutil.dll
2012-11-06 20:44 . 2011-01-28 05:46 148992 ----a-w- c:\windows\SysWow64\ifsutil.dll
2012-11-06 12:48 . 2012-11-06 12:48 -------- d-----w- c:\windows\SysWow64\肓蠉肓xt璞videace
2012-11-06 12:45 . 2012-11-06 12:45 -------- d-----w- c:\windows\SysWow64\Sw蠉Swxt琵videace
2012-11-06 10:43 . 2012-11-06 10:43 -------- d-----w- c:\windows\SysWow64\蠉xt莍videace
2012-11-06 07:24 . 2012-11-06 07:24 -------- d-----w- c:\windows\SysWow64\l綖w砫rw€tvideace
2012-11-06 07:02 . 2012-11-06 07:02 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2012-11-06 07:02 . 2012-11-06 07:02 -------- d-----w- c:\program files\Fresco Logic
2012-11-06 06:56 . 2012-11-06 06:56 -------- d-----w- c:\programdata\ASUS
2012-11-06 06:55 . 2012-10-11 02:15 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-06 06:55 . 2012-11-06 06:55 -------- d-----w- c:\programdata\PassMark
2012-11-06 06:33 . 2012-11-09 00:49 45056 ----a-w- c:\windows\SysWow64\acovcnt.exe
2012-11-06 06:33 . 2012-11-09 00:37 -------- d-----w- C:\ASUS.DAT
2012-11-06 06:33 . 2012-11-06 06:33 -------- d-----w- c:\programdata\FolderView
2012-11-06 06:33 . 2012-10-29 06:50 -------- d-----w- c:\users\ASUS
2012-11-06 04:46 . 2009-12-30 03:21 31800 ----a-w- c:\windows\system32\drivers\revoflt.sys
2012-11-06 00:37 . 2012-11-06 00:37 -------- d-----w- c:\windows\SysWow64\蠉xt蓋videace
2012-11-06 00:27 . 2012-11-06 00:27 -------- d-----w- c:\windows\SysWow64\Xw蠉Xwxt琵videace
2012-11-05 07:04 . 2012-11-05 07:04 -------- d-----w- c:\windows\SysWow64\宨蠉宨xt璞videace
2012-11-05 07:00 . 2012-11-05 07:00 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-11-05 07:00 . 2012-11-05 07:00 289768 ----a-w- c:\windows\system32\javaws.exe
2012-11-05 07:00 . 2012-11-05 07:00 1034216 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-11-05 07:00 . 2012-11-05 07:00 189416 ----a-w- c:\windows\system32\javaw.exe
2012-11-05 07:00 . 2012-11-05 07:00 188904 ----a-w- c:\windows\system32\java.exe
2012-11-05 07:00 . 2012-11-05 07:00 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-11-05 07:00 . 2012-11-05 07:00 -------- d-----w- c:\program files\Java
2012-11-05 06:38 . 2012-11-05 06:38 -------- d-----w- c:\windows\SysWow64\蠉xt黠videace
2012-11-05 06:35 . 2012-11-05 06:35 -------- d-----w- c:\windows\SysWow64\nw蠉nwxt綅videace
2012-11-05 00:21 . 2012-11-05 00:21 -------- d-----w- c:\windows\SysWow64\+w蠉+wxt娖videace
2012-11-03 07:28 . 2012-11-03 07:28 -------- d-----w- c:\windows\SysWow64\qw蠉qwxt跚videace
2012-11-03 01:43 . 2012-11-03 01:43 -------- d-----w- c:\windows\SysWow64\蠉xt墦videace
2012-11-03 01:38 . 2012-11-03 01:38 -------- d-----w- c:\windows\SysWow64\繗蠉繗xt墦videace
2012-11-03 01:35 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\iswtwq.sys
2012-11-03 01:33 . 2012-11-03 01:33 -------- d-----w- c:\windows\SysWow64\憨蠉憨xt縷videace
2012-11-03 01:29 . 2012-11-03 01:29 -------- d-----w- c:\windows\SysWow64\Ow蠉Owxt髏videace
2012-11-03 01:28 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\zedltn.sys
2012-11-03 01:25 . 2012-11-03 01:25 -------- d-----w- c:\windows\SysWow64\zw蠉zwxt暝videace
2012-11-01 11:01 . 2012-11-01 11:01 -------- d-----w- c:\windows\SysWow64\烅蠉烅xt歿videace
2012-10-31 13:05 . 2012-10-31 13:05 -------- d-----w- c:\windows\SysWow64\漙蠉漙xt髏videace
2012-10-31 12:58 . 2012-10-31 12:58 -------- d-----w- c:\windows\SysWow64\#w蠉#wxt苒videace
2012-10-31 11:22 . 2012-10-31 11:22 -------- d-----w- c:\program files\COMODO
2012-10-31 11:17 . 2012-10-31 11:17 -------- d-----w- c:\windows\SysWow64\莇蠉莇xt淚videace
2012-10-31 11:10 . 2012-10-31 11:10 -------- d-----w- c:\windows\SysWow64\蠉xt柦videace
2012-10-31 10:54 . 2012-10-31 10:54 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-10-31 10:54 . 2012-09-29 11:54 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-31 10:09 . 2012-10-31 10:09 -------- d-----w- c:\windows\SysWow64\uw蠉uwxt琵videace
2012-10-31 08:41 . 2012-10-31 08:41 -------- d-----w- c:\windows\SysWow64\-w蠉-wxt璞videace
2012-10-31 08:40 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\ovanvq.sys
2012-10-31 08:35 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\zlnimc.sys
2012-10-31 08:33 . 2012-10-31 08:33 -------- d-----w- c:\windows\SysWow64\蠉xtvideace
2012-10-31 08:26 . 2012-10-31 08:26 -------- d-----w- c:\windows\SysWow64\蠉xt縷videace
2012-10-31 08:25 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\icquni.sys
2012-10-31 08:23 . 2012-10-31 08:23 -------- d-----w- c:\windows\SysWow64\(w蠉(wxtvideace
2012-10-31 08:20 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\dlhynz.sys
2012-10-31 08:14 . 2012-10-31 08:14 -------- d-----w- c:\windows\SysWow64\蠉xt佢videace
2012-10-31 02:14 . 2012-10-09 18:30 146264 ----a-w- c:\windows\system32\drivers\mtqjxm.sys
2012-10-30 11:06 . 2012-10-30 11:06 -------- d-----w- c:\windows\SysWow64\Jw蠉Jwxt綅videace
2012-10-30 07:45 . 2012-10-30 07:45 -------- d-----w- c:\windows\SysWow64\zw蠉zwxt滜videace
2012-10-30 07:06 . 2012-10-30 07:06 -------- d-----w- c:\windows\SysWow64\蠉xt閱videace
2012-10-30 05:20 . 2012-10-30 05:20 -------- d-----w- c:\windows\SysWow64\洄蠉洄xt螰videace
2012-10-29 11:35 . 2012-10-29 11:35 -------- d-----w- c:\windows\SysWow64\'w蠉'wxt閱videace
2012-10-29 11:18 . 2012-10-29 11:18 -------- d-----w- c:\windows\SysWow64\漙蠉漙xt黠videace
2012-10-29 11:08 . 2012-10-29 11:08 -------- d-----w- c:\windows\SysWow64\眨蠉眨xt螰videace
2012-10-29 07:32 . 2012-10-29 07:32 -------- d-----w- c:\windows\SysWow64\蓹蠉蓹xt苒videace
2012-10-29 06:50 . 2012-10-29 06:50 -------- d-----w- c:\windows\SysWow64\肓蠉肓xt汻videace
2012-10-29 05:44 . 2012-11-06 04:42 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-10-29 05:33 . 2012-10-29 05:33 -------- d-----w- c:\windows\SysWow64\;w蠉;wxt偅videace
2012-10-28 12:00 . 2012-10-28 12:00 -------- d-----w- c:\windows\SysWow64\]w蠉]wxt么videace
2012-10-27 11:15 . 2012-10-27 11:15 -------- d-----w- c:\windows\SysWow64\逕蠉逕xtvideace
2012-10-26 23:58 . 2012-10-26 23:58 -------- d-----w- c:\program files\CCleaner
2012-10-26 23:53 . 2012-10-26 23:53 -------- d-----w- c:\windows\SysWow64\jw蠉jwxt跚videace
2012-10-25 10:55 . 2012-10-25 10:55 -------- d-----w- c:\windows\SysWow64\儡蠉儡xt歿videace
2012-10-22 11:20 . 2012-10-22 11:20 -------- d-----w- c:\windows\SysWow64\ㄈ蠉ㄈxtvideace
2012-10-22 11:16 . 2012-10-22 11:16 -------- d-----w- c:\windows\SysWow64\ww蠉wwxt愧videace
.
.
(((((((((((((((((((((((((((((((((((((((( 在三個月內被修改的檔案 ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-11 02:15 . 2012-07-15 12:44 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-10-11 01:32 . 2012-04-07 10:48 65309168 ----a-w- c:\windows\system32\MRT.exe
2012-10-10 11:26 . 2012-10-01 08:07 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-10-10 11:26 . 2012-10-01 08:07 696760 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-10-09 11:30 . 2012-10-09 11:30 94800 ----a-w- c:\windows\system32\drivers\inspect.sys
2012-10-09 11:30 . 2012-10-09 11:30 38656 ----a-w- c:\windows\system32\drivers\cmdhlp.sys
2012-10-09 11:30 . 2012-10-09 11:30 688104 ----a-w- c:\windows\system32\drivers\cmdguard.sys
2012-10-09 11:30 . 2012-10-09 11:30 22736 ----a-w- c:\windows\system32\drivers\cmderd.sys
2012-10-09 11:30 . 2012-10-09 11:30 42264 ----a-w- c:\windows\system32\cmdcsr.dll
2012-10-09 11:29 . 2012-10-09 11:29 313112 ----a-w- c:\windows\system32\guard64.dll
2012-10-09 11:29 . 2012-10-09 11:29 240488 ----a-w- c:\windows\SysWow64\guard32.dll
2012-10-09 11:29 . 2012-10-09 11:29 153808 ----a-w- c:\windows\system32\cmdvrt64.dll
2012-10-09 11:29 . 2012-10-09 11:29 128720 ----a-w- c:\windows\SysWow64\cmdvrt32.dll
2012-09-04 12:22 . 2012-09-04 12:22 39424 ----a-w- c:\windows\system32\cmdkbd64.dll
2012-09-04 12:07 . 2012-09-04 12:07 34304 ----a-w- c:\windows\SysWow64\cmdkbd32.dll
2012-08-30 01:17 . 2011-03-29 01:36 19720 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-08-24 11:15 . 2012-09-25 04:44 17810944 ----a-w- c:\windows\system32\mshtml.dll
2012-08-24 10:39 . 2012-09-25 04:44 10925568 ----a-w- c:\windows\system32\ieframe.dll
2012-08-24 10:31 . 2012-09-25 04:44 2312704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 10:22 . 2012-09-25 04:44 1346048 ----a-w- c:\windows\system32\urlmon.dll
2012-08-24 10:21 . 2012-09-25 04:44 1392128 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 10:20 . 2012-09-25 04:44 1494528 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 10:18 . 2012-09-25 04:44 237056 ----a-w- c:\windows\system32\url.dll
2012-08-24 10:17 . 2012-09-25 04:44 85504 ----a-w- c:\windows\system32\jsproxy.dll
2012-08-24 10:14 . 2012-09-25 04:44 173056 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 10:14 . 2012-09-25 04:44 816640 ----a-w- c:\windows\system32\jscript.dll
2012-08-24 10:13 . 2012-09-25 04:44 599040 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 10:12 . 2012-09-25 04:44 2144768 ----a-w- c:\windows\system32\iertutil.dll
2012-08-24 10:11 . 2012-09-25 04:44 729088 ----a-w- c:\windows\system32\msfeeds.dll
2012-08-24 10:10 . 2012-09-25 04:44 96768 ----a-w- c:\windows\system32\mshtmled.dll
2012-08-24 10:09 . 2012-09-25 04:44 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-24 10:04 . 2012-09-25 04:44 248320 ----a-w- c:\windows\system32\ieui.dll
2012-08-24 06:59 . 2012-09-25 04:44 1800704 ----a-w- c:\windows\SysWow64\jscript9.dll
2012-08-24 06:51 . 2012-09-25 04:44 1129472 ----a-w- c:\windows\SysWow64\wininet.dll
2012-08-24 06:51 . 2012-09-25 04:44 1427968 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2012-08-24 06:47 . 2012-09-25 04:44 142848 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2012-08-24 06:47 . 2012-09-25 04:44 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2012-08-24 06:43 . 2012-09-25 04:44 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2012-08-22 18:12 . 2012-09-12 11:17 1913200 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 18:12 . 2012-09-12 11:17 950128 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 18:12 . 2012-09-12 11:17 376688 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 18:12 . 2012-09-12 11:17 288624 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 21:01 . 2012-09-27 03:23 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-08-21 09:13 . 2012-09-18 13:04 969200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-09-18 13:04 359464 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-09-18 13:04 25232 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2012-09-18 12:47 41224 ------w- c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-09-18 12:47 227648 ------w- c:\windows\SysWow64\aswBoot.exe
2012-08-21 09:12 . 2012-08-31 03:39 285328 ----a-w- c:\windows\system32\aswBoot.exe
2012-08-20 17:38 . 2012-10-10 06:03 44032 ----a-w- c:\windows\apppatch\acwow64.dll
.
.
((((((((((((((((((((((((((((((((((((( 重要登入點 ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*注意* 空白與合法缺省登錄將不會被顯示
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2012-08-25 765200]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-10-18 3331312]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe" [2011-07-29 737104]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-24 1601536]
"VAWinAgent"="c:\expressgateutil\VAWinAgent.exe" [2011-04-08 45448]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504]
"FLxHCIm64"="c:\program files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe" [2012-01-15 48128]
"IME14 CHT Setup"="c:\progra~2\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE" [2012-03-13 81200]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2012-11-7 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\guard32.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 DCService.exe;DCService.exe;c:\programdata\DatacardService\DCService.exe [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2010-05-03 44032]
R3 cmdvirth;COMODO Virtual Service Manager;d:\virus protection course\COMODO\COMODO Internet Security\cmdvirth.exe [2012-10-09 145616]
R3 cnhvgf;cnhvgf;c:\program files\COMODO\COMODO Internet Security\ccekrnl.dat [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 WatAdminSvc;Windows 啟用技術服務;c:\windows\system32\Wat\WatAdminSvc.exe [2012-04-08 1255736]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-06-04 25960]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-05-26 17536]
S1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\DRIVERS\cmderd.sys [2012-10-09 22736]
S1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2012-10-09 688104]
S1 cmdhlp;COMODO Internet Security Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2012-10-09 38656]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-03-04 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
S2 ImeDictUpdateService;Microsoft IME Dictionary Update;c:\program files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [2010-10-20 83312]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-04-17 13832]
S2 TurboBoost;Intel® Turbo Boost Technology Monitor;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-04-17 134928]
S2 VideAceWindowsService;VideAceWindowsService;c:\expressgateutil\VAWinService.exe [2011-03-26 91464]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2011-04-12 142632]
S3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;c:\windows\system32\DRIVERS\FLxHCIc.sys [2012-01-10 219648]
S3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;c:\windows\system32\DRIVERS\FLxHCIh.sys [2012-01-10 65024]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-04-20 169584]
.
.
計劃任務 文件夾 裡的內容
.
2012-11-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-20 11:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2011-05-25 07:09 227840 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-10 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-10 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-10 418328]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-10-13 2168424]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2010-05-03 324096]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"snp2uvc"="c:\windows\vsnp2uvc.exe" [2010-01-21 909824]
"IME14 CHT Setup"="c:\progra~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE" [2012-03-13 110896]
"COMODO Internet Security"="d:\virus protection course\COMODO\COMODO Internet Security\cistray.exe" [2012-10-09 527568]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll c:\windows\System32\guard64.dll c:\windows\System32\guard64.dll
.
------- 而外的掃描 -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: 傳送至 OneNote(&N) - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: 匯出至 Microsoft Excel(&X) - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.43.1
FF - ProfilePath - c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\f4o2kfyi.default\
FF - prefs.js: browser.startup.homepage - www.google.com.tw
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2012-10-02 11:06; {b9db16a4-6edc-47ec-a1f4-b86292ed211d}; c:\users\ASUS\AppData\Roaming\Mozilla\Firefox\Profiles\f4o2kfyi.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\cnhvgf]
"ImagePath"="\??\c:\program files\COMODO\COMODO Internet Security\ccekrnl.dat"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\讄L?*C*C*l*e*a*n*e*r*\command]
@="c:\\Program Files\\CCleaner\\ccleaner.exe /AUTO"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell\?_U *C*C*l*e*a*n*e*r*.*.*.*\command]
@="c:\\Program Files\\CCleaner\\ccleaner.exe"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Print\Printers\袈?*O*n*e*N*o*t*e* *2*0*1*0*\DsDriver]
"printBinNames"=multi:"\00\00"
"printCollate"=hex:00
"printColor"=hex:01
"printDuplexSupported"=hex:00
"printStaplingSupported"=hex:00
"printMaxXExtent"=dword:00000b9a
"printMaxYExtent"=dword:000010de
"printMinXExtent"=dword:000003d8
"printMinYExtent"=dword:00000771
"printMediaSupported"=multi:"Letter\00Tabloid\00Legal\00Executive\00A3\00A4\00B4 (JIS)\00B5 (JIS)\00Envelope #10\00Envelope Monarch\00\00"
"printMediaReady"=multi:"A4\00\00"
"printNumberUp"=dword:00000000
"printMemory"=dword:00008000
"printOrientationsSupported"=multi:"PORTRAIT\00LANDSCAPE\00\00"
"printMaxResolutionSupported"=dword:000004b0
"printLanguage"=multi:"\00\00"
"printRateUnit"=""
"driverVersion"=dword:00000401
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Print\Printers\袈?*O*n*e*N*o*t*e* *2*0*1*0*\DsSpooler]
"driverName"="Send To Microsoft OneNote 2010 Driver"
"portName"=multi:"nul:\00\00"
"printStartTime"=dword:00000000
"printEndTime"=dword:00000000
"printerName"="傳送至 OneNote 2010"
"printKeepPrintedJobs"=hex:00
"printSpooling"="PrintAfterSpooled"
"priority"=dword:00000001
"uNCName"="\\\\ASUS-PC\\傳送至 OneNote 2010"
"serverName"="ASUS-PC"
"shortServerName"="ASUS-PC"
"versionNumber"=dword:00000004
"flags"=dword:00000000
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Print\Printers\袈?*O*n*e*N*o*t*e* *2*0*1*0*\PrinterDriverData]
"InitDriverVersion"=dword:00000600
"Model"="Send To OneNote Driver"
"FreeMem"=hex:00,80,00,00
"PrinterDataSize"=dword:00000230
"PrinterData"=hex:00,06,30,02,81,08,00,00,00,f8,ba,01,00,00,00,00,00,00,00,00,
64,00,58,02,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,c2,ac,90,51,01,\
"FeatureKeywordSize"=dword:00000012
"FeatureKeyword"=hex:4d,65,6d,6f,72,79,00,33,32,37,36,38,4b,42,00,0a,00,00
"Forms?"=dword:5190acc2
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Print\Forms\E* *:\鱍]
"FormKeyword"=hex:45,5f,53,48,45,45,54,3a,48,50,00
"ResourceNameID"="@hpzstwn7.dll,3398"
.
------------------------ 其他運行進程 ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\Splendid\ACMON.exe
c:\program files (x86)\ASUS\SmartLogon\sensorsrv.exe
c:\windows\SysWOW64\ACEngSvr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
.
**************************************************************************
.
完成時間: 2012-11-09 08:54:06 - 電腦已重新啟動
ComboFix-quarantined-files.txt 2012-11-09 00:54
ComboFix2.txt 2012-11-08 02:07
ComboFix3.txt 2012-10-31 11:50
ComboFix4.txt 2012-10-29 07:29
ComboFix5.txt 2012-11-09 00:42
.
Pre-Run: 156,031,266,816 位元組可用
Post-Run: 155,944,681,472 位元組可用
.
- - End Of File - - ED23A8A5281BB504F1C90B4ECA886A2E

#15 nasdaq

nasdaq

  • Malware Response Team
  • 40,749 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:08:46 PM

Posted 09 November 2012 - 11:25 AM

But Abnormal System Setting is still there.

That message is from Comodo.
Now that Avast is gone follow the instructions on this page.


http://help.comodo.com/topic-170-1-414-4585-smart-scan.html

Keep me posted.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users