VIRY.CZ

Logfile of random's system information tool 1.09 (written by random/random)
Run by Frax at 2011-08-23 11:38:04
Microsoft Windows 7 Ultimate
System drive C: has 35 GB (24%) free of 142 GB
Total RAM: 3070 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:38:09, on 23.8.2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Mouse Driver\StartAutorun.exe
C:\Program Files\Mouse Driver\KMConfig.exe
C:\Program Files\real\realplayer\Update\realsched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Mouse Driver\KMProcess.exe
C:\Windows\systemup.exe
C:\Windows\l1rezerv.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Program Files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe
C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Users\Frax\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Frax\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Users\Frax\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Frax\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Frax\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Frax\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Users\Frax\Downloads\RSIT.exe
C:\Program Files\trend micro\Frax.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/sk27211/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Poskytovatel aplikace Internet Explorer: Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\Windows\WebIE.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll (file missing)
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.0.0.128\IPS\IPSBHO.DLL (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Windows\WebIE.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: (no name) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll (file missing)
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-3-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico1] C:\Windows\update.tray-10-0\svchost.exe
O4 - HKLM\..\Run: [4149115.exe] "C:\Windows\Temp\4149115.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [systemup] "C:\Windows\systemup.exe" stand
O4 - HKLM\..\Run: [8713658.exe] "C:\Windows\Temp\8713658.exe"
O4 - HKLM\..\Run: [171167.exe] "C:\Windows\Temp\171167.exe"
O4 - HKLM\..\Run: [25737818-loader2.exe] "C:\Windows\Temp\25737818-loader2.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\Windows\l1rezerv.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Frax\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
O4 - HKCU\..\Run: [SmartRAM] "C:\Program Files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe" /m
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Aktualizovat ESET licenci.lnk = C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\Windows\WebIE.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Windows\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Windows\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Windows\WebIE.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{6291E666-438C-4E97-B96B-1B45C9D0871C}: NameServer = 192.168.51.250,192.168.51.252
O17 - HKLM\System\CCS\Services\Tcpip\..\{C3793772-5D9C-42A2-B37D-8DFBE975932A}: NameServer = 192.168.10.4,192.168.11.5
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - D:\Photoshop Elements 9\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Advanced SystemCare Service (AdvancedSystemCareService) - IObit - C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\aestsrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: ddservice - Unknown owner - C:\Windows\update.7.1\svchostdriver.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: ICM_UpdaterService Disp (ICM_UpdaterService) - Unknown owner - C:\Program Files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe
O23 - Service: ICQ Service - Unknown owner - C:\Program Files\ICQ6Toolbar\ICQ Service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Mouse Driver\KMWDSrv.exe
O23 - Service: Norton Internet Security (NIS) - Unknown owner - C:\Program Files\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - Unknown owner - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (file missing)
O23 - Service: srvbtcclient - Unknown owner - C:\Windows\update.5.0\svchost.exe
O23 - Service: srviecheck - Unknown owner - C:\Windows\update.2\svchost.exe
O23 - Service: srvsysdriver32 - Unknown owner - C:\Windows\sysdriver32.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: BitDefender Update Server v2 (Update Server) - Unknown owner - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: wxpdrivers - Unknown owner - C:\Windows\update.1\svchost.exe

--
End of file - 13307 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AWC Update.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2532162141-719380914-326111389-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2532162141-719380914-326111389-1000UA.job
C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
C:\Windows\tasks\SystemToolsDailyTest.job
C:\Windows\tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Frax\AppData\Roaming\Mozilla\Firefox\Profiles\n2lbzew7.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://start.icq.com/sk27211/"
prefs.js - "extensions.enabledItems" - "{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}:8.6.7.0, npfax@microgaming.co.uk:2.1.0.19, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {ea614400-e918-4741-9a97-7a972ff7c30b}:2.0.3, {9AA46F4F-4DC7-4c06-97AF-5035170633FE}:20.1.0.4, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.4, FFToolbar@bitdefender.com:2.0, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.3, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, engine@conduit.com:3.2.5.2, {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}:3.2.5.2, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"
prefs.js - "keyword.URL" - "http://search.conduit.com/ResultsExt.as ... 2786678&q="

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\IPSFFPlgn\
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\coFFPlgn\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647]
"Description"=RealPlayer(tm) LiveConnect-Enabled Plug-In
"Path"=c:\program files\real\realplayer\Netscape6\nppl3260.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647]
"Description"=RealJukebox Netscape Plugin
"Path"=c:\program files\real\realplayer\Netscape6\nprjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652]
"Description"=RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652]
"Description"=RealPlayer(tm) HTML5VideoShim Plug-In
"Path"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647]
"Description"=12.0.1.647
"Path"=c:\program files\real\realplayer\Netscape6\nprpjplug.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=]
"Description"=
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1]
"Description"=Yahoo! activeX Plug-in Bridge
"Path"=C:\Program Files\Yahoo!\Common\npyaxmpb.dll

C:\Program Files\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{9AA46F4F-4DC7-4c06-97AF-5035170633FE}
{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browser.xpt
browserdirprovider.dll
brwsrcmp.dll
components.list
FeedConverter.js
FeedProcessor.js
FeedWriter.js
fuelApplication.js
GPSDGeolocationProvider.js
jsconsole-clhandler.js
NetworkGeolocationProvider.js
nppl3260.xpt
nsAddonRepository.js
nsBadCertHandler.js
nsBlocklistService.js
nsBrowserContentHandler.js
nsBrowserGlue.js
nsContentDispatchChooser.js
nsContentPrefService.js
nsDefaultCLH.js
nsDownloadManagerUI.js
nsExtensionManager.js
nsFormAutoComplete.js
nsHandlerService.js
nsHelperAppDlg.js
nsINIProcessor.js
nsIQTScriptablePlugin.xpt
nsjsrealplayerplugin.xpt
nsLivemarkService.js
nsLoginInfo.js
nsLoginManager.js
nsLoginManagerPrompter.js
nsMicrosummaryService.js
nsPlacesAutoComplete.js
nsPlacesDBFlush.js
nsPlacesTransactionsService.js
nsPrivateBrowsingService.js
nsProxyAutoConfig.js
nsSafebrowsingApplication.js
nsSearchService.js
nsSearchSuggestions.js
nsSessionStartup.js
nsSessionStore.js
nsSetDefaultBrowser.js
nsSidebar.js
nsTaggingService.js
nsTryToClose.js
nsUpdateService.js
nsUpdateServiceStub.js
nsUpdateTimerManager.js
nsUrlClassifierLib.js
nsUrlClassifierListManager.js
nsURLFormatter.js
nsWebHandlerApp.js
pluginGlue.js
storage-Legacy.js
storage-mozStorage.js
txEXSLTRegExFunctions.js
WebContentConverter.js

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npnul32.dll
NPOFF12.DLL
nppdf32.dll
nppl3260.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nprjplug.dll
nprpjplug.dll
nsiqtscriptableplugin.xpt
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
google.xml
jyxo-cz.xml
mall-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Frax\AppData\Roaming\Mozilla\Firefox\Profiles\n2lbzew7.default\extensions\
engine@conduit.com
npfax@microgaming.co.uk
{003D3EDC-99B9-4a34-9C20-60CB94F7E829}
{800b5000-a755-47e1-992b-48a1c1357f07}
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Frax\AppData\Roaming\Mozilla\Firefox\Profiles\n2lbzew7.default\searchplugins\
askcom.xml
conduit.xml
firmycz.xml
icqplugin-1.xml
icqplugin.xml
mapycz.xml
zbocz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\Windows\WebIE.dll [2008-09-08 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-06-03 386264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files\Norton Internet Security\Engine\19.0.0.128\IPS\IPSBHO.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}]
uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\Windows\WebIE.dll [2008-09-08 491520]
{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - uTorrentBar Toolbar - C:\Program Files\uTorrentBar\tbuTor.dll [2010-12-09 3911776]
{30F9B915-B755-4826-820B-08FBA6BD249D} - Conduit Engine - C:\Program Files\ConduitEngine\ConduitEngine.dll [2010-12-09 3911776]
{381FFDE8-2394-4F90-B10D-FC6124A40F8C}
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll [2011-02-28 1048888]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2008-03-13 163840]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2008-03-12 3563520]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-10-03 178712]
"KMCONFIG"=C:\Program Files\Mouse Driver\StartAutorun.exe [2008-05-30 212992]
"TkBellExe"=C:\Program Files\real\realplayer\update\realsched.exe [2011-06-03 273544]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]
"wxpdrv"=C:\Windows\services32.exe [2011-08-23 1211904]
"tray_ico"= []
"tray_ico0"=C:\Windows\update.tray-3-0\svchost.exe [2011-08-23 1211904]
"tray_ico1"=C:\Windows\update.tray-10-0\svchost.exe [2011-08-23 1211904]
"tray_ico2"= []
"tray_ico3"= []
"tray_ico4"= []
"4149115.exe"=C:\Windows\Temp\4149115.exe [2011-08-23 256000]
"sysdriver32.exe"=C:\Windows\sysdriver32.exe [2011-08-23 256000]
"sysdriver32_.exe"=C:\Windows\sysdriver32_.exe [2011-08-23 256000]
"systemup"=C:\Windows\systemup.exe [2011-08-23 137728]
"8713658.exe"=C:\Windows\Temp\8713658.exe [2011-08-23 634880]
"171167.exe"=C:\Windows\Temp\171167.exe [2011-08-23 258048]
"25737818-loader2.exe"=C:\Windows\Temp\25737818-loader2.exe [2011-08-23 258048]
"l1rezerv.exe"=C:\Windows\l1rezerv.exe [2011-08-23 232960]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Frax\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-12 136176]
"KiesHelper"=C:\Program Files\Samsung\Kies\KiesHelper.exe [2011-04-29 934800]
"KiesTrayAgent"=C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [2011-04-29 3373968]
"Advanced SystemCare 4"=C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe [2011-05-28 412560]
"SmartRAM"=C:\Program Files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe [2011-05-28 512400]
"KiesPDLR"=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-04-29 19856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29 497648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe [2009-06-14 307200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dellsupportcenter]
C:\Program Files\Dell Support Center\bin\sprtcmd.exe /P dellsupportcenter []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Frax\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-12 136176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2008-10-25 31072]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
C:\Users\Frax\Programy\PowerISO\PWRISOVM.EXE [2008-01-20 217088]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\VistaCodecPack\QT\QTTask.exe [2008-05-27 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Aktualizovat ESET licenci.lnk - C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wxpdrivers]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableSecureUIAPaths"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"legalnoticetext"=
"EnableLUA"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.divxa32"=divxa32.acm
"msacm.l3fhg"=mp3fhg.acm
"msacm.lameacm"=lameACM.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.vorbis"=vorbis.acm
"VIDC.FFDS"=ff_vfw.dll
"VIDC.HFYU"=huffyuv.dll
"vidc.i263"=i263_32.drv
"vidc.iv41"=Ir41_32.ax
"vidc.iv50"=ir50_32.dll
"VIDC.VP60"=C:\Windows\system32\vp6vfw.dll
"VIDC.VP61"=C:\Windows\system32\vp6vfw.dll
"VIDC.VP62"=vp6vfw.dll
"VIDC.VP70"=vp7vfw.dll
"vidc.wmv3"=wmv9vcm.dll
"VIDC.X264"=x264vfw.dll
"VIDC.XVID"=xvidvfw.dll
"midi2"=KORGUMDD.DRV
"midi4"=KORGUMDD.DRV
"wave2"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi5"=KORGUMDD.DRV
"midi6"=KORGUMDD.DRV

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2011-08-23 11:28:22 ----D---- C:\Program Files\trend micro
2011-08-23 11:28:20 ----D---- C:\rsit
2011-08-23 10:15:05 ----D---- C:\Program Files\ESET
2011-08-23 10:09:39 ----HD---- C:\Windows\update.tray-10-0-lnk
2011-08-23 10:09:39 ----HD---- C:\Windows\update.tray-10-0
2011-08-23 10:07:48 ----D---- C:\Program Files\Symantec
2011-08-23 10:07:48 ----D---- C:\Program Files\Common Files\Symantec Shared
2011-08-23 10:07:48 ----A---- C:\Windows\system32\drivers\SYMEVENT.SYS
2011-08-23 10:07:04 ----D---- C:\Windows\system32\drivers\NIS
2011-08-23 09:13:52 ----D---- C:\Windows\ufa
2011-08-23 09:13:52 ----D---- C:\Windows\rpcminer
2011-08-23 09:13:52 ----D---- C:\Windows\phoenix
2011-08-23 09:08:54 ----A---- C:\Windows\l1rezerv.exe
2011-08-23 09:07:58 ----HD---- C:\Windows\update.7.1
2011-08-23 09:07:22 ----A---- C:\Windows\iecheck_iplist.txt
2011-08-23 09:06:39 ----HD---- C:\Windows\update.2
2011-08-23 09:06:00 ----A---- C:\Windows\btc_client_iplist.txt
2011-08-23 09:05:29 ----HD---- C:\Windows\update.5.0
2011-08-23 09:04:39 ----A---- C:\Windows\unrar.exe
2011-08-23 09:04:35 ----A---- C:\Windows\systemup.exe
2011-08-23 09:03:37 ----A---- C:\Windows\iplist.txt
2011-08-23 09:02:58 ----A---- C:\Windows\sysdriver32_.exe
2011-08-23 09:02:44 ----A---- C:\Windows\sysdriver32.exe
2011-08-23 09:02:37 ----D---- C:\Windows\av_ico
2011-08-23 09:02:28 ----A---- C:\Windows\front_ip_list.txt
2011-08-23 09:01:02 ----HD---- C:\Windows\update.1
2011-08-23 09:01:00 ----HD---- C:\Windows\update.tray-3-0-lnk
2011-08-23 09:01:00 ----HD---- C:\Windows\update.tray-3-0
2011-08-23 08:50:52 ----A---- C:\Windows\winlog-ids.txt
2011-08-23 08:50:52 ----A---- C:\Windows\winlog-dirs.txt
2011-08-23 08:50:46 ----A---- C:\Windows\services32.exe
2011-08-03 14:41:42 ----D---- C:\ProgramData\EA Core
2011-08-01 15:08:22 ----D---- C:\ProgramData\Solidshield

======List of files/folders modified in the last 1 month======

2011-08-23 11:28:22 ----RD---- C:\Program Files
2011-08-23 11:10:57 ----D---- C:\Program Files\TNod User & Password Finder
2011-08-23 10:30:30 ----D---- C:\Windows\Temp
2011-08-23 10:10:13 ----HD---- C:\ProgramData
2011-08-23 10:09:39 ----D---- C:\Windows
2011-08-23 10:08:06 ----D---- C:\Windows\system32\Tasks
2011-08-23 10:07:50 ----SHD---- C:\System Volume Information
2011-08-23 10:07:48 ----D---- C:\Windows\system32\drivers
2011-08-23 10:07:48 ----D---- C:\Program Files\Common Files
2011-08-23 09:13:15 ----SHD---- C:\Windows\Installer
2011-08-23 09:11:12 ----A---- C:\Windows\NeroDigital.ini
2011-08-23 09:08:06 ----D---- C:\Windows\Prefetch
2011-08-23 09:07:03 ----D---- C:\Windows\system32\drivers\etc
2011-08-23 08:57:40 ----AD---- C:\ProgramData\TEMP
2011-08-23 08:47:31 ----D---- C:\Windows\system32\config
2011-08-22 19:31:21 ----D---- C:\Users\Frax\AppData\Roaming\ICQ
2011-08-22 19:24:31 ----D---- C:\Users\Frax\AppData\Roaming\uTorrent
2011-08-22 16:42:07 ----D---- C:\Windows\System32
2011-08-22 16:42:07 ----D---- C:\Windows\inf
2011-08-22 16:42:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-08-10 15:59:35 ----RSD---- C:\Windows\assembly
2011-08-04 20:00:55 ----D---- C:\Program Files\ICQ7.5
2011-08-03 20:53:10 ----D---- C:\Users\Frax\AppData\Roaming\XnView
2011-08-03 14:41:43 ----D---- C:\ProgramData\Electronic Arts
2011-07-29 16:59:45 ----D---- C:\Windows\system32\catroot2
2011-07-28 13:24:00 ----D---- C:\ProgramData\PCDr
2011-07-28 13:23:58 ----D---- C:\Program Files\Dell Support Center

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2008-03-13 305176]
R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2010-03-19 45648]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2009-12-16 691696]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NIS\1300000.080\SYMDS.SYS [2011-05-16 340088]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NIS\1300000.080\SYMEFA.SYS [2011-05-16 897656]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-01-20 33292]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1300000.080\SRTSPX.SYS [2011-05-21 31864]
R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\system32\drivers\NIS\1300000.080\SYMNETS.SYS [2011-05-09 310392]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 113448]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-02-06 130952]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys [2009-01-08 18048]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-04-20 243712]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2008-03-13 164400]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2008-03-12 18424]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2009-07-08 2506232]
R3 GearAspiWDM;GEARAspiWDM; C:\Windows\System32\drivers\GEARAspiWDM.sys [2008-02-22 16168]
R3 itecir;ITECIR Infrared Receiver; C:\Windows\system32\DRIVERS\itecir.sys [2008-03-14 54784]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2009-07-14 229888]
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-03-22 17024]
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver; C:\Windows\system32\DRIVERS\OA001Ufd.sys [2008-11-26 133472]
R3 OA001Vid;Creative Camera OA001 Function Driver; C:\Windows\system32\DRIVERS\OA001Vid.sys [2008-12-27 279488]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-10 84992]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt.sys [2009-03-16 398336]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2011-08-23 127096]
S1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20110519.002\BHDrvx86.sys []
S1 ccSet_NIS;Norton Internet Security Settings Manager; C:\Windows\system32\drivers\NIS\1300000.080\ccSetx86.sys [2011-05-23 131208]
S1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20110519.031\IDSVix86.sys []
S1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1300000.080\Ironx86.SYS [2011-05-16 149624]
S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys [2009-01-08 165376]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 KMWDFilter1X;KM DRIVER; C:\Windows\system32\DRIVERS\RP24GV1.sys [2009-10-28 16896]
S3 KMWDFILTERx86;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-03-22 17024]
S3 KORGUMDS;KORG USB-MIDI Driver for Windows; C:\Windows\System32\Drivers\KORGUMDS.SYS [2009-10-15 22232]
S3 MAUSBFASTTRACK;Service for M-Audio FastTrack; C:\Windows\system32\DRIVERS\MAudioFastTrack.sys [2009-10-02 158344]
S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20110519.002\NAVENG.SYS []
S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20110519.002\NAVEX15.SYS []
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\program files\dell support center\pcdsrvc.pkms [2011-05-12 21744]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 rootrepeal;rootrepeal; \??\C:\Windows\system32\drivers\rootrepeal.sys []
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 SRS_SSCFilter;SRS Labs Audio Sandbox (WDM); C:\Windows\system32\drivers\srs_sscfilter_i386.sys [2007-07-26 39808]
S3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\system32\drivers\NIS\1300000.080\SRTSP.SYS [2011-05-21 561272]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2010-12-21 98432]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 14848]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2010-12-21 123648]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2010-12-21 100224]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 34944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; D:\Photoshop Elements 9\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-06 169408]
R2 AdvancedSystemCareService;Advanced SystemCare Service; C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\aestsrv.exe [2009-03-16 81920]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-04-20 176128]
R2 ddservice;ddservice; C:\Windows\update.7.1\svchostdriver.exe [2011-08-23 382464]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-10-03 358936]
R2 ICQ Service;ICQ Service; C:\Program Files\ICQ6Toolbar\ICQ Service.exe [2011-02-28 247096]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service; C:\Program Files\Mouse Driver\KMWDSrv.exe [2008-05-30 208896]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2011-03-23 75136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2005-08-08 167936]
R2 srvbtcclient;srvbtcclient; C:\Windows\update.5.0\svchost.exe [2011-08-23 355840]
R2 srviecheck;srviecheck; C:\Windows\update.2\svchost.exe [2011-08-23 634880]
R2 srvsysdriver32;srvsysdriver32; C:\Windows\sysdriver32.exe [2011-08-23 256000]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\STacSV.exe [2009-03-16 254042]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 1710464]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2008-03-12 24064]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 ICM_UpdaterService;ICM_UpdaterService Disp; C:\Program Files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe [2011-03-18 204883]
S2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe /s NIS /m C:\Program Files\Norton Internet Security\Engine\19.0.0.128\diMaster.dll /prefetch:1 []
S2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter []
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-06-10 31064]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-08-03 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2008-05-15 87288]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 Update Server;BitDefender Update Server v2; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe []
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-19 1343400]
S4 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 DAUpdaterSvc;Dragon Age: Origins - Content Updater; D:\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe []
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

Zdravím, pokud chceš pomoct odinstaluj ten CRACKED NOD a pořiď si nějaký free antivir když za něj nechceš platit.

Do té doby

Zdravím,

už jsem to zkoušel ale virus mi nedovolí použít žádný antivir. Po instalaci se restartuje počítač, spustí se v nouzovém režimu, tam virus provede své, restartuje nouzový režim a spustí windows. Potom už antivir nespustím.

Nevím si rady a prosím o pomoc...pokud ještě nějaká pomoc existuje...

Ten NOD jsem smazal před odesláním toho logu. Nevím proč se to o tom NODu v logu zobrazilo. NOD ani nebyl crackovaný.

frax píše:Ten NOD jsem smazal před odesláním toho logu. Nevím proč se to o tom NODu v logu zobrazilo. NOD ani nebyl crackovaný.

Kdybys ho odinstaloval před odesláním logu tak tam nebude a netvrď mi že nebyl cracknutý když to tam vidím.

Budu ti věřit že to napravíš až odstřelíme všechny šmejdy.


Tak že, tohle fixni v HJT :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/sk27211/
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll (file missing)
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.0.0.128\IPS\IPSBHO.DLL (file missing)
O2 - BHO: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: uTorrentBar Toolbar - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files\uTorrentBar\tbuTor.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll
O3 - Toolbar: (no name) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - (no file)
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.0.0.128\coIEPlg.dll (file missing)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [wxpdrv] C:\Windows\services32.exe
O4 - HKLM\..\Run: [tray_ico0] C:\Windows\update.tray-3-0\svchost.exe
O4 - HKLM\..\Run: [tray_ico1] C:\Windows\update.tray-10-0\svchost.exe
O4 - HKLM\..\Run: [4149115.exe] "C:\Windows\Temp\4149115.exe"
O4 - HKLM\..\Run: [sysdriver32.exe] "C:\Windows\sysdriver32.exe" rezerv
O4 - HKLM\..\Run: [sysdriver32_.exe] "C:\Windows\sysdriver32_.exe" rezerv
O4 - HKLM\..\Run: [systemup] "C:\Windows\systemup.exe" stand
O4 - HKLM\..\Run: [8713658.exe] "C:\Windows\Temp\8713658.exe"
O4 - HKLM\..\Run: [171167.exe] "C:\Windows\Temp\171167.exe"
O4 - HKLM\..\Run: [25737818-loader2.exe] "C:\Windows\Temp\25737818-loader2.exe"
O4 - HKLM\..\Run: [l1rezerv.exe] "C:\Windows\l1rezerv.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Frax\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Aktualizovat ESET licenci.lnk = C:\Program Files\ESET\MiNODLogin\MiNODLogin.exe
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - (no file)

HJT najdeš zde :

C:\Program Files\trend micro\Frax.exe

Fix znamená že spustíš HJT jako admin

v okně které se ti otevře klikneš na Do a system scan only

v dalším okně najdeš řádky které jsem ti vypsal,

vedle nich je čtvereček do kterého uděláš zatržítko,

pak klikneš na Fix checked které je vlevo dole,

program se ti zeptá zda opravdu ANO s tím samozřejmě souhlasíš a je hotovo.


Přes Start >> Všechny programy >> Příslušenství >> Spustit >> napiš - services.msc >> Enter. Najdi službu :

ddservice

ICM_UpdaterService Disp

ICQ Service

NMIndexingService

Cyberlink RichVideo Service(CRVS)

srvbtcclient

srviecheck

srvsysdriver32

wxpdrivers

klikni na ni pravým myšítkem, zvol vlastnosti, na další kartě nejprve službu zastav tlačítkem Zastavit a u položky Typ spouštění zvol Zakázáno.


Přes Odebrat programy odinstaluj ICQ6Toolbar, Advanced SystemCare Service, Norton Internet Security a pořádně ten ESET


Smaž nepotřebné soubory

pomocí CCleaneru

návod :

Čistič - tady vyčistíš PC od nepotřebných souborů a vysypeš Koš

Registry - tady vyčistíš registry (před použitím doporučuji udělat jejich zálohu kterou CCleaner nabízí)

čištění registru je třeba několikrát zopakovat !

Nástroje - tady lze odinstalovat programy, upravit co se spustí po Startu systému a obnovit systém


Pak použij Mbam z mého podpisu a dej mi sem z něj log, předem nic nemazat !!!

Tady je log z Mbam:


Malwarebytes' Anti-Malware 1.50
www.malwarebytes.org

Verze databáze: 7550

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

24.8.2011 11:26:27
mbam-log-2011-08-24 (11-26-21).txt

Typ kontroly: Úplný test (C:\|D:\|E:\|)
Testované objekty: 475690
Uplynulý čas: 1 hodin, 44 minut, 25 sekund

Infikované procesy v paměti: 1
Infikované moduly v paměti: 0
Infikované klíče v registru: 9
Infikované hodnoty v registru: 2
Infikované datové položky v registru: 3
Infikované složky: 1
Infikované soubory: 19

Infikované procesy v paměti:
c:\Windows\update.1\svchost.exe (Trojan.Agent) -> 2088 -> No action taken.

Infikované moduly v paměti:
(Žádné škodlivé položky nebyly zjištěny)

Infikované klíče v registru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\SERVICES32.EXE (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> No action taken.

Infikované hodnoty v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Services32.exe\close (Trojan.Agent) -> Value: close -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> No action taken.

Infikované datové položky v registru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Infikované složky:
c:\Windows\rpcminer (Trojan.BCMiner) -> No action taken.

Infikované soubory:
c:\Windows\Tasks\{66ba574b-1e11-49b8-909c-8cc9e0e8e015}.job (Trojan.Downloader) -> No action taken.
c:\Windows\update.1\svchost.exe (Trojan.Agent) -> No action taken.
c:\Windows\services32.exe (Trojan.Agent) -> No action taken.
c:\Windows\rpcminer\bitcoinmineropencl.cl (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_10.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_11.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\bitcoinminercuda_20.cubin (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\cudart32_32_16.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\curllib.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\libeay32.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\libsasl.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\openldap.dll (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-4way.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-cpu.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-cuda.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\rpcminer-opencl.exe (Trojan.BCMiner) -> No action taken.
c:\Windows\rpcminer\ssleay32.dll (Trojan.BCMiner) -> No action taken.

Vše co Mbam našel nech smazat.


Nyní použijeme větši kalibr tak že pozorně čti, protože tenhle softík netoleruje chyby.

Stáhni a ulož na plochu ComboFix,

spusť aplikaci jako Administrátor a povol instalaci Konzole pro zotavení - Recovery Console.

Poté se zobrazí okno s licenčními podmínkami které potvrdíš kliknutím na ANO,

pak ještě jednou klik na ANO a už to jede.

Celá akce trvá okolo 10 minut ale může i déle, během skenu se nepokoušej spouštět nic jiného.

Při skenovaní může být PC i restartováno nelekat se.

Upozornění: po dobu skenu vypni rezidentní štít Antiviru a AntiSpy programu,

protože Combofix se pokouší napadené soubory smazat a tyto programy mu můžou bránit.

Po dokončení skenu nebo následném restartu aplikace vytvoří log, uložený na C:/Combofix.txt

(při opakovaném použití jsou logy číslovány Combofix2.txt atd.), jeho obsah zkopíruj sem.


V případě nejasností je ZDE obrázkový návod.

Vše jsem udělal dle pokynů. Akorát mi teď nejde internet. Facebook mi nešel ani když mi ještě šlapal aspon ten net. Dá se s tím něco dělat?

Zde přikládám log z Combofixu:


ComboFix 11-08-24.06 - Frax 25.08.2011 10:48:12.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3070.2113 [GMT 2:00]
Spuštěný z: c:\users\Frax\Downloads\ComboFix.exe
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Frax\AppData\Local\Temp\9b93aee4-5d0f-43c6-98ae-ec0b1e7534ab\CliSecureRT.dll
c:\users\Frax\AppData\Roaming\.#
c:\users\Frax\AppData\Roaming\.#\MBX@448@1AE2900.###
c:\users\Frax\AppData\Roaming\.#\MBX@448@1AE2930.###
c:\users\Frax\AppData\Roaming\.#\MBX@448@1AE2960.###
c:\windows\phoenix
c:\windows\phoenix\kernels\phatk\__init__.py
c:\windows\phoenix\kernels\phatk\__init__.pyc
c:\windows\phoenix\kernels\phatk\072ef2a4a4eba303812212bdf6062eaf.elf
c:\windows\phoenix\kernels\phatk\BFIPatcher.py
c:\windows\phoenix\kernels\phatk\BFIPatcher.pyc
c:\windows\phoenix\kernels\phatk\c351b3c6816263e9c72b843ff03a00e6.elf
c:\windows\phoenix\kernels\phatk\kernel.cl
c:\windows\phoenix\kernels\poclbm\__init__.py
c:\windows\phoenix\kernels\poclbm\__init__.pyc
c:\windows\phoenix\kernels\poclbm\6331b6d01877ac4d6847eddcd84a21ca.elf
c:\windows\phoenix\kernels\poclbm\BFIPatcher.py
c:\windows\phoenix\kernels\poclbm\BFIPatcher.pyc
c:\windows\phoenix\kernels\poclbm\d84f8c06bc6f620aacae4db577131d9c.elf
c:\windows\phoenix\kernels\poclbm\kernel.cl
c:\windows\phoenix\phoenix.exe
c:\windows\update.1
c:\windows\update.2
c:\windows\update.5.0
c:\windows\update.7.1
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-25 do 2011-08-25 )))))))))))))))))))))))))))))))
.
.
2011-08-25 09:12 . 2011-08-25 09:12 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-24 08:56 . 2011-08-24 08:56 -------- d-----w- c:\users\Frax\AppData\Roaming\gtk-2.0
2011-08-24 08:54 . 2011-08-24 09:13 -------- d-----w- c:\users\Frax\AppData\Roaming\.purple
2011-08-24 08:17 . 2011-08-24 08:19 -------- d-----w- c:\program files\Pidgin
2011-08-24 08:11 . 2011-08-24 08:15 -------- d-----w- c:\users\Frax\AppData\Roaming\Trillian
2011-08-24 08:10 . 2011-08-24 08:15 -------- d-----w- c:\program files\Trillian
2011-08-24 07:37 . 2011-08-24 07:37 -------- d-----w- c:\users\Frax\AppData\Roaming\Malwarebytes
2011-08-24 07:37 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-24 07:37 . 2011-08-24 07:37 -------- d-----w- c:\programdata\Malwarebytes
2011-08-24 07:36 . 2011-08-24 07:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-24 07:36 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-23 09:28 . 2011-08-23 22:47 -------- d-----w- c:\program files\trend micro
2011-08-23 09:28 . 2011-08-23 09:30 -------- d-----w- C:\rsit
2011-08-23 08:09 . 2011-08-23 08:09 -------- d--h--w- c:\windows\update.tray-10-0
2011-08-23 08:09 . 2011-08-23 08:09 -------- d--h--w- c:\windows\update.tray-10-0-lnk
2011-08-23 08:07 . 2011-08-23 08:07 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-08-23 08:07 . 2011-08-23 08:07 -------- d-----w- c:\program files\Symantec
2011-08-23 08:07 . 2011-08-23 08:07 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-08-23 08:07 . 2011-08-23 08:07 -------- d-----w- c:\windows\system32\drivers\NIS
2011-08-23 07:13 . 2011-08-23 13:24 -------- d-----w- c:\windows\ufa
2011-08-23 07:04 . 2011-08-23 07:13 246272 ----a-w- c:\windows\unrar.exe
2011-08-23 07:02 . 2011-08-23 08:11 -------- d-----w- c:\windows\av_ico
2011-08-23 07:01 . 2011-08-23 11:07 -------- d--h--w- c:\windows\update.tray-3-0-lnk
2011-08-23 07:01 . 2011-08-23 07:01 -------- d--h--w- c:\windows\update.tray-3-0
2011-08-03 12:41 . 2011-08-03 12:41 -------- d-----w- c:\programdata\EA Core
2011-08-01 13:08 . 2011-08-01 13:08 -------- d-----w- c:\programdata\Solidshield
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-04 06:52 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2010-07-08 09:37 . 2010-07-08 09:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-04-28 934800]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-04-28 3373968]
"Advanced SystemCare 4"="c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-05-28 412560]
"SmartRAM"="c:\program files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe" [2011-05-28 512400]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-04-28 19856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-03-13 163840]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-03-12 3563520]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2008-05-30 212992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Taskman"=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi2"=KORGUMDD.DRV
"midi4"=KORGUMDD.DRV
"midi5"=KORGUMDD.DRV
"midi6"=KORGUMDD.DRV
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-07-28 23:25 497648 ----a-w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
2009-06-14 17:24 307200 ----a-r- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-10-12 17:32 136176 ----atw- c:\users\Frax\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-01-20 07:05 217088 ----a-w- c:\users\Frax\Programy\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-05-27 08:50 413696 ----a-w- c:\program files\VistaCodecPack\QT\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001
"DisableThumbnailCache"=dword:00000001
.
R1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20110519.002\BHDrvx86.sys [x]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1300000.080\ccSetx86.sys [2011-05-23 131208]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20110519.031\IDSVix86.sys [x]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1300000.080\Ironx86.SYS [2011-05-16 149624]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe [x]
R3 KMWDFilter1X;KM DRIVER;c:\windows\system32\DRIVERS\RP24GV1.sys [2009-10-28 16896]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2008-03-22 17024]
R3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\Drivers\KORGUMDS.SYS [2009-10-15 22232]
R3 MAUSBFASTTRACK;Service for M-Audio FastTrack;c:\windows\system32\DRIVERS\MAudioFastTrack.sys [2009-10-02 158344]
R3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [2011-05-12 21744]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-12-21 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-12-21 123648]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2010-12-21 100224]
R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-19 1343400]
R4 DAUpdaterSvc;Dragon Age: Origins - Content Updater;d:\dragon age\bin_ship\DAUpdaterSvc.Service.exe [x]
R4 ICM_UpdaterService;ICM_UpdaterService Disp;c:\program files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe [2011-03-18 204883]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-16 691696]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1300000.080\SYMDS.SYS [2011-05-16 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1300000.080\SYMEFA.SYS [2011-05-16 897656]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2009-02-06 106208]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NIS\1300000.080\SYMNETS.SYS [2011-05-09 310392]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;d:\photoshop elements 9\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-06 169408]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\aestsrv.exe [2009-03-16 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-04-20 176128]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 38240]
S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [2008-05-30 208896]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-04-20 243712]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2008-03-14 54784]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\DRIVERS\OA001Ufd.sys [2008-11-26 133472]
S3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\DRIVERS\OA001Vid.sys [2008-12-26 279488]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - aswFsBlk
*Deregistered* - aswMonFlt
*Deregistered* - aswRdr
*Deregistered* - aswSP
*Deregistered* - aswTdi
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532162141-719380914-326111389-1000Core.job
- c:\users\Frax\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-12 17:32]
.
2011-08-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532162141-719380914-326111389-1000UA.job
- c:\users\Frax\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-12 17:32]
.
2011-08-24 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:08]
.
2011-08-25 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:08]
.
.
------- Doplňkový sken -------
.
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\Microsoft Office\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: Interfaces\{6291E666-438C-4E97-B96B-1B45C9D0871C}: NameServer = 192.168.51.250,192.168.51.252
TCP: Interfaces\{C3793772-5D9C-42A2-B37D-8DFBE975932A}: NameServer = 192.168.10.4,192.168.11.5
Name-Space Handler: FTP\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: HTTP\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
FF - ProfilePath - c:\users\Frax\AppData\Roaming\Mozilla\Firefox\Profiles\n2lbzew7.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - hxxp://start.icq.com/sk27211/
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&q=
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Flash AX Control: npfax@microgaming.co.uk - %profile%\extensions\npfax@microgaming.co.uk
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - %profile%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Download Accelerator Plus Integration: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08} - c:\program files\DAP\DAPFireFox
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
MSConfigStartUp-dellsupportcenter - c:\program files\Dell Support Center\bin\sprtcmd.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-12_Symbian_USB_Download_Driver - c:\program files\SAMSUNG\USB Drivers\12_Symbian_USB_Download_Driver\Uninstall.exe
AddRemove-15_Symbian_Samsung_PC_DLC_Driver - c:\program files\SAMSUNG\USB Drivers\15_Symbian_Samsung_PC_DLC_Driver\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.0.0.128\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2532162141-719380914-326111389-1000\Software\SecuROM\License information*]
"datasecu"=hex:84,5a,47,32,c9,e9,3e,10,af,a7,9d,18,59,c7,d3,86,f5,18,d1,be,d9,
99,3d,d7,4d,9d,92,7f,12,4c,ba,4f,2c,2d,f6,cf,5b,e8,0e,20,45,62,7c,e0,95,32,\
"rkeysecu"=hex:ad,9f,98,f4,f9,ce,0f,be,4a,0e,fe,28,ad,41,8a,4c
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\system32\conhost.exe
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Mouse Driver\KMConfig.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\Mouse Driver\KMProcess.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\DellTPad\Apntex.exe
c:\windows\system32\conhost.exe
c:\windows\system32\taskhost.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\sppsvc.exe
.
**************************************************************************
.
Celkový čas: 2011-08-25 11:20:06 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-25 09:20
.
Před spuštěním: Volných bajtů: 46 294 814 720
Po spuštění: Volných bajtů: 46 286 962 688
.
- - End Of File - - FCDB5B6D691FED95AF13E6B108DC4EE8

Pokud jsi tak ještě neučinil, přesuň Combofix na plochu

otevři si Poznámkový blok

do něj zkopíruj skript z následujícího okna:
ulož Tebou vytvořený TXT soubor jako CFScript.txt na plochu,

po uložení uchop vytvořený skript levým myšítkem a přesuň ho nad ikonu Combofixu, kde ho upustíš:



Po aplikaci na Tebe vypadne další log, zkopíruj ho sem

Upozornění : může se stát, že po aplikaci skriptu a restartu Windows nenaběhnou,

v tom případě znovu restartuj a přitom mačkej F8 poté zvol Poslední známou funkční konfiguraci

Fixnul jsem vybrané soubory, ale po restartu počítače mi nejde spustit ani jeden program ((
Při pokusu o spuštění programu mi vyskočí chybové okno s hláškou: Pokus použít neplatnou operaci na klíč registru, který je označen pro odstranění.

Zde je nový log


ComboFix 11-08-24.06 - Frax 26.08.2011 10:09:25.2.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.3070.2357 [GMT 2:00]
Spuštěný z: c:\users\Frax\Downloads\ComboFix.exe
Použité ovládací přepínače :: H:\CFScript.txt
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Vytvořen nový Bod Obnovení
.
FILE ::
"c:\windows\system32\DRIVERS\ehdrv.sys"
"c:\windows\system32\DRIVERS\epfwwfp.sys"
"c:\windows\unrar.exe"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\IObit
c:\program files\IObit\Advanced SystemCare 4\About.dll
c:\program files\IObit\Advanced SystemCare 4\ASC.exe
c:\program files\IObit\Advanced SystemCare 4\ASCInit.exe
c:\program files\IObit\Advanced SystemCare 4\ASCpatch.exe
c:\program files\IObit\Advanced SystemCare 4\ASCService.exe
c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe
c:\program files\IObit\Advanced SystemCare 4\ASCv4ComputerMenu.dll
c:\program files\IObit\Advanced SystemCare 4\ASCv4ComputerMenu_64.dll
c:\program files\IObit\Advanced SystemCare 4\ASCv4ExtMenu.dll
c:\program files\IObit\Advanced SystemCare 4\ASCv4ExtMenu.tmp
c:\program files\IObit\Advanced SystemCare 4\ASCv4ExtMenu_64.dll
c:\program files\IObit\Advanced SystemCare 4\AutoCare.exe
c:\program files\IObit\Advanced SystemCare 4\AutoSweep.exe
c:\program files\IObit\Advanced SystemCare 4\AutoUpdate.exe
c:\program files\IObit\Advanced SystemCare 4\Config.ini
c:\program files\IObit\Advanced SystemCare 4\cxLibraryD12.bpl
c:\program files\IObit\Advanced SystemCare 4\datastate.dll
c:\program files\IObit\Advanced SystemCare 4\Def.dbd
c:\program files\IObit\Advanced SystemCare 4\DiskMap.dll
c:\program files\IObit\Advanced SystemCare 4\DiskScan.exe
c:\program files\IObit\Advanced SystemCare 4\DriverData.db
c:\program files\IObit\Advanced SystemCare 4\dxBarD12.bpl
c:\program files\IObit\Advanced SystemCare 4\dxComnD12.bpl
c:\program files\IObit\Advanced SystemCare 4\dxCoreD12.bpl
c:\program files\IObit\Advanced SystemCare 4\dxDockingD12.bpl
c:\program files\IObit\Advanced SystemCare 4\dxGDIPlusD12.bpl
c:\program files\IObit\Advanced SystemCare 4\dxSkinOffice2007BlueD12.bpl
c:\program files\IObit\Advanced SystemCare 4\dxSkinsCoreD12.bpl
c:\program files\IObit\Advanced SystemCare 4\dxThemeD12.bpl
c:\program files\IObit\Advanced SystemCare 4\EULA.rtf
c:\program files\IObit\Advanced SystemCare 4\feedback.log
c:\program files\IObit\Advanced SystemCare 4\FfSweep.dll
c:\program files\IObit\Advanced SystemCare 4\FileSweep.dll
c:\program files\IObit\Advanced SystemCare 4\help.html
c:\program files\IObit\Advanced SystemCare 4\ChangeType.exe
c:\program files\IObit\Advanced SystemCare 4\checkinfo.txt
c:\program files\IObit\Advanced SystemCare 4\images\dcScreen.png
c:\program files\IObit\Advanced SystemCare 4\images\dcScreen2.png
c:\program files\IObit\Advanced SystemCare 4\images\icon-dc.png
c:\program files\IObit\Advanced SystemCare 4\images\icon-qc.png
c:\program files\IObit\Advanced SystemCare 4\images\icon-tb.png
c:\program files\IObit\Advanced SystemCare 4\images\icon-tbox.png
c:\program files\IObit\Advanced SystemCare 4\images\main.png
c:\program files\IObit\Advanced SystemCare 4\images\mainPro.png
c:\program files\IObit\Advanced SystemCare 4\images\toolboxscreen.png
c:\program files\IObit\Advanced SystemCare 4\images\turboboost.png
c:\program files\IObit\Advanced SystemCare 4\Language\Arabic.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Belarusian.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Bulgarian.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Czech.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Danish.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Dutch.lng
c:\program files\IObit\Advanced SystemCare 4\Language\English.lng
c:\program files\IObit\Advanced SystemCare 4\Language\French.lng
c:\program files\IObit\Advanced SystemCare 4\Language\German.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Greek.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Hungarian.lng
c:\program files\IObit\Advanced SystemCare 4\Language\ChineseSimp.lng
c:\program files\IObit\Advanced SystemCare 4\Language\ChineseTrad.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Italiano.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Japanese.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Korean.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Polish.lng
c:\program files\IObit\Advanced SystemCare 4\Language\PortugueseBR.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Russian.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Serbian.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Spanish.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Swedish.lng
c:\program files\IObit\Advanced SystemCare 4\Language\Turkish.lng
c:\program files\IObit\Advanced SystemCare 4\LatestNews\imagenews.png
c:\program files\IObit\Advanced SystemCare 4\LatestNews\LatestNews.ini
c:\program files\IObit\Advanced SystemCare 4\License.dat
c:\program files\IObit\Advanced SystemCare 4\madbasic_.bpl
c:\program files\IObit\Advanced SystemCare 4\maddisAsm_.bpl
c:\program files\IObit\Advanced SystemCare 4\madexcept_.bpl
c:\program files\IObit\Advanced SystemCare 4\NtfsData.dll
c:\program files\IObit\Advanced SystemCare 4\OFCommon.dll
c:\program files\IObit\Advanced SystemCare 4\OFCommon3.dll
c:\program files\IObit\Advanced SystemCare 4\PMonitor.exe
c:\program files\IObit\Advanced SystemCare 4\Register.exe
c:\program files\IObit\Advanced SystemCare 4\RescueCenter.exe
c:\program files\IObit\Advanced SystemCare 4\rtl120.bpl
c:\program files\IObit\Advanced SystemCare 4\Scan.dll
c:\program files\IObit\Advanced SystemCare 4\ScanCache.db
c:\program files\IObit\Advanced SystemCare 4\services.ini
c:\program files\IObit\Advanced SystemCare 4\sqlite3.dll
c:\program files\IObit\Advanced SystemCare 4\StartMenu.exe
c:\program files\IObit\Advanced SystemCare 4\Suc10_RegistryCleaner.exe
c:\program files\IObit\Advanced SystemCare 4\Suc11_PrivacySweeper.exe
c:\program files\IObit\Advanced SystemCare 4\Suc12_Uninstal.exe
c:\program files\IObit\Advanced SystemCare 4\Suc13_DiskCleaner.exe
c:\program files\IObit\Advanced SystemCare 4\Suc14_FileShredder.exe
c:\program files\IObit\Advanced SystemCare 4\Sun10_ClonedFilesScanner.exe
c:\program files\IObit\Advanced SystemCare 4\Sun11_DiskExplorer.exe
c:\program files\IObit\Advanced SystemCare 4\Sun12_SystemInformation.exe
c:\program files\IObit\Advanced SystemCare 4\Sun13_EmptyFoldersScanner.exe
c:\program files\IObit\Advanced SystemCare 4\Sun14_SystemControl.exe
c:\program files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe
c:\program files\IObit\Advanced SystemCare 4\Suo11_InternetBooster.exe
c:\program files\IObit\Advanced SystemCare 4\Suo12_StartupManager.exe
c:\program files\IObit\Advanced SystemCare 4\Suo13_RegistryDefrag.exe
c:\program files\IObit\Advanced SystemCare 4\Suo14_SmartDefrag.exe
c:\program files\IObit\Advanced SystemCare 4\Suo15_GameBooster.exe
c:\program files\IObit\Advanced SystemCare 4\Sur10_Undelete.exe
c:\program files\IObit\Advanced SystemCare 4\Sur11_ShortcutFixer.exe
c:\program files\IObit\Advanced SystemCare 4\Sur12_DiskDoctor.exe
c:\program files\IObit\Advanced SystemCare 4\Sur13_WinFix.exe
c:\program files\IObit\Advanced SystemCare 4\Sur14_IEHelper.exe
c:\program files\IObit\Advanced SystemCare 4\Sus10_SecurityHolesScanner.exe
c:\program files\IObit\Advanced SystemCare 4\Sus11_ProcessManager.exe
c:\program files\IObit\Advanced SystemCare 4\Sus12_DriverManager.exe
c:\program files\IObit\Advanced SystemCare 4\Sus13_IMF.exe
c:\program files\IObit\Advanced SystemCare 4\taskMgr.dll
c:\program files\IObit\Advanced SystemCare 4\TaskSchedule.exe
c:\program files\IObit\Advanced SystemCare 4\tb.dat
c:\program files\IObit\Advanced SystemCare 4\TBconfig.ini
c:\program files\IObit\Advanced SystemCare 4\TbFfSweep.dll
c:\program files\IObit\Advanced SystemCare 4\TbFileSweep.dll
c:\program files\IObit\Advanced SystemCare 4\Test.log
c:\program files\IObit\Advanced SystemCare 4\ToolBox.exe
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Arabic.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Belarusian.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Bulgarian.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Czech.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\English.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\French.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\German.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Hungarian.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\ChineseSimp.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\ChineseTrad.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Italiano.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Japanese.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Korean.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Polish.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Russian.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Serbian.LNG
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Spanish.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_Language\Turkish.lng
c:\program files\IObit\Advanced SystemCare 4\Toolbox_UI\img\btn-bg.png
c:\program files\IObit\Advanced SystemCare 4\Toolbox_UI\img\menu-bg.png
c:\program files\IObit\Advanced SystemCare 4\Toolbox_UI\Index.html
c:\program files\IObit\Advanced SystemCare 4\Toolbox_UI\js\jquery-1.4.2.min.js
c:\program files\IObit\Advanced SystemCare 4\Toolbox_UI\Recently.html
c:\program files\IObit\Advanced SystemCare 4\TurboBoost.exe
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Back_Disable.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Back_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Back_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Back_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_BackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Btn_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\BtnStop_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\BtnStop_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\BtnStop_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\btnUpgradeDown.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\btnUpgradeNormal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\btnUpgradeOver.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\CareWorkBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Close_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Close_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\CheckBox_Checked.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\CheckBox_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Img_Error.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Img_NoProblem.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Layout.ini
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Min_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Min_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\More_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\More_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Preview.jpg
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ProgressBarBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ProgressBarInnerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ProgressBarInnerLeft.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ProgressBarInnerMid.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ProgressBarInnerRight.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Rescue_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Rescue_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ScannerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\ScanningBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Skin_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\Skin_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\TopBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\TrackBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\TrackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\appimages\UpgraudD.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\css\css.css
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\clear.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\dailycare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\deepcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\hints.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\MainBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\quickcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\toolBox.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\toolboxs.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\transparent.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\turboboostoff.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\images\turbobooston.png
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\js\action1.js
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\Asia\main.html
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Back_Disable.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Back_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Back_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Back_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_BackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Btn_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\BtnStop_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\BtnStop_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\BtnStop_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\btnUpgradeDown.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\btnUpgradeNormal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\btnUpgradeOver.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\CareWorkBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Close_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Close_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\CheckBox_Checked.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\CheckBox_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Img_Error.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Img_NoProblem.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Layout.ini
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Min_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Min_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\More_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\More_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Preview.jpg
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ProgressBarBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ProgressBarInnerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ProgressBarInnerLeft.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ProgressBarInnerMid.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ProgressBarInnerRight.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Rescue_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Rescue_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ScannerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\ScanningBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Setting_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Setting_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Skin_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\Skin_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\TopBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\TrackBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\TrackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\appimages\UpgraudD.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\css\css.css
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\clear.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\dailycare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\deepcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\hints.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\MainBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\quickcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\toolBox.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\toolboxs.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\transparent.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\turboboostoff.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\images\turbobooston.png
c:\program files\IObit\Advanced SystemCare 4\UI\Black\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\Black\js\action1.js
c:\program files\IObit\Advanced SystemCare 4\UI\Black\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\Black\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\Black\main.html
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Back_Disable.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Back_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Back_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Back_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_BackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Btn_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\BtnStop_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\BtnStop_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\BtnStop_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\CareWorkBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Close_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Close_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\CheckBox_Checked.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\CheckBox_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Img_Error.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Img_NoProblem.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Layout.ini
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Min_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Min_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\More_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\More_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Preview.jpg
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ProgressBarBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ProgressBarInnerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ProgressBarInnerLeft.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ProgressBarInnerMid.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ProgressBarInnerRight.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Rescue_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Rescue_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ScannerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\ScanningBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Skin_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\Skin_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\TopBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\TrackBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\appimages\TrackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\css\css.css
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\clear.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\deepcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\MainBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\quickcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\toolBox.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\transparent.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\turboboostoff.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\images\turbobooston.png
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\js\action1.js
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\Blue\main.html
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Back_Disable.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Back_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Back_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Back_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_BackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Btn_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\BtnStop_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\BtnStop_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\BtnStop_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\btnUpgradeDown.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\btnUpgradeNormal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\btnUpgradeOver.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\CareWorkBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Close_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Close_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\CheckBox_Checked.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\CheckBox_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Img_Error.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Img_NoProblem.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Layout.ini
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Min_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Min_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\More_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\More_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Preview.jpg
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ProgressBarBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ProgressBarInnerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ProgressBarInnerLeft.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ProgressBarInnerMid.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ProgressBarInnerRight.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Rescue_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Rescue_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ScannerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\ScanningBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Skin_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\Skin_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\TopBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\TrackBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\TrackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\appimages\UpgraudD.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\css\css.css
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\clear.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\dailycare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\deepcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\hints.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\MainBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\quickcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\toolBox.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\toolboxs.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\transparent.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\turboboostoff.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\images\turbobooston.png
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\js\action1.js
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\Cute\main.html
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Back_Disable.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Back_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Back_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Back_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_BackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Btn_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\BtnStop_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\BtnStop_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\BtnStop_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\CareWorkBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Close_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Close_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\CheckBox_Checked.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\CheckBox_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Img_Error.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Img_NoProblem.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Layout.ini
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Min_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Min_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\More_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\More_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Preview.jpg
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ProgressBarBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ProgressBarInnerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ProgressBarInnerLeft.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ProgressBarInnerMid.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ProgressBarInnerRight.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Rescue_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Rescue_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ScannerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\ScanningBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Skin_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\Skin_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\TopBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\TrackBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\appimages\TrackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\css\css.css
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\clear.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\dailycare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\deepcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\hints.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\MainBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\quickcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\toolBox.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\toolboxs.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\transparent.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\turboboostoff.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\images\turbobooston.png
c:\program files\IObit\Advanced SystemCare 4\UI\Default\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\Default\js\action1.js
c:\program files\IObit\Advanced SystemCare 4\UI\Default\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\Default\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\Default\main.html
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Back_Disable.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Back_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Back_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Back_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_BackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Btn_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\BtnStop_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\BtnStop_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\BtnStop_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\btnUpgradeDown.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\btnUpgradeNormal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\btnUpgradeOver.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\CareWorkBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Close_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Close_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\CheckBox_Checked.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\CheckBox_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Img_Error.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Img_NoProblem.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Layout.ini
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Min_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Min_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\More_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\More_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Preview.jpg
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ProgressBarBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ProgressBarInnerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ProgressBarInnerLeft.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ProgressBarInnerMid.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ProgressBarInnerRight.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Rescue_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Rescue_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ScannerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\ScanningBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Skin_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\Skin_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\TopBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\TrackBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\TrackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\appimages\UpgraudD.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\css\css.css
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\clear.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\dailycare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\deepcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\hints.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\MainBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\quickcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\toolBox.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\toolboxs.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\transparent.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\turboboostoff.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\images\turbobooston.png
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\js\action1.js
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\Flat\main.html
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Back_Disable.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Back_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Back_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Back_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_BackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Btn_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\BtnStop_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\BtnStop_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\BtnStop_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\btnUpgradeDown.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\btnUpgradeNormal.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\btnUpgradeOver.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\CareWorkBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Close_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Close_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\CheckBox_Checked.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\CheckBox_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Img_Error.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Img_NoProblem.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Layout.ini
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Min_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Min_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\More_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\More_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Preview.jpg
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ProgressBarBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ProgressBarInnerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ProgressBarInnerLeft.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ProgressBarInnerMid.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ProgressBarInnerRight.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Rescue_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Rescue_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ScannerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\ScanningBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Skin_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\Skin_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\TopBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\TrackBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\TrackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\appimages\UpgraudD.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\css\css.css
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\clear.gif
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\dailycare.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\deepcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\hints.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\MainBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\quickcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\toolBox.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\toolboxs.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\transparent.gif
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\turboboostoff.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\images\turbobooston.png
c:\program files\IObit\Advanced SystemCare 4\UI\China\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\China\js\action1.js
c:\program files\IObit\Advanced SystemCare 4\UI\China\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\China\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\China\main.html
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Back_Disable.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Back_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Back_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Back_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_BackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Btn_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\BtnStop_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\BtnStop_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\BtnStop_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\CareWorkBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Close_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Close_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\CheckBox_Checked.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\CheckBox_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Img_Error.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Img_NoProblem.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Layout.ini
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Min_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Min_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\More_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\More_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Preview.jpg
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ProgressBarBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ProgressBarInnerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ProgressBarInnerLeft.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ProgressBarInnerMid.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ProgressBarInnerRight.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Rescue_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Rescue_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ScannerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\ScanningBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Skin_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\Skin_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\TopBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\TrackBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\TrackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\appimages\UpgraudD.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\css\css.css
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\clear.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\deepcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\MainBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\quickcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\toolBox.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\toolboxs.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\transparent.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\turboboostoff.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\images\turbobooston.png
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\js\action1.js
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\Maya\main.html
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Back_Disable.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Back_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Back_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Back_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_BackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Btn_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\BtnStop_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\BtnStop_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\BtnStop_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\CareWorkBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Close_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Close_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\CheckBox_Checked.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\CheckBox_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Img_Error.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Img_NoProblem.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Layout.ini
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Min_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Min_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\More_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\More_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Preview.jpg
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ProgressBarBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ProgressBarInnerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ProgressBarInnerLeft.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ProgressBarInnerMid.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ProgressBarInnerRight.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Rescue_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Rescue_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ScannerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\ScanningBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Skin_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\Skin_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\TopBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\TrackBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\appimages\TrackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\css\css.css
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\clear.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\deepcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\MainBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\quickcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\toolBox.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\transparent.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\turboboostoff.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\images\turbobooston.png
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\js\action1.js
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\Metal\main.html
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Back_Disable.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Back_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Back_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Back_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_BackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Btn_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\BtnStop_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\BtnStop_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\BtnStop_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\CareWorkBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Close_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Close_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\CheckBox_Checked.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\CheckBox_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Img_Error.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Img_NoProblem.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Layout.ini
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Min_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Min_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\More_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\More_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Preview.jpg
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ProgressBarBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ProgressBarInnerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ProgressBarInnerLeft.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ProgressBarInnerMid.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ProgressBarInnerRight.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Rescue_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Rescue_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ScannerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\ScanningBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Skin_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\Skin_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\TopBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\TrackBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\appimages\TrackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\css\css.css
c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\clear.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\deepcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\MainBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\quickcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\toolBox.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\transparent.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\turboboostoff.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\images\turbobooston.png
c:\program files\IObit\Advanced SystemCare 4\UI\Office\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\Office\js\action1.js
c:\program files\IObit\Advanced SystemCare 4\UI\Office\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\Office\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\Office\main.html
c:\program files\IObit\Advanced SystemCare 4\UI\Public\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\Public\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\Public\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\btnMLDown.png
c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\btnMLNormal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\btnMLOver.png
c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\btnUpgradeDown.png
c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\btnUpgradeNormal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\btnUpgradeOver.png
c:\program files\IObit\Advanced SystemCare 4\UI\Public\upgrade\UpgradeW.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Back_Disable.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Back_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Back_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Back_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_BackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Btn_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\BtnStop_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\BtnStop_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\BtnStop_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\btnUpgradeDown.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\btnUpgradeNormal.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\btnUpgradeOver.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\CareWorkBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Close_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Close_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\CheckBox_Checked.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\CheckBox_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Img_Error.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Img_NoProblem.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Layout.ini
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Min_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Min_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\More_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\More_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Preview.jpg
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ProgressBarBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ProgressBarInnerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ProgressBarInnerLeft.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ProgressBarInnerMid.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ProgressBarInnerRight.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Rescue_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Rescue_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ScannerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\ScanningBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Skin_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\Skin_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\TopBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\TrackBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\TrackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\appimages\UpgraudD.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\css\css.css
c:\program files\IObit\Advanced SystemCare 4\UI\White\images\clear.gif
c:\program files\IObit\Advanced SystemCare 4\UI\White\images\deepcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\images\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\images\MainBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\images\quickcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\images\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\images\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\images\toolBox.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\images\toolboxs.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\images\transparent.gif
c:\program files\IObit\Advanced SystemCare 4\UI\White\images\turboboostoff.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\images\turbobooston.png
c:\program files\IObit\Advanced SystemCare 4\UI\White\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\White\js\action1.js
c:\program files\IObit\Advanced SystemCare 4\UI\White\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\White\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\White\main.html
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Back_Disable.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Back_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Back_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Back_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_BackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Btn_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\BtnStop_Down.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\BtnStop_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\BtnStop_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\btnUpgradeDown.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\btnUpgradeNormal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\btnUpgradeOver.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\CareBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\CareWorkBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Close_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Close_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\CheckBox_Checked.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\CheckBox_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Img_Error.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Img_NoProblem.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Layout.ini
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Main_Shade.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Min_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Min_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\More_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\More_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Preview.jpg
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ProgressBarBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ProgressBarInnerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ProgressBarInnerLeft.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ProgressBarInnerMid.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ProgressBarInnerRight.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Rescue_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Rescue_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ScannerBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\ScanningBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Skin_Move.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\Skin_Normal.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\TopBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\TrackBar.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\appimages\TrackBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\css\css.css
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\btnUpgradeDown.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\clear.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\dailycare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\deepcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\halo.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\hints.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\MainBG.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\quickcare.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\shadow.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\tip215.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\toolBox.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\toolboxs.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\transparent.gif
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\turboboostoff.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\images\turbobooston.png
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\js\action.js
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\js\action1.js
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\js\jquery-1.4.2.js
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\js\jquery.easing.1.3.js
c:\program files\IObit\Advanced SystemCare 4\UI\Wood\main.html
c:\program files\IObit\Advanced SystemCare 4\UnDelete.dll
c:\program files\IObit\Advanced SystemCare 4\unins000.dat
c:\program files\IObit\Advanced SystemCare 4\unins000.exe
c:\program files\IObit\Advanced SystemCare 4\unins000.msg
c:\program files\IObit\Advanced SystemCare 4\Update\Language\PortugueseBR.lng
c:\program files\IObit\Advanced SystemCare 4\Update\Update.Ini
c:\program files\IObit\Advanced SystemCare 4\Update\Update.tmp
c:\program files\IObit\Advanced SystemCare 4\vcl120.bpl
c:\program files\IObit\Advanced SystemCare 4\vclx120.bpl
c:\program files\IObit\Advanced SystemCare 4\Wizard.exe
c:\program files\IObit\Game Booster\AutoUpdate.exe
c:\program files\IObit\Game Booster\bookmarks.exe
c:\program files\IObit\Game Booster\Boost.exe
c:\program files\IObit\Game Booster\fav.ico
c:\program files\IObit\Game Booster\Freeware\GB_FreeSoftwareDownloader.exe
c:\program files\IObit\Game Booster\Freeware\Check.dll
c:\program files\IObit\Game Booster\Freeware\Languages\Inno_English.lng
c:\program files\IObit\Game Booster\GameBooster.exe
c:\program files\IObit\Game Booster\gbinit.exe
c:\program files\IObit\Game Booster\gbtray.exe
c:\program files\IObit\Game Booster\Language\Arabic.lng
c:\program files\IObit\Game Booster\Language\Catalan.lng
c:\program files\IObit\Game Booster\Language\Croatian.lng
c:\program files\IObit\Game Booster\Language\Czech.lng
c:\program files\IObit\Game Booster\Language\Dansk.lng
c:\program files\IObit\Game Booster\Language\Dutch.lng
c:\program files\IObit\Game Booster\Language\English.lng
c:\program files\IObit\Game Booster\Language\Finnish.lng
c:\program files\IObit\Game Booster\Language\French.lng
c:\program files\IObit\Game Booster\Language\German.lng
c:\program files\IObit\Game Booster\Language\Hungarian.lng
c:\program files\IObit\Game Booster\Language\ChineseSimp.lng
c:\program files\IObit\Game Booster\Language\ChineseTrad.lng
c:\program files\IObit\Game Booster\Language\Indonesian.lng
c:\program files\IObit\Game Booster\Language\Italian.lng
c:\program files\IObit\Game Booster\Language\Korean.lng
c:\program files\IObit\Game Booster\Language\Polish.lng
c:\program files\IObit\Game Booster\Language\Portuguese(BRAZIL).lng
c:\program files\IObit\Game Booster\Language\Romanian.lng
c:\program files\IObit\Game Booster\Language\Russian.lng
c:\program files\IObit\Game Booster\Language\Spanish.lng
c:\program files\IObit\Game Booster\Language\Swedish.lng
c:\program files\IObit\Game Booster\Language\Turkish.lng
c:\program files\IObit\Game Booster\LatestNews\imagenews.png
c:\program files\IObit\Game Booster\LatestNews\LatestNews.ini
c:\program files\IObit\Game Booster\license.dat
c:\program files\IObit\Game Booster\madbasic_.bpl
c:\program files\IObit\Game Booster\maddisAsm_.bpl
c:\program files\IObit\Game Booster\madexcept_.bpl
c:\program files\IObit\Game Booster\PowerConfig.dll
c:\program files\IObit\Game Booster\rtl120.bpl
c:\program files\IObit\Game Booster\sqlite3.dll
c:\program files\IObit\Game Booster\taskMgr.dll
c:\program files\IObit\Game Booster\TaskSchedule.exe
c:\program files\IObit\Game Booster\unins000.dat
c:\program files\IObit\Game Booster\unins000.exe
c:\program files\IObit\Game Booster\unins000.msg
c:\program files\IObit\Game Booster\Update\Update.ini
c:\program files\IObit\Game Booster\vcl120.bpl
c:\program files\IObit\Game Booster\vclx120.bpl
c:\windows\av_ico
c:\windows\av_ico\ico_NOD_SS_START.ico
c:\windows\av_ico\ico_NOD_SYSINSP.ico
c:\windows\av_ico\ico_NOD_SYSRESC.ico
c:\windows\av_ico\ico_NOD_TXT.ico
c:\windows\av_ico\ico_NOD_UNINSTALL.ico
c:\windows\av_ico\ico_norton_start.ico
c:\windows\ufa
c:\windows\update.tray-10-0-lnk
c:\windows\update.tray-10-0-lnk\svchost.exe
c:\windows\update.tray-10-0
c:\windows\update.tray-10-0\svchost.exe
c:\windows\update.tray-3-0-lnk
c:\windows\update.tray-3-0
c:\windows\update.tray-3-0\svchost.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EHDRV
-------\Legacy_EPFWWFP
-------\Service_AdvancedSystemCareService
-------\Service_ehdrv
-------\Service_epfwwfp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-07-26 do 2011-08-26 )))))))))))))))))))))))))))))))
.
.
2011-08-26 08:35 . 2011-08-26 08:46 -------- d-----w- c:\users\Frax\AppData\Local\temp
2011-08-26 08:35 . 2011-08-26 08:35 -------- d-----w- c:\users\HomeGroupUser$\AppData\Local\temp
2011-08-26 08:35 . 2011-08-26 08:35 -------- d-----w- c:\users\Guest\AppData\Local\temp
2011-08-26 08:35 . 2011-08-26 08:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-08-26 08:35 . 2011-08-26 08:35 -------- d-----w- c:\users\ASPNET\AppData\Local\temp
2011-08-26 08:35 . 2011-08-26 08:35 -------- d-----w- c:\users\Administrator\AppData\Local\temp
2011-08-26 08:19 . 2011-08-26 08:19 -------- d-----w- c:\users\Frax\AppData\Local\CrashDumps
2011-08-24 08:56 . 2011-08-24 08:56 -------- d-----w- c:\users\Frax\AppData\Roaming\gtk-2.0
2011-08-24 08:54 . 2011-08-26 07:40 -------- d-----w- c:\users\Frax\AppData\Roaming\.purple
2011-08-24 08:17 . 2011-08-24 08:19 -------- d-----w- c:\program files\Pidgin
2011-08-24 08:11 . 2011-08-24 08:15 -------- d-----w- c:\users\Frax\AppData\Roaming\Trillian
2011-08-24 08:10 . 2011-08-26 07:43 -------- d-----w- c:\program files\Trillian
2011-08-24 07:37 . 2011-08-24 07:37 -------- d-----w- c:\users\Frax\AppData\Roaming\Malwarebytes
2011-08-24 07:37 . 2010-11-29 15:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-08-24 07:37 . 2011-08-24 07:37 -------- d-----w- c:\programdata\Malwarebytes
2011-08-24 07:36 . 2011-08-24 07:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-08-24 07:36 . 2010-11-29 15:42 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-08-23 09:28 . 2011-08-23 22:47 -------- d-----w- c:\program files\trend micro
2011-08-23 09:28 . 2011-08-23 09:30 -------- d-----w- C:\rsit
2011-08-23 08:07 . 2011-08-23 08:07 127096 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS
2011-08-23 08:07 . 2011-08-23 08:07 -------- d-----w- c:\program files\Symantec
2011-08-23 08:07 . 2011-08-23 08:07 -------- d-----w- c:\program files\Common Files\Symantec Shared
2011-08-23 08:07 . 2011-08-23 08:07 -------- d-----w- c:\windows\system32\drivers\NIS
2011-08-23 07:04 . 2011-08-23 07:13 246272 ----a-w- c:\windows\unrar.exe
2011-08-03 12:41 . 2011-08-03 12:41 -------- d-----w- c:\programdata\EA Core
2011-08-01 13:08 . 2011-08-01 13:08 -------- d-----w- c:\programdata\Solidshield
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-04 06:52 . 2010-06-24 09:33 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2010-07-08 09:37 . 2010-07-08 09:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe
.
.

2. část


(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"="c:\program files\Samsung\Kies\KiesHelper.exe" [2011-04-28 934800]
"KiesTrayAgent"="c:\program files\Samsung\Kies\KiesTrayAgent.exe" [2011-04-28 3373968]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-04-28 19856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-03-13 163840]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-03-12 3563520]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
"KMCONFIG"="c:\program files\Mouse Driver\StartAutorun.exe" [2008-05-30 212992]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"midi2"=KORGUMDD.DRV
"midi4"=KORGUMDD.DRV
"midi5"=KORGUMDD.DRV
"midi6"=KORGUMDD.DRV
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2010-07-28 23:25 497648 ----a-w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICustomerCare]
2009-06-14 17:24 307200 ----a-r- c:\program files\ATI\ATICustomerCare\ATICustomerCare.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-10-12 17:32 136176 ----atw- c:\users\Frax\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2008-10-25 09:44 31072 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-01-20 07:05 217088 ----a-w- c:\users\Frax\Programy\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-05-27 08:50 413696 ----a-w- c:\program files\VistaCodecPack\QT\QTTask.exe
.
R1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20110519.002\BHDrvx86.sys [x]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NIS\1300000.080\ccSetx86.sys [2011-05-23 131208]
R1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20110519.031\IDSVix86.sys [x]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1300000.080\Ironx86.SYS [2011-05-16 149624]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe [x]
R3 KMWDFilter1X;KM DRIVER;c:\windows\system32\DRIVERS\RP24GV1.sys [2009-10-28 16896]
R3 KMWDFILTERx86;HIDServiceDesc;c:\windows\system32\DRIVERS\KMWDFILTER.sys [2008-03-22 17024]
R3 KORGUMDS;KORG USB-MIDI Driver for Windows;c:\windows\system32\Drivers\KORGUMDS.SYS [2009-10-15 22232]
R3 MAUSBFASTTRACK;Service for M-Audio FastTrack;c:\windows\system32\DRIVERS\MAudioFastTrack.sys [2009-10-02 158344]
R3 PCDSRVC{E9D79540-57D5953E-06020101}_0;PCDSRVC{E9D79540-57D5953E-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc.pkms [2011-05-12 21744]
R3 ss_bbus;SAMSUNG USB Mobile Device (WDM);c:\windows\system32\DRIVERS\ss_bbus.sys [2010-12-21 98432]
R3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);c:\windows\system32\DRIVERS\ss_bmdfl.sys [2010-12-21 14848]
R3 ss_bmdm;SAMSUNG USB Mobile Modem;c:\windows\system32\DRIVERS\ss_bmdm.sys [2010-12-21 123648]
R3 ss_bserd;SAMSUNG USB Mobile Logging Driver;c:\windows\system32\DRIVERS\ss_bserd.sys [2010-12-21 100224]
R3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2011-05-19 1343400]
R4 DAUpdaterSvc;Dragon Age: Origins - Content Updater;d:\dragon age\bin_ship\DAUpdaterSvc.Service.exe [x]
R4 ICM_UpdaterService;ICM_UpdaterService Disp;c:\program files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe [2011-03-18 204883]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-16 691696]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1300000.080\SYMDS.SYS [2011-05-16 340088]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1300000.080\SYMEFA.SYS [2011-05-16 897656]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\NIS\1300000.080\SYMNETS.SYS [2011-05-09 310392]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;d:\photoshop elements 9\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-06 169408]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\aestsrv.exe [2009-03-16 81920]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-04-20 176128]
S2 KMWDSERVICE;Keyboard And Mouse Communication Service;c:\program files\Mouse Driver\KMWDSrv.exe [2008-05-30 208896]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-04-20 7772160]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-04-20 243712]
S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2008-03-14 54784]
S3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60x.sys [2009-07-13 229888]
S3 OA001Ufd;Creative Camera OA001 Upper Filter Driver;c:\windows\system32\DRIVERS\OA001Ufd.sys [2008-11-26 133472]
S3 OA001Vid;Creative Camera OA001 Function Driver;c:\windows\system32\DRIVERS\OA001Vid.sys [2008-12-26 279488]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*Deregistered* - aswFsBlk
*Deregistered* - aswMonFlt
*Deregistered* - aswRdr
*Deregistered* - aswSP
*Deregistered* - aswTdi
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc SensrSvc
.
Obsah adresáře 'Naplánované úlohy'
.
2011-08-25 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532162141-719380914-326111389-1000Core.job
- c:\users\Frax\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-12 17:32]
.
2011-08-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2532162141-719380914-326111389-1000UA.job
- c:\users\Frax\AppData\Local\Google\Update\GoogleUpdate.exe [2010-10-12 17:32]
.
2011-08-26 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:08]
.
2011-08-26 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-06-21 18:08]
.
.
------- Doplňkový sken -------
.
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\Microsoft Office\Office12\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files\ICQ7.5\ICQ.exe
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
TCP: Interfaces\{6291E666-438C-4E97-B96B-1B45C9D0871C}: NameServer = 192.168.51.250,192.168.51.252
TCP: Interfaces\{C3793772-5D9C-42A2-B37D-8DFBE975932A}: NameServer = 192.168.10.4,192.168.11.5
Name-Space Handler: FTP\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: HTTP\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
FF - ProfilePath - c:\users\Frax\AppData\Roaming\Mozilla\Firefox\Profiles\n2lbzew7.default\
FF - prefs.js: network.proxy.type - 4
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
FF - Ext: Conduit Engine : engine@conduit.com - %profile%\extensions\engine@conduit.com
FF - Ext: Flash AX Control: npfax@microgaming.co.uk - %profile%\extensions\npfax@microgaming.co.uk
FF - Ext: ICQ Toolbar: {800b5000-a755-47e1-992b-48a1c1357f07} - %profile%\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
FF - Ext: Seznam lištička: {ea614400-e918-4741-9a97-7a972ff7c30b} - %profile%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF - Ext: Download Accelerator Plus Integration: {F17C1572-C9EC-4e5c-A542-D05CBB5C5A08} - c:\program files\DAP\DAPFireFox
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
AddRemove-Advanced SystemCare 4_is1 - c:\program files\IObit\Advanced SystemCare 4\unins000.exe
AddRemove-Game Booster_is1 - c:\program files\IObit\Game Booster\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\19.0.0.128\diMaster.dll\" /prefetch:1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{E9D79540-57D5953E-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc.pkms"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-2532162141-719380914-326111389-1000\Software\SecuROM\License information*]
"datasecu"=hex:84,5a,47,32,c9,e9,3e,10,af,a7,9d,18,59,c7,d3,86,f5,18,d1,be,d9,
99,3d,d7,4d,9d,92,7f,12,4c,ba,4f,2c,2d,f6,cf,5b,e8,0e,20,45,62,7c,e0,95,32,\
"rkeysecu"=hex:ad,9f,98,f4,f9,ce,0f,be,4a,0e,fe,28,ad,41,8a,4c
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_4c73f4a9a59a84bb\STacSV.exe
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\windows\system32\conhost.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\windows\System32\WLTRYSVC.EXE
c:\windows\System32\bcmwltry.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\taskhost.exe
c:\program files\DellTPad\ApMsgFwd.exe
c:\program files\Mouse Driver\KMConfig.exe
c:\program files\DellTPad\HidFind.exe
c:\program files\Mouse Driver\KMProcess.exe
c:\program files\DellTPad\Apntex.exe
c:\windows\system32\conhost.exe
c:\windows\system32\sppsvc.exe
c:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
.
**************************************************************************
.
Celkový čas: 2011-08-26 10:51:31 - počítač byl restartován
ComboFix-quarantined-files.txt 2011-08-26 08:51
ComboFix2.txt 2011-08-25 09:20
.
Před spuštěním: Volných bajtů: 46 383 198 208
Po spuštění: Volných bajtů: 46 073 614 336
.
- - End Of File - - 2C0B8CF805A4B212875BCDBCC75C677E

Zkusil jsem restartovat počítač a programy mi opět běží.

Cos zase fixnul, vždyť to jsme prováděli už v úterý ?


Přes Start >> Spustit zkopíruj do okna:

ComboFix /Uninstall

a stiskni Enter

To odinstaluje ComboFix a smaže s ním související soubory a složky.


Použij T-Cleaner, který smaže případné zbytky po aplikacích které jsme použili.

Jen před jeho stažením a při použití stopni antivir, protože ho muže detekovat jako vir ale není tomu tak.


Stáhni a spusť OTMoveIt

do levého okna aplikace pod Paste Instructions for Items to be Moved zkopíruj tento text:
klikni na MoveIt! a v pravém zeleném okně aplikace se Ti objeví info o provedene akci, obsah okna zkopíruj sem,

pokud aplikace bude požadovat restart, klikni na YES

v tom případě sem chci zkopírovat obsah logu uloženého na C:\_OTMoveIt\MovedFiles\

Zde je log z OTM (počítač se mi restartoval)


All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder c:\*.tmp not found.
File/Folder c:\WINDOWS\System32\*.tmp not found.
c:\WINDOWS\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP folder moved successfully.
File/Folder c:\WINDOWS\tasks\At*.job not found.
c:\windows\unrar.exe moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: ASPNET
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 41620 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Frax
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 60267981 bytes
->FireFox cache emptied: 43535747 bytes
->Google Chrome cache emptied: 856432 bytes
->Flash cache emptied: 434 bytes

User: Guest
->Temp folder emptied: 0 bytes

User: HomeGroupUser$
->Temp folder emptied: 0 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 13063 bytes

Total Files Cleaned = 100,00 mb


OTM by OldTimer - Version 3.1.18.0 log created on 08272011_133619

Znovu spusť OTMoveIt a nahoře v aplikaci klini na CleanUP!

tímto po sobě uklidí.


Pak použij AVP Tool z mého podpisu a dej mi sem výsledky.