VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

1place.org a hotspotaward malware..

https://forum.viry.cz:443/viewtopic.php?t=136223

Stránka 1 z 2

1place.org a hotspotaward malware..

Napsal: 15 úno 2014 18:16
od festk
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by Phan Chung Hieu (administrator) on PHANCHUNGHIEU on 15-02-2014 18:06:20
Running from C:\Users\Phan Chung Hieu\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\windows\system32\atiesrxx.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc2.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AMD) C:\windows\system32\atieclxx.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IObit) C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeTray.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Users\Phan Chung Hieu\AppData\Local\PirritSuggestor\PirritService.exe
() C:\Program Files (x86)\Pirrit\AutoUpdater.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 15\Program32\ZPSTray.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Users\Phan Chung Hieu\AppData\Local\PirritSuggestor\PirritDesktop.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10s_ActiveX.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\windows\system32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Phan Chung Hieu\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2010-03-17] (Synaptics Incorporated)
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [3179288 2010-01-06] (Dell Inc.)
HKLM\...\Run: [DellStage] - C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2055016 2011-04-30] ()
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [503942 2011-04-13] (Creative Technology Ltd)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-15] (Apple Inc.)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [seznam-listicka-distribuce] - C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [20131121] - C:\Program Files\AVAST Software\Avast\setup\emupdate\721172b8-eae2-4647-95c0-11375760eb7a.exe [180184 2013-11-23] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-3195401569-4096988449-4207316193-1000\...\Run: [msnmsgr] - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-05] (Microsoft Corporation)
HKU\S-1-5-21-3195401569-4096988449-4207316193-1000\...\Run: [WebcamMaxAutoRun] - C:\Program Files (x86)\WebcamMax\wcmmon.exe [1038848 2011-07-17] ()
HKU\S-1-5-21-3195401569-4096988449-4207316193-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-3195401569-4096988449-4207316193-1000\...\Run: [Zoner Photo Studio Autoupdate] - C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE [774168 2013-02-18] (ZONER software)
HKU\S-1-5-21-3195401569-4096988449-4207316193-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=http://127.0.0.1:9881
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = http://www.google.com/search?q={searchTerms}
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: DownloAd keeper - {08E32CD6-9546-507E-DE74-732F8E51F1F9} - C:\ProgramData\DownloAd keeper\mE9.dll No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 85.13.80.80 85.13.80.90

FireFox:
========
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\Phan Chung Hieu\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2013-10-16]
FF Extension: Pirrit Suggestor - C:\Users\Phan Chung Hieu\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@pirrit.com.xpi [2013-10-16]

Chrome:
=======
CHR Extension: (Dokumenty Google) - C:\Users\Phan Chung Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-15]
CHR Extension: (Disk Google) - C:\Users\Phan Chung Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-15]
CHR Extension: (YouTube) - C:\Users\Phan Chung Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-15]
CHR Extension: (Vyhledávání Google) - C:\Users\Phan Chung Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-15]
CHR Extension: (Skype Click to Call) - C:\Users\Phan Chung Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-15]
CHR Extension: (Peněženka Google) - C:\Users\Phan Chung Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-15]
CHR Extension: (Gmail) - C:\Users\Phan Chung Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-15]
CHR HKLM-x32\...\Chrome\Extension: [fhhkecgfjgooimebgoohgglnmfagcfpp] - C:\Program Files (x86)\Rolimno\fhhkecgfjgooimebgoohgglnmfagcfpp.crx [2014-02-15]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [117928 2014-02-13] (Elex do Brasil Participações Ltda)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
U2 PirritDesktop; C:\Users\Phan Chung Hieu\AppData\Local\PirritSuggestor\PirritService.exe [52568 2014-02-14] ()
R2 PirritUpdater; C:\Program Files (x86)\Pirrit\AutoUpdater.exe [59904 2014-02-14] ()
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5741568 2010-11-30] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-08-30] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-05] (Disc Soft Ltd)
S3 hitmanpro37; C:\windows\system32\drivers\hitmanpro37.sys [32512 2014-02-15] ()
R3 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [219648 2014-02-13] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [44032 2014-02-13] (Elex do Brasil Participações Ltda)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-15 18:06 - 2014-02-15 18:06 - 00016393 _____ () C:\Users\Phan Chung Hieu\Desktop\FRST.txt
2014-02-15 18:04 - 2014-02-15 18:05 - 00112640 _____ (forum.viry.cz) C:\Users\Phan Chung Hieu\Desktop\FRSTLauncher.exe
2014-02-15 18:02 - 2014-02-15 18:02 - 02152960 _____ (Farbar) C:\Users\Phan Chung Hieu\Desktop\FRST64.exe
2014-02-15 17:56 - 2014-02-15 18:06 - 00000000 ____D () C:\FRST
2014-02-15 17:55 - 2014-02-15 17:55 - 00002261 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-15 17:53 - 2014-02-15 17:58 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-15 17:53 - 2014-02-15 17:58 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-15 17:53 - 2014-02-15 17:53 - 00003966 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 17:53 - 2014-02-15 17:53 - 00003714 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-15 17:40 - 2014-02-15 17:40 - 00000056 _____ () C:\windows\setupact.log
2014-02-15 17:40 - 2014-02-15 17:40 - 00000000 _____ () C:\windows\setuperr.log
2014-02-15 17:01 - 2014-02-15 17:01 - 02433253 _____ (MightyUninstaller.com ) C:\Users\Phan Chung Hieu\Downloads\MightyUninstaller_Setup.exe
2014-02-15 14:39 - 2014-02-15 14:39 - 00001166 _____ () C:\Users\Phan Chung Hieu\Desktop\JRT.txt
2014-02-15 14:22 - 2014-02-15 14:22 - 00000000 ____D () C:\windows\ERUNT
2014-02-15 14:18 - 2014-02-15 14:18 - 01037530 _____ (Thisisu) C:\Users\Phan Chung Hieu\Downloads\JRT (2).exe
2014-02-15 13:59 - 2014-02-15 17:48 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-02-15 13:59 - 2014-02-15 13:59 - 00001786 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-02-15 13:58 - 2014-02-15 13:59 - 09741296 _____ () C:\Users\Phan Chung Hieu\Downloads\yet_another_cleaner.exe
2014-02-15 13:51 - 2014-02-15 13:51 - 00001746 _____ () C:\windows\system32\.crusader
2014-02-15 13:37 - 2014-02-15 13:54 - 00032512 _____ () C:\windows\system32\Drivers\hitmanpro37.sys
2014-02-15 13:36 - 2014-02-15 13:51 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-15 13:35 - 2014-02-15 13:36 - 10820032 _____ (SurfRight B.V.) C:\Users\Phan Chung Hieu\Downloads\HitmanPro_x64.exe
2014-02-15 13:25 - 2014-02-15 14:05 - 00000000 ____D () C:\AdwCleaner
2014-02-15 13:23 - 2014-02-15 13:24 - 01166132 _____ () C:\Users\Phan Chung Hieu\Downloads\adwcleaner.exe
2014-02-15 13:16 - 2014-02-15 13:16 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-02-15 13:13 - 2014-02-15 13:15 - 39905256 _____ (GridinSoft LLC) C:\Users\Phan Chung Hieu\Downloads\gtk-2.2.1.6-setup.exe
2014-02-15 10:59 - 2014-02-15 10:59 - 00000000 ____D () C:\Users\Phan Chung Hieu\AppData\Local\PirritSuggestor
2014-02-13 15:25 - 2014-02-13 15:25 - 00013167 _____ () C:\Users\Phan Chung Hieu\Downloads\Vysledky_A_B.xlsx
2014-02-12 13:43 - 2014-02-12 13:54 - 00000000 ____D () C:\Users\Phan Chung Hieu\Downloads\dsl1
2014-02-06 18:17 - 2014-02-06 18:17 - 01823232 _____ () C:\Users\Phan Chung Hieu\Downloads\Kubat_Zaklady_dedicnosti_final.ppt
2014-02-05 17:27 - 2014-02-05 17:27 - 01688723 _____ () C:\Users\Phan Chung Hieu\Desktop\ffff.wma
2014-02-05 17:20 - 2014-02-05 17:20 - 01298093 _____ () C:\Users\Phan Chung Hieu\Desktop\Bez názvu.wma
2014-02-01 22:06 - 2014-02-01 22:06 - 01301621 _____ () C:\Users\Phan Chung Hieu\Downloads\Komunikace živočichů.pptx
2014-01-21 17:22 - 2014-01-21 17:22 - 00023552 _____ () C:\Users\Phan Chung Hieu\Downloads\VysledkyNjO_SK_2014 (6).xls
2014-01-20 20:04 - 2014-01-20 20:04 - 00112640 _____ () C:\Users\Phan Chung Hieu\Downloads\vetny_rozbor_algoritmus.ppt
2014-01-20 20:04 - 2014-01-20 20:04 - 00112640 _____ () C:\Users\Phan Chung Hieu\Downloads\vetny_rozbor_algoritmus (1).ppt
2014-01-18 11:29 - 2014-01-18 11:29 - 00007597 _____ () C:\Users\Phan Chung Hieu\AppData\Local\Resmon.ResmonCfg
2014-01-17 15:25 - 2014-01-17 15:25 - 00023552 _____ () C:\Users\Phan Chung Hieu\Downloads\VysledkyNjO_SK_2014 (5).xls
2014-01-16 21:14 - 2014-01-16 21:14 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender

==================== One Month Modified Files and Folders =======

2014-02-15 18:06 - 2014-02-15 18:06 - 00016393 _____ () C:\Users\Phan Chung Hieu\Desktop\FRST.txt
2014-02-15 18:06 - 2014-02-15 17:56 - 00000000 ____D () C:\FRST
2014-02-15 18:05 - 2014-02-15 18:04 - 00112640 _____ (forum.viry.cz) C:\Users\Phan Chung Hieu\Desktop\FRSTLauncher.exe
2014-02-15 18:02 - 2014-02-15 18:02 - 02152960 _____ (Farbar) C:\Users\Phan Chung Hieu\Desktop\FRST64.exe
2014-02-15 17:58 - 2014-02-15 17:53 - 00000970 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-15 17:58 - 2014-02-15 17:53 - 00000966 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-15 17:58 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\NDF
2014-02-15 17:55 - 2014-02-15 17:55 - 00002261 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-15 17:55 - 2013-05-19 17:54 - 00000000 ____D () C:\Users\Phan Chung Hieu\AppData\Local\Google
2014-02-15 17:55 - 2013-05-19 17:54 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-15 17:53 - 2014-02-15 17:53 - 00003966 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 17:53 - 2014-02-15 17:53 - 00003714 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-15 17:50 - 2013-05-19 17:53 - 00000000 ____D () C:\Users\Phan Chung Hieu\AppData\Local\Deployment
2014-02-15 17:50 - 2009-07-14 05:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-15 17:50 - 2009-07-14 05:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-15 17:48 - 2014-02-15 13:59 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-02-15 17:46 - 2013-12-25 14:01 - 01035489 _____ () C:\windows\WindowsUpdate.log
2014-02-15 17:42 - 2013-05-26 21:05 - 00000000 ____D () C:\Users\Phan Chung Hieu\Tracing
2014-02-15 17:42 - 2011-07-28 08:40 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-02-15 17:40 - 2014-02-15 17:40 - 00000056 _____ () C:\windows\setupact.log
2014-02-15 17:40 - 2014-02-15 17:40 - 00000000 _____ () C:\windows\setuperr.log
2014-02-15 17:40 - 2013-11-09 22:40 - 00000000 ____D () C:\Users\Phan Chung Hieu\AppData\Roaming\iSafe
2014-02-15 17:40 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-15 17:09 - 2013-11-26 18:09 - 00000000 ____D () C:\windows\pss
2014-02-15 17:04 - 2013-06-22 19:32 - 00000000 ____D () C:\Users\Phan Chung Hieu\AppData\Roaming\uTorrent
2014-02-15 17:04 - 2013-05-23 15:58 - 00000000 ____D () C:\Users\Phan Chung Hieu\AppData\Local\CrashDumps
2014-02-15 17:01 - 2014-02-15 17:01 - 02433253 _____ (MightyUninstaller.com ) C:\Users\Phan Chung Hieu\Downloads\MightyUninstaller_Setup.exe
2014-02-15 14:39 - 2014-02-15 14:39 - 00001166 _____ () C:\Users\Phan Chung Hieu\Desktop\JRT.txt
2014-02-15 14:22 - 2014-02-15 14:22 - 00000000 ____D () C:\windows\ERUNT
2014-02-15 14:18 - 2014-02-15 14:18 - 01037530 _____ (Thisisu) C:\Users\Phan Chung Hieu\Downloads\JRT (2).exe
2014-02-15 14:12 - 2013-10-16 16:15 - 00000000 ____D () C:\Users\Phan Chung Hieu\AppData\Roaming\Seznam.cz
2014-02-15 14:11 - 2013-11-09 22:21 - 00000000 ____D () C:\windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2014-02-15 14:05 - 2014-02-15 13:25 - 00000000 ____D () C:\AdwCleaner
2014-02-15 13:59 - 2014-02-15 13:59 - 00001786 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-02-15 13:59 - 2014-02-15 13:58 - 09741296 _____ () C:\Users\Phan Chung Hieu\Downloads\yet_another_cleaner.exe
2014-02-15 13:54 - 2014-02-15 13:37 - 00032512 _____ () C:\windows\system32\Drivers\hitmanpro37.sys
2014-02-15 13:52 - 2013-11-22 22:53 - 00000000 ____D () C:\ProgramData\suurf and keep
2014-02-15 13:51 - 2014-02-15 13:51 - 00001746 _____ () C:\windows\system32\.crusader
2014-02-15 13:51 - 2014-02-15 13:36 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-02-15 13:51 - 2013-11-22 22:53 - 00000000 ____D () C:\Program Files (x86)\suurf and keep
2014-02-15 13:36 - 2014-02-15 13:35 - 10820032 _____ (SurfRight B.V.) C:\Users\Phan Chung Hieu\Downloads\HitmanPro_x64.exe
2014-02-15 13:24 - 2014-02-15 13:23 - 01166132 _____ () C:\Users\Phan Chung Hieu\Downloads\adwcleaner.exe
2014-02-15 13:20 - 2013-06-02 15:23 - 00000000 ____D () C:\Users\Phan Chung Hieu\AppData\Local\Last.fm
2014-02-15 13:16 - 2014-02-15 13:16 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-02-15 13:15 - 2014-02-15 13:13 - 39905256 _____ (GridinSoft LLC) C:\Users\Phan Chung Hieu\Downloads\gtk-2.2.1.6-setup.exe
2014-02-15 10:59 - 2014-02-15 10:59 - 00000000 ____D () C:\Users\Phan Chung Hieu\AppData\Local\PirritSuggestor
2014-02-15 10:56 - 2013-08-30 12:41 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-02-13 21:32 - 2011-07-28 08:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-13 17:36 - 2013-05-22 16:45 - 00099328 _____ () C:\Users\Phan Chung Hieu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-13 15:25 - 2014-02-13 15:25 - 00013167 _____ () C:\Users\Phan Chung Hieu\Downloads\Vysledky_A_B.xlsx
2014-02-12 13:54 - 2014-02-12 13:43 - 00000000 ____D () C:\Users\Phan Chung Hieu\Downloads\dsl1
2014-02-10 13:26 - 2013-08-20 10:03 - 00002496 _____ () C:\Users\Phan Chung Hieu\Desktop\forgotten songs.txt
2014-02-06 18:17 - 2014-02-06 18:17 - 01823232 _____ () C:\Users\Phan Chung Hieu\Downloads\Kubat_Zaklady_dedicnosti_final.ppt
2014-02-05 22:36 - 2011-07-28 10:02 - 00666444 _____ () C:\windows\system32\perfh005.dat
2014-02-05 22:36 - 2011-07-28 10:02 - 00140108 _____ () C:\windows\system32\perfc005.dat
2014-02-05 22:36 - 2009-07-14 06:13 - 01576554 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-05 17:27 - 2014-02-05 17:27 - 01688723 _____ () C:\Users\Phan Chung Hieu\Desktop\ffff.wma
2014-02-05 17:20 - 2014-02-05 17:20 - 01298093 _____ () C:\Users\Phan Chung Hieu\Desktop\Bez názvu.wma
2014-02-03 16:57 - 2013-05-22 17:36 - 00000000 ____D () C:\Users\Phan Chung Hieu\AppData\Roaming\Skype
2014-02-02 19:20 - 2013-05-27 22:03 - 00000000 ____D () C:\Users\Phan Chung Hieu\Documents\Meine empfangenen Dateien
2014-02-01 22:06 - 2014-02-01 22:06 - 01301621 _____ () C:\Users\Phan Chung Hieu\Downloads\Komunikace živočichů.pptx
2014-01-31 18:49 - 2013-11-27 16:11 - 00003094 _____ () C:\windows\System32\Tasks\Game_Booster_Startup
2014-01-31 15:15 - 2014-01-05 22:25 - 00000000 ____D () C:\Users\Phan Chung Hieu\Desktop\ff
2014-01-29 17:08 - 2013-08-31 09:59 - 00000266 _____ () C:\Users\Phan Chung Hieu\Desktop\Nový textový dokument (2).txt
2014-01-21 21:36 - 2014-01-03 20:41 - 01301621 _____ () C:\Users\Phan Chung Hieu\Desktop\Komunikace živočichů.pptx
2014-01-21 17:22 - 2014-01-21 17:22 - 00023552 _____ () C:\Users\Phan Chung Hieu\Downloads\VysledkyNjO_SK_2014 (6).xls
2014-01-20 20:04 - 2014-01-20 20:04 - 00112640 _____ () C:\Users\Phan Chung Hieu\Downloads\vetny_rozbor_algoritmus.ppt
2014-01-20 20:04 - 2014-01-20 20:04 - 00112640 _____ () C:\Users\Phan Chung Hieu\Downloads\vetny_rozbor_algoritmus (1).ppt
2014-01-18 15:30 - 2013-08-31 17:02 - 00001136 _____ () C:\Users\Phan Chung Hieu\Desktop\matura.txt
2014-01-18 11:29 - 2014-01-18 11:29 - 00007597 _____ () C:\Users\Phan Chung Hieu\AppData\Local\Resmon.ResmonCfg
2014-01-17 15:25 - 2014-01-17 15:25 - 00023552 _____ () C:\Users\Phan Chung Hieu\Downloads\VysledkyNjO_SK_2014 (5).xls
2014-01-16 21:15 - 2013-08-30 12:41 - 00000000 _____ () C:\windows\SysWOW64\config.nt
2014-01-16 21:14 - 2014-01-16 21:14 - 00000000 ____D () C:\Program Files\Common Files\Bitdefender

Some content of TEMP:
====================
C:\Users\Phan Chung Hieu\AppData\Local\Temp\HitmanPro.exe
C:\Users\Phan Chung Hieu\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Phan Chung Hieu\Desktop" je 9914 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AccuWeatherWidget
"C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync
"C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI
C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate
"C:\Users\Phan Chung Hieu\AppData\Roaming\Seznam.cz\szninstall.exe" -c [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop
"C:\Users\Phan Chung Hieu\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Registration
C:\Program Files (x86)\System Registration\prodreg.exe /boot [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Desktop Disc Tool
"c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroLauncher
C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray
"c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Phan Chung Hieu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Severe Weather Alerts App.lnk


HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Phan Chung Hieu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Severe Weather Alerts.lnk



***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================


už jsem zkoušel snad všechny cleanery a nic :/

Re: 1place.org a hotspotaward malware..

Napsal: 15 úno 2014 18:18
od festk
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by Phan Chung Hieu at 2014-02-15 18:07:30
Running from C:\Users\Phan Chung Hieu\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.1.29812 - BitTorrent Inc.)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.3.181.23 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (x32 Version: 10.3.181.22 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Czech (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Advanced Audio FX Engine (x32 Version: 1.12.05 - Creative Technology Ltd)
Apple Application Support (x32 Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Assassins Creed 4 Black Flag (x32 Version: - )
ATI Catalyst Install Manager (Version: 3.0.808.0 - ATI Technologies, Inc.)
avast! Free Antivirus (x32 Version: 8.0.1489.0 - AVAST Software)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0427.2150.37350 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0427.2150.37350 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0427.2150.37350 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0427.2150.37350 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0427.2150.37350 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0427.2150.37350 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0427.2150.37350 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help English (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help French (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help German (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0427.2149.37350 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0427.2150.37350 - ATI) Hidden
ccc-utility64 (Version: 2010.0427.2150.37350 - ATI) Hidden
CCleaner (Version: 4.07 - Piriform)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.47.1.0335 - Disc Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
Dell DataSafe Local Backup - Support Software (x32 Version: 9.4.55 - Dell Inc.)
Dell DataSafe Local Backup (x32 Version: 9.4.55 - Dell Inc.)
Dell Edoc Viewer (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (x32 Version: 1.00.0000 - Dell Inc.)
Dell MusicStage (x32 Version: 1.5.201.0 - Fingertapps)
Dell PhotoStage (x32 Version: 1.5.0.65 - ArcSoft)
Dell Product Registration (x32 Version: 1.0.6 - Dell Inc.)
Dell Stage (x32 Version: 1.5.201.0 - Fingertapps)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.)
Dell VideoStage (x32 Version: 1.2.0.1712 - CyberLink Corp.) Hidden
Dell Webcam Central (x32 Version: 2.00.44 - Creative Technology Ltd)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DownloAd keeper (x32 Version: 3.0.0.1391 - Dowenlouad keeperi)
DW WLAN Card Utility (Version: 5.100.82.24 - Dell Inc.)
eDoklady Skenování 5.6.56 (x32 Version: 5.6.56.0 - LightComp v.o.s.)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Booster 3 (x32 Version: 3.3.1 - IObit)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
IDT Audio (x32 Version: 1.0.6289.0 - IDT)
iTunes (Version: 11.0.3.42 - Apple Inc.)
Java(TM) 6 Update 24 (64-bit) (Version: 6.0.240 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Last.fm Scrobbler 2.1.35 (x32 Version: - Last.fm)
Malwarebytes Anti-Malware verze 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 17.0.2006.0314 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20014 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.19900.9.11 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
PDFCreator (x32 Version: 1.2.3 - Frank Heindörfer, Philip Chinery)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
PirritSuggestor version 1.5 (x32 Version: 1.5 - Pirrit Solutions)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Quickset64 (Version: 10.5.0 - Dell Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Rolimno 2013.11.07.203740 (Version: 2013.11.07.203740 - Rolimno)
Roxio Activation Module (x32 Version: 1.0 - Roxio) Hidden
Roxio BackOnTrack (x32 Version: 1.3.3 - Roxio) Hidden
Roxio Burn (x32 Version: 1.8 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 1.0.439 - Roxio) Hidden
Roxio Creator Starter (x32 Version: 12.1.77.0 - Roxio)
Roxio Creator Starter (x32 Version: 5.0.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.2 - Roxio) Hidden
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Seznam Software (HKCU Version: - Seznam.cz)
Skype Click to Call (x32 Version: 7.0.14735.1561 - Microsoft Corporation)
Skype™ 6.3 (x32 Version: 6.3.107 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Synaptics Pointing Device Driver (Version: 15.0.0.1 - Synaptics Incorporated)
SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden
SyncUP (x32 Version: 10.2.13500 - Nero AG)
Tombraider (x32 Version: - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32 Version: - Microsoft)
WebcamMax (x32 Version: 7.7.6.6.MultiLanguage - )
WIDCOMM Bluetooth Software (Version: 6.2.1.1100 - Broadcom Corporation)
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501) (Version: 03/24/2010 6.3.0.2501 - Broadcom Corporation)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - společnost Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - společnost Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (x32 Version: 4.20.0 - win.rar GmbH)
YAC (x32 Version: - ELEX DO BRASIL PARTICIPAÇÕES LTDA)
Zoner Photo Studio 15 (Version: 15.0.1.5 - ZONER software)

==================== Restore Points =========================

12-01-2014 10:20:25 Naplánovaný kontrolní bod
11-02-2014 14:52:24 Naplánovaný kontrolní bod
15-02-2014 13:10:45 Removed SpyHunter

==================== Hosts content: ==========================

2009-07-14 03:34 - 2014-02-15 10:59 - 00008953 ____A C:\windows\system32\Drivers\etc\hosts
216.239.32.20 google.com www.google.com
216.239.32.20 google.com www.google.ad
216.239.32.20 google.com www.google.ae
216.239.32.20 google.com www.google.com.af
216.239.32.20 google.com www.google.com.ag
216.239.32.20 google.com www.google.com.ai
216.239.32.20 google.com www.google.al
216.239.32.20 google.com www.google.am
216.239.32.20 google.com www.google.co.ao
216.239.32.20 google.com www.google.com.ar
216.239.32.20 google.com www.google.as
216.239.32.20 google.com www.google.at
216.239.32.20 google.com www.google.com.au
216.239.32.20 google.com www.google.az
216.239.32.20 google.com www.google.ba
216.239.32.20 google.com www.google.com.bd
216.239.32.20 google.com www.google.be
216.239.32.20 google.com www.google.bf
216.239.32.20 google.com www.google.bg
216.239.32.20 google.com www.google.com.bh
216.239.32.20 google.com www.google.bi
216.239.32.20 google.com www.google.bj
216.239.32.20 google.com www.google.com.bn
216.239.32.20 google.com www.google.com.bo
216.239.32.20 google.com www.google.com.br
216.239.32.20 google.com www.google.bs
216.239.32.20 google.com www.google.bt
216.239.32.20 google.com www.google.co.bw
216.239.32.20 google.com www.google.by

There are 162 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {2C289F03-0376-4F22-92A0-9CBD1F61A699} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe [2012-02-21] (IObit)
Task: {3DDA4A7C-2364-41C5-9494-643AA7970814} - \BitGuard No Task File
Task: {54A6690A-2697-46C6-B4B8-1B29117FCCA3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-15] (Google Inc.)
Task: {A91FBCEF-1F07-4B8B-BD0D-670F359A4F93} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {B0A96F18-DEA1-42A6-BAA9-2C2AB64EF64E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {B18BECAC-0A9D-49B5-92AF-E0E852FF3191} - \EPUpdater No Task File
Task: {B83A3176-4FE5-4569-B42D-308015486593} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CFD0F5E9-68F1-4BC9-8327-E7FB3EE0563E} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {D94B5534-99F6-4CD4-97F6-BDF5DCFBD07F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-15] (Google Inc.)
Task: {FB07A79E-B81C-4174-88D1-C4E17E2B89DC} - System32\Tasks\AdobeFlashPlayerUpdate => C:\windows\SysWOW64\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-11-11 04:53 - 2010-11-11 04:53 - 00817136 _____ () c:\Program Files\Roxio\Roxio Burn\RBVirtualFolder64.dll
2011-07-28 08:40 - 2011-05-16 16:33 - 02748736 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2014-02-15 10:59 - 2014-02-14 12:12 - 00190808 _____ () C:\Users\Phan Chung Hieu\AppData\Local\PirritSuggestor\PirritDesktop.exe
2014-02-15 13:59 - 2014-02-13 11:54 - 00092328 _____ () C:\Program Files (x86)\iSafe\curlpp.dll
2014-02-15 13:59 - 2014-02-13 11:54 - 00061608 _____ () C:\Program Files (x86)\iSafe\zlib1.dll
2014-02-15 13:59 - 2014-01-10 09:17 - 00176976 _____ () C:\Program Files (x86)\iSafe\tws\unrar.dll
2014-02-15 13:59 - 2014-01-10 09:17 - 00087744 _____ () C:\Program Files (x86)\iSafe\tws\unacev2.dll
2014-02-15 13:22 - 2014-02-15 09:48 - 02272256 _____ () C:\Program Files\AVAST Software\Avast\defs\14021500\algo.dll
2014-02-15 18:01 - 2014-02-15 16:57 - 02272256 _____ () C:\Program Files\AVAST Software\Avast\defs\14021501\algo.dll
2013-11-27 16:11 - 2011-12-15 15:16 - 00516440 _____ () C:\Program Files (x86)\IObit\Game Booster 3\sqlite3.dll
2014-02-15 13:59 - 2014-02-13 11:54 - 00185000 _____ () C:\Program Files (x86)\iSafe\libpng.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-15 10:59 - 2014-02-14 12:12 - 00052568 _____ () C:\Users\Phan Chung Hieu\AppData\Local\PirritSuggestor\PirritService.exe
2013-10-16 16:13 - 2014-02-14 11:29 - 00059904 _____ () C:\Program Files (x86)\Pirrit\AutoUpdater.exe
2014-02-15 17:55 - 2014-02-02 00:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-15 17:55 - 2014-02-02 00:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-15 17:55 - 2014-02-02 00:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-15 17:55 - 2014-02-02 00:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-15 17:55 - 2014-02-02 00:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: BBSvc => 2
MSCONFIG\Services: FDResPub => 2
MSCONFIG\Services: FontCache => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Phan Chung Hieu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Severe Weather Alerts App.lnk => C:\windows\pss\Severe Weather Alerts App.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Phan Chung Hieu^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Severe Weather Alerts.lnk => C:\windows\pss\Severe Weather Alerts.lnk.Startup
MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\Phan Chung Hieu\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\Phan Chung Hieu\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: Dell Registration => C:\Program Files (x86)\System Registration\prodreg.exe /boot
MSCONFIG\startupreg: Desktop Disc Tool => "c:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: RoxWatchTray => "c:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/15/2014 05:47:19 PM) (Source: TOASTER.EXE) (User: )
Description: An Unhandled Exception occured.
Proces nemůže přistupovat k souboru C:\Users\Phan Chung Hieu\AppData\local\softthinks\scheduler.xml, protože soubor je využíván jiným procesem.
v System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)
v System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32 rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options, SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy)
v System.IO.FileStream..ctor(String path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize)
v System.Xml.XmlDownloadManager.GetStream(Uri uri, ICredentials credentials)
v System.Xml.XmlUrlResolver.GetEntity(Uri absoluteUri, String role, Type ofObjectToReturn)
v System.Xml.XmlTextReaderImpl.OpenUrlDelegate(Object xmlResolver)
v System.Threading.CompressedStack.runTryCode(Object userData)
v System.Runtime.CompilerServices.RuntimeHelpers.ExecuteCodeWithGuaranteedCleanup(TryCode code, CleanupCode backoutCode, Object userData)
v System.Threading.CompressedStack.Run(CompressedStack compressedStack, ContextCallback callback, Object state)
v System.Xml.XmlTextReaderImpl.OpenUrl()
v System.Xml.XmlTextReaderImpl.Read()
v System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
v System.Xml.XmlDocument.Load(XmlReader reader)
v System.Xml.XmlDocument.Load(String filename)
v Toaster.SchedulerReader.read()
v Toaster.Notifications.FullSystemBackup.FsbHelper.IsFsbScheduledNow()
v Toaster.Notifications.FullSystemBackup.FsbHelper.CheckReminder()
v Toaster.Helper.CheckReminders(ObservableCollection`1 notificationHelpers)
v Toaster.MainWindowViewModel.NotificationsTimerTick(Object sender, EventArgs e)
v System.Windows.Threading.DispatcherTimer.FireTick(Object unused)
v System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback, Object args, Boolean isSingleParameter)
v System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)

Error: (02/15/2014 05:41:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/15/2014 05:04:04 PM) (Source: Application Error) (User: )
Description: Název chybující aplikace: CCleaner64.exe, verze: 4.7.0.4369, časové razítko: 0x52654a14
Název chybujícího modulu: CCleaner64.exe, verze: 4.7.0.4369, časové razítko: 0x52654a14
Kód výjimky: 0x40000015
Posun chyby: 0x00000000000c9c21
ID chybujícího procesu: 0x640
Čas spuštění chybující aplikace: 0xCCleaner64.exe0
Cesta k chybující aplikaci: CCleaner64.exe1
Cesta k chybujícímu modulu: CCleaner64.exe2
ID zprávy: CCleaner64.exe3

Error: (02/15/2014 04:48:08 PM) (Source: Application Hang) (User: )
Description: Program IEXPLORE.EXE verze 10.0.9200.16736 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1384

Čas spuštění: 01cf2a6532529f3d

Čas ukončení: 0

Cesta k aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

ID hlášení:


System errors:
=============
Error: (02/15/2014 05:43:27 PM) (Source: Service Control Manager) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Publikování prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (02/15/2014 05:43:00 PM) (Source: Service Control Manager) (User: )
Description: Služba PirritUpdater přestala během spouštění reagovat.

Error: (02/15/2014 05:43:00 PM) (Source: Service Control Manager) (User: )
Description: Služba PirritDesktop přestala během spouštění reagovat.

Error: (02/15/2014 05:06:49 PM) (Source: Service Control Manager) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Publikování prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (02/15/2014 04:06:44 PM) (Source: Service Control Manager) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Publikování prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující chyby:
%%1058

Error: (02/15/2014 03:16:32 PM) (Source: DCOM) (User: )
Description: {3EEF301F-B596-4C0B-BD92-013BEAFCE793}

Error: (02/15/2014 03:06:44 PM) (Source: Service Control Manager) (User: )
Description: Služba Zprostředkovatel domácích skupin závisí na službě Publikování prostředků rozpoznávání funkcí, která neuspěla při spuštění v důsledku následující chyby:
%%1058


Microsoft Office Sessions:
=========================

Re: 1place.org a hotspotaward malware..

Napsal: 15 úno 2014 18:21
od vyosek
Zdravim :)

:arrow: Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
  • Ukoncete vsechny programy
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Pockejte na dokonceni PreScanu
  • Zvolte moznost Prohledat (scan)
  • Po dokonceni skenu kliknete na Zpráva (Report)- otevre se log, ten sem vlozte
  • Detailni postup vc. obrazku mate zde http://forum.viry.cz/viewtopic.php?f=24&t=120452

Re: 1place.org a hotspotaward malware..

Napsal: 15 úno 2014 18:32
od festk
RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Phan Chung Hieu [Práva správce]
Mód : Kontrola -- Datum : 02/15/2014 18:31:00
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 5 ¤¤¤
[PROXY IE][PUM] HKCU\[...]\Internet Settings : ProxyServer (hxxp=hxxp://127.0.0.1:9881 [Country: (Private Address) (XX), City: (Private Address)]) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> NALEZENO
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> NALEZENO
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NALEZENO

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : Mal.Hosts ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

216.239.32.20 google.com www.google.com --> Potentially malicious!

216.239.32.20 google.com www.google.com
216.239.32.20 google.com www.google.ad
216.239.32.20 google.com www.google.ae
216.239.32.20 google.com www.google.com.af
216.239.32.20 google.com www.google.com.ag
216.239.32.20 google.com www.google.com.ai
216.239.32.20 google.com www.google.al
216.239.32.20 google.com www.google.am
216.239.32.20 google.com www.google.co.ao
216.239.32.20 google.com www.google.com.ar
216.239.32.20 google.com www.google.as
216.239.32.20 google.com www.google.at
216.239.32.20 google.com www.google.com.au
216.239.32.20 google.com www.google.az
216.239.32.20 google.com www.google.ba
216.239.32.20 google.com www.google.com.bd
216.239.32.20 google.com www.google.be
216.239.32.20 google.com www.google.bf
216.239.32.20 google.com www.google.bg
216.239.32.20 google.com www.google.com.bh
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK6465GSX SATA Disk Device +++++
--- User ---
[MBR] a2229b91e122ed02a1b94ea98b478a22
[BSP] f9d46aaaec9b64befe9c17556318ff94 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595378 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_S_02152014_183100.txt >>

Re: 1place.org a hotspotaward malware..

Napsal: 15 úno 2014 18:39
od festk
Nechci to nějak zaříkávat, ale asi to už zmizelo. Nic už nevyskakuje, asi to bude tím roguekiller :shock:

Děkuji za pomoc a jestli by to mělo znova naskočit, určitě se znovu ozvu! :worship: :worship:

Re: 1place.org a hotspotaward malware..

Napsal: 15 úno 2014 22:07
od vyosek
:arrow: Jeste budem pokracovat, je tam toho hodne :arcisit:

:arrow: Spustte znovu RogueKiller
  • Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
  • Zvolte moznost Prohledat a pote Smazat a nasledne Zprava - otevre se log, ten sem vlozte
  • Pak kliknete na Oprava Host a Zprava - otevre se log, ten sem vlozte

Re: 1place.org a hotspotaward malware..

Napsal: 15 úno 2014 22:43
od festk
RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Phan Chung Hieu [Práva správce]
Mód : Odebrat -- Datum : 02/15/2014 22:42:10
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ naplánované úlohy : 0 ¤¤¤

¤¤¤ spuštění položky : 0 ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Zvláštní soubory / Složky: ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : Mal.Hosts ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

216.239.32.20 google.com www.google.com --> Potentially malicious!

216.239.32.20 google.com www.google.com
216.239.32.20 google.com www.google.ad
216.239.32.20 google.com www.google.ae
216.239.32.20 google.com www.google.com.af
216.239.32.20 google.com www.google.com.ag
216.239.32.20 google.com www.google.com.ai
216.239.32.20 google.com www.google.al
216.239.32.20 google.com www.google.am
216.239.32.20 google.com www.google.co.ao
216.239.32.20 google.com www.google.com.ar
216.239.32.20 google.com www.google.as
216.239.32.20 google.com www.google.at
216.239.32.20 google.com www.google.com.au
216.239.32.20 google.com www.google.az
216.239.32.20 google.com www.google.ba
216.239.32.20 google.com www.google.com.bd
216.239.32.20 google.com www.google.be
216.239.32.20 google.com www.google.bf
216.239.32.20 google.com www.google.bg
216.239.32.20 google.com www.google.com.bh
[...]


¤¤¤ Kontrola MBR: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK6465GSX SATA Disk Device +++++
--- User ---
[MBR] a2229b91e122ed02a1b94ea98b478a22
[BSP] f9d46aaaec9b64befe9c17556318ff94 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 15000 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 30926848 | Size: 595378 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Dokončeno : << RKreport[0]_D_02152014_224210.txt >>
RKreport[0]_D_02152014_191034.txt;RKreport[0]_S_02152014_183100.txt;RKreport[0]_S_02152014_224154.txt





2. log

RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://forum.adlice.com
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Phan Chung Hieu [Práva správce]
Mód : Oprava HOSTS -- Datum : 02/15/2014 22:42:54
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 0 ¤¤¤

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : Mal.Hosts ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

216.239.32.20 google.com www.google.com --> Potentially malicious!

216.239.32.20 google.com www.google.com
216.239.32.20 google.com www.google.ad
216.239.32.20 google.com www.google.ae
216.239.32.20 google.com www.google.com.af
216.239.32.20 google.com www.google.com.ag
216.239.32.20 google.com www.google.com.ai
216.239.32.20 google.com www.google.al
216.239.32.20 google.com www.google.am
216.239.32.20 google.com www.google.co.ao
216.239.32.20 google.com www.google.com.ar
216.239.32.20 google.com www.google.as
216.239.32.20 google.com www.google.at
216.239.32.20 google.com www.google.com.au
216.239.32.20 google.com www.google.az
216.239.32.20 google.com www.google.ba
216.239.32.20 google.com www.google.com.bd
216.239.32.20 google.com www.google.be
216.239.32.20 google.com www.google.bf
216.239.32.20 google.com www.google.bg
216.239.32.20 google.com www.google.com.bh
[...]


¤¤¤ Resetovaný HOSTS: ¤¤¤
127.0.0.1 localhost


Dokončeno : << RKreport[0]_H_02152014_224254.txt >>
RKreport[0]_D_02152014_191034.txt;RKreport[0]_D_02152014_224210.txt;RKreport[0]_S_02152014_183100.txt
RKreport[0]_S_02152014_224154.txt

notebook se velmi často přehřívá, možná to bude tim, že? :/

Re: 1place.org a hotspotaward malware..

Napsal: 16 úno 2014 08:39
od vyosek
:arrow: Ano, havet zatezuje procesor a ten se zahriva

:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
:arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: 1place.org a hotspotaward malware..

Napsal: 16 úno 2014 11:44
od festk
jaj tak se ten malware znovu objevil, nevim jak :cry:

Re: 1place.org a hotspotaward malware..

Napsal: 16 úno 2014 11:50
od vyosek
Vsak PC jeste neni ciste a dolecene, udelejte ten Zoek a pak pujdeme dale

Re: 1place.org a hotspotaward malware..

Napsal: 16 úno 2014 11:57
od festk
# AdwCleaner v3.018 - Report created 16/02/2014 at 11:46:34
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Phan Chung Hieu - PHANCHUNGHIEU
# Running from : C:\Users\Phan Chung Hieu\Downloads\adwcleaner (1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16736


-\\ Mozilla Firefox v

-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Phan Chung Hieu\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5466 octets] - [15/02/2014 13:25:26]
AdwCleaner[R1].txt - [1094 octets] - [15/02/2014 14:03:40]
AdwCleaner[R2].txt - [1067 octets] - [16/02/2014 11:45:52]
AdwCleaner[S0].txt - [5329 octets] - [15/02/2014 13:26:10]
AdwCleaner[S1].txt - [1162 octets] - [15/02/2014 14:04:55]
AdwCleaner[S2].txt - [990 octets] - [16/02/2014 11:46:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1049 octets] ##########

Re: 1place.org a hotspotaward malware..

Napsal: 16 úno 2014 11:59
od vyosek
Tohle je AdwCleaner, ja bych rad Zoek - navod vyse

Re: 1place.org a hotspotaward malware..

Napsal: 16 úno 2014 12:44
od festk
Zoek.exe v5.0.0.0 Updated 15-February-2014
Tool run by Phan Chung Hieu on ne 16.02.2014 at 12:03:26,84.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Phan Chung Hieu\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

16.2.2014 12:04:30 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3195401569-4096988449-4207316193-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08E32CD6-9546-507E-DE74-732F8E51F1F9} deleted successfully
HKEY_USERS\S-1-5-21-3195401569-4096988449-4207316193-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{08E32CD6-9546-507E-DE74-732F8E51F1F9} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{08E32CD6-9546-507E-DE74-732F8E51F1F9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08E32CD6-9546-507E-DE74-732F8E51F1F9} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PirritUpdater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\PirritUpdater deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\PHANCH~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

Added to C:\Users\PHANCH~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

C:\Users\Phan Chung Hieu\AppData\LocalLow\{6615D7AA-CED0-E858-7FF2-D52F337EA483} deleted
C:\Users\Phan Chung Hieu\AppData\Local\Packages\windows_ie_ac_001\AC\{6615D7AA-CED0-E858-7FF2-D52F337EA483} deleted
C:\ProgramData\suurf and keep deleted
C:\PROGRA~2\suurf and keep deleted
C:\PROGRA~2\GUTFB50.tmp deleted
C:\PROGRA~2\GUMFB4F.tmp deleted
C:\Users\Phan Chung Hieu\AppData\Roaming\eCyber deleted
C:\Users\Phan Chung Hieu\AppData\Roaming\iSafe deleted
C:\ProgramData\InstallMate deleted
C:\Users\Phan Chung Hieu\AppData\Local\avgchrome deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YAC deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
"C:\ProgramData\c0270772e5140103\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" deleted
"C:\Users\Phan Chung Hieu\AppData\Roaming\Pirrit\Config.json" deleted
"C:\PROGRA~2\Pirrit\AutoUpdater.exe" deleted
"C:\PROGRA~2\Pirrit\msvcp100.dll" deleted
"C:\PROGRA~2\Pirrit\msvcr100.dll" not deleted
"C:\PROGRA~2\Pirrit\QtCore4.dll" deleted
"C:\PROGRA~2\Pirrit\QtNetwork4.dll" deleted
"C:\PROGRA~2\iSafe\bugreport.exe" not deleted
"C:\PROGRA~2\iSafe\curlpp.dll" not deleted
"C:\PROGRA~2\iSafe\dup.exe" not deleted
"C:\PROGRA~2\iSafe\IC.dll" not deleted
"C:\PROGRA~2\iSafe\iCommu.dll" not deleted
"C:\PROGRA~2\iSafe\iCore.dll" not deleted
"C:\PROGRA~2\iSafe\iPluginDetector.dll" not deleted
"C:\PROGRA~2\iSafe\iSafe.exe" not deleted
"C:\PROGRA~2\iSafe\iSafeEngine.dll" not deleted
"C:\PROGRA~2\iSafe\iSafeKrnl.sys" not deleted
"C:\PROGRA~2\iSafe\iSafeKrnlCall.dll" not deleted
"C:\PROGRA~2\iSafe\iSafeKrnlCall64.dll" not deleted
"C:\PROGRA~2\iSafe\iSafeNetFilter.sys" not deleted
"C:\PROGRA~2\iSafe\iSafeScan.exe" not deleted
"C:\PROGRA~2\iSafe\iSafeSvc.exe" not deleted
"C:\PROGRA~2\iSafe\iSafeSvc2.exe" not deleted
"C:\PROGRA~2\iSafe\iSafeTray.exe" not deleted
"C:\PROGRA~2\iSafe\iSafeUpdate.exe" not deleted
"C:\PROGRA~2\iSafe\iStart.exe" not deleted
"C:\PROGRA~2\iSafe\iSvc.dll" not deleted
"C:\PROGRA~2\iSafe\iSvc2.dll" not deleted
"C:\PROGRA~2\iSafe\libcurl.dll" not deleted
"C:\PROGRA~2\iSafe\libpng.dll" not deleted
"C:\PROGRA~2\iSafe\main" not deleted
"C:\PROGRA~2\iSafe\msvcp110.dll" not deleted
"C:\PROGRA~2\iSafe\msvcr110.dll" not deleted
"C:\PROGRA~2\iSafe\ouilibx.dll" not deleted
"C:\PROGRA~2\iSafe\sqlite3.dll" not deleted
"C:\PROGRA~2\iSafe\TrayDownloader.exe" not deleted
"C:\PROGRA~2\iSafe\uninstall.exe" not deleted
"C:\PROGRA~2\iSafe\uninstall.inst" not deleted
"C:\PROGRA~2\iSafe\zlib1.dll" not deleted
"C:\PROGRA~2\iSafe\cfg\config.dat" not deleted
"C:\PROGRA~2\iSafe\cfg\customscan.dat" not deleted
"C:\PROGRA~2\iSafe\cfg\fullscan.dat" not deleted
"C:\PROGRA~2\iSafe\cfg\isafe.dat" not deleted
"C:\PROGRA~2\iSafe\cfg\iSafeUpdate.ini" not deleted
"C:\PROGRA~2\iSafe\cfg\ors.dat" not deleted
"C:\PROGRA~2\iSafe\cfg\quickscan.dat" not deleted
"C:\PROGRA~2\iSafe\data\bas.dat" not deleted
"C:\PROGRA~2\iSafe\data\bts.dat" not deleted
"C:\PROGRA~2\iSafe\data\eas.dat" not deleted
"C:\PROGRA~2\iSafe\data\ess.dat" not deleted
"C:\PROGRA~2\iSafe\data\nlu.dat" not deleted
"C:\PROGRA~2\iSafe\data\rms.dat" not deleted
"C:\PROGRA~2\iSafe\data\sta.dat" not deleted
"C:\PROGRA~2\iSafe\data\was.dat" not deleted
"C:\PROGRA~2\iSafe\font\segoeui.ttf" not deleted
"C:\PROGRA~2\iSafe\font\segoeuib.ttf" not deleted
"C:\PROGRA~2\iSafe\lang\lang.xml" not deleted
"C:\PROGRA~2\iSafe\lang\startup_lang.xml" not deleted
"C:\PROGRA~2\iSafe\log\iSafe.LOG" not deleted
"C:\PROGRA~2\iSafe\log\iSafeEngine.log" not deleted
"C:\PROGRA~2\iSafe\log\iSafeKrnlCall.log" not deleted
"C:\PROGRA~2\iSafe\log\iSafeList.log" not deleted
"C:\PROGRA~2\iSafe\log\ISafeScan.log" not deleted
"C:\PROGRA~2\iSafe\log\iSafeSvc.LOG" not deleted
"C:\PROGRA~2\iSafe\log\iSafeSvc2.LOG" not deleted
"C:\PROGRA~2\iSafe\log\iSafeUpdate.LOG" not deleted
"C:\PROGRA~2\iSafe\log\iStartupList.log" not deleted
"C:\PROGRA~2\iSafe\tws\antirk.dll" not deleted
"C:\PROGRA~2\iSafe\tws\common.ini" not deleted
"C:\PROGRA~2\iSafe\tws\ctools.dll" not deleted
"C:\PROGRA~2\iSafe\tws\decexp.dll" not deleted
"C:\PROGRA~2\iSafe\tws\emlib.dll" not deleted
"C:\PROGRA~2\iSafe\tws\falgorit.dll" not deleted
"C:\PROGRA~2\iSafe\tws\fddsdb.dat" not deleted
"C:\PROGRA~2\iSafe\tws\fgui.dll" not deleted
"C:\PROGRA~2\iSafe\tws\filau.dll" not deleted
"C:\PROGRA~2\iSafe\tws\filcmn.dll" not deleted
"C:\PROGRA~2\iSafe\tws\filcpt.dll" not deleted
"C:\PROGRA~2\iSafe\tws\filppi.dll" not deleted
"C:\PROGRA~2\iSafe\tws\filpps.ini" not deleted
"C:\PROGRA~2\iSafe\tws\filup.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filup.ini" not deleted
"C:\PROGRA~2\iSafe\tws\filvss.dll" not deleted
"C:\PROGRA~2\iSafe\tws\filvss.ini" not deleted
"C:\PROGRA~2\iSafe\tws\fsrexc.dat" not deleted
"C:\PROGRA~2\iSafe\tws\fupd.dll" not deleted
"C:\PROGRA~2\iSafe\tws\iSafeUpdate.exe" not deleted
"C:\PROGRA~2\iSafe\tws\leave.dat" not deleted
"C:\PROGRA~2\iSafe\tws\lsf.dll" not deleted
"C:\PROGRA~2\iSafe\tws\mca.dll" not deleted
"C:\PROGRA~2\iSafe\tws\message.dll" not deleted
"C:\PROGRA~2\iSafe\tws\plugmgr.dll" not deleted
"C:\PROGRA~2\iSafe\tws\psmgr.dll" not deleted
"C:\PROGRA~2\iSafe\tws\quarantine.dll" not deleted
"C:\PROGRA~2\iSafe\tws\tsc.dll" not deleted
"C:\PROGRA~2\iSafe\tws\twsdk.dll" not deleted
"C:\PROGRA~2\iSafe\tws\twsscan.sfc" not deleted
"C:\PROGRA~2\iSafe\tws\twsupd.dll" not deleted
"C:\PROGRA~2\iSafe\tws\twsupd.ini" not deleted
"C:\PROGRA~2\iSafe\tws\unacev2.dll" not deleted
"C:\PROGRA~2\iSafe\tws\unchm.dll" not deleted
"C:\PROGRA~2\iSafe\tws\unemb.dll" not deleted
"C:\PROGRA~2\iSafe\tws\unmisc.dll" not deleted
"C:\PROGRA~2\iSafe\tws\unrar.dll" not deleted
"C:\PROGRA~2\iSafe\tws\unsevzip.dll" not deleted
"C:\PROGRA~2\iSafe\tws\unzip32.dll" not deleted
"C:\PROGRA~2\iSafe\tws\vfst.dll" not deleted
"C:\PROGRA~2\iSafe\tws\w32tools.dll" not deleted
"C:\PROGRA~2\iSafe\tws\zipexp.dll" not deleted
"C:\PROGRA~2\iSafe\tws\zlib1.dll" not deleted
"C:\PROGRA~2\iSafe\user\sie.dat" not deleted
"C:\PROGRA~2\iSafe\skin2\style\style_new.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\about_bg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\about_update.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\activity.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\activity_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\app_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\arrowdown-green.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\arrowdown-jadegreen.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\arrowup-orange.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\arrowup-yellow.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\arrow_down.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\arrow_up.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\BG.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\bing_16_16.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\block_more.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\boost_btn_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\boost_computer.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\boost_icon_blue.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\boost_icon_gray.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\boottime_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_arrow.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_nodata.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_scanning.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_tip_blue.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_tip_orange.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_tip_red.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\browser_icon_list.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\browser_protect_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\btnbg_35.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\btn_close.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\btn_close_about.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\btn_min.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\btn_set.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\button-small.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\button_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\cfgclose.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\check_checked.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\check_indeterminate.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\check_uncheck.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\chrome_16.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\cleanscanresultdlg_bg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\clean_icon_blue.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\clean_icon_gray.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\clean_ok.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\clean_reg_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\clean_waiting.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\clear_list.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\clear_tip.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\cm_iconlist.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\combo_browser.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\combo_browser_dropdown_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\combo_skin.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\combo_skin2.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\combo_skin3.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\common_button_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\connecting_anim.gif" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\defaultbrowser_handler.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\defaultsearch_handler.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\disable_startup.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\donate.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\edit_skin.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\edit_skin_op.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_%.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_animate_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_arrow.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_btn.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_icon_list.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_left.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_logo.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_num.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_option_ok.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_option_ok_green.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_option_ok_point.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_ boost.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_collapse.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_collapse_green.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_collapse_red.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_error.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_expand.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_expand_green.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_expand_red.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_protect.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_rubbish.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_warning.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\exit.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\fast-scan.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\firefox_16.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_arrow_down.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_cloud.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_cloud2.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_cloud3.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_flow.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_flow_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_number.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_num_hover.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_num_norm.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_pop.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_rock.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_tb_acc_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_tb_acc_bk2.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_tb_flow_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_tb_meter.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\flow_used.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\google_16_16.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\griditembk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\head_checked.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\head_indeteminate.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\head_unchecked.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\homepage_handler.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\hover_bk_large.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\hover_bk_small.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\icon_complete_36.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\icon_deep_clean.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\icon_exam.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\icon_netmon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\icon_optimize.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\icon_plugin.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\icon_protect.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\icon_quick_clean.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\icon_setting.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\icon_softmgr.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\icon_virusscan.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\icon_warning_36.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\ie_16_16.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\IE_default.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\if_block.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\if_prompt.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\if_question.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\if_warning.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\inst_bg1.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\inst_close_btn.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\inst_cover_bg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\inst_inst_btn.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\inst_wheel.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\interception_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\intercept_delete.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\intercept_history_iconlist.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\isafe_16.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\language_btn_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\language_selected_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\like.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\like_count.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\line1.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\line2.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\listctrlbtn.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\listitem_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\listtabbg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\listtitlebg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\list_header.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\list_setting.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\lock_state_list.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\menubg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\menu_bkg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\menu_bkg2.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\menu_item_over.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\menu_setting_over.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\msgbox_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\nation_icon_list.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\netbutton.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\netbutton_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\netbutton_left.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\netbutton_right.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\network_protect_lock.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\network_protect_uncheck.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\network_protect_unlock.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\new_abovebg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\num_blue.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\num_green.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\num_pink.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\one_click_startup.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\one_key_cookie.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\one_key_reg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\one_key_rubbish.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\one_key_trace.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\online_shopping.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\open_folder.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\opera_16.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\p2cBtn.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\percent_green.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pic-error.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pic-info.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pic-question.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pic-warning.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\plugin.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\plugin_handler.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\plugin_normal.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\plugin_security_level.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\plugin_should_delete.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\plugin_should_disable.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_arrow.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_arrow_fail.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_block.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_block_btn.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_block_mbtn.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_clean.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_ok.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_clock.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_fast.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_safe.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_safe_weather.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_slow.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_unsafe.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_unsafe_weather.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_sys_button2.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_sys_close.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_sys_number.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_sys_star.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_title.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_unkownweb.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_unlock.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pop_warning.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\progressbar_anim.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\progressbar_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\progressbar_image.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\progress_end.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\progress_end_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\progress_header.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\progress_header_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\progress_middle.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\progress_middle_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\protect_icon_blue.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\protect_icon_gray.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pvb_line.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\pvb_skin.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\quick_clean_icon_list.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\radio_checked.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\radio_unchecked.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\resource.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\revert_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\revert_cancel.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\revert_ok.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\revocation.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\risk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\scancheck.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\scan_animate.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\scan_complete.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\scan_scanning.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\scan_warning.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\score_bg0.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\score_bg1.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\score_bg2.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\score_bg3.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\score_bg4.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\score_bg5.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\score_number.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\search_engine_icon_list.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\separateline.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\setting_bg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\setting_img_list.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\shortcut.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\shortcut_handler.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\softmgr_boottime_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\softmgr_dlg_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\softmgr_flow_iconlist.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\softmgr_instdate_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\softmgr_result_dlg_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\softmgr_uninst_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\softremain_icon_list.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\software_info_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\software_mgr.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\soft_rating_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\soft_rating_indicator.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\soft_remove_button_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\soft_remove_gray.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\soft_remove_green.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\soft_remove_orange.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\soft_remove_red.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\soft_uninst_icon_20.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\soft_uninst_icon_32.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\srfe.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\startup_acclate.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\startup_handler.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\startup_hasitem_handler.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\startup_off.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\startup_on.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\stopwatch.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\submenu_arrow.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\sub_toggle_btn.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\suspended_bg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\suspenditembk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\suspend_close.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\switch_button_off.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\switch_button_on.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\sys_boost.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\sys_imglist.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\sys_key_svc.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\sys_menu.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\s_deepclean.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\s_plugin.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\s_quickclean.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\s_registry.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\s_rubbish.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\s_sysopt.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\s_trace.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\tab_bg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\tab_iconlist.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\tab_separator.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\tab_vert_line.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\tip_scanning_bk.gif" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\tobutton1.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\toggletbar_bg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\traymenu_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\traymenu_btn_bk.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\treeitem_collapse.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\treeitem_expand.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\treeitem_line.png" not deleted

Re: 1place.org a hotspotaward malware..

Napsal: 16 úno 2014 12:44
od festk
2. část

"C:\PROGRA~2\iSafe\skin2\image\new\treeitem_line_half.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_bg_fadeout.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_body.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_btn_bg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_btn_bg1.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_btn_bg2.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_btn_choice.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_invest_logo.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_logo_fadeout.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_ok.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_pic_compatible.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_pic_speedup.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_pic_uninstall.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_step_arrow.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\unlocked_icon_16.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\unlocked_icon_32.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\update.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\update_chk_err.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\update_chk_ok.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\update_client_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\update_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\update_server_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\v9_16_16.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\VirScanner_Report_BG.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\VirScanReportDlg_close_btn.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\VirScan_btn_bg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\VirScan_PassBtn_bg.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\VirScan_PassBtn_Splitline.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\virscan_tips_ico.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\virscan_warning_ico.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\virus_custom_scan.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\virus_delete_btn.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\virus_full_scan.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\virus_quick_scan.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\virus_restore_btn.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\virus_setting_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\vscroll.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\weather_icon.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\YAC_16.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\yac_mx.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\yac_search.png" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new\yahoo_16_16.png" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\aboutdlg.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\boottimedlg.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\CleanScanResultDlg.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\cover.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\disable_warnings.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\install.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\language_select.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\maindlg.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\msgbox.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\revertdlg.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\softmgr_guide.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\softmgr_result.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\suspended.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\suspendinfo.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\suspend_interception.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\traydlg.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\trayfloaty.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\trayfloatypop.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\traymenudlg.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\uninstall.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\uninstall2.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\uninstall_animation.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\uninstall_logo_fade.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\updatedlg.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\upgrade.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\VirusScannerDlg.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\VirusScanner_Report.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\virusscan_customdlg.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\virusscan_settingdlg.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\blockblacklist.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\blockmodify.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\cleartrash.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\install_plugin.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\lock_guide.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\modifydefaultsearch.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\modifystartup.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\querymodify.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\shortcut.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\startup_assist.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\startup_assist_weather.xml" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\updatedb.xml" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0000.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0001.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0002.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0003.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0004.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0005.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0006.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0007.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0008.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0009.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0010.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0011.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0012.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0013.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0014.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0015.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0016.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0017.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0018.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0019.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0020.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0021.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0022.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0023.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0024.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0025.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0026.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0027.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0028.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0029.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0030.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0031.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0032.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0033.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0034.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0035.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0036.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0037.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0038.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0039.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0040.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0041.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0042.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0043.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0044.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0045.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0046.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0047.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0048.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0049.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0050.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0051.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0052.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0053.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0054.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0055.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0056.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0057.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0058.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0059.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0060.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0061.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0062.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0063.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0064.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0065.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0066.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0067.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0068.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0069.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0070.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0071.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0072.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0073.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0074.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0075.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0076.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0077.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0078.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0079.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0080.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0081.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\base0082.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\catalog.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0000.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0001.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0002.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0003.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0004.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0005.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0006.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0007.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0008.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0009.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0010.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0011.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0012.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0013.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0014.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0015.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0016.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0017.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0018.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0019.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0020.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0021.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0022.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0023.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0024.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0025.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0026.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0027.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0028.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0029.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0030.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0031.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0032.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0033.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0034.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0035.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0036.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0037.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0038.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0039.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0040.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0041.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0042.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0043.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0044.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0045.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0046.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0047.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0048.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0049.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0050.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0051.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0052.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0053.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0054.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0055.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0056.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0057.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0058.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0059.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0060.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0061.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0062.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0063.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0064.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0065.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0066.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0067.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0068.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0069.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0070.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0071.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0072.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0073.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0074.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0075.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0076.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0077.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0078.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0079.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0080.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0081.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0082.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0083.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0084.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0085.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0086.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0087.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0088.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0089.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0090.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0091.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0092.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0093.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0094.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0095.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0096.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0097.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0098.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0099.dat" not deleted
"C:\PROGRA~2\iSafe\tws\defs\gen0100.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\figs000.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fils000.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fols000.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwgs000.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls000.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls001.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls002.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls003.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls004.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls005.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls006.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls007.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls008.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls009.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls010.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls011.dat" not deleted
"C:\PROGRA~2\iSafe\tws\filwls\fwls012.dat" not deleted
"C:\PROGRA~2\iSafe\tws\logs\twister.log" not deleted
"C:\PROGRA~2\iSafe\tws\plugins\filavutd.dll" not deleted
"C:\PROGRA~2\iSafe\tws\plugins\virut.tpl" not deleted
"C:\PROGRA~2\iSafe\tws\quarantine\catalog.dat" not deleted
"C:\PROGRA~2\iSafe\tws\x64\psmgr.dll" not deleted
"C:\ProgramData\c0270772e5140103" deleted
"C:\Users\Phan Chung Hieu\AppData\Roaming\Pirrit" deleted
"C:\PROGRA~2\Pirrit" not deleted
"C:\PROGRA~2\iSafe" not deleted
"C:\PROGRA~2\iSafe\cfg" not deleted
"C:\PROGRA~2\iSafe\data" not deleted
"C:\PROGRA~2\iSafe\font" not deleted
"C:\PROGRA~2\iSafe\lang" not deleted
"C:\PROGRA~2\iSafe\log" not deleted
"C:\PROGRA~2\iSafe\skin2" not deleted
"C:\PROGRA~2\iSafe\tws" not deleted
"C:\PROGRA~2\iSafe\user" not deleted
"C:\PROGRA~2\iSafe\skin2\image" not deleted
"C:\PROGRA~2\iSafe\skin2\layout" not deleted
"C:\PROGRA~2\iSafe\skin2\style" not deleted
"C:\PROGRA~2\iSafe\skin2\image\new" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new" not deleted
"C:\PROGRA~2\iSafe\skin2\layout\new\pop" not deleted
"C:\PROGRA~2\iSafe\tws\defs" not deleted
"C:\PROGRA~2\iSafe\tws\filwls" not deleted
"C:\PROGRA~2\iSafe\tws\logs" not deleted
"C:\PROGRA~2\iSafe\tws\plugins" not deleted
"C:\PROGRA~2\iSafe\tws\quarantine" not deleted
"C:\PROGRA~2\iSafe\tws\task" not deleted
"C:\PROGRA~2\iSafe\tws\temp" not deleted
"C:\PROGRA~2\iSafe\tws\trace" not deleted
"C:\PROGRA~2\iSafe\tws\x64" not deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\PHANCH~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Pirrit Suggestor - %ProfilePath%\extensions\suggestor@pirrit.com.xpi
- Undetermined - %ProfilePath%\extensions\suggestor@suggestor.pirrit.com.xpi

ExtDir: C:\Users\Phan Chung Hieu\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
- Pirrit Suggestor - %ExtDir%\suggestor@pirrit.com.xpi

==== Firefox Plugins ======================


==== Deleting Files \ Folders ======================

"C:\Users\PHANCH~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\suggestor@pirrit.com.xpi" deleted
"C:\Users\Phan Chung Hieu\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\suggestor@pirrit.com.xpi" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fhhkecgfjgooimebgoohgglnmfagcfpp - C:\Program Files (x86)\Rolimno\fhhkecgfjgooimebgoohgglnmfagcfpp.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[03.01.2014 01:32]

Skype Click to Call - Phan Chung Hieu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... {startPage}"

==== Reset Google Chrome ======================

C:\Users\Phan Chung Hieu\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Phan Chung Hieu\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fhhkecgfjgooimebgoohgglnmfagcfpp deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iSafe deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Phan Chung Hieu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Phan Chung Hieu\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Phan Chung Hieu\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=826 folders=52 256184802 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Phan Chung Hieu\AppData\Local\Temp will be emptied at reboot
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\PHANCH~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\PROGRA~2\Pirrit\msvcr100.dll" not found
"C:\PROGRA~2\iSafe\bugreport.exe" not found
"C:\PROGRA~2\iSafe\curlpp.dll" not found
"C:\PROGRA~2\iSafe\dup.exe" not found
"C:\PROGRA~2\iSafe\IC.dll" not found
"C:\PROGRA~2\iSafe\iCommu.dll" not found
"C:\PROGRA~2\iSafe\iCore.dll" not found
"C:\PROGRA~2\iSafe\iPluginDetector.dll" not found
"C:\PROGRA~2\iSafe\iSafe.exe" not found
"C:\PROGRA~2\iSafe\iSafeEngine.dll" not found
"C:\PROGRA~2\iSafe\iSafeKrnl.sys" not found
"C:\PROGRA~2\iSafe\iSafeKrnlCall.dll" not found
"C:\PROGRA~2\iSafe\iSafeKrnlCall64.dll" not found
"C:\PROGRA~2\iSafe\iSafeNetFilter.sys" not found
"C:\PROGRA~2\iSafe\iSafeScan.exe" not found
"C:\PROGRA~2\iSafe\iSafeSvc.exe" not found
"C:\PROGRA~2\iSafe\iSafeSvc2.exe" not found
"C:\PROGRA~2\iSafe\iSafeTray.exe" not found
"C:\PROGRA~2\iSafe\iSafeUpdate.exe" not found
"C:\PROGRA~2\iSafe\iStart.exe" not found
"C:\PROGRA~2\iSafe\iSvc.dll" not found
"C:\PROGRA~2\iSafe\iSvc2.dll" not found
"C:\PROGRA~2\iSafe\libcurl.dll" not found
"C:\PROGRA~2\iSafe\libpng.dll" not found
"C:\PROGRA~2\iSafe\main" not found
"C:\PROGRA~2\iSafe\msvcp110.dll" not found
"C:\PROGRA~2\iSafe\msvcr110.dll" not found
"C:\PROGRA~2\iSafe\ouilibx.dll" not found
"C:\PROGRA~2\iSafe\sqlite3.dll" not found
"C:\PROGRA~2\iSafe\TrayDownloader.exe" not found
"C:\PROGRA~2\iSafe\uninstall.exe" not found
"C:\PROGRA~2\iSafe\uninstall.inst" not found
"C:\PROGRA~2\iSafe\zlib1.dll" not found
"C:\PROGRA~2\iSafe\cfg\config.dat" not found
"C:\PROGRA~2\iSafe\cfg\customscan.dat" not found
"C:\PROGRA~2\iSafe\cfg\fullscan.dat" not found
"C:\PROGRA~2\iSafe\cfg\isafe.dat" not found
"C:\PROGRA~2\iSafe\cfg\iSafeUpdate.ini" not found
"C:\PROGRA~2\iSafe\cfg\ors.dat" not found
"C:\PROGRA~2\iSafe\cfg\quickscan.dat" not found
"C:\PROGRA~2\iSafe\data\bas.dat" not found
"C:\PROGRA~2\iSafe\data\bts.dat" not found
"C:\PROGRA~2\iSafe\data\eas.dat" not found
"C:\PROGRA~2\iSafe\data\ess.dat" not found
"C:\PROGRA~2\iSafe\data\nlu.dat" not found
"C:\PROGRA~2\iSafe\data\rms.dat" not found
"C:\PROGRA~2\iSafe\data\sta.dat" not found
"C:\PROGRA~2\iSafe\data\was.dat" not found
"C:\PROGRA~2\iSafe\font\segoeui.ttf" not found
"C:\PROGRA~2\iSafe\font\segoeuib.ttf" not found
"C:\PROGRA~2\iSafe\lang\lang.xml" not found
"C:\PROGRA~2\iSafe\lang\startup_lang.xml" not found
"C:\PROGRA~2\iSafe\log\iSafe.LOG" not found
"C:\PROGRA~2\iSafe\log\iSafeEngine.log" not found
"C:\PROGRA~2\iSafe\log\iSafeKrnlCall.log" not found
"C:\PROGRA~2\iSafe\log\iSafeList.log" not found
"C:\PROGRA~2\iSafe\log\ISafeScan.log" not found
"C:\PROGRA~2\iSafe\log\iSafeSvc.LOG" not found
"C:\PROGRA~2\iSafe\log\iSafeSvc2.LOG" not found
"C:\PROGRA~2\iSafe\log\iSafeUpdate.LOG" not found
"C:\PROGRA~2\iSafe\log\iStartupList.log" not found
"C:\PROGRA~2\iSafe\tws\antirk.dll" not found
"C:\PROGRA~2\iSafe\tws\common.ini" not found
"C:\PROGRA~2\iSafe\tws\ctools.dll" not found
"C:\PROGRA~2\iSafe\tws\decexp.dll" not found
"C:\PROGRA~2\iSafe\tws\emlib.dll" not found
"C:\PROGRA~2\iSafe\tws\falgorit.dll" not found
"C:\PROGRA~2\iSafe\tws\fddsdb.dat" not found
"C:\PROGRA~2\iSafe\tws\fgui.dll" not found
"C:\PROGRA~2\iSafe\tws\filau.dll" not found
"C:\PROGRA~2\iSafe\tws\filcmn.dll" not found
"C:\PROGRA~2\iSafe\tws\filcpt.dll" not found
"C:\PROGRA~2\iSafe\tws\filppi.dll" not found
"C:\PROGRA~2\iSafe\tws\filpps.ini" not found
"C:\PROGRA~2\iSafe\tws\filup.dat" not found
"C:\PROGRA~2\iSafe\tws\filup.ini" not found
"C:\PROGRA~2\iSafe\tws\filvss.dll" not found
"C:\PROGRA~2\iSafe\tws\filvss.ini" not found
"C:\PROGRA~2\iSafe\tws\fsrexc.dat" not found
"C:\PROGRA~2\iSafe\tws\fupd.dll" not found
"C:\PROGRA~2\iSafe\tws\iSafeUpdate.exe" not found
"C:\PROGRA~2\iSafe\tws\leave.dat" not found
"C:\PROGRA~2\iSafe\tws\lsf.dll" not found
"C:\PROGRA~2\iSafe\tws\mca.dll" not found
"C:\PROGRA~2\iSafe\tws\message.dll" not found
"C:\PROGRA~2\iSafe\tws\plugmgr.dll" not found
"C:\PROGRA~2\iSafe\tws\psmgr.dll" not found
"C:\PROGRA~2\iSafe\tws\quarantine.dll" not found
"C:\PROGRA~2\iSafe\tws\tsc.dll" not found
"C:\PROGRA~2\iSafe\tws\twsdk.dll" not found
"C:\PROGRA~2\iSafe\tws\twsscan.sfc" not found
"C:\PROGRA~2\iSafe\tws\twsupd.dll" not found
"C:\PROGRA~2\iSafe\tws\twsupd.ini" not found
"C:\PROGRA~2\iSafe\tws\unacev2.dll" not found
"C:\PROGRA~2\iSafe\tws\unchm.dll" not found
"C:\PROGRA~2\iSafe\tws\unemb.dll" not found
"C:\PROGRA~2\iSafe\tws\unmisc.dll" not found
"C:\PROGRA~2\iSafe\tws\unrar.dll" not found
"C:\PROGRA~2\iSafe\tws\unsevzip.dll" not found
"C:\PROGRA~2\iSafe\tws\unzip32.dll" not found
"C:\PROGRA~2\iSafe\tws\vfst.dll" not found
"C:\PROGRA~2\iSafe\tws\w32tools.dll" not found
"C:\PROGRA~2\iSafe\tws\zipexp.dll" not found
"C:\PROGRA~2\iSafe\tws\zlib1.dll" not found
"C:\PROGRA~2\iSafe\user\sie.dat" not found
"C:\PROGRA~2\iSafe\skin2\style\style_new.xml" not found
"C:\PROGRA~2\iSafe\skin2\image\new\about_bg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\about_update.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\activity.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\activity_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\app_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\arrowdown-green.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\arrowdown-jadegreen.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\arrowup-orange.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\arrowup-yellow.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\arrow_down.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\arrow_up.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\BG.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\bing_16_16.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\block_more.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\boost_btn_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\boost_computer.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\boost_icon_blue.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\boost_icon_gray.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\boottime_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_arrow.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_nodata.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_scanning.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_tip_blue.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_tip_orange.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\boot_time_tip_red.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\browser_icon_list.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\browser_protect_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\btnbg_35.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\btn_close.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\btn_close_about.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\btn_min.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\btn_set.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\button-small.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\button_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\cfgclose.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\check_checked.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\check_indeterminate.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\check_uncheck.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\chrome_16.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\cleanscanresultdlg_bg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\clean_icon_blue.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\clean_icon_gray.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\clean_ok.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\clean_reg_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\clean_waiting.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\clear_list.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\clear_tip.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\cm_iconlist.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\combo_browser.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\combo_browser_dropdown_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\combo_skin.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\combo_skin2.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\combo_skin3.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\common_button_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\connecting_anim.gif" not found
"C:\PROGRA~2\iSafe\skin2\image\new\defaultbrowser_handler.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\defaultsearch_handler.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\disable_startup.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\donate.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\edit_skin.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\edit_skin_op.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_%.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_animate_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_arrow.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_btn.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_icon_list.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_left.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_logo.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_num.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_option_ok.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_option_ok_green.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_option_ok_point.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_ boost.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_collapse.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_collapse_green.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_collapse_red.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_error.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_expand.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_expand_green.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_expand_red.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_protect.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_rubbish.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exam_tree_warning.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\exit.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\fast-scan.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\firefox_16.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_arrow_down.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_cloud.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_cloud2.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_cloud3.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_flow.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_flow_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_number.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_num_hover.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_num_norm.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_pop.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_rock.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_tb_acc_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_tb_acc_bk2.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_tb_flow_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\floaty_tb_meter.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\flow_used.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\google_16_16.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\griditembk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\head_checked.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\head_indeteminate.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\head_unchecked.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\homepage_handler.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\hover_bk_large.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\hover_bk_small.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\icon_complete_36.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\icon_deep_clean.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\icon_exam.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\icon_netmon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\icon_optimize.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\icon_plugin.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\icon_protect.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\icon_quick_clean.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\icon_setting.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\icon_softmgr.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\icon_virusscan.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\icon_warning_36.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\ie_16_16.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\IE_default.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\if_block.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\if_prompt.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\if_question.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\if_warning.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\inst_bg1.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\inst_close_btn.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\inst_cover_bg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\inst_inst_btn.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\inst_wheel.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\interception_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\intercept_delete.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\intercept_history_iconlist.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\isafe_16.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\language_btn_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\language_selected_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\like.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\like_count.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\line1.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\line2.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\listctrlbtn.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\listitem_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\listtabbg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\listtitlebg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\list_header.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\list_setting.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\lock_state_list.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\menubg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\menu_bkg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\menu_bkg2.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\menu_item_over.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\menu_setting_over.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\msgbox_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\nation_icon_list.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\netbutton.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\netbutton_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\netbutton_left.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\netbutton_right.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\network_protect_lock.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\network_protect_uncheck.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\network_protect_unlock.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\new_abovebg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\num_blue.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\num_green.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\num_pink.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\one_click_startup.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\one_key_cookie.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\one_key_reg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\one_key_rubbish.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\one_key_trace.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\online_shopping.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\open_folder.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\opera_16.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\p2cBtn.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\percent_green.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pic-error.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pic-info.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pic-question.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pic-warning.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\plugin.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\plugin_handler.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\plugin_normal.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\plugin_security_level.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\plugin_should_delete.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\plugin_should_disable.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_arrow.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_arrow_fail.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_block.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_block_btn.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_block_mbtn.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_clean.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_ok.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_clock.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_fast.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_safe.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_safe_weather.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_slow.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_unsafe.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_startup_unsafe_weather.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_sys_button2.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_sys_close.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_sys_number.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_sys_star.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_title.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_unkownweb.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_unlock.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pop_warning.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\progressbar_anim.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\progressbar_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\progressbar_image.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\progress_end.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\progress_end_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\progress_header.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\progress_header_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\progress_middle.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\progress_middle_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\protect_icon_blue.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\protect_icon_gray.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pvb_line.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\pvb_skin.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\quick_clean_icon_list.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\radio_checked.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\radio_unchecked.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\resource.xml" not found
"C:\PROGRA~2\iSafe\skin2\image\new\revert_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\revert_cancel.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\revert_ok.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\revocation.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\risk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\scancheck.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\scan_animate.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\scan_complete.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\scan_scanning.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\scan_warning.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\score_bg0.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\score_bg1.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\score_bg2.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\score_bg3.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\score_bg4.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\score_bg5.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\score_number.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\search_engine_icon_list.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\separateline.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\setting_bg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\setting_img_list.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\shortcut.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\shortcut_handler.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\softmgr_boottime_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\softmgr_dlg_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\softmgr_flow_iconlist.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\softmgr_instdate_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\softmgr_result_dlg_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\softmgr_uninst_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\softremain_icon_list.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\software_info_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\software_mgr.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\soft_rating_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\soft_rating_indicator.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\soft_remove_button_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\soft_remove_gray.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\soft_remove_green.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\soft_remove_orange.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\soft_remove_red.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\soft_uninst_icon_20.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\soft_uninst_icon_32.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\srfe.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\startup_acclate.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\startup_handler.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\startup_hasitem_handler.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\startup_off.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\startup_on.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\stopwatch.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\submenu_arrow.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\sub_toggle_btn.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\suspended_bg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\suspenditembk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\suspend_close.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\switch_button_off.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\switch_button_on.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\sys_boost.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\sys_imglist.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\sys_key_svc.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\sys_menu.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\s_deepclean.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\s_plugin.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\s_quickclean.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\s_registry.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\s_rubbish.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\s_sysopt.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\s_trace.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\tab_bg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\tab_iconlist.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\tab_separator.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\tab_vert_line.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\tip_scanning_bk.gif" not found
"C:\PROGRA~2\iSafe\skin2\image\new\tobutton1.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\toggletbar_bg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\traymenu_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\traymenu_btn_bk.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\treeitem_collapse.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\treeitem_expand.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\treeitem_line.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\treeitem_line_half.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_bg_fadeout.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_body.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_btn_bg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_btn_bg1.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_btn_bg2.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_btn_choice.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_invest_logo.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_logo_fadeout.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_ok.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_pic_compatible.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_pic_speedup.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_pic_uninstall.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\uninst_step_arrow.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\unlocked_icon_16.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\unlocked_icon_32.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\update.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\update_chk_err.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\update_chk_ok.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\update_client_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\update_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\update_server_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\v9_16_16.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\VirScanner_Report_BG.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\VirScanReportDlg_close_btn.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\VirScan_btn_bg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\VirScan_PassBtn_bg.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\VirScan_PassBtn_Splitline.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\virscan_tips_ico.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\virscan_warning_ico.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\virus_custom_scan.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\virus_delete_btn.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\virus_full_scan.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\virus_quick_scan.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\virus_restore_btn.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\virus_setting_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\vscroll.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\weather_icon.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\YAC_16.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\yac_mx.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\yac_search.png" not found
"C:\PROGRA~2\iSafe\skin2\image\new\yahoo_16_16.png" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\aboutdlg.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\boottimedlg.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\CleanScanResultDlg.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\cover.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\disable_warnings.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\install.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\language_select.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\maindlg.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\msgbox.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\revertdlg.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\softmgr_guide.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\softmgr_result.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\suspended.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\suspendinfo.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\suspend_interception.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\traydlg.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\trayfloaty.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\trayfloatypop.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\traymenudlg.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\uninstall.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\uninstall2.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\uninstall_animation.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\uninstall_logo_fade.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\updatedlg.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\upgrade.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\VirusScannerDlg.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\VirusScanner_Report.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\virusscan_customdlg.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\virusscan_settingdlg.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\blockblacklist.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\blockmodify.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\cleartrash.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\install_plugin.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\lock_guide.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\modifydefaultsearch.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\modifystartup.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\querymodify.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\shortcut.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\startup_assist.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\startup_assist_weather.xml" not found
"C:\PROGRA~2\iSafe\skin2\layout\new\pop\updatedb.xml" not found
"C:\PROGRA~2\iSafe\tws\defs\base0000.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0001.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0002.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0003.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0004.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0005.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0006.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0007.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0008.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0009.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0010.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0011.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0012.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0013.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0014.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0015.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0016.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0017.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0018.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0019.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0020.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0021.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0022.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0023.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0024.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0025.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0026.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0027.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0028.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0029.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0030.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0031.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0032.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0033.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0034.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0035.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0036.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0037.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0038.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0039.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0040.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0041.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0042.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0043.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0044.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0045.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0046.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0047.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0048.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0049.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0050.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0051.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0052.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0053.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0054.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0055.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0056.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0057.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0058.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0059.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0060.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0061.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0062.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0063.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0064.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0065.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0066.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0067.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0068.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0069.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0070.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0071.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0072.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0073.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0074.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0075.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0076.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0077.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0078.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0079.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0080.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0081.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\base0082.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\catalog.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0000.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0001.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0002.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0003.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0004.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0005.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0006.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0007.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0008.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0009.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0010.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0011.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0012.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0013.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0014.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0015.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0016.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0017.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0018.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0019.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0020.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0021.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0022.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0023.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0024.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0025.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0026.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0027.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0028.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0029.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0030.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0031.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0032.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0033.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0034.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0035.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0036.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0037.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0038.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0039.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0040.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0041.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0042.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0043.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0044.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0045.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0046.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0047.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0048.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0049.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0050.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0051.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0052.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0053.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0054.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0055.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0056.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0057.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0058.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0059.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0060.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0061.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0062.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0063.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0064.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0065.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0066.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0067.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0068.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0069.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0070.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0071.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0072.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0073.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0074.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0075.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0076.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0077.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0078.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0079.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0080.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0081.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0082.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0083.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0084.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0085.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0086.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0087.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0088.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0089.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0090.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0091.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0092.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0093.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0094.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0095.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0096.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0097.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0098.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0099.dat" not found
"C:\PROGRA~2\iSafe\tws\defs\gen0100.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\figs000.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fils000.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fols000.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwgs000.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls000.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls001.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls002.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls003.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls004.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls005.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls006.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls007.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls008.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls009.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls010.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls011.dat" not found
"C:\PROGRA~2\iSafe\tws\filwls\fwls012.dat" not found
"C:\PROGRA~2\iSafe\tws\logs\twister.log" not found
"C:\PROGRA~2\iSafe\tws\plugins\filavutd.dll" not found
"C:\PROGRA~2\iSafe\tws\plugins\virut.tpl" not found
"C:\PROGRA~2\iSafe\tws\quarantine\catalog.dat" not found
"C:\PROGRA~2\iSafe\tws\x64\psmgr.dll" not found
"C:\PROGRA~2\Pirrit" not found
"C:\PROGRA~2\iSafe" not found
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on ne 16.02.2014 at 12:33:24,82 ======================

Re: 1place.org a hotspotaward malware..

Napsal: 16 úno 2014 12:55
od vyosek
Poprosim o novy log z FRST
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz