Velmi zpomalené pc, po několika minutách zamrzá, log z FRST

[thebobdestroyer]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-07-2014
Ran by Sifonek at 2014-07-24 18:39:22
Running from C:\Users\Sifonek\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Trend Micro Titanium Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Trend Micro Titanium Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.85.3 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Fuel (Version: 2011.0607.2212.38019 - AMD) Hidden
AMD Media Foundation Decoders (Version: 1.0.60607.2201 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0607.2212.38019 - ATI) Hidden
ASUS AI Recovery (HKLM-x32\...\{38253529-D97D-4901-AE53-5CC9736D3A2E}) (Version: 1.0.13 - ASUS)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.1 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0011 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0033 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.84.161 - eCareme Technologies, Inc.)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version: - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.4.617 - ASUSTEK)
Atheros Client Installation Program (HKLM-x32\...\{D3694B69-6F8C-42D3-8A0A-EB2AB528C02C}) (Version: 7.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{BC930EC9-72AF-82E7-0E7E-D397FE044D43}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0016 - ASUS)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bookworm Deluxe (HKLM-x32\...\Bookworm Deluxe) (Version: - Oberon Media Inc.)
Catalyst Control Center InstallProxy (x32 Version: 2011.0607.2212.38019 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0607.2212.38019 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0607.2212.38019 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help English (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help French (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help German (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0607.2211.38019 - ATI) Hidden
ccc-utility64 (Version: 2011.0607.2212.38019 - ATI) Hidden
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Cooking Dash (HKLM-x32\...\Cooking Dash) (Version: - Oberon Media Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft)
Elements 11 Organizer (x32 Version: 11.0 - Název společnosti:) Hidden
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Game Park Console (HKLM-x32\...\{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1) (Version: 6.2.1.1 - Oberon Media, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor of Poker (HKLM-x32\...\Governor of Poker) (Version: - Oberon Media Inc.)
Hotel Dash Suite Success (HKLM-x32\...\Hotel Dash Suite Success) (Version: - Oberon Media Inc.)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Jewel Quest 3 (HKLM-x32\...\Jewel Quest 3) (Version: - Oberon Media Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrola Windows Live Mesh ActiveX za daljinske veze (HKLM-x32\...\{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}) (Version: 15.4.5722.2 - Microsoft Corporation)
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Luxor 3 (HKLM-x32\...\Luxor 3) (Version: - Oberon Media Inc.)
Mahjongg dimensions (HKLM-x32\...\Mahjongg dimensions) (Version: - Oberon Media Inc.)
Malwarebytes Anti-Malware verze 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (CSY) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 pro studenty a domácnosti (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Access MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Slovak) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Czech) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Czech) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Nuance PDF Reader (HKLM-x32\...\{B480904D-F73F-4673-B034-8A5F492C9184}) (Version: 6.00.0041 - Nuance Communications, Inc.)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Plants vs Zombies (HKLM-x32\...\Plants vs Zombies) (Version: - Oberon Media Inc.)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Psaní všemi deseti 1.5 (HKLM-x32\...\Psaní všemi deseti_is1) (Version: - Richard Šusta, David Vejchoda)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.42.304.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6403 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler, LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
syncables desktop SE (HKLM-x32\...\{341697D8-9923-445E-B42A-529E5A99CB7A}) (Version: 5.5.746.11492 - syncables)
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.0 - Trend Micro Inc.)
Trend Micro Titanium Internet Security (Version: 3.00 - Trend Micro Inc.) Hidden
TuneUp Utilities 2014 (en-GB) (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.221 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.221 - TuneUp Software) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0405-0000-0000000FF1CE}_Office14.SingleImage_{D02AE7ED-5B00-4251-B7D5-F9590899EEEA}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0405-0000-0000000FF1CE}_Office14.SingleImage_{7F5448C9-AC6C-41E4-8C35-66288813014C}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Web'n'walk Manager (HKLM-x32\...\T-Mobile Communication Centre) (Version: 2012-06-12 - Gemfor s.r.o.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live fotoattēlu galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Foto-galerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX kontrola za daljinske veze (HKLM-x32\...\{8985AE5E-622A-4980-8BF8-0A1830643220}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Pošta (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live'i fotogalerii (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.27 - ASUS)
World of Goo (HKLM-x32\...\World of Goo) (Version: - Oberon Media Inc.)
ZTE Drivers (HKLM-x32\...\{ACC9984D-E78B-4fcd-BE44-4E3F186DDA33}) (Version: 1.2059.0.12 - )
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID entries: ==========================

(Only entries are listed that could be exploited by malware. If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

15-05-2014 16:43:17 Windows Update
13-06-2014 12:19:29 Windows Update
20-06-2014 16:52:39 Windows Update
09-07-2014 10:13:01 Naplánovaný kontrolní bod
09-07-2014 14:14:53 Windows Update
18-07-2014 19:37:18 avast! antivirus system restore point
21-07-2014 16:18:49 Nainstalováno: TuneUp Utilities 2014

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1C1E714C-3817-47D5-9AB8-88ED2A798C04} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {23B893DA-F0F5-46D5-8252-B66B69F00CBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01] (Google Inc.)
Task: {28A4CC98-8201-4251-80F1-E0F9F0E881A7} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\OneClick.exe [2013-12-18] (TuneUp Software)
Task: {574DDC32-4216-4318-B80B-7699E6EC7656} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {B0F1C0AD-96E3-44D4-96EA-C35A1F18EF7E} - System32\Tasks\AdobeAAMUpdater-1.0-Sifonek-PC-Sifonek => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {B17362D3-8A49-4338-9EE0-E5E20F0F651C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-18] (AVAST Software)
Task: {BEFA13E2-535C-49AC-B595-B94972C355A4} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-15] (ASUS)
Task: {C83D83C1-FCD9-497E-B6AB-7D3FE5B74E5C} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.)
Task: {CD3ADFB2-C62E-4C63-843F-EF601AAF170E} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-05-30] (ASUS)
Task: {DC299F77-BEDB-473E-A2EC-22084109C09F} - System32\Tasks\SUPERAntiSpyware Scheduled Task 6afbae67-6021-4c28-a2a1-69e5bd222c72 => C:\PROGRAM FILES\SUPERANTISPYWARE\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {DDC4AA6D-FAE8-4B9E-9C6D-84F972ECE290} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01] (Google Inc.)
Task: {F1933C1E-6C91-449A-9C71-5A3946F284B4} - System32\Tasks\SUPERAntiSpyware Scheduled Task b6570520-dc7b-4916-be05-06e09c11e41d => C:\PROGRAM FILES\SUPERANTISPYWARE\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6afbae67-6021-4c28-a2a1-69e5bd222c72.job => C:\PROGRAM FILES\SUPERANTISPYWARE\SASTask.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b6570520-dc7b-4916-be05-06e09c11e41d.job => C:\PROGRAM FILES\SUPERANTISPYWARE\SASTask.exe

==================== Loaded Modules (whitelisted) =============

2013-11-16 13:09 - 2012-09-29 14:25 - 00409088 _____ () C:\Windows\System32\HPM1210LM.DLL
2013-11-16 13:10 - 2012-09-29 14:25 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2011-06-08 07:09 - 2011-06-08 07:09 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2010-07-14 17:11 - 2010-07-14 17:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2011-04-01 11:24 - 2010-09-17 10:52 - 00047104 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_36.dll
2011-04-01 11:24 - 2010-09-17 10:52 - 00042496 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_36.dll
2013-12-18 11:01 - 2013-12-18 11:01 - 00742200 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\avgrepliba.dll
2014-07-18 21:57 - 2014-07-18 21:57 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-24 12:55 - 2014-07-24 12:55 - 02794496 _____ () C:\Program Files\AVAST Software\Avast\defs\14072400\algo.dll
2011-05-30 14:48 - 2011-05-30 14:48 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2012-01-31 10:25 - 2012-01-31 10:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2014-07-18 21:57 - 2014-07-18 21:57 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-21 12:55 - 2014-07-15 11:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-21 12:55 - 2014-07-15 11:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-21 12:56 - 2014-07-15 11:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-21 12:56 - 2014-07-15 11:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-21 12:55 - 2014-07-15 11:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-21 12:56 - 2014-07-15 11:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
2013-12-18 10:58 - 2013-12-18 10:58 - 00611128 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUKernel.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00152888 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUBasic.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00819000 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\MainControls.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00066360 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUTransl.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00161080 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\PerlRegEx.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00210744 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\XMLComponents.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00449848 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\GR32_D6.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00129336 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\SchedAgent_2007.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00335672 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUCompression.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00307000 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\DEC.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00493368 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\Html.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00307000 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\ntrtl60.bpl
2013-12-18 10:59 - 2013-12-18 10:59 - 00271672 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\AppInitialization.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00033080 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUBase.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00213304 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\ProgramRating.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00425784 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\VisControls.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 01145144 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\dxBarD12.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00044856 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\dxCoreD12.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00016184 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\dxComnD12.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00055608 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\dxThemeD12.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00852280 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\cxLibraryD12.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00069944 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\dxGDIPlusD12.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00067896 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\SysControls.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00143672 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUIcoEngineerDirTree.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00076600 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUShell.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00154424 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\cefcomponent.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00106808 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUShredder.bpl
2013-12-18 10:59 - 2013-12-18 10:59 - 00629560 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUDiskCleanerClass.bpl
2013-12-18 10:59 - 2013-12-18 10:59 - 00091960 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUApps.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00042808 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TURar.bpl
2013-12-18 10:59 - 2013-12-18 10:59 - 00489272 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\Traces.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00469816 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\SysInfo.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00656184 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\MSI_D6.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00082744 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUOperaClass.bpl
2013-12-18 10:59 - 2013-12-18 10:59 - 00047928 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUApplications.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00042808 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUSafariClass.bpl
2013-12-18 10:59 - 2013-12-18 10:59 - 00139576 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\CommonForms.bpl
2013-12-18 10:59 - 2013-12-18 10:59 - 00598328 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\VirtualTreesR.bpl
2013-12-18 10:58 - 2013-12-18 10:58 - 00065848 _____ () C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUIECacheClass.bpl

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5D458568

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/09/2014 06:54:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: TiResumeSrv.exe, verze: 3.0.0.1345, časové razítko: 0x4c931937
Název chybujícího modulu: TiResumeSrv.exe, verze: 3.0.0.1345, časové razítko: 0x4c931937
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000003600
ID chybujícího procesu: 0x49c
Čas spuštění chybující aplikace: 0xTiResumeSrv.exe0
Cesta k chybující aplikaci: TiResumeSrv.exe1
Cesta k chybujícímu modulu: TiResumeSrv.exe2
ID zprávy: TiResumeSrv.exe3

Error: (06/05/2014 07:20:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FBAgent.exe, verze: 1.0.9.0, časové razítko: 0x4d3e6927
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.18247, časové razítko: 0x521eaf24
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000c4102
ID chybujícího procesu: 0x534
Čas spuštění chybující aplikace: 0xFBAgent.exe0
Cesta k chybující aplikaci: FBAgent.exe1
Cesta k chybujícímu modulu: FBAgent.exe2
ID zprávy: FBAgent.exe3

Error: (05/31/2014 08:48:48 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={73CE33D2-A20E-45F6-99E5-6CCCCFA63C82}: Uživatel Sifonek-PC\Sifonek vytočil připojení s názvem APN Internet (LG OK, COM7), které se nezdařilo. Kód chyby vrácený při selhání je 633.

Error: (04/15/2014 08:44:51 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={440AB433-021F-4F77-9BDA-4E22C9639754}: Uživatel Sifonek-PC\Sifonek vytočil připojení s názvem APN Internet (LG OK, COM7), které se nezdařilo. Kód chyby vrácený při selhání je 633.

Error: (04/14/2014 03:39:40 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={7E519F53-0EB7-43CD-BACB-8B0081BE195A}: Uživatel Sifonek-PC\Sifonek vytočil připojení s názvem APN Internet (LG OK, COM7), které se nezdařilo. Kód chyby vrácený při selhání je 633.

Error: (04/08/2014 08:30:13 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={106D6C52-C667-4613-B779-564A221AB577}: Uživatel Sifonek-PC\Sifonek vytočil připojení s názvem APN Internet (LG OK, COM7), které se nezdařilo. Kód chyby vrácený při selhání je 633.

Error: (04/08/2014 08:30:12 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={1090A369-E6B0-4D51-BB95-266D669FF253}: Uživatel Sifonek-PC\Sifonek vytočil připojení s názvem APN Internet (LG OK, COM7), které se nezdařilo. Kód chyby vrácený při selhání je 633.

Error: (04/08/2014 08:30:10 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={EC9E217F-1300-4A3F-ABF3-8A59D3C4F75E}: Uživatel Sifonek-PC\Sifonek vytočil připojení s názvem APN Internet (LG OK, COM7), které se nezdařilo. Kód chyby vrácený při selhání je 633.

Error: (04/08/2014 08:29:50 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={C26324B6-1663-474E-95B4-6AAB24A8DA8C}: Uživatel Sifonek-PC\Sifonek vytočil připojení s názvem APN Internet (LG OK, COM7), které se nezdařilo. Kód chyby vrácený při selhání je 633.

Error: (02/28/2014 04:18:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program chrome.exe verze 33.0.1750.117 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 5a4

Čas spuštění: 01cf348f0198262d

Čas ukončení: 39

Cesta k aplikaci: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

ID hlášení: 396848ef-a083-11e3-b310-d0df9a9bdcce


System errors:
=============
Error: (07/24/2014 06:23:00 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/24/2014 06:00:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby TuneUp.UtilitiesSvc bylo dosaženo časového limitu (30000 ms).

Error: (07/24/2014 06:00:37 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/24/2014 05:59:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Google Update Service (gupdate) neuspěla při spuštění v důsledku následující chyby:
%%1053

Error: (07/24/2014 05:59:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Google Update Service (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (07/24/2014 05:51:43 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (14:18:20, ‎24.‎7.‎2014) bylo neočekávané.

Error: (07/24/2014 01:33:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (13:18:05, ‎24.‎7.‎2014) bylo neočekávané.

Error: (07/24/2014 00:54:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (12:51:31, ‎24.‎7.‎2014) bylo neočekávané.

Error: (07/24/2014 11:33:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby eventlog bylo dosaženo časového limitu (30000 ms).

Error: (07/24/2014 11:32:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby eventlog bylo dosaženo časového limitu (30000 ms).


Microsoft Office Sessions:
=========================
Error: (07/09/2014 06:54:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: TiResumeSrv.exe3.0.0.13454c931937TiResumeSrv.exe3.0.0.13454c931937c0000005000000000000360049c01cf9b4277e45508C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exeC:\Program Files\Trend Micro\Titanium\TiResumeSrv.exeb1ede02c-0789-11e4-9758-d0df9a9bdcce

Error: (06/05/2014 07:20:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FBAgent.exe1.0.9.04d3e6927ntdll.dll6.1.7601.18247521eaf24c000037400000000000c410253401cf7fefbf9d756bC:\Windows\system32\FBAgent.exeC:\Windows\SYSTEM32\ntdll.dll25d86272-ec71-11e3-ace7-d0df9a9bdcce

Error: (05/31/2014 08:48:48 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {73CE33D2-A20E-45F6-99E5-6CCCCFA63C82}Sifonek-PC\SifonekAPN Internet (LG OK, COM7)633

Error: (04/15/2014 08:44:51 AM) (Source: RasClient) (EventID: 20227) (User: )
Description: {440AB433-021F-4F77-9BDA-4E22C9639754}Sifonek-PC\SifonekAPN Internet (LG OK, COM7)633

Error: (04/14/2014 03:39:40 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {7E519F53-0EB7-43CD-BACB-8B0081BE195A}Sifonek-PC\SifonekAPN Internet (LG OK, COM7)633

Error: (04/08/2014 08:30:13 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {106D6C52-C667-4613-B779-564A221AB577}Sifonek-PC\SifonekAPN Internet (LG OK, COM7)633

Error: (04/08/2014 08:30:12 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {1090A369-E6B0-4D51-BB95-266D669FF253}Sifonek-PC\SifonekAPN Internet (LG OK, COM7)633

Error: (04/08/2014 08:30:10 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {EC9E217F-1300-4A3F-ABF3-8A59D3C4F75E}Sifonek-PC\SifonekAPN Internet (LG OK, COM7)633

Error: (04/08/2014 08:29:50 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {C26324B6-1663-474E-95B4-6AAB24A8DA8C}Sifonek-PC\SifonekAPN Internet (LG OK, COM7)633

Error: (02/28/2014 04:18:52 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe33.0.1750.1175a401cf348f0198262d39C:\Program Files (x86)\Google\Chrome\Application\chrome.exe396848ef-a083-11e3-b310-d0df9a9bdcce


==================== Memory info ===========================

Percentage of memory in use: 50%
Total physical RAM: 3691.71 MB
Available physical RAM: 1843.72 MB
Total Pagefile: 7381.61 MB
Available Pagefile: 5070.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:300.41 GB) (Free:153.57 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:373.22 GB) (Free:337.35 GB) NTFS
Drive f: () (Removable) (Total:1.88 GB) (Free:1.83 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 0CD9B3F5)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=300 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=373 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 04DD5721)
Partition 1: (Active) - (Size=2 GB) - (Type=06)

==================== End Of Log ============================


Děkuji moc za pomoc

[Rudy]

Zdravím!
Potřebuji vidět obsah souboru log.txt. To, co jste sem dal, je info.txt.

[thebobdestroyer]

Díky za odpověď. Vytvořily se mi jen logy addition.txt a frst3.txt.. Tak sem dávám ještě obsah toho frst:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-07-2014
Ran by Sifonek (administrator) on SIFONEK-PC on 24-07-2014 18:37:31
Running from C:\Users\Sifonek\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE
(HP) C:\Windows\System32\HPSIsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(ASUS) C:\Windows\AsScrPro.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Gemfor s.r.o.) C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
(AVG) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Sifonek\Desktop\FRSTLauncher (1).exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoUpdateCheck.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VizorHtmlDialog.exe] => C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe [1123664 2010-10-08] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [192520 2010-10-12] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe [322384 2010-09-17] (Trend Micro Inc.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-07-11] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [617120 2011-03-13] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-13] (Atheros Commnucations)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2774936 2014-05-14] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3681688 2014-05-14] (Crawler.com)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-01] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-18] (AVAST Software)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-64623516-4008047867-1843251868-1001\...\Run: [T-Mobile Communication Centre] => C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe [1368824 2012-06-12] (Gemfor s.r.o.)
HKU\S-1-5-21-64623516-4008047867-1843251868-1001\...\Run: [SUPERAntiSpyware] => C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE [6564120 2014-06-05] (SUPERAntiSpyware)
HKU\S-1-5-21-64623516-4008047867-1843251868-1001\...\MountPoints2: F - F:\SISetup.exe
HKU\S-1-5-21-64623516-4008047867-1843251868-1001\...\MountPoints2: {e86fc924-4ea1-11e3-a127-d0df9a9bdcce} - F:\SISetup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AsusWSShellExt_B -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: AsusWSShellExt_O -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=i ... lz=1I7ASUT
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll (Trend Micro Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.10

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 - C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\firefoxextension [2011-04-01]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-18]

Chrome:
=======
CHR Extension: (avast! Online Security) - C:\Users\Sifonek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-19]
CHR Extension: (Peněženka Google) - C:\Users\Sifonek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-06-08] (Advanced Micro Devices, Inc.) [File not signed]
R2 ameisvc; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [124856 2012-06-12] (Gemfor s.r.o.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-03-13] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-18] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1146304 2014-05-14] (Crawler.com)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [241488 2010-09-17] (Trend Micro Inc.)
R2 TuneUp.UtilitiesSvc; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE [2103096 2013-12-18] (TuneUp Software)
S3 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-18] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-18] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-18] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-18] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-18] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-18] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-18] ()
R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-07-18] (Windows (R) Win 7 DDK provider)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90704 2010-09-17] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144464 2010-09-17] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [67664 2010-09-17] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2010-09-17] (Trend Micro Inc.)
R3 TuneUpUtilitiesDrv; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesDriver64.sys [14112 2013-08-21] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-24 18:37 - 2014-07-24 18:38 - 00023096 _____ () C:\Users\Sifonek\Desktop\FRST.txt
2014-07-24 18:37 - 2014-07-24 18:37 - 00000000 ____D () C:\FRST
2014-07-24 18:36 - 2014-07-24 18:36 - 00112640 _____ (forum.viry.cz) C:\Users\Sifonek\Desktop\FRSTLauncher (1).exe
2014-07-24 18:33 - 2014-07-24 18:33 - 00112640 _____ (forum.viry.cz) C:\Users\Sifonek\Downloads\Nepotvrzeno 590221.crdownload
2014-07-24 18:31 - 2014-07-24 18:28 - 02093568 _____ (Farbar) C:\Users\Sifonek\Desktop\FRST64.exe
2014-07-24 18:31 - 2014-07-24 18:27 - 00030968 _____ () C:\Users\Sifonek\Desktop\FRSTLauncher.exe
2014-07-24 18:27 - 2014-07-24 18:27 - 00000000 ___RD () C:\Users\Sifonek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-24 08:02 - 2014-07-24 08:02 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-07-21 18:41 - 2014-07-21 18:41 - 00000000 ____D () C:\Users\Sifonek\AppData\Local\Avg2014
2014-07-21 18:37 - 2013-12-18 11:01 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-07-21 18:37 - 2013-12-18 11:01 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2014-07-21 18:37 - 2013-12-18 11:01 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-07-21 18:37 - 2013-12-18 11:01 - 00025400 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2014-07-21 18:24 - 2014-07-21 18:24 - 00002211 _____ () C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
2014-07-21 18:24 - 2014-07-21 18:24 - 00002197 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-07-21 18:24 - 2014-07-21 18:24 - 00002185 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-07-21 18:24 - 2014-07-21 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-07-21 18:24 - 2013-12-18 11:01 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-07-21 18:23 - 2014-07-21 18:23 - 00000000 ____D () C:\Users\Sifonek\AppData\Roaming\TuneUp Software
2014-07-21 18:21 - 2014-07-21 18:36 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-07-21 18:18 - 2014-07-21 18:40 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-07-21 18:11 - 2014-07-21 19:17 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-20 19:13 - 2014-07-20 19:15 - 55413160 _____ (TuneUp Software) C:\Users\Sifonek\Downloads\TuneUpUtilities2014.exe
2014-07-19 10:42 - 2014-07-24 12:54 - 00000514 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b6570520-dc7b-4916-be05-06e09c11e41d.job
2014-07-19 10:42 - 2014-07-22 10:47 - 00000514 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6afbae67-6021-4c28-a2a1-69e5bd222c72.job
2014-07-19 10:42 - 2014-07-19 10:42 - 00003596 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 6afbae67-6021-4c28-a2a1-69e5bd222c72
2014-07-19 10:42 - 2014-07-19 10:42 - 00003522 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task b6570520-dc7b-4916-be05-06e09c11e41d
2014-07-19 10:42 - 2014-07-19 10:42 - 00000000 ____D () C:\Users\Sifonek\AppData\Roaming\SUPERAntiSpyware.com
2014-07-19 10:41 - 2014-07-19 10:42 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-19 10:41 - 2014-07-19 10:41 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-07-19 10:41 - 2014-07-19 10:41 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-19 10:41 - 2014-07-19 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-19 10:38 - 2014-07-19 10:39 - 20178584 _____ (SUPERAntiSpyware) C:\Users\Sifonek\Downloads\SUPERAntiSpywarePro.exe
2014-07-18 22:51 - 2014-07-24 18:33 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-18 22:36 - 2014-07-18 22:36 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-18 22:36 - 2014-07-18 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-18 22:36 - 2014-07-18 22:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-18 22:36 - 2014-07-18 22:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-18 22:36 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-18 22:36 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-18 22:36 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-18 22:32 - 2014-07-18 22:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sifonek\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-18 22:08 - 2014-07-18 22:08 - 00000000 ____D () C:\Users\Sifonek\AppData\Roaming\AVAST Software
2014-07-18 22:07 - 2014-07-21 20:10 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-18 22:07 - 2014-07-18 22:07 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-18 22:07 - 2014-07-18 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-18 21:58 - 2014-07-18 22:07 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-18 21:58 - 2014-07-18 21:58 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-18 21:58 - 2014-07-18 21:58 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-18 21:58 - 2014-07-18 21:58 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-18 21:58 - 2014-07-18 21:58 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-18 21:58 - 2014-07-18 21:57 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-18 21:58 - 2014-07-18 21:57 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-18 21:58 - 2014-07-18 21:57 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-18 21:58 - 2014-07-18 21:57 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-18 21:57 - 2014-07-18 21:57 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-18 21:39 - 2014-07-18 21:41 - 18542592 _____ (Emsisoft GmbH ) C:\Users\Sifonek\Downloads\EmsisoftAntiMalwareSetup.exe
2014-07-18 21:39 - 2014-07-18 21:39 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-18 21:38 - 2014-07-24 12:59 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-07-18 21:38 - 2014-07-18 21:38 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-07-18 21:38 - 2014-07-18 21:38 - 00001040 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-07-18 21:38 - 2014-07-18 21:38 - 00000000 ____D () C:\Users\Sifonek\AppData\Roaming\Spyware Terminator
2014-07-18 21:38 - 2014-07-18 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-07-18 21:37 - 2014-07-18 21:38 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-07-18 21:36 - 2014-07-18 21:39 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-18 21:36 - 2014-07-18 21:36 - 04862664 _____ (AVAST Software) C:\Users\Sifonek\Downloads\avast_free_antivirus_setup_online.exe
2014-07-18 21:34 - 2014-07-18 21:34 - 01056232 _____ (Crawler, LLC ) C:\Users\Sifonek\Downloads\SpywareTerminatorSetup.exe
2014-07-12 19:46 - 2014-07-12 22:25 - 1422261332 _____ () C:\Users\Sifonek\Downloads\Tajemstvi-stare-bambitky_CZ_HD_avi.avi
2014-07-12 18:57 - 2014-07-12 19:45 - 370038128 _____ () C:\Users\Sifonek\Downloads\Tajemství-staré-bambitky-cz-pohádka-2011.avi
2014-07-09 09:14 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 09:14 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 09:14 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 09:14 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 09:14 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 09:14 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 09:14 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 09:14 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 09:14 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 09:14 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 09:14 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 09:14 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 09:14 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 09:14 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 09:14 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 09:14 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 09:14 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 09:14 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 09:14 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 09:14 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 09:14 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 09:14 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 09:13 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 09:13 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 09:13 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 09:13 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 09:13 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 09:13 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 09:13 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 09:13 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 09:13 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 09:13 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 09:13 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 09:13 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 09:13 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 09:13 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 09:13 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 09:13 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 09:13 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 09:13 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 09:13 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 09:13 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 09:13 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 09:13 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 09:13 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 09:13 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 09:13 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 09:13 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 09:13 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 09:13 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 09:13 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 09:13 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 09:13 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 09:13 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 09:13 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 09:13 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 09:13 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 09:13 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 09:13 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 09:13 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 09:13 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 09:13 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 09:13 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 09:13 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 09:13 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 09:13 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 09:13 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 09:13 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 09:13 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 09:13 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 09:13 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 09:13 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 09:13 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 09:13 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 09:13 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 09:13 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 09:13 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 09:13 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 09:11 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 09:11 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 09:11 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-08 18:39 - 2014-07-10 21:38 - 00000000 ____D () C:\Users\Sifonek\Desktop\vysoké školy
2014-07-03 08:43 - 2014-07-03 09:25 - 365891584 _____ () C:\Users\Sifonek\Downloads\Prolhané-krásky-(Pretty-Little-Liars)-5x04-CZ-titulky (3).avi
2014-07-03 08:04 - 2014-07-03 08:41 - 258868356 _____ () C:\Users\Sifonek\Downloads\Prolhané-krásky-(Pretty-Little-Liars)-5x04-CZ-titulky (2).avi
2014-07-03 07:57 - 2014-07-03 07:59 - 01150136 _____ () C:\Users\Sifonek\Downloads\Prolhané-krásky-(Pretty-Little-Liars)-5x04-CZ-titulky (1).avi
2014-07-03 07:53 - 2014-07-03 07:54 - 00371576 _____ () C:\Users\Sifonek\Downloads\Prolhané-krásky-(Pretty-Little-Liars)-5x04-CZ-titulky.avi
2014-07-02 19:42 - 2014-07-02 19:43 - 00000000 ____D () C:\Users\Sifonek\Desktop\FRANCIE 18.-21.4.2014 (komplet)
2014-07-02 19:41 - 2014-07-05 15:00 - 00000000 ____D () C:\Users\Sifonek\Desktop\ŘÍM 21.-26.6.2014
2014-06-30 09:26 - 2014-06-30 09:26 - 00000850 _____ () C:\Users\Sifonek\Desktop\ZAZ---Recto-Verso-(Deluxe-Edition)-(2013)-[320-kbps].lnk
2014-06-30 09:13 - 2014-06-30 09:26 - 120416865 _____ () C:\Users\Sifonek\Downloads\ZAZ---Recto-Verso-(Deluxe-Edition)-(2013)-[320-kbps].rar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-24 18:38 - 2014-07-24 18:37 - 00023096 _____ () C:\Users\Sifonek\Desktop\FRST.txt
2014-07-24 18:37 - 2014-07-24 18:37 - 00000000 ____D () C:\FRST
2014-07-24 18:36 - 2014-07-24 18:36 - 00112640 _____ (forum.viry.cz) C:\Users\Sifonek\Desktop\FRSTLauncher (1).exe
2014-07-24 18:36 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-24 18:36 - 2009-07-14 06:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-24 18:33 - 2014-07-24 18:33 - 00112640 _____ (forum.viry.cz) C:\Users\Sifonek\Downloads\Nepotvrzeno 590221.crdownload
2014-07-24 18:33 - 2014-07-18 22:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-24 18:32 - 2011-08-25 08:31 - 01089952 _____ () C:\Windows\WindowsUpdate.log
2014-07-24 18:32 - 2011-02-19 07:36 - 00680544 _____ () C:\Windows\system32\perfh005.dat
2014-07-24 18:32 - 2011-02-19 07:36 - 00145512 _____ () C:\Windows\system32\perfc005.dat
2014-07-24 18:32 - 2009-07-14 07:13 - 01615590 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-24 18:31 - 2009-07-14 06:51 - 00127788 _____ () C:\Windows\setupact.log
2014-07-24 18:28 - 2014-07-24 18:31 - 02093568 _____ (Farbar) C:\Users\Sifonek\Desktop\FRST64.exe
2014-07-24 18:27 - 2014-07-24 18:31 - 00030968 _____ () C:\Users\Sifonek\Desktop\FRSTLauncher.exe
2014-07-24 18:27 - 2014-07-24 18:27 - 00000000 ___RD () C:\Users\Sifonek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-07-24 18:27 - 2011-12-29 19:10 - 00000000 ___HD () C:\ASUS.DAT
2014-07-24 18:26 - 2011-04-01 10:58 - 00000962 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-24 18:25 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-24 13:46 - 2011-04-01 10:58 - 00000966 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-24 13:34 - 2011-08-25 09:07 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-07-24 13:13 - 2011-12-29 19:10 - 00000000 ____D () C:\Users\Sifonek\AppData\Local\VirtualStore
2014-07-24 12:59 - 2014-07-18 21:38 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-07-24 12:54 - 2014-07-19 10:42 - 00000514 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b6570520-dc7b-4916-be05-06e09c11e41d.job
2014-07-24 08:02 - 2014-07-24 08:02 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-07-22 10:47 - 2014-07-19 10:42 - 00000514 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6afbae67-6021-4c28-a2a1-69e5bd222c72.job
2014-07-21 20:10 - 2014-07-18 22:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-21 19:17 - 2014-07-21 18:11 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-21 19:17 - 2014-01-19 17:24 - 00000000 ____D () C:\Users\Sifonek\Desktop\škola
2014-07-21 19:17 - 2011-12-31 14:02 - 00000000 ____D () C:\Users\Sifonek\AppData\Local\Microsoft Help
2014-07-21 19:17 - 2011-04-01 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-21 18:54 - 2011-08-25 09:04 - 00001391 _____ () C:\Windows\system32\ServiceFilter.ini
2014-07-21 18:41 - 2014-07-21 18:41 - 00000000 ____D () C:\Users\Sifonek\AppData\Local\Avg2014
2014-07-21 18:40 - 2014-07-21 18:18 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-07-21 18:36 - 2014-07-21 18:21 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-07-21 18:24 - 2014-07-21 18:24 - 00002211 _____ () C:\Users\Public\Desktop\TuneUp 1-Click Maintenance.lnk
2014-07-21 18:24 - 2014-07-21 18:24 - 00002197 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-07-21 18:24 - 2014-07-21 18:24 - 00002185 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-07-21 18:24 - 2014-07-21 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-07-21 18:23 - 2014-07-21 18:23 - 00000000 ____D () C:\Users\Sifonek\AppData\Roaming\TuneUp Software
2014-07-21 18:17 - 2013-07-10 13:51 - 00000000 ____D () C:\Users\Sifonek\AppData\Roaming\Skype
2014-07-20 19:15 - 2014-07-20 19:13 - 55413160 _____ (TuneUp Software) C:\Users\Sifonek\Downloads\TuneUpUtilities2014.exe
2014-07-20 19:03 - 2011-08-25 09:04 - 00002178 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-07-19 14:33 - 2011-04-01 10:03 - 00280930 _____ () C:\Windows\PFRO.log
2014-07-19 10:42 - 2014-07-19 10:42 - 00003596 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 6afbae67-6021-4c28-a2a1-69e5bd222c72
2014-07-19 10:42 - 2014-07-19 10:42 - 00003522 _____ () C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task b6570520-dc7b-4916-be05-06e09c11e41d
2014-07-19 10:42 - 2014-07-19 10:42 - 00000000 ____D () C:\Users\Sifonek\AppData\Roaming\SUPERAntiSpyware.com
2014-07-19 10:42 - 2014-07-19 10:41 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-19 10:41 - 2014-07-19 10:41 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2014-07-19 10:41 - 2014-07-19 10:41 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-07-19 10:41 - 2014-07-19 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-07-19 10:39 - 2014-07-19 10:38 - 20178584 _____ (SUPERAntiSpyware) C:\Users\Sifonek\Downloads\SUPERAntiSpywarePro.exe
2014-07-19 09:30 - 2011-04-01 11:02 - 00000000 ____D () C:\Windows\PCHEALTH
2014-07-18 22:36 - 2014-07-18 22:36 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-18 22:36 - 2014-07-18 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-18 22:36 - 2014-07-18 22:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-18 22:36 - 2014-07-18 22:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-18 22:35 - 2014-07-18 22:32 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Sifonek\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-18 22:08 - 2014-07-18 22:08 - 00000000 ____D () C:\Users\Sifonek\AppData\Roaming\AVAST Software
2014-07-18 22:07 - 2014-07-18 22:07 - 00001968 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-18 22:07 - 2014-07-18 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-18 22:07 - 2014-07-18 21:58 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-18 21:58 - 2014-07-18 21:58 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-07-18 21:58 - 2014-07-18 21:58 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-18 21:58 - 2014-07-18 21:58 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-07-18 21:58 - 2014-07-18 21:58 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-18 21:57 - 2014-07-18 21:58 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-18 21:57 - 2014-07-18 21:58 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-18 21:57 - 2014-07-18 21:58 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-18 21:57 - 2014-07-18 21:58 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-18 21:57 - 2014-07-18 21:57 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-18 21:41 - 2014-07-18 21:39 - 18542592 _____ (Emsisoft GmbH ) C:\Users\Sifonek\Downloads\EmsisoftAntiMalwareSetup.exe
2014-07-18 21:39 - 2014-07-18 21:39 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-18 21:39 - 2014-07-18 21:36 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-18 21:38 - 2014-07-18 21:38 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-07-18 21:38 - 2014-07-18 21:38 - 00001040 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-07-18 21:38 - 2014-07-18 21:38 - 00000000 ____D () C:\Users\Sifonek\AppData\Roaming\Spyware Terminator
2014-07-18 21:38 - 2014-07-18 21:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-07-18 21:38 - 2014-07-18 21:37 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-07-18 21:36 - 2014-07-18 21:36 - 04862664 _____ (AVAST Software) C:\Users\Sifonek\Downloads\avast_free_antivirus_setup_online.exe
2014-07-18 21:34 - 2014-07-18 21:34 - 01056232 _____ (Crawler, LLC ) C:\Users\Sifonek\Downloads\SpywareTerminatorSetup.exe
2014-07-15 21:46 - 2011-12-29 19:12 - 00000000 ____D () C:\Users\Sifonek\Documents\Bluetooth Folder
2014-07-13 09:17 - 2013-09-21 19:19 - 00000000 ____D () C:\Users\Sifonek\AppData\Local\Adobe
2014-07-12 22:25 - 2014-07-12 19:46 - 1422261332 _____ () C:\Users\Sifonek\Downloads\Tajemstvi-stare-bambitky_CZ_HD_avi.avi
2014-07-12 19:45 - 2014-07-12 18:57 - 370038128 _____ () C:\Users\Sifonek\Downloads\Tajemství-staré-bambitky-cz-pohádka-2011.avi
2014-07-12 17:35 - 2011-12-29 20:51 - 00000000 ____D () C:\Users\Sifonek\Desktop\Sifča
2014-07-10 21:38 - 2014-07-08 18:39 - 00000000 ____D () C:\Users\Sifonek\Desktop\vysoké školy
2014-07-09 19:12 - 2009-07-14 06:45 - 06672072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 19:09 - 2014-05-06 21:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-09 19:09 - 2009-07-14 09:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 19:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-09 19:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 19:07 - 2011-12-31 14:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-09 19:03 - 2014-06-20 18:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 19:00 - 2014-06-20 18:53 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 12:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-05 15:00 - 2014-07-02 19:41 - 00000000 ____D () C:\Users\Sifonek\Desktop\ŘÍM 21.-26.6.2014
2014-07-03 09:25 - 2014-07-03 08:43 - 365891584 _____ () C:\Users\Sifonek\Downloads\Prolhané-krásky-(Pretty-Little-Liars)-5x04-CZ-titulky (3).avi
2014-07-03 08:41 - 2014-07-03 08:04 - 258868356 _____ () C:\Users\Sifonek\Downloads\Prolhané-krásky-(Pretty-Little-Liars)-5x04-CZ-titulky (2).avi
2014-07-03 07:59 - 2014-07-03 07:57 - 01150136 _____ () C:\Users\Sifonek\Downloads\Prolhané-krásky-(Pretty-Little-Liars)-5x04-CZ-titulky (1).avi
2014-07-03 07:54 - 2014-07-03 07:53 - 00371576 _____ () C:\Users\Sifonek\Downloads\Prolhané-krásky-(Pretty-Little-Liars)-5x04-CZ-titulky.avi
2014-07-02 19:43 - 2014-07-02 19:42 - 00000000 ____D () C:\Users\Sifonek\Desktop\FRANCIE 18.-21.4.2014 (komplet)
2014-07-02 19:43 - 2014-01-02 13:41 - 00000000 ____D () C:\Users\Sifonek\Desktop\FILMY
2014-06-30 09:47 - 2014-06-10 17:25 - 00000000 ____D () C:\Users\Sifonek\Desktop\čtenářský deník
2014-06-30 09:26 - 2014-06-30 09:26 - 00000850 _____ () C:\Users\Sifonek\Desktop\ZAZ---Recto-Verso-(Deluxe-Edition)-(2013)-[320-kbps].lnk
2014-06-30 09:26 - 2014-06-30 09:13 - 120416865 _____ () C:\Users\Sifonek\Downloads\ZAZ---Recto-Verso-(Deluxe-Edition)-(2013)-[320-kbps].rar
2014-06-30 04:09 - 2014-07-09 09:14 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 09:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\Sifonek\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzl4pr1.dll
C:\Users\Sifonek\AppData\Local\Temp\readSTILog.dll
C:\Users\Sifonek\AppData\Local\Temp\siinst.exe
C:\Users\Sifonek\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sifonek\AppData\Local\Temp\strings.dll
C:\Users\Sifonek\AppData\Local\Temp\{9EB6D950-4E36-41F6-B6E4-7C6A948F08D8}-25.0.1364.97_24.0.1312.57_chrome_updater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6afbae67-6021-4c28-a2a1-69e5bd222c72.job => C:\PROGRAM FILES\SUPERANTISPYWARE\SASTask.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task b6570520-dc7b-4916-be05-06e09c11e41d.job => C:\PROGRAM FILES\SUPERANTISPYWARE\SASTask.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Trend Micro Titanium Internet Security (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Trend Micro Titanium Internet Security (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Sifonek\Desktop" je 53640 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector
C:\Windows\AsScrPro.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-64623516-4008047867-1843251868-1001\...\MountPoints2: F - F:\SISetup.exe
HKU\S-1-5-21-64623516-4008047867-1843251868-1001\...\MountPoints2: {e86fc924-4ea1-11e3-a127-d0df9a9bdcce} - F:\SISetup.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files\Google\GoogleToolbarNotifier
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
CHR Extension: (avast! Online Security) - C:\Users\Sifonek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-19]
CHR Extension: (Peněženka Google) - C:\Users\Sifonek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23]
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\acovcnt.exe
C:\Users\Sifonek\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.


Další věc:

Velikost slozky "C:\Users\Sifonek\Desktop" je 53640 MB.

To je příliš mnoho a brzdí to start PC. Data přesuňte do jiného adresáře a na plochu dejte pouze zástupce.

[thebobdestroyer]

Vyčistil jsem to, ale počítač je bohužel stále velmi zpomalený..

log z frst:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-07-2014
Ran by Sifonek at 2014-07-24 20:38:34 Run:1
Running from C:\Users\Sifonek\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-64623516-4008047867-1843251868-1001\...\MountPoints2: F - F:\SISetup.exe
HKU\S-1-5-21-64623516-4008047867-1843251868-1001\...\MountPoints2: {e86fc924-4ea1-11e3-a127-d0df9a9bdcce} - F:\SISetup.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
C:\Program Files (x86)\Google\Google Toolbar
C:\Program Files\Google\GoogleToolbarNotifier
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
CHR Extension: (avast! Online Security) - C:\Users\Sifonek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-19]
CHR Extension: (Peněženka Google) - C:\Users\Sifonek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-23]
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\system32\acovcnt.exe
C:\Users\Sifonek\AppData\Local\Temp
End
*****************

"HKU\S-1-5-21-64623516-4008047867-1843251868-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-64623516-4008047867-1843251868-1001" => Key not found.
"HKU\S-1-5-21-64623516-4008047867-1843251868-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e86fc924-4ea1-11e3-a127-d0df9a9bdcce}" => Key deleted successfully.
"HKCR\CLSID\{e86fc924-4ea1-11e3-a127-d0df9a9bdcce}" => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key deleted successfully.
"HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}" => Key deleted successfully.
"HKCR\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}" => Key deleted successfully.
C:\Program Files (x86)\Google\Google Toolbar => Moved successfully.
C:\Program Files\Google\GoogleToolbarNotifier => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value deleted successfully.
"HKCR\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\FF Plugin: @microsoft.com/GENUINE - disabled No File" => Key not found.
"FF Plugin: @microsoft.com/GENUINE - disabled No File" => not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\FF Plugin-x32: @microsoft.com/GENUINE - disabled No File" => Key not found.
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File not found.
C:\Users\Sifonek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki => Moved successfully.
C:\Users\Sifonek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\system32\acovcnt.exe => Moved successfully.

"C:\Users\Sifonek\AppData\Local\Temp" directory move:

C:\Users\Sifonek\AppData\Local\Temp\10h7E5A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1351.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\14C7.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\168C.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1776.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\189E.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\195.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\196.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1A53.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1A82.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1C17.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1CF2.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1DEB.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1E3.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1E39.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\203C.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\25B8.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2AE.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2B05.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3237.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3310.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\33AD.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\34A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\34B6.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\34E5.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\366A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3735.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\38AC.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3A70.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3B5D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3DAB.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\40F5.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4589.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\46C2.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\474C.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\477B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\508F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\509F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\51F6.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\54B4.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\55EC.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\57CF.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\58B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5AFB.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\6180.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\649B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\6621.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\68FF.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\69BA.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\6AE4.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\6B4C.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\6D3.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\736B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\7500.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\75CB.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\7676.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\7ACA.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\7B0.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\7C5F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\7C7F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\8007.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\8041.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\8075.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\818D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\81BC.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\81EC.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\822A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\8526.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\85B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\8767.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\87x9E38.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\8C78.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\8CE3.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\8E5.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\91F8.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\978E.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\980E.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\9A0.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\9E60.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\9EF.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\9FA8.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\A0.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\A0C1.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\A11E.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\A1BA.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\A46B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\AAA0.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\ABE7.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\AD7E.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\ADAC.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\AF70.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\amt3.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\AvgRep.xml => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\B0F6.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\B4BD.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\B7F8.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\B885.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\BADC.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\BD26.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\BIT6098.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\C1E7.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\C35D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\C476.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\C5FC.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\C8D9.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\C908.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CC34.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CE86.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CEF6.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CF61.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CFG2300.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CFGB668.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CFGE62B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Commands.xml => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\config.xml => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR1277.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR1372.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR14F6.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR1778.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR1B6C.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR1E4.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR1E4A.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR1E99.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR1F91.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR20AD.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR22B0.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR2753.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR28C4.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR2B11.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR2BF0.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR2C8D.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR30A1.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR3154.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR31AC.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR3324.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR342B.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR3E48.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR3E77.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR4491.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR4624.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR463.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR4AA7.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR4BB2.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR4ECF.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR518A.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR5218.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR56E7.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR56F9.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR5A5F.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR5ADB.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR5CF8.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR6327.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR6622.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR6700.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR6AA4.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR6B16.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR6C1F.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR6D09.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR7087.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR7168.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR721.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR7262.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR78C8.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR78E.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR7954.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR7C12.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR7FC.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR7FFC.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR81AD.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR8738.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR8788.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR8AB2.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR8E9A.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR8EC7.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR8FC0.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR9021.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR9291.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR933C.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR93AA.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR95DA.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR9665.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR97EB.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR98B7.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVR99FF.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRA16D.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRA248.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRA2AD.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRA514.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRA5B2.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRA8ED.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRA9B6.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRAA81.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRAABF.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRABAB.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRAD23.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRB197.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRB1C1.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRB979.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRBBB1.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRBC85.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRBD94.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRBED4.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRBF1B.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRC217.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRC300.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRC32F.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRC330.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRC462.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRC5CF.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRC6D9.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRCAD7.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRCBF5.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRCEF3.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRCF4.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRD5E8.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRD712.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRD854.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRD864.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRDA58.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRDAE3.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRDD64.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRDDE1.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRDE7C.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRDF2A.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRDF37.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRDFA4.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRE011.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRE021.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRE031.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRE034.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRE0AD.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRE0CD.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRE214.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRE233.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRE3AB.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRE4B3.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRE669.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRE9B2.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVREC3E.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRED22.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVREF4D.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRF0B6.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRF74A.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRF92D.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRF9EA.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRFAE2.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRFBAE.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRFC63.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRFD9F.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRFE4B.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CVRFF35.tmp.cvr => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\D20D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\D335.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\D424.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\D4EA.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\D7C8.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\D9DA.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\DAE3.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\dd_vcredistMSI6D72.txt => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\dd_vcredistMSI6E50.txt => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\dd_vcredistUI6D72.txt => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\dd_vcredistUI6E50.txt => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\defaultCache.reg => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\DF85.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\DMI279C.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\DMI2DF.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\DMI3C17.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\DMI5090.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\DMI570F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\DMI5D6B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\DMI8BDA.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\DMI9609.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\DMIDB22.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\DMIF514.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzl4pr1.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzl4pr1.lck => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\E39A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\E80.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\E9A2.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\EA0A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\EA1F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\EDE6.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\EF2E.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\EF4D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Elements11OrganizerInstall.log => Moved successfully.
Could not move "C:\Users\Sifonek\AppData\Local\Temp\etilqs_2CZ5XeAaQDnXc2Z" => Scheduled to move on reboot.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_6fEdA4QDTX4kUQI => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_7szTOgKl4hlJj0S => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_9Tw39UG2Sqo4AOw => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_aBMXc57AkBB4si7 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_C2d04GFbdPMpRNv => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_d6X47m1JX1U47Sa => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_DypabrSfNqdqbDX => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_F1bLQNPaYz6EBco => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_f2ayiGd8oYcTn93 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_FH0sQ76632VRhKR => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_GL5P4jo44Bb3Hr6 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_ifPXfk4nLJ1BIGW => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_k1M3oslqgqhhmIH => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_kR1DLlIlXjtacU3 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_kvUnDugbHfdQ9f2 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_lE5LCNeb6wYO46b => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_M8xBzjqMzATAHMv => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_npth2pXpIG1De1E => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_P9AJ2qTtRFoTCus => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_sTUczpuW0zeAKp8 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_Tb2eGz3ORcghw2c => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_TPI8jyjiVMlRZVO => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_uieeDZNfrCwzT59 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_UM9bWy4O394Vt5E => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_Uo3GLelxLFyYTuk => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_VsMYMv4dJWLyZu9 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_XJOtDNUbhog9ePh => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\etilqs_zi1cLR3xZs8tv3s => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\F056.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\F160.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\F22A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\F42D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\F527.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\F528.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\F8FE.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\F9F7.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\FA93.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\FAD5.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\FB10.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\FC0A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\FCD5.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\FE89.tmp => Moved successfully.
Could not move "C:\Users\Sifonek\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Sifonek\AppData\Local\Temp\Install_log.txt => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\iwp4D58.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Kno97FD.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20131006_184340906-MSI_vc_red.msi.txt => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Microsoft Visual C++ 2010 x64 Redistributable Setup_20131006_184340906.html => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20131006_184246121-MSI_vc_red.msi.txt => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Microsoft Visual C++ 2010 x86 Redistributable Setup_20131006_184246121.html => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\mvhlewsi.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\OOBE(20111231125739F0).log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\oobelib.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Organizer.ini => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\PDApp.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\properties.ini => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\PSE11Install.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\PSE11Setup.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\readSTILog.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\repair_config.xml => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\SetupExe(2011123112580510F4).log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\SetupExe(201112311314528BC).log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Sifonek.bmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\siinst.exe => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Skype.msi => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\strB5F8.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\strings.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\swtag.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TUInstallLogBP_2014-07-21_16-17-26.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TUInstallLogLP_2014-07-21_16-11-30.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TUM896B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TUM89AA.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TUM9EFD.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TUM9F3D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\uniCC72.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\vkrF4DA.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls196B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls198A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls19EA.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls1A94.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls1AC5.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls1AD3.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls1AF1.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls1C0B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls1D9D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls1F05.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls23E8.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls2502.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls27BC.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls280C.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls28F5.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls28F7.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls312D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls316D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls31D8.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls3238.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls32B6.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls3302.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls390A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls3B3D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls3B6A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls3B9B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls3C55.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls3CB5.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls3E1A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls3E37.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls3F24.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls3F32.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls4079.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls4192.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls41A1.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls428C.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls4652.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls472D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls4818.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls4827.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls4AA6.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls4B91.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls5041.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls51A9.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls5466.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls5531.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls5560.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls566A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls56D6.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls581F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls5BF6.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls5CE1.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls5E86.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls5F71.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls643F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls648F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls653A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls6589.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls6612.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls6863.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls6865.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls697B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls698F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls6A76.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls6C0B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls6D24.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls735E.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls756E.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls757D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7647.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7707.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7752.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7761.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7780.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7A9C.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7BF4.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7C23.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7D3C.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7D7B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7E05.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7ED.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7EF1.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls7F5D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls8190.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls828B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls849A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls8574.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls85A4.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls867E.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls86DC.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls8788.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls88C0.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls893B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls8A64.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls8FA3.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls909D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls9424.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls950F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls9646.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls9657.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls9702.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls9721.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls9963.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls9A4E.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls9C2.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wls9FA8.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsA073.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsA100.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsA110.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsA17D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsA1DB.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsAA43.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsAB4B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsAB7C.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsACB3.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsAEE6.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsB01F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsB2F9.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsB3F4.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsB413.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsB720.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsB84A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsB8F4.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsB9FF.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsBE31.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsBE3F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsBF78.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsBF8A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsBFE4.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsC10E.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsC486.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsC5BF.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsC5ED.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsC6F7.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsCAAE.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsCBA9.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsCBE.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsCDD.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsCF12.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsD00A.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsD00D.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsD153.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsD97.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsD99.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsDA9.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsDB14.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsDC1E.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsE45.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsE659.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsE800.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsEC60.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsED4B.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsEDF.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsF2D6.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsF3F0.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsF40.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsF4F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsF557.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsF661.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsF6EB.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsF6EC.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsF7E6.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsF824.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsFC29.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsFCB.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsFE99.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsFF94.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wlsFFB3.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\xkfD7E3.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\__PDFCORE_FMP.dat => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\{9EB6D950-4E36-41F6-B6E4-7C6A948F08D8}-25.0.1364.97_24.0.1312.57_chrome_updater.exe => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~4826.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~5E74.bat => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~5E74.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF005F65FED914A254.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF04B429F5B3DE8867.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF06F1EB3D6EC36A2C.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF0812B111FF59B938.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF08D5EF25C8ECBB76.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF09B3C5519819F0CF.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF0C488F61E47DE088.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF0C4A469FB7148EEC.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF0D7F47A9916A9945.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF0FCA1978FE0AE325.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF1326CAC78102AC6A.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF152F9E62791EA9A0.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF178B7D4A39E98336.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF202F7D1259689297.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF24AFE9D4A07912F1.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF2CDD29B01F5F35EB.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF35E6663FA3508817.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF398507B281D018AE.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF3A6A6358D831721A.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF3FAA62F88F6942E3.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF46B8687FE207EA9B.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF49F482D4B603900D.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF56989F83A9D3EDE7.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF64B0A46337CDF979.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF6536BC2AFE6E7CA0.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF65879D1397C3FF08.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF65A6DCC73602D574.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF65E0932147FEA9CC.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF6EE698265317EA27.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF70E6717050D6761B.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF74984451AA1E3DC3.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF76F2BD498EAAA662.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF7A2CABFDFAEEF547.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF7BDBAFAC4A119684.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF7CF406A7341986C6.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF7E410DD57D7E1E1B.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF806A967451FA05F1.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF85CAE81A83062645.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF87E9ECA2B12E40E1.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF884BE6867E5B1A90.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF8A31B5D3C1EA3AD7.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF9028158D37DD7E1B.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF9200BF3A8696000D.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF96118A7B3C3EF5C5.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF9B8642EC95F0B78D.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF9CCDB532AB32B6DD.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF9F1EA0E4AFEA7778.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DF9FA0C20D826B79F5.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFA06DB38E0B0ACF32.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFA070CB1496D7DCA5.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFB44A3FBF4F19E320.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFB4F749C3C3DB9155.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFB5658F29404B92E9.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFB6ABC0B89D17455A.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFB6D886B1C82AB226.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFB7B8E212F5AABF3A.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFB84E573435A15756.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFC5B885031ACA0B23.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFCAE59B9026772FF6.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFD300FBD2870B2DE5.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFD3ACA5119C75C564.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFD5C64983E7EE2DC7.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFDBBCDEFEBB588D17.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFE0E16F18B28E15AB.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFE11976F48C8EA3E8.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFE1F0B93B37735792.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFE52959EEB9D17C1A.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFEEDC7D49B51B39C2.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFEF044B5F8F2D2ADC.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFF87A07252711DB43.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~DFFAD25423B3667720.TMP => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~PP1507.pptx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~PP3035.pps => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~PP3964.pptx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~PP528.pptx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\~nsu.tmp\Au_.exe => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\{1D181764-DCD0-41B8-AA7B-0A599F027A72}\adobe_oobelib.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\{1D181764-DCD0-41B8-AA7B-0A599F027A72}\asneu.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Word8.0\MSForms.exd => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Word8.0\ShockwaveFlashObjects.exd => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\UpdateWizard_53254\lang.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\UpdateWizard_53254\package_14.0.1000.110_to_14.0.1000.221.msp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\UpdateWizard_53254\package_14.0.1000.110_to_14.0.1000.221.zip => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\UpdateWizard_53254\SilentUpdater.exe => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\UpdateWizard_53254\tulic.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\UpdateWizard_53254\TUProduct.db => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\UpdateWizard_53254\TUProgramManager.db => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\UpdateWizard_53254\en-GB\default.mo => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Temp1_x506b42ad1b969.zip\L_Stroupeznicky_Nasi_furianti.doc => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCDFDF0.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCDDBEE.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCDCFB1.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCDCF92.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCDB7AC.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCDB62A.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCDB5BE.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCDA94C.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCD9E3.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCD8F59.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCD89CA.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCD8191.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCD6D09.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCD5D5D.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCD59C8.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCD4B34.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCD48A8.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCD38C0.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCD1E2E.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\TCD15A5.tmp\CleanGradient.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\SUPERSetup\setup.db3 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Rar$DIa0.976\06. ZAZ - J'ai Tant Escamoté.mp3 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Rar$DIa0.891\01. ZAZ - On Ira.mp3 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Rar$DIa0.842\04. ZAZ - T'attends Quoi.mp3 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Rar$DIa0.810\02. ZAZ - Comme Ci, Comme Ça.mp3 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Rar$DIa0.518\10. ZAZ - Si.mp3 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Rar$DIa0.402\09. ZAZ - Si Je Perds.mp3 => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\outlook logging\firstrun.log => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\OICE_96BE50A1-08B0-4FE1-BEE5-E19F5E70C774.0\C062F3DF.doc => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\OICE_96BE50A1-08B0-4FE1-BEE5-E19F5E70C774.0\msoEA30.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\OICE_96BE50A1-08B0-4FE1-BEE5-E19F5E70C774.0\~WRS{5B8DA92F-E6C0-4C8E-840E-D6E7E51F88DD}.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\OICE_10A20ADA-6E57-4CE6-8FAB-E3068CA44F14.0\CEB4C52. not found.
C:\Users\Sifonek\AppData\Local\Temp\OICE_10A20ADA-6E57-4CE6-8FAB-E3068CA44F14.0\mso3884.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\nsy406C.tmp\DropboxNSISTools.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\nsy406C.tmp\nsExec.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\nsy406C.tmp\UAC.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\nsq4FE5.tmp\UAC.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\MUI\CyberLink Blu-ray Disc Suite\Power2Go\OnLine Registration.lnk => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\MUI\CyberLink Blu-ray Disc Suite\Power2Go\Power2Go Express.lnk => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\MUI\CyberLink Blu-ray Disc Suite\Power2Go\Power2Go Online Help.lnk => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\MUI\CyberLink Blu-ray Disc Suite\Power2Go\Power2Go.lnk => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\MUI\CyberLink Blu-ray Disc Suite\Power2Go\Readme.lnk => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\desktop.ini => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\index.dat => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\P2R13YJM\desktop.ini => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\P2R13YJM\errorPageStrings[1] => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\P2R13YJM\favcenter[1] => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\FZOY17BM\background_gradient[1] => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\FZOY17BM\desktop.ini => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\FZOY17BM\httpErrorPagesScripts[1] => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\CQU172RZ\desktop.ini => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\CQU172RZ\dnserror[1] => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\CQU172RZ\noConnect[1] => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\AI3FO3Y9\desktop.ini => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\AI3FO3Y9\down[1] => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\AI3FO3Y9\ErrorPageTemplate[1] => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\History\History.IE5\desktop.ini => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\History\History.IE5\index.dat => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Low\Cookies\index.dat => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\is-HIHSJ.tmp\mbam-setup-2.0.2.1012.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\is-GS8B6.tmp\mbam-setup-2.0.2.1012.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\is-2SH93.tmp\master.conf => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\is-2SH93.tmp\mbam.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\is-2SH93.tmp\mbamsrv.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\is-2SH93.tmp\msvcp100.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\is-2SH93.tmp\msvcr100.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\is-2SH93.tmp\QtCore4.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\is-2SH93.tmp\_isetup\_setup64.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\is-2SH93.tmp\_isetup\_shfoldr.dll => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Install\Autorun.exe => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Install\Autorun.inf => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Install\en\setup.exe => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Install\Drivers\setup.exe => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\Install\cs\setup.exe => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\chrome_BITS_168_29999\BIT506F.tmp => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\boost_interprocess\IconDownloadMutex => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\9EF.dir\InstallFlashPlayer.exe => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\904_21834\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\904_21834\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\904_21834\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\656_16185\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\656_16185\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\656_16185\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5968_24651\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5968_24651\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5968_24651\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5896_547\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5896_547\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5896_547\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5688_6853\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5688_6853\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5688_6853\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5108_31090\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5108_31090\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5108_31090\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5088_3759\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5088_3759\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5088_3759\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5088_12194\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5088_12194\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5088_12194\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5076_15858\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5076_15858\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5076_15858\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5040_32086\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5040_32086\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5040_32086\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5028_9511\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5028_9511\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5028_9511\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5012_11083\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5012_11083\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\5012_11083\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4976_1748\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4976_1748\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4976_1748\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4960_9099\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4960_9099\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4960_9099\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4944_31587\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4944_31587\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4944_31587\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4932_15517\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4932_15517\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4932_15517\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4932_14707\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4932_14707\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4932_14707\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\492_32589\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\492_32589\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\492_32589\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4908_925\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4908_925\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4908_925\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4884_19952\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4884_19952\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4884_19952\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4880_4558\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4880_4558\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4880_4558\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4872_11174\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4872_11174\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4872_11174\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4868_32202\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4868_32202\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4868_32202\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4868_24819\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4868_24819\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4868_24819\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4860_15857\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4860_15857\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4860_15857\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4856_16561\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4856_16561\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4856_16561\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4840_17530\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4840_17530\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4840_17530\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4840_12192\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4840_12192\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4840_12192\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4836_4520\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4836_4520\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4836_4520\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4836_31228\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4836_31228\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4836_31228\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4824_4951\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4824_4951\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4824_4951\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4824_13813\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4824_13813\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4824_13813\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4816_7694\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4816_7694\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4816_7694\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4780_29772\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4780_29772\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4780_29772\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4780_22914\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4780_22914\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4780_22914\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4780_19779\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4780_19779\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4780_19779\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4764_16342\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4764_16342\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4764_16342\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4740_20646\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4740_20646\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4740_20646\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4736_28376\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4736_28376\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4736_28376\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4732_16435\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4732_16435\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4732_16435\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4708_9104\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4708_9104\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4708_9104\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4700_16492\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4700_16492\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4700_16492\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4692_4440\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4692_4440\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4692_4440\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4680_24852\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4680_24852\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4680_24852\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4676_21833\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4676_21833\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4676_21833\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4652_26228\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4652_26228\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4652_26228\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4628_23507\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4628_23507\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4628_23507\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4624_29423\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4624_29423\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4624_29423\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4620_24115\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4620_24115\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4620_24115\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4604_26603\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4604_26603\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4604_26603\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4576_27187\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4576_27187\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4576_27187\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4576_12023\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4576_12023\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4576_12023\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4572_26104\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4572_26104\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4572_26104\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4572_23309\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4572_23309\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4572_23309\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4552_19223\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4552_19223\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4552_19223\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4540_8817\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4540_8817\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4540_8817\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4516_17577\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4516_17577\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4516_17577\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4476_16970\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4476_16970\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4476_16970\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4448_724\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4448_724\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4448_724\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4400_21123\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4400_21123\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4400_21123\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4396_20594\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4396_20594\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4396_20594\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4388_19611\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4388_19611\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4388_19611\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4380_24892\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4380_24892\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4380_24892\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4364_12666\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4364_12666\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4364_12666\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4312_19357\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4312_19357\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4312_19357\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4272_6992\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4272_6992\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4272_6992\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4248_15724\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4248_15724\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4248_15724\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4224_19796\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4224_19796\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4224_19796\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4216_13140\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4216_13140\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4216_13140\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4204_695\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4204_695\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4204_695\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4196_2416\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4196_2416\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4196_2416\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4188_19577\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4188_19577\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4188_19577\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4184_23553\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4184_23553\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4184_23553\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4184_15346\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4184_15346\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4184_15346\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4168_9394\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4168_9394\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4168_9394\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4156_21863\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4156_21863\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4156_21863\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4148_28256\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4148_28256\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4148_28256\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4144_17313\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4144_17313\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4144_17313\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4140_30906\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4140_30906\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4140_30906\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4132_11055\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4132_11055\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4132_11055\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4104_2329\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4104_2329\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\4104_2329\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3972_14211\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3972_14211\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3972_14211\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3940_17624\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3940_17624\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3940_17624\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3896_29772\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3896_29772\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3896_29772\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3892_13487\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3892_13487\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3892_13487\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3832_2929\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3832_2929\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3832_2929\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3828_11163\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3828_11163\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3828_11163\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3808_30485\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3808_30485\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3808_30485\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3756_25353\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3756_25353\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3756_25353\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3644_31882\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3644_31882\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3644_31882\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3556_32727\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3556_32727\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3556_32727\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3544_15717\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3544_15717\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3544_15717\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3452_8892\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3452_8892\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3452_8892\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3452_15720\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3452_15720\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3452_15720\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3392_31656\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3392_31656\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3392_31656\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3380_12286\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3380_12286\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3380_12286\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3328_32436\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3328_32436\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3328_32436\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3180_27216\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3180_27216\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3180_27216\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\316_27546\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\316_27546\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\316_27546\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3152_22837\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3152_22837\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3152_22837\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3128_11796\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3128_11796\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3128_11796\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3120_7496\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3120_7496\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3120_7496\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3068_6620\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3068_6620\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3068_6620\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3028_18454\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3028_18454\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\3028_18454\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2992_8572\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2992_8572\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2992_8572\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2720_1085\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2720_1085\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2720_1085\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2556_32430\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2556_32430\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2556_32430\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2552_6629\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2552_6629\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2552_6629\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2516_18896\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2516_18896\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2516_18896\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2516_12614\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2516_12614\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2516_12614\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2460_7145\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2460_7145\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2460_7145\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2376_12513\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2376_12513\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2376_12513\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2268_24659\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2268_24659\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\2268_24659\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1992_2825\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1992_2825\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1992_2825\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\168_18593\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\168_18593\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\168_18593\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1648_16847\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1648_16847\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1648_16847\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1576_7968\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1576_7968\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1576_7968\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1500_28293\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1500_28293\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1500_28293\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1488_18158\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1488_18158\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1488_18158\manifest.json => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1232_21515\crl-set => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1232_21515\manifest.fingerprint => Moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\1232_21515\manifest.json => Moved successfully.
Could not move "C:\Users\Sifonek\AppData\Local\Temp" directory. => Scheduled to move on reboot.


=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-07-24 20:41:55)<=

C:\Users\Sifonek\AppData\Local\Temp\etilqs_2CZ5XeAaQDnXc2Z => Is moved successfully.
C:\Users\Sifonek\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Sifonek\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====

[Rudy]

Smazáno. Nastala nějaká změna?

[thebobdestroyer]

Start je o něco rychlejší, ale počítač stále "bezdůvodně" zamrzává. A je nutný tvrdý restart.

[Rudy]

Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

[thebobdestroyer]

Tady je ten log:

ComboFix 14-07-24.01 - Sifonek 24.07.2014 23:15:45.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.420.1029.18.3692.2287 [GMT 2:00]
Spuštěný z: c:\users\Sifonek\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Sifonek\AppData\Local\Microsoft\Windows\Temporary Internet Files\{7093F11E-ECD2-43E3-89B7-8AA3A8040F9C}.xps
c:\users\Sifonek\AppData\Local\Microsoft\Windows\Temporary Internet Files\{CCA0EFC8-C19D-4EB5-B492-2CFAEA4A0B22}.xps
c:\users\Sifonek\AppData\Local\Microsoft\Windows\Temporary Internet Files\{DDF36F57-8A3C-472C-9169-FFC6BCC8B652}.xps
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-06-24 do 2014-07-24 )))))))))))))))))))))))))))))))
.
.
2014-07-24 16:37 . 2014-07-24 18:42 -------- d-----w- C:\FRST
2014-07-21 16:41 . 2014-07-21 16:41 -------- d-----w- c:\users\Sifonek\AppData\Local\Avg2014
2014-07-21 16:37 . 2013-12-18 09:01 29496 ----a-w- c:\windows\system32\authuitu.dll
2014-07-21 16:37 . 2013-12-18 09:01 25400 ----a-w- c:\windows\SysWow64\authuitu.dll
2014-07-21 16:37 . 2013-12-18 09:01 43320 ----a-w- c:\windows\system32\uxtuneup.dll
2014-07-21 16:37 . 2013-12-18 09:01 36152 ----a-w- c:\windows\SysWow64\uxtuneup.dll
2014-07-21 16:24 . 2013-12-18 09:01 40760 ----a-w- c:\windows\system32\TURegOpt.exe
2014-07-21 16:23 . 2014-07-21 16:23 -------- d-----w- c:\users\Sifonek\AppData\Roaming\TuneUp Software
2014-07-21 16:21 . 2014-07-21 16:36 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2014
2014-07-21 16:18 . 2014-07-21 16:40 -------- d-----w- c:\programdata\TuneUp Software
2014-07-21 16:11 . 2014-07-21 17:17 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-21 16:11 . 2014-07-21 16:11 -------- d--h--w- c:\programdata\Common Files
2014-07-19 08:42 . 2014-07-19 08:42 -------- d-----w- c:\users\Sifonek\AppData\Roaming\SUPERAntiSpyware.com
2014-07-19 08:41 . 2014-07-19 08:42 -------- d-----w- c:\program files\SUPERAntiSpyware
2014-07-19 08:41 . 2014-07-19 08:41 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2014-07-18 20:51 . 2014-07-24 20:49 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-18 20:36 . 2014-05-12 05:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-07-18 20:36 . 2014-05-12 05:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-07-18 20:36 . 2014-05-12 05:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-07-18 20:36 . 2014-07-18 20:36 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-18 20:36 . 2014-07-18 20:36 -------- d-----w- c:\programdata\Malwarebytes
2014-07-18 20:35 . 2014-07-18 20:35 -------- d-----w- c:\users\Sifonek\AppData\Local\Programs
2014-07-18 20:08 . 2014-07-18 20:08 -------- d-----w- c:\users\Sifonek\AppData\Roaming\AVAST Software
2014-07-18 19:58 . 2014-07-18 19:58 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-07-18 19:58 . 2014-07-18 19:58 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-07-18 19:58 . 2014-07-18 19:58 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-07-18 19:58 . 2014-07-18 20:07 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-07-18 19:58 . 2014-07-18 19:58 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-07-18 19:58 . 2014-07-18 19:57 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-07-18 19:58 . 2014-07-18 19:57 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-07-18 19:58 . 2014-07-18 19:57 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-07-18 19:58 . 2014-07-18 19:57 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-07-18 19:57 . 2014-07-18 19:57 43152 ----a-w- c:\windows\avastSS.scr
2014-07-18 19:39 . 2014-07-18 19:39 -------- d-----w- c:\program files\AVAST Software
2014-07-18 19:38 . 2014-07-18 19:38 51496 ----a-w- c:\windows\system32\drivers\stflt.sys
2014-07-18 19:38 . 2014-07-24 10:59 -------- d-----w- c:\programdata\Spyware Terminator
2014-07-18 19:38 . 2014-07-18 19:38 -------- d-----w- c:\users\Sifonek\AppData\Roaming\Spyware Terminator
2014-07-18 19:37 . 2014-07-18 19:38 -------- d-----w- c:\program files (x86)\Spyware Terminator
2014-07-18 19:36 . 2014-07-18 19:39 -------- d-----w- c:\programdata\AVAST Software
2014-07-09 07:13 . 2014-06-19 00:53 48640 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2014-07-09 07:11 . 2014-06-05 14:45 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-07-09 07:11 . 2014-06-05 14:26 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-07-09 07:11 . 2014-06-05 14:25 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 17:00 . 2014-06-20 16:53 96441528 ----a-w- c:\windows\system32\MRT.exe
2014-05-30 07:52 . 2014-07-09 07:14 247808 ----a-w- c:\windows\SysWow64\schannel.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile Communication Centre"="c:\program files (x86)\T-Mobile\Web'n'walk Manager\Manager.exe" [2012-06-12 1368824]
"SUPERAntiSpyware"="c:\program files\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" [2014-06-04 6564120]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-01 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-02-16 322176]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-24 174720]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-02 2321072]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-18 4086432]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe /start [2011-4-1 548528]
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe -d [2014-1-1 12862]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "c:\programdata\Nuance\PDF Reader\Ereg\Ereg.ini"
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys;c:\windows\SYSNATIVE\Drivers\mvusbews.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ATKWMIACPIIO_;ATKWMIACPI Driver_;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERANTISPYWARE\SASCORE64.EXE;c:\program files\SUPERANTISPYWARE\SASCORE64.EXE [x]
S2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe;c:\windows\SYSNATIVE\FBAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 ameisvc;Web'n'walk Manager mobile equipment installation service;c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe;c:\program files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe;c:\windows\SYSNATIVE\HPSIsvc.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S2 TiMiniService;TiMiniService;c:\program files\Trend Micro\Titanium\TiMiniService.exe;c:\program files\Trend Micro\Titanium\TiMiniService.exe [x]
S2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys;c:\windows\SYSNATIVE\DRIVERS\tmevtmgr.sys [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE;c:\program files (x86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-21 10:55 1104200 ----a-w- c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Obsah adresáře 'Naplánované úlohy'
.
2014-07-22 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 6afbae67-6021-4c28-a2a1-69e5bd222c72.job
- c:\program files\SUPERANTISPYWARE\SASTask.exe [2013-11-07 20:08]
.
2014-07-24 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task b6570520-dc7b-4916-be05-06e09c11e41d.job
- c:\program files\SUPERANTISPYWARE\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-07-18 19:57 634872 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41 220160 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" [2010-10-08 1123664]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2010-10-12 192520]
"Trend Micro Titanium"="c:\program files\Trend Micro\Titanium\VizorShortCut.exe" [2010-09-17 322384]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-11 2226280]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-03-13 617120]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-03-13 379552]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2014-05-14 2774936]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2014-05-14 3681688]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 10.0.0.10
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
AddRemove-{2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_E582EA556D8DE101.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10k.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2014-07-25 00:41:43
ComboFix-quarantined-files.txt 2014-07-24 22:41
.
Před spuštěním: Volných bajtů: 208 968 011 776
Po spuštění: Volných bajtů: 210 531 475 456
.
- - End Of File - - 4102D44AA8F0EF079E3945B9509F1A37
A36C5E4F47E84449FF07ED3517B43A31

[Rudy]

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

KillAll::

Driver::
BBSvc
BBUpdate

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

Reboot::

Uložte na plochu jako CFScript.txt. Psk jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spsutí a vykoná příkazy ze skriptu.

[thebobdestroyer]

Provedl jsem čištění, ale počítač je stále strašně zpomalený. Zasekávání téměř zmizelo, ale když se snažím přehrát online video a do toho třeba procházet složky, či něco dělat s dokumenty se stále zamrzává. Šlo by to pročistit ještě něčim prosím, nebo myslíte, že je chyba v hardwaru? :/

[Rudy]

Zkuste ještě JunkwareRemovalTool:

Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe

Ulozte nejlepe na plochu
Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
Probehne vytvoreni zalohy a nasledne prohledavani
Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Po ukončení akce dejte log RSIT: http://forum.viry.cz/viewtopic.php?f=13&t=130786 .

[thebobdestroyer]

Tady je log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Sifonek on so 26.07.2014 at 11:17:34,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Empty Folder] C:\Users\Sifonek\appdata\local\{C4355B61-FAB5-4998-AA13-600B68EC1549}
Successfully deleted: [Empty Folder] C:\Users\Sifonek\appdata\local\{EA71968D-E0A4-4291-9927-F80D5FDE2973}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 26.07.2014 at 12:26:25,91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






A tady log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sifonek at 2014-07-26 12:37:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 203 GB (66%) free of 308 GB
Total RAM: 3692 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:38:26, on 26.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Sifonek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12140 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {D949A489-7EC3-4185-9C51-4455002AE8C3}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\HPSIsvc.exe
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {BB97EC7E-6319-4C15-A749-0A3385FA3AF1}
taskeng.exe {6F669A4E-ECF1-4FFA-A364-7F5679CB2EBC}
"C:\Windows\AsScrPro.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Trend Micro\Titanium\TiMiniService.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe"
\??\C:\Windows\system32\conhost.exe "738290591-193625796241300329156306150-14907138531177864553-926054078518885598
"C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 4060
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
ATKOSD.exe
"C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesApp64.EXE" /TUStart /pid:4068
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
KBFiltr.exe
WDC.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\explorer.exe
notepad "C:\Users\Sifonek\AppData\Local\Temp\JRT.txt"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="2252.0.1056805362\484953434" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,16 --disable-accelerated-video-decode --gpu-vendor-id=0x1002 --gpu-device-id=0x9802 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.862.0.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --extension-process --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="2252.2.2033225581\1486723758" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="2252.5.948415929\1198208867" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="2252.8.598888553\1182311124" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Most Likely with Kodachrome/EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/StandardR4/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Control/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_15/UMA-Uniformity-Trial-1-Percent/group_24/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_04/UMA-Uniformity-Trial-5-Percent/group_10/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --disable-client-side-phishing-detection --renderer-print-preview --enable-threaded-compositing --enable-delegated-renderer --disable-accelerated-video-decode --channel="2252.9.1257192227\369238885" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Sifonek\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 6afbae67-6021-4c28-a2a1-69e5bd222c72.job - C:\PROGRAM FILES\SUPERANTISPYWARE\SASTask.exe "C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" /TASK:6afbae67-6021-4c28-a2a1-69e5bd222c72
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task b6570520-dc7b-4916-be05-06e09c11e41d.job - C:\PROGRAM FILES\SUPERANTISPYWARE\SASTask.exe "C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" /TASK:b6570520-dc7b-4916-be05-06e09c11e41d

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17 235344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-18 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll [2010-09-17 264528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17 185680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-18 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17 234832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-07-11 2226280]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2014-05-14 2774936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE [2014-06-05 6564120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-08-25 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-11 11905128]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16 322176]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-18 4086432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-07-26 12:37:52 ----D---- C:\rsit
2014-07-26 11:17:27 ----D---- C:\Windows\ERUNT
2014-07-25 22:15:42 ----A---- C:\ComboFix.txt
2014-07-25 22:06:50 ----D---- C:\$RECYCLE.BIN
2014-07-24 23:11:33 ----A---- C:\Windows\zip.exe
2014-07-24 23:11:33 ----A---- C:\Windows\SWSC.exe
2014-07-24 23:11:33 ----A---- C:\Windows\SWREG.exe
2014-07-24 23:11:33 ----A---- C:\Windows\sed.exe
2014-07-24 23:11:33 ----A---- C:\Windows\PEV.exe
2014-07-24 23:11:33 ----A---- C:\Windows\NIRCMD.exe
2014-07-24 23:11:33 ----A---- C:\Windows\MBR.exe
2014-07-24 23:11:33 ----A---- C:\Windows\grep.exe
2014-07-24 23:11:11 ----D---- C:\Qoobox
2014-07-24 23:10:45 ----D---- C:\Windows\erdnt
2014-07-24 18:37:14 ----D---- C:\FRST
2014-07-21 18:37:54 ----A---- C:\Windows\system32\authuitu.dll
2014-07-21 18:37:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-07-21 18:37:36 ----A---- C:\Windows\system32\uxtuneup.dll
2014-07-21 18:37:35 ----A---- C:\Windows\SYSWOW64\uxtuneup.dll
2014-07-21 18:24:47 ----A---- C:\Windows\system32\TURegOpt.exe
2014-07-21 18:23:47 ----D---- C:\Users\Sifonek\AppData\Roaming\TuneUp Software
2014-07-21 18:21:51 ----D---- C:\Program Files (x86)\TuneUp Utilities 2014
2014-07-21 18:18:16 ----D---- C:\ProgramData\TuneUp Software
2014-07-21 18:11:30 ----SHD---- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-21 18:11:30 ----HD---- C:\ProgramData\Common Files
2014-07-19 10:42:12 ----D---- C:\Users\Sifonek\AppData\Roaming\SUPERAntiSpyware.com
2014-07-19 10:41:06 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2014-07-19 10:41:06 ----D---- C:\Program Files\SUPERAntiSpyware
2014-07-19 09:09:07 ----A---- C:\Windows\ntbtlog.txt
2014-07-18 22:51:23 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-07-18 22:36:15 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-07-18 22:36:15 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-07-18 22:36:15 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-07-18 22:36:14 ----D---- C:\ProgramData\Malwarebytes
2014-07-18 22:36:14 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-18 22:08:32 ----D---- C:\Users\Sifonek\AppData\Roaming\AVAST Software
2014-07-18 21:58:26 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-07-18 21:58:25 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-07-18 21:58:25 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-07-18 21:58:24 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-07-18 21:58:23 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-07-18 21:58:22 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-07-18 21:58:22 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-07-18 21:58:21 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-07-18 21:58:16 ----A---- C:\Windows\system32\aswBoot.exe
2014-07-18 21:57:56 ----A---- C:\Windows\avastSS.scr
2014-07-18 21:39:35 ----D---- C:\Program Files\AVAST Software
2014-07-18 21:38:16 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-07-18 21:38:14 ----D---- C:\Users\Sifonek\AppData\Roaming\Spyware Terminator
2014-07-18 21:38:14 ----D---- C:\ProgramData\Spyware Terminator
2014-07-18 21:37:58 ----D---- C:\Program Files (x86)\Spyware Terminator
2014-07-18 21:36:33 ----D---- C:\ProgramData\AVAST Software
2014-07-09 09:14:25 ----A---- C:\Windows\system32\aepdu.dll
2014-07-09 09:14:24 ----A---- C:\Windows\system32\aeinv.dll
2014-07-09 09:14:11 ----A---- C:\Windows\system32\win32k.sys
2014-07-09 09:14:10 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-09 09:14:10 ----A---- C:\Windows\system32\osk.exe
2014-07-09 09:14:09 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-09 09:14:09 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 09:14:08 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 09:14:05 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-09 09:14:05 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-09 09:14:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-09 09:14:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-09 09:14:05 ----A---- C:\Windows\system32\wdigest.dll
2014-07-09 09:14:05 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-09 09:14:05 ----A---- C:\Windows\system32\schannel.dll
2014-07-09 09:14:05 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-09 09:14:05 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-09 09:14:05 ----A---- C:\Windows\system32\kerberos.dll
2014-07-09 09:14:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-09 09:14:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-09 09:14:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-09 09:14:04 ----A---- C:\Windows\system32\credssp.dll
2014-07-09 09:13:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-09 09:13:59 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-09 09:13:59 ----A---- C:\Windows\system32\iernonce.dll
2014-07-09 09:13:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-09 09:13:58 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-09 09:13:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-09 09:13:57 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-09 09:13:57 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-09 09:13:57 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-09 09:13:57 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-09 09:13:57 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 09:13:57 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-09 09:13:57 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-09 09:13:55 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-09 09:13:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-09 09:13:55 ----A---- C:\Windows\system32\urlmon.dll
2014-07-09 09:13:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-09 09:13:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-09 09:13:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-09 09:13:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-09 09:13:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-09 09:13:54 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 09:13:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-09 09:13:54 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-09 09:13:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-09 09:13:53 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-09 09:13:52 ----A---- C:\Windows\system32\iesetup.dll
2014-07-09 09:13:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-09 09:13:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-09 09:13:51 ----A---- C:\Windows\system32\iertutil.dll
2014-07-09 09:13:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-09 09:13:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-09 09:13:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-09 09:13:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-09 09:13:50 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-09 09:13:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-09 09:13:49 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-09 09:13:49 ----A---- C:\Windows\system32\ieui.dll
2014-07-09 09:13:49 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-09 09:13:48 ----A---- C:\Windows\system32\ieframe.dll
2014-07-09 09:13:47 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-09 09:13:47 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-09 09:13:47 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-09 09:13:47 ----A---- C:\Windows\system32\jscript9.dll
2014-07-09 09:13:47 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-09 09:13:46 ----A---- C:\Windows\system32\wininet.dll
2014-07-09 09:13:46 ----A---- C:\Windows\system32\vbscript.dll
2014-07-09 09:13:46 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-09 09:13:45 ----A---- C:\Windows\system32\msrating.dll
2014-07-09 09:13:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-09 09:13:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 09:13:44 ----A---- C:\Windows\system32\mshtml.dll
2014-07-09 09:11:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-09 09:11:55 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-09 09:11:55 ----A---- C:\Windows\system32\lsasrv.dll

======List of files/folders modified in the last 1 month======

2014-07-26 12:38:26 ----D---- C:\Program Files\Trend Micro
2014-07-26 12:34:04 ----D---- C:\Windows\System32
2014-07-26 12:34:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-26 12:34:02 ----D---- C:\Windows\inf
2014-07-26 11:32:20 ----D---- C:\ProgramData
2014-07-26 11:28:24 ----D---- C:\Windows\system32\config
2014-07-26 11:17:27 ----D---- C:\Windows
2014-07-26 11:14:15 ----D---- C:\Windows\Temp
2014-07-26 11:07:35 ----HD---- C:\ASUS.DAT
2014-07-25 22:15:49 ----D---- C:\Windows\system32\drivers
2014-07-25 22:07:15 ----A---- C:\Windows\system.ini
2014-07-25 22:06:42 ----D---- C:\Windows\system32\drivers\etc
2014-07-25 21:04:58 ----D---- C:\Windows\SYSWOW64\drivers
2014-07-25 21:04:58 ----D---- C:\Windows\SysWOW64
2014-07-25 21:04:58 ----D---- C:\Windows\AppPatch
2014-07-25 21:04:46 ----D---- C:\Program Files (x86)\Common Files
2014-07-25 19:48:32 ----D---- C:\Windows\Prefetch
2014-07-25 14:57:07 ----D---- C:\Windows\Minidump
2014-07-25 14:37:40 ----D---- C:\Program Files (x86)\Windows Live
2014-07-25 14:34:07 ----SHD---- C:\Windows\Installer
2014-07-25 14:28:34 ----SHD---- C:\System Volume Information
2014-07-25 13:53:17 ----D---- C:\Windows\system32\wdi
2014-07-25 06:49:31 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-25 06:49:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 02:15:55 ----D---- C:\Windows\rescache
2014-07-24 20:38:47 ----D---- C:\Windows\Tasks
2014-07-24 20:38:43 ----D---- C:\Program Files\Google
2014-07-24 20:38:43 ----D---- C:\Program Files (x86)\Google
2014-07-24 08:02:58 ----D---- C:\Windows\system32\Tasks
2014-07-21 18:54:34 ----A---- C:\Windows\system32\ServiceFilter.ini
2014-07-21 18:21:51 ----RD---- C:\Program Files (x86)
2014-07-21 18:17:16 ----D---- C:\Users\Sifonek\AppData\Roaming\Skype
2014-07-20 19:18:31 ----D---- C:\Windows\system32\catroot2
2014-07-20 19:03:02 ----A---- C:\Windows\system32\AutoRunFilter.ini
2014-07-19 10:41:06 ----RD---- C:\Program Files
2014-07-19 09:30:08 ----D---- C:\Windows\PCHEALTH
2014-07-18 21:58:19 ----D---- C:\Windows\winsxs
2014-07-09 19:09:53 ----D---- C:\Program Files\Windows Journal
2014-07-09 19:09:52 ----SD---- C:\Windows\system32\CompatTel
2014-07-09 19:09:49 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-09 19:09:49 ----D---- C:\Windows\system32\Dism
2014-07-09 19:09:46 ----D---- C:\Windows\ehome
2014-07-09 19:09:44 ----D---- C:\Windows\system32\cs-CZ
2014-07-09 19:09:43 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-09 19:09:43 ----D---- C:\Program Files\Internet Explorer
2014-07-09 19:09:39 ----D---- C:\Windows\system32\en-US
2014-07-09 19:09:37 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-09 19:07:45 ----D---- C:\ProgramData\Microsoft Help
2014-07-09 19:03:52 ----D---- C:\Windows\system32\MRT
2014-07-09 19:00:29 ----A---- C:\Windows\system32\MRT.exe
2014-07-09 09:11:37 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-11-04 75904]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-11-04 38016]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-18 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-18 224896]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2012-08-10 56336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-18 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-18 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-18 427360]
R1 ATKWMIACPIIO_;ATKWMIACPI Driver_; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2010-09-17 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-18 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-18 79184]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-18 92008]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-07-18 51496]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2010-09-17 90704]
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2010-09-17 144464]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-06-08 9360896]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-06-08 309760]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-03-07 2228736]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-31 138024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-07-11 2906600]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-04 436840]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesDriver64.sys [2013-08-21 14112]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 11776]
S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 63704]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2011-01-18 250984]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-10-28 204568]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE [2013-10-11 144152]
R2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-23 171600]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-06-08 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-06-08 365568]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2012-06-12 124856]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-18 50344]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 126520]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2014-05-14 1146304]
R2 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE [2013-12-18 2103096]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
S2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-01 182768]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files (x86)\Microsoft\BingBar

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Pro příště: nehrajte si s ComboFixem, není určen laikům. Lze si jím lehce poškodit systém, nebo aplikace.

[thebobdestroyer]

Díky, nebudu. Combofix se mi aktualizoval a pak vypadal že dělá normální sken, tak jsem ho otevřel tím skriptem ještě jednou..

Tady je další log s RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sifonek at 2014-07-26 23:21:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 203 GB (66%) free of 308 GB
Total RAM: 3692 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:21:28, on 26.7.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\trend micro\Sifonek.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE
O23 - Service: Adobe Active File Monitor V11 (AdobeActiveFileMonitor11.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Web'n'walk Manager mobile equipment installation service (ameisvc) - Gemfor s.r.o. - C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2012 Realtime Shield Service (ST2012_Svc) - Crawler.com - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11108 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Windows\system32\FBAgent.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe"
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
taskeng.exe {E7DD615C-6FD5-48B2-A6C1-F2BE41608ACD}
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE"
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Trend Micro\Titanium\TiMiniService.exe"
"C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE"
"C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe"
\??\C:\Windows\system32\conhost.exe "135964666221318087511950529714-19425100741903582861-1399989405-2004071248-1069786204
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2548
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\AVAST Software\Avast\setup\instup.exe" /instop:update_vps
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\AsScrPro.exe"
"taskhost.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
ATKOSD.exe
taskeng.exe {58C18192-B5DA-405B-8FB6-C71287324E5D}
"C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesApp64.EXE" /TUStart /pid:2360
KBFiltr.exe
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /SF3
"C:\Program Files\ASUS\P4G\BatteryLife.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
taskeng.exe {4DA0763C-49EC-423D-8072-3A8ED6B2B1D5}
WDC.exe
"C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource core
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
"C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Users\Sifonek\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
C:\Windows\system32\SearchIndexer.exe /Embedding

======Scheduled tasks folder======

C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 6afbae67-6021-4c28-a2a1-69e5bd222c72.job - C:\PROGRAM FILES\SUPERANTISPYWARE\SASTask.exe "C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" /TASK:6afbae67-6021-4c28-a2a1-69e5bd222c72
C:\Windows\tasks\SUPERAntiSpyware Scheduled Task b6570520-dc7b-4916-be05-06e09c11e41d.job - C:\PROGRAM FILES\SUPERANTISPYWARE\SASTask.exe "C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE" /TASK:b6570520-dc7b-4916-be05-06e09c11e41d

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg.dll [2010-09-17 235344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-07-18 612248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe64.dll [2010-09-17 264528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CA1377B-DC1D-4A52-9585-6E06050FAC53}]
TmIEPlugInBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll [2010-09-17 185680]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13 60576]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-07-18 457712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC}]
TmBpIeBHO Class - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll [2010-09-17 234832]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2011-07-11 2226280]
"SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2014-05-14 2774936]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"=C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE [2014-06-05 6564120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2011-08-25 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-11 11905128]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16 322176]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-07-18 4086432]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FancyStart daemon.lnk - C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-07-26 23:14:55 ----D---- C:\_OTM
2014-07-26 12:37:52 ----D---- C:\rsit
2014-07-26 11:17:27 ----D---- C:\Windows\ERUNT
2014-07-25 22:15:42 ----A---- C:\ComboFix.txt
2014-07-25 22:06:50 ----D---- C:\$RECYCLE.BIN
2014-07-24 23:11:33 ----A---- C:\Windows\zip.exe
2014-07-24 23:11:33 ----A---- C:\Windows\SWSC.exe
2014-07-24 23:11:33 ----A---- C:\Windows\SWREG.exe
2014-07-24 23:11:33 ----A---- C:\Windows\sed.exe
2014-07-24 23:11:33 ----A---- C:\Windows\PEV.exe
2014-07-24 23:11:33 ----A---- C:\Windows\NIRCMD.exe
2014-07-24 23:11:33 ----A---- C:\Windows\MBR.exe
2014-07-24 23:11:33 ----A---- C:\Windows\grep.exe
2014-07-24 23:11:11 ----D---- C:\Qoobox
2014-07-24 23:10:45 ----D---- C:\Windows\erdnt
2014-07-24 18:37:14 ----D---- C:\FRST
2014-07-21 18:37:54 ----A---- C:\Windows\system32\authuitu.dll
2014-07-21 18:37:53 ----A---- C:\Windows\SYSWOW64\authuitu.dll
2014-07-21 18:37:36 ----A---- C:\Windows\system32\uxtuneup.dll
2014-07-21 18:37:35 ----A---- C:\Windows\SYSWOW64\uxtuneup.dll
2014-07-21 18:24:47 ----A---- C:\Windows\system32\TURegOpt.exe
2014-07-21 18:23:47 ----D---- C:\Users\Sifonek\AppData\Roaming\TuneUp Software
2014-07-21 18:21:51 ----D---- C:\Program Files (x86)\TuneUp Utilities 2014
2014-07-21 18:18:16 ----D---- C:\ProgramData\TuneUp Software
2014-07-21 18:11:30 ----SHD---- C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-07-21 18:11:30 ----HD---- C:\ProgramData\Common Files
2014-07-19 10:42:12 ----D---- C:\Users\Sifonek\AppData\Roaming\SUPERAntiSpyware.com
2014-07-19 10:41:06 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2014-07-19 10:41:06 ----D---- C:\Program Files\SUPERAntiSpyware
2014-07-19 09:09:07 ----A---- C:\Windows\ntbtlog.txt
2014-07-18 22:51:23 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-07-18 22:36:15 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-07-18 22:36:15 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-07-18 22:36:15 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-07-18 22:36:14 ----D---- C:\ProgramData\Malwarebytes
2014-07-18 22:36:14 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-18 22:08:32 ----D---- C:\Users\Sifonek\AppData\Roaming\AVAST Software
2014-07-18 21:58:26 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-07-18 21:58:25 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-07-18 21:58:25 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2014-07-18 21:58:24 ----A---- C:\Windows\system32\drivers\aswsp.sys
2014-07-18 21:58:23 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-07-18 21:58:22 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-07-18 21:58:22 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-07-18 21:58:21 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-07-18 21:58:16 ----A---- C:\Windows\system32\aswBoot.exe
2014-07-18 21:57:56 ----A---- C:\Windows\avastSS.scr
2014-07-18 21:39:35 ----D---- C:\Program Files\AVAST Software
2014-07-18 21:38:16 ----A---- C:\Windows\system32\drivers\stflt.sys
2014-07-18 21:38:14 ----D---- C:\Users\Sifonek\AppData\Roaming\Spyware Terminator
2014-07-18 21:38:14 ----D---- C:\ProgramData\Spyware Terminator
2014-07-18 21:37:58 ----D---- C:\Program Files (x86)\Spyware Terminator
2014-07-18 21:36:33 ----D---- C:\ProgramData\AVAST Software
2014-07-09 09:14:25 ----A---- C:\Windows\system32\aepdu.dll
2014-07-09 09:14:24 ----A---- C:\Windows\system32\aeinv.dll
2014-07-09 09:14:11 ----A---- C:\Windows\system32\win32k.sys
2014-07-09 09:14:10 ----A---- C:\Windows\SYSWOW64\osk.exe
2014-07-09 09:14:10 ----A---- C:\Windows\system32\osk.exe
2014-07-09 09:14:09 ----A---- C:\Windows\SYSWOW64\qedit.dll
2014-07-09 09:14:09 ----A---- C:\Windows\system32\qedit.dll
2014-07-09 09:14:08 ----A---- C:\Windows\system32\drivers\afd.sys
2014-07-09 09:14:05 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-07-09 09:14:05 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-07-09 09:14:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-07-09 09:14:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-07-09 09:14:05 ----A---- C:\Windows\system32\wdigest.dll
2014-07-09 09:14:05 ----A---- C:\Windows\system32\TSpkg.dll
2014-07-09 09:14:05 ----A---- C:\Windows\system32\schannel.dll
2014-07-09 09:14:05 ----A---- C:\Windows\system32\ncrypt.dll
2014-07-09 09:14:05 ----A---- C:\Windows\system32\msv1_0.dll
2014-07-09 09:14:05 ----A---- C:\Windows\system32\kerberos.dll
2014-07-09 09:14:04 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-07-09 09:14:04 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-07-09 09:14:04 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-07-09 09:14:04 ----A---- C:\Windows\system32\credssp.dll
2014-07-09 09:13:59 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-07-09 09:13:59 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-07-09 09:13:59 ----A---- C:\Windows\system32\iernonce.dll
2014-07-09 09:13:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-07-09 09:13:58 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-07-09 09:13:57 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-07-09 09:13:57 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-07-09 09:13:57 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-07-09 09:13:57 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-07-09 09:13:57 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-07-09 09:13:57 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 09:13:57 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-07-09 09:13:57 ----A---- C:\Windows\system32\iedkcs32.dll
2014-07-09 09:13:55 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-07-09 09:13:55 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-07-09 09:13:55 ----A---- C:\Windows\system32\urlmon.dll
2014-07-09 09:13:54 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-07-09 09:13:54 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-07-09 09:13:54 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-07-09 09:13:54 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-07-09 09:13:54 ----A---- C:\Windows\system32\msfeeds.dll
2014-07-09 09:13:54 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 09:13:54 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-07-09 09:13:54 ----A---- C:\Windows\system32\dxtmsft.dll
2014-07-09 09:13:53 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-07-09 09:13:53 ----A---- C:\Windows\system32\ie4uinit.exe
2014-07-09 09:13:52 ----A---- C:\Windows\system32\iesetup.dll
2014-07-09 09:13:51 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-07-09 09:13:51 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-07-09 09:13:51 ----A---- C:\Windows\system32\iertutil.dll
2014-07-09 09:13:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-07-09 09:13:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-07-09 09:13:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-07-09 09:13:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-07-09 09:13:50 ----A---- C:\Windows\system32\jsproxy.dll
2014-07-09 09:13:49 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-07-09 09:13:49 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-07-09 09:13:49 ----A---- C:\Windows\system32\ieui.dll
2014-07-09 09:13:49 ----A---- C:\Windows\system32\dxtrans.dll
2014-07-09 09:13:48 ----A---- C:\Windows\system32\ieframe.dll
2014-07-09 09:13:47 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-07-09 09:13:47 ----A---- C:\Windows\system32\mshtmled.dll
2014-07-09 09:13:47 ----A---- C:\Windows\system32\jscript9diag.dll
2014-07-09 09:13:47 ----A---- C:\Windows\system32\jscript9.dll
2014-07-09 09:13:47 ----A---- C:\Windows\system32\ieUnatt.exe
2014-07-09 09:13:46 ----A---- C:\Windows\system32\wininet.dll
2014-07-09 09:13:46 ----A---- C:\Windows\system32\vbscript.dll
2014-07-09 09:13:46 ----A---- C:\Windows\system32\ieapfltr.dll
2014-07-09 09:13:45 ----A---- C:\Windows\system32\msrating.dll
2014-07-09 09:13:45 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-07-09 09:13:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 09:13:44 ----A---- C:\Windows\system32\mshtml.dll
2014-07-09 09:11:55 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-07-09 09:11:55 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-07-09 09:11:55 ----A---- C:\Windows\system32\lsasrv.dll

======List of files/folders modified in the last 1 month======

2014-07-26 23:21:22 ----D---- C:\Program Files\Trend Micro
2014-07-26 23:20:32 ----D---- C:\Windows\Temp
2014-07-26 23:19:25 ----HD---- C:\ASUS.DAT
2014-07-26 23:18:45 ----D---- C:\Windows\system32\config
2014-07-26 23:13:55 ----D---- C:\Windows\System32
2014-07-26 23:13:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-07-26 23:13:53 ----D---- C:\Windows\inf
2014-07-26 11:32:20 ----D---- C:\ProgramData
2014-07-26 11:17:27 ----D---- C:\Windows
2014-07-25 22:15:49 ----D---- C:\Windows\system32\drivers
2014-07-25 22:07:15 ----A---- C:\Windows\system.ini
2014-07-25 22:06:42 ----D---- C:\Windows\system32\drivers\etc
2014-07-25 21:04:58 ----D---- C:\Windows\SYSWOW64\drivers
2014-07-25 21:04:58 ----D---- C:\Windows\SysWOW64
2014-07-25 21:04:58 ----D---- C:\Windows\AppPatch
2014-07-25 21:04:46 ----D---- C:\Program Files (x86)\Common Files
2014-07-25 19:48:32 ----D---- C:\Windows\Prefetch
2014-07-25 14:57:07 ----D---- C:\Windows\Minidump
2014-07-25 14:37:40 ----D---- C:\Program Files (x86)\Windows Live
2014-07-25 14:34:07 ----SHD---- C:\Windows\Installer
2014-07-25 14:28:34 ----SHD---- C:\System Volume Information
2014-07-25 13:53:17 ----D---- C:\Windows\system32\wdi
2014-07-25 06:49:31 ----D---- C:\Program Files\Microsoft Silverlight
2014-07-25 06:49:30 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 02:15:55 ----D---- C:\Windows\rescache
2014-07-24 20:38:47 ----D---- C:\Windows\Tasks
2014-07-24 20:38:43 ----D---- C:\Program Files\Google
2014-07-24 20:38:43 ----D---- C:\Program Files (x86)\Google
2014-07-24 08:02:58 ----D---- C:\Windows\system32\Tasks
2014-07-21 18:54:34 ----A---- C:\Windows\system32\ServiceFilter.ini
2014-07-21 18:21:51 ----RD---- C:\Program Files (x86)
2014-07-21 18:17:16 ----D---- C:\Users\Sifonek\AppData\Roaming\Skype
2014-07-20 19:18:31 ----D---- C:\Windows\system32\catroot2
2014-07-20 19:03:02 ----A---- C:\Windows\system32\AutoRunFilter.ini
2014-07-19 10:41:06 ----RD---- C:\Program Files
2014-07-19 09:30:08 ----D---- C:\Windows\PCHEALTH
2014-07-18 21:58:19 ----D---- C:\Windows\winsxs
2014-07-09 19:09:53 ----D---- C:\Program Files\Windows Journal
2014-07-09 19:09:52 ----SD---- C:\Windows\system32\CompatTel
2014-07-09 19:09:49 ----D---- C:\Windows\SYSWOW64\Dism
2014-07-09 19:09:49 ----D---- C:\Windows\system32\Dism
2014-07-09 19:09:46 ----D---- C:\Windows\ehome
2014-07-09 19:09:44 ----D---- C:\Windows\system32\cs-CZ
2014-07-09 19:09:43 ----D---- C:\Windows\SYSWOW64\en-US
2014-07-09 19:09:43 ----D---- C:\Program Files\Internet Explorer
2014-07-09 19:09:39 ----D---- C:\Windows\system32\en-US
2014-07-09 19:09:37 ----D---- C:\Program Files (x86)\Internet Explorer
2014-07-09 19:07:45 ----D---- C:\ProgramData\Microsoft Help
2014-07-09 19:03:52 ----D---- C:\Windows\system32\MRT
2014-07-09 19:00:29 ----A---- C:\Windows\system32\MRT.exe
2014-07-09 09:11:37 ----D---- C:\Windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2010-11-04 75904]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2010-11-04 38016]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-07-18 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-07-18 224896]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2012-08-10 56336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-07-18 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-07-18 1041168]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-07-18 427360]
R1 ATKWMIACPIIO_;ATKWMIACPI Driver_; \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2010-09-17 105552]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-02 15416]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-07-18 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-07-18 79184]
R2 sp_rsdrv2;Spyware Terminator Driver Filter; C:\Windows\system32\DRIVERS\stflt.sys [2014-07-18 51496]
R2 tmactmon;tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [2010-09-17 90704]
R2 tmcomm;tmcomm; C:\Windows\system32\DRIVERS\tmcomm.sys [2010-09-17 144464]
R2 tmevtmgr;tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [2010-09-17 67664]
R3 amdiox64;AMD IO Driver; C:\Windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-06-08 9360896]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-06-08 309760]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-03-13 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-03-07 2228736]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-03-13 298656]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\DRIVERS\btath_bus.sys [2011-03-13 28832]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\DRIVERS\btath_hcrp.sys [2011-03-13 201376]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-03-13 55456]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\DRIVERS\btath_rcp.sys [2011-03-13 154272]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-03-13 280224]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2010-12-31 138024]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-07-11 2906600]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-05-12 25816]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-05-12 63704]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-04 436840]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TuneUpUtilitiesDriver64.sys [2013-08-21 14112]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2010-11-29 44672]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-07-18 92008]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-10-28 107288]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20); C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-06-10 57344]
S3 massfilter;Mass Storage Filter Driver; C:\Windows\system32\drivers\massfilter.sys [2010-02-22 11776]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2011-01-18 250984]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2013-10-28 204568]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\PROGRAM FILES\SUPERANTISPYWARE\SASCORE64.EXE [2013-10-11 144152]
R2 AFBAgent;AFBAgent; C:\Windows\system32\FBAgent.exe [2011-01-25 379520]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-06-08 204288]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-06-08 365568]
R2 ameisvc;Web'n'walk Manager mobile equipment installation service; C:\Program Files (x86)\T-Mobile\Web'n'walk Manager\ameisvc.exe [2012-06-12 124856]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [2011-11-21 80512]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-03-13 138400]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-03-13 74912]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [2011-11-21 96896]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-07-18 50344]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2011-05-18 126520]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [2014-05-14 1146304]
R2 TiMiniService;TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2010-09-17 241488]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2014\TUNEUPUTILITIESSERVICE64.EXE [2013-12-18 2103096]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [2012-09-23 171600]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 Amsp;Trend Micro Solution Platform; C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2010-09-17 267480]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-04-01 135664]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-04-01 182768]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-06-19 111616]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-08-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------