Bylo by možné mi zkontrolovat tento log? Při procházení internetu vyskakují v prohlížeči nevyžádané reklamy.
Děkuji.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-01-2015 01
Ran by Kalich (administrator) on TOMÁŠ-PC on 31-01-2015 19:09:23
Running from C:\Users\Kalich\Desktop
Loaded Profiles: UpdatusUser & Kalich (Available profiles: UpdatusUser & Kalich)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(YTDownloader) C:\Program Files\YTDownloader\YTDownloader.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe
() C:\Users\Kalich\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(IObit) C:\Program Files\IObit\Smart Defrag 3\AutoUpdate.exe
(Pay By Ads LTD) C:\Users\Kalich\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
() C:\Windows\inf\mncowkgo\mncowkgo.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\snipsmart\bin\utilsnipsmart.exe
() C:\Program Files\snipsmart\bin\snipsmart.PurBrowse.exe
() C:\Program Files\snipsmart\bin\snipsmart.expext.exe
() C:\Program Files\snipsmart\bin\snipsmart.BrowserAdapter.exe
() C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe
() C:\Program Files\snipsmart\bin\snipsmart.BOASHelper.exe
() C:\Program Files\snipsmart\bin\snipsmart.BOASPRT.exe
() C:\Program Files\snipsmart\bin\snipsmart.BOAS.exe
() C:\Program Files\snipsmart\updatesnipsmart.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\snipsmart\bin\snipsmart.BOASPRT.exe
() C:\Program Files\snipsmart\bin\snipsmart.BOAS.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\snipsmart\bin\snipsmart.BOASPRT.exe
() C:\Program Files\snipsmart\bin\snipsmart.BOAS.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\snipsmart\bin\snipsmart.BOASPRT.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Kalich\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [1596224 2014-04-17] (IObit)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12111576 2015-01-12] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2640408 2014-08-25] ()
HKLM\...\Run: [mncowkgoSrv] => C:\Windows\inf\mncowkgo.vbe [1342 2014-01-19] ()
HKLM\...\Run: [YTDownloader] => C:\Program Files\YTDownloader\YTDownloader.exe [1988968 2014-08-25] (YTDownloader)
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2014-11-09] ()
HKU\S-1-5-21-2701772028-2260806180-3144982785-1004\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\S-1-5-21-2701772028-2260806180-3144982785-1004\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] => "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe" /PROMPT /CMPID=JUNE2013_HP
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Kalich\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2014-11-09] ()
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Kalich\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\...\Run: [Yahoo! Search] => C:\Users\Kalich\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe [644816 2015-01-18] (Pay By Ads LTD)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\Software\Microsoft\Internet Explorer\Main,Start Page = http://rts.dsrlte.com?affID=na
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKLM - (No Name) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKLM -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.as ... =CT2475029
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {0969B2C9-287E-48FD-9428-8545C1C79911} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {13BF153B-E830-4DB8-A3D9-5FE3EA26738E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {600A3630-7BB2-4F49-8594-3C00417E942A} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {8B8BC08A-70E6-4045-B24D-11050FFEB57E} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {A595017E-6DD4-45C5-BF1F-CF47BF89D47E} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {A5A70F00-FC55-4685-94B7-5B6C0EF90892} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {A7D82650-586F-4D59-8B2E-CEE9CFDE2BF6} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {B9B6A460-E1C0-4C57-92ED-4F0F23BDA512} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {BAB5040E-6802-4B65-84BC-FAD66F84AE36} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {EC2E1690-7450-4FE3-A8BB-0FE13914A837} URL = http://rts.dsrlte.com/?affID=na&q={searchTerms}&r=213
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Ge-Force -> {11111111-1111-1111-1111-110611191111} -> C:\Program Files\Ge-Force\Ge-Force-bho.dll (iWebar)
BHO: Sense -> {11111111-1111-1111-1111-110611191115} -> C:\Program Files\Sense\Sense-bho.dll (Object Browser)
BHO: HD-V2.2V09.11 -> {11111111-1111-1111-1111-110611381131} -> C:\Program Files\HD-V2.2V09.11\HD-V2.2V09.11-bho.dll (InfoHD-V2.2V09.11)
BHO: No Name -> {30F9B915-B755-4826-820B-08FBA6BD249D} -> No File
BHO: snipsmart 1.0.0.7 -> {68261aaa-dc9f-4c2b-a168-c323e304c3a2} -> C:\Program Files\snipsmart\snipsmartBHO.dll (snipsmart)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO: No Name -> {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} -> No File
BHO: Shopper Pro -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> C:\ProgramData\ShopperPro\ShopperPro.dll (Goobzo Ltd.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - No Name - {01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - No File
Toolbar: HKLM - No Name - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - No File
Toolbar: HKLM - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} - No File
Toolbar: HKLM - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.9.799\AVG Secure Search_toolbar.dll (AVG Secure Search)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: linkscanner - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @IObit.com/np_Asc_Plugin -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR RestoreOnStartup: Default -> "hxxp://rts.dsrlte.com?affID=pr_0db10bf2-6734-45ea-b6ce-387105b620c6"
CHR StartupUrls: Default -> "hxxp://rts.dsrlte.com?affID=pr_0db10bf2-6734-45ea-b6ce-387105b620c6"
CHR DefaultSearchKeyword: Default -> dsrlte.com
CHR DefaultNewTabURL: Default -> http://rts.dsrlte.com?affID=pr_0db10bf2 ... 7105b620c6
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-11]
CHR Extension: (Sense) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbepggeogbaibhgnhhndojpepiihcmeb [2014-11-12]
CHR Extension: (Ads Removal) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-07-13]
CHR Extension: (FTdownloader) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli [2014-07-11]
CHR Extension: (AVG Security Toolbar) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-07-11]
CHR Extension: (Peněženka Google) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-11]
CHR Extension: (snipsmart) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\peomhbeondbnfnbdghdkbdkimkmbfnco [2014-11-09]
CHR Extension: (GoPhoto.it) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [2014-07-11]
CHR Extension: (HD-V2.2V09.11) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa [2014-11-09]
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - No Path
CHR HKLM\...\Chrome\Extension: [gkjoindjjcmbdpbfppabdgflnkgbbcli] - C:\Program Files\FTDownloader.com\FTDownloader10.crx [2012-11-29]
CHR HKLM\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\tomáš\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-27]
CHR HKLM\...\Chrome\Extension: [ocphobfcfafpclibolpjdafgaffkaoci] - C:\Users\tomáš\AppData\Local\GamePlayLabs Plugin\plugin.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files\Gophoto.it\gophotoit14.crx [2012-07-31]
StartMenuInternet: Google Chrome.W6XA66A3XEITO5S3BKE4B7BPLA - C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1045840 2013-09-02] (Flexera Software LLC.)
S2 globalUpdate; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-11-09] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-11-09] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 MaintainerSvc3.35.6688013; C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe [123632 2015-01-31] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [1813504 2014-12-15] (ShopperPro) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2010-08-28] (Microsoft Corporation) [File not signed]
R2 Update snipsmart; C:\Program Files\snipsmart\updatesnipsmart.exe [677104 2015-01-31] ()
R2 Util snipsmart; C:\Program Files\snipsmart\bin\utilsnipsmart.exe [677104 2015-01-31] ()
R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-11] (AVG Technologies)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [232312 2014-01-30] (Intel Corporation)
R3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-12] (REALiX(tm))
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [457856 2007-06-14] (PixArt Imaging Inc.)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2013-11-19] (IObit.com)
R2 sbmntr; C:\Program Files\YTDownloader\sbmntr.sys [50024 2014-08-25] (YTDownloader)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2013-12-24] (IObit)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [26112 2015-01-29] () [File not signed]
R2 SPDRIVER_1.38.0.1425; C:\Program Files\ShopperPro\JSDriver\1.38.0.1425\jsdrv.sys [41320 2015-01-29] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [443448 2011-09-07] () [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2013-11-19] (IObit.com)
R1 {123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw; C:\Windows\System32\drivers\{123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw.sys [43152 2014-11-08] (StdLib)
R1 {1993b064-46e3-4c7d-8b20-2161564a7685}Gw; C:\Windows\System32\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}Gw.sys [43152 2014-12-09] (StdLib)
R1 {1a1d3262-ea38-4e09-b480-4c4c56f4843c}Gw; C:\Windows\System32\drivers\{1a1d3262-ea38-4e09-b480-4c4c56f4843c}Gw.sys [43152 2014-11-10] (StdLib)
R1 {34f74bed-9d31-4690-9930-3756a4e56d17}Gw; C:\Windows\System32\drivers\{34f74bed-9d31-4690-9930-3756a4e56d17}Gw.sys [43152 2014-11-26] (StdLib)
R1 {4e3e587e-efda-440a-a603-354d622353c0}Gw; C:\Windows\System32\drivers\{4e3e587e-efda-440a-a603-354d622353c0}Gw.sys [43152 2014-11-19] (StdLib)
R1 {4fb14cf7-68ed-4851-b31a-2ffde2f748ba}Gw; C:\Windows\System32\drivers\{4fb14cf7-68ed-4851-b31a-2ffde2f748ba}Gw.sys [43152 2014-11-13] (StdLib)
R1 {632f6d44-7348-49cf-a62d-8be1f536f088}Gw; C:\Windows\System32\drivers\{632f6d44-7348-49cf-a62d-8be1f536f088}Gw.sys [43152 2014-12-22] (StdLib)
R1 {73301b39-32a5-47d5-818f-6c0d72682a5a}Gw; C:\Windows\System32\drivers\{73301b39-32a5-47d5-818f-6c0d72682a5a}Gw.sys [43152 2014-11-28] (StdLib)
R1 {7a3b1fa0-6acc-4a4a-9930-456a27e1b6c1}Gw; C:\Windows\System32\drivers\{7a3b1fa0-6acc-4a4a-9930-456a27e1b6c1}Gw.sys [43152 2014-12-16] (StdLib)
R1 {7db8d663-3d4c-4384-b607-22c1e314b57e}Gw; C:\Windows\System32\drivers\{7db8d663-3d4c-4384-b607-22c1e314b57e}Gw.sys [43152 2014-12-18] (StdLib)
R1 {809da842-a636-4d48-aeda-93730ef23d66}Gw; C:\Windows\System32\drivers\{809da842-a636-4d48-aeda-93730ef23d66}Gw.sys [43152 2014-12-06] (StdLib)
R1 {84349ed9-b96b-46bf-a939-ca539c08cecb}Gw; C:\Windows\System32\drivers\{84349ed9-b96b-46bf-a939-ca539c08cecb}Gw.sys [43152 2014-11-30] (StdLib)
R1 {856173c0-c06a-4c20-82b9-b5cf563da6ff}Gw; C:\Windows\System32\drivers\{856173c0-c06a-4c20-82b9-b5cf563da6ff}Gw.sys [43152 2014-11-25] (StdLib)
R1 {8d843c52-2222-4b17-831f-d586c85aaf69}Gw; C:\Windows\System32\drivers\{8d843c52-2222-4b17-831f-d586c85aaf69}Gw.sys [43152 2014-12-04] (StdLib)
R1 {9402c0c0-fbb9-4bcc-91b2-29cc9bbac146}Gw; C:\Windows\System32\drivers\{9402c0c0-fbb9-4bcc-91b2-29cc9bbac146}Gw.sys [43152 2014-12-12] (StdLib)
R1 {c81bffbe-797e-44f4-91a2-6d27e1157299}Gw; C:\Windows\System32\drivers\{c81bffbe-797e-44f4-91a2-6d27e1157299}Gw.sys [43152 2014-11-29] (StdLib)
R1 {c93509d6-9689-4a5e-b559-c26da9e3343a}Gw; C:\Windows\System32\drivers\{c93509d6-9689-4a5e-b559-c26da9e3343a}Gw.sys [43152 2014-11-16] (StdLib)
R1 {e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw; C:\Windows\System32\drivers\{e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw.sys [43152 2014-11-22] (StdLib)
R1 MpKsl7d1027a3; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4F1F08C2-D409-404E-9931-23123EDEE396}\MpKsl7d1027a3.sys [X]
S3 Synth3dVsc; No ImagePath
S3 tsusbhub; No ImagePath
S3 usbbus; No ImagePath
S3 UsbDiag; No ImagePath
S3 USBModem; No ImagePath
S3 VGPU; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 19:09 - 2015-01-31 19:14 - 00026066 _____ () C:\Users\Kalich\Desktop\FRST.txt
2015-01-31 19:08 - 2015-01-31 19:09 - 00000000 ____D () C:\FRST
2015-01-31 19:08 - 2015-01-31 19:08 - 00112640 _____ (forum.viry.cz) C:\Users\Kalich\Desktop\FRSTLauncher.exe
2015-01-31 19:07 - 2015-01-31 19:08 - 00112640 _____ (forum.viry.cz) C:\Users\Kalich\Downloads\FRSTLauncher.exe
2015-01-31 19:07 - 2015-01-31 19:07 - 00112640 _____ (forum.viry.cz) C:\Users\Kalich\Downloads\Nepotvrzeno 286068.crdownload
2015-01-31 19:05 - 2015-01-31 19:05 - 00112640 _____ (forum.viry.cz) C:\Users\Kalich\Downloads\Nepotvrzeno 201612.crdownload
2015-01-31 19:03 - 2015-01-31 19:03 - 00112640 _____ (forum.viry.cz) C:\Users\Kalich\Downloads\Nepotvrzeno 404902.crdownload
2015-01-31 19:02 - 2015-01-31 19:02 - 01122304 _____ (Farbar) C:\Users\Kalich\Desktop\FRST.exe
2015-01-31 19:01 - 2015-01-31 19:02 - 01122304 _____ (Farbar) C:\Users\Kalich\Downloads\FRST.exe
2015-01-14 15:05 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:05 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:05 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 15:05 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:05 - 2014-12-11 18:47 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:05 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-12 21:10 - 2015-01-12 21:10 - 00002372 _____ () C:\Users\Kalich\Desktop\Google Chrome.lnk
2015-01-12 21:10 - 2015-01-12 21:10 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-12 19:52 - 2015-01-12 19:52 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2015-01-12 19:50 - 2015-01-12 19:50 - 00000000 ____D () C:\Windows\system32\Adobe
2015-01-12 19:49 - 2015-01-12 19:49 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-01-12 19:49 - 2015-01-12 19:48 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-12 19:49 - 2015-01-12 19:48 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-12 19:49 - 2015-01-12 19:48 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-12 19:49 - 2015-01-12 19:48 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2015-01-12 19:42 - 2015-01-12 19:42 - 13789440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 11878656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO30.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-01-12 19:42 - 2015-01-12 19:42 - 04713224 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 03343832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-01-12 19:42 - 2015-01-12 19:42 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 02513264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 02354544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-12 19:42 - 2015-01-12 19:42 - 01145600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO60.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 01053208 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00945456 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00927448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00844192 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00818000 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00386072 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-01-12 19:41 - 2015-01-12 19:42 - 01175888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2015-01-12 19:41 - 2015-01-12 19:41 - 01468608 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32APO.dll
2015-01-12 19:41 - 2015-01-12 19:41 - 00519368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2015-01-12 19:41 - 2015-01-12 19:41 - 00276128 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO.dll
2015-01-12 19:41 - 2015-01-12 19:41 - 00087864 _____ () C:\Windows\system32\audioLibVc.dll
2015-01-12 13:06 - 2015-01-12 13:09 - 00002094 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-01-12 13:06 - 2015-01-12 13:06 - 00023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2015-01-12 13:06 - 2015-01-12 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-01-12 13:02 - 2015-01-12 13:02 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2015-01-11 19:51 - 2015-01-12 00:42 - 00000000 ____D () C:\Users\Kalich\Downloads\Nová karta_files
2015-01-11 19:51 - 2015-01-11 19:51 - 00006330 _____ () C:\Users\Kalich\Downloads\Nová karta.html
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 19:14 - 2014-07-11 19:26 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\Skype
2015-01-31 19:04 - 2014-11-08 23:27 - 00000000 ____D () C:\Program Files\snipsmart
2015-01-31 18:34 - 2014-11-09 11:34 - 00005492 _____ () C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-6.job
2015-01-31 18:33 - 2014-11-08 23:33 - 00005826 _____ () C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-6.job
2015-01-31 18:29 - 2014-11-08 23:29 - 00005820 _____ () C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-6.job
2015-01-31 18:27 - 2012-06-22 06:32 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-31 18:20 - 2010-11-19 22:06 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-31 18:16 - 2013-09-23 18:32 - 01926369 _____ () C:\Windows\WindowsUpdate.log
2015-01-31 18:12 - 2011-10-22 20:40 - 00000982 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001UA.job
2015-01-31 18:04 - 2014-11-09 01:01 - 00000000 ____D () C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65
2015-01-31 18:04 - 2009-07-14 03:04 - 00000863 _____ () C:\Windows\win.ini
2015-01-31 17:38 - 2014-11-08 23:28 - 00000964 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-01-31 17:35 - 2014-11-09 11:35 - 00002420 _____ () C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-5.job
2015-01-31 17:34 - 2014-11-09 11:34 - 00005158 _____ () C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-11.job
2015-01-31 17:34 - 2014-11-09 11:34 - 00005156 _____ () C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-7.job
2015-01-31 17:34 - 2014-11-09 11:34 - 00004468 _____ () C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-4.job
2015-01-31 17:34 - 2014-11-09 11:34 - 00003424 _____ () C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-1.job
2015-01-31 17:34 - 2014-11-08 23:34 - 00002754 _____ () C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-5.job
2015-01-31 17:33 - 2014-11-09 11:33 - 00004132 _____ () C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-3.job
2015-01-31 17:33 - 2014-11-08 23:33 - 00004802 _____ () C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-4.job
2015-01-31 17:33 - 2014-11-08 23:33 - 00003748 _____ () C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-1.job
2015-01-31 17:33 - 2014-11-08 23:28 - 00004116 _____ () C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-3.job
2015-01-31 17:32 - 2014-11-08 23:32 - 00005484 _____ () C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-11.job
2015-01-31 17:32 - 2014-11-08 23:32 - 00005482 _____ () C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-7.job
2015-01-31 17:31 - 2014-11-08 23:31 - 00002748 _____ () C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-5.job
2015-01-31 17:30 - 2014-11-08 23:30 - 00004452 _____ () C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-4.job
2015-01-31 17:30 - 2014-11-08 23:30 - 00003736 _____ () C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-1.job
2015-01-31 17:29 - 2014-11-08 23:29 - 00005476 _____ () C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-7.job
2015-01-31 17:28 - 2014-11-08 23:28 - 00005478 _____ () C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-11.job
2015-01-31 12:12 - 2011-10-22 20:40 - 00000960 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001Core.job
2015-01-31 11:38 - 2014-11-08 23:28 - 00000960 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-01-31 10:06 - 2014-11-09 11:35 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\Seznam.cz
2015-01-31 10:01 - 2013-01-15 12:39 - 00000342 _____ () C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job
2015-01-31 10:01 - 2010-11-19 22:06 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-31 10:01 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-31 10:00 - 2014-11-10 12:10 - 00007159 _____ () C:\Windows\setupact.log
2015-01-30 21:15 - 2014-07-11 18:43 - 00000000 ____D () C:\Users\Kalich\AppData\Local\CrashDumps
2015-01-30 10:07 - 2014-11-25 23:26 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2015-01-30 09:31 - 2014-11-08 23:24 - 00000000 ____D () C:\Program Files\ShopperPro
2015-01-29 21:27 - 2014-03-18 09:42 - 00101888 _____ () C:\Users\Kalich\Desktop\HASIČI- kasa 2013.xls
2015-01-29 21:22 - 2014-03-15 00:07 - 00104448 _____ () C:\Users\Kalich\Desktop\HASIČI- kasa 2014.xls
2015-01-27 18:51 - 2014-11-19 11:28 - 00000000 ____D () C:\Users\Kalich\Desktop\iii
2015-01-25 22:29 - 2009-07-14 05:34 - 00013040 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 22:29 - 2009-07-14 05:34 - 00013040 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 13:27 - 2012-06-22 06:32 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-25 13:27 - 2011-09-12 08:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-25 12:25 - 2014-01-29 12:14 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-15 06:53 - 2010-12-22 19:54 - 00000000 ___RD () C:\Program Files\Skype
2015-01-15 06:53 - 2010-08-26 18:37 - 00000000 ____D () C:\ProgramData\Skype
2015-01-15 02:24 - 2013-08-16 15:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 02:23 - 2010-08-26 17:19 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-12 20:38 - 2010-11-19 22:06 - 00000000 ____D () C:\Program Files\Google
2015-01-12 19:52 - 2010-08-26 17:10 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-12 19:51 - 2014-07-11 18:39 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\Adobe
2015-01-12 19:50 - 2014-08-25 18:17 - 00000000 ____D () C:\Users\Kalich\AppData\Local\Adobe
2015-01-12 19:50 - 2011-05-05 14:35 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-01-12 19:45 - 2014-01-30 11:56 - 00000000 ____D () C:\Windows\system32\RTCOM
2015-01-12 00:44 - 2014-07-11 18:39 - 00000000 ____D () C:\Users\Kalich
2015-01-12 00:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-01-12 00:42 - 2014-11-08 23:24 - 00000000 ____D () C:\ProgramData\ShopperPro
2015-01-12 00:42 - 2014-07-11 18:40 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\ProductData
2015-01-12 00:42 - 2012-12-02 12:33 - 00000000 ____D () C:\Program Files\Common Files\AVG Secure Search
2015-01-12 00:42 - 2010-08-27 12:34 - 00000000 ____D () C:\Users\NeroMediaHomeUser.4
2015-01-12 00:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2015-01-12 00:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2015-01-10 18:47 - 2014-12-01 13:38 - 00000000 ____D () C:\Users\Kalich\Desktop\Nová složka (2)
2015-01-06 20:29 - 2014-11-08 23:28 - 00000000 ____D () C:\Program Files\Sense
2015-01-06 20:28 - 2014-11-09 11:33 - 00000000 ____D () C:\Program Files\HD-V2.2V09.11
2015-01-06 20:27 - 2014-11-08 23:32 - 00000000 ____D () C:\Program Files\Ge-Force
2015-01-04 10:55 - 2010-08-26 17:03 - 01593310 _____ () C:\Windows\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2014-01-09 16:28 - 2014-01-09 16:29 - 0003730 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Kalich\AppData\Roaming\EUMSD
2014-11-09 11:33 - 2014-11-09 11:33 - 2025392 _____ (InfoHD-V2.2V09.11) C:\Users\Kalich\AppData\Roaming\EUMSD.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Kalich\AppData\Roaming\FPDAOV
2014-11-09 11:34 - 2014-11-09 11:34 - 1528752 _____ (InfoHD-V2.2V09.11) C:\Users\Kalich\AppData\Roaming\FPDAOV.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Kalich\AppData\Roaming\LYRACC
2014-11-08 23:28 - 2014-11-08 23:28 - 1957280 _____ (Object Browser) C:\Users\Kalich\AppData\Roaming\LYRACC.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Kalich\AppData\Roaming\VZ
2014-10-23 13:03 - 2014-11-06 12:10 - 0020992 _____ () C:\Users\Kalich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-23 15:47 - 2011-05-23 15:47 - 0000085 ___SH () C:\ProgramData\.zreglib
2010-11-05 13:37 - 2010-11-05 13:37 - 0000650 _____ () C:\ProgramData\02.htm
2014-01-30 11:57 - 2014-01-30 11:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-08-26 18:38 - 2010-08-26 18:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2013-07-31 18:49 - 2013-07-31 18:54 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2010-09-25 23:21 - 2010-09-25 23:21 - 0001502 _____ () C:\ProgramData\__wdump.txt
Some content of TEMP:
====================
C:\Users\Kalich\AppData\Local\Temp\db2.exe
C:\Users\Kalich\AppData\Local\Temp\dufgmr4c.exe
C:\Users\Kalich\AppData\Local\Temp\FlashPlayer__4369_i987899999_il36.exe
C:\Users\Kalich\AppData\Local\Temp\LiveiStream.exe
C:\Users\Kalich\AppData\Local\Temp\ShopperProJSINJFull.exe
C:\Users\Kalich\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kalich\AppData\Local\Temp\soiygu3.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-1.job => C:\Program Files\HD-V2.2V09.11\HD-V2.2V09.11-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-11.job => C:\Program Files\HD-V2.2V09.11\0f891c85-bcd5-4fe4-8baa-a359b3197499-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-3.job => C:\Program Files\HD-V2.2V09.11\0f891c85-bcd5-4fe4-8baa-a359b3197499-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-4.job => C:\Program Files\HD-V2.2V09.11\0f891c85-bcd5-4fe4-8baa-a359b3197499-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-5.job => C:\Program Files\HD-V2.2V09.11\0f891c85-bcd5-4fe4-8baa-a359b3197499-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-5_user.job => C:\Program Files\HD-V2.2V09.11\0f891c85-bcd5-4fe4-8baa-a359b3197499-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-6.job => C:\Program Files\HD-V2.2V09.11\0f891c85-bcd5-4fe4-8baa-a359b3197499-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\0f891c85-bcd5-4fe4-8baa-a359b3197499-7.job => C:\Program Files\HD-V2.2V09.11\0f891c85-bcd5-4fe4-8baa-a359b3197499-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-1.job => C:\Program Files\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-11.job => C:\Program Files\Sense\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-3.job => C:\Program Files\Sense\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-4.job => C:\Program Files\Sense\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-5.job => C:\Program Files\Sense\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-5_user.job => C:\Program Files\Sense\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-6.job => C:\Program Files\Sense\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-7.job => C:\Program Files\Sense\a6de59af-c0eb-4e97-afa7-64fd1878b0f8-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-1.job => C:\Program Files\Ge-Force\Ge-Force-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-11.job => C:\Program Files\Ge-Force\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-4.job => C:\Program Files\Ge-Force\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-5.job => C:\Program Files\Ge-Force\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-5_user.job => C:\Program Files\Ge-Force\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-6.job => C:\Program Files\Ge-Force\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-7.job => C:\Program Files\Ge-Force\ec1d1229-664a-4f67-8ebf-c0f20097eaf5-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\EUMSD.job => C:\Users\Kalich\AppData\Roaming\EUMSD.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001Core.job => C:\Users\tomáa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001UA.job => C:\Users\tomáa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FPDAOV.job => C:\Users\Kalich\AppData\Roaming\FPDAOV.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LYRACC.job => C:\Users\Kalich\AppData\Roaming\LYRACC.exe <==== ATTENTION
Task: C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files\AVG Secure Search\PostInstall\ROC.exe
Task: C:\Windows\Tasks\VZ.job => C:\Users\Kalich\AppData\Roaming\VZ.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Kalich\Desktop" je 176 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7
"C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Users\tom��\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
C:\Windows\system32\msstp.vbe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp
C:\Program Files\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"c:\program files\avg secure search\vprot.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sweetpacks Communicator
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
Re�im ECHO je vypnut.
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
Re�im ECHO je vypnut.
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zavirovaný počítač - vyskakující reklamy v prohlížeči
Moderátor: Moderátoři
Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zavirovaný počítač - vyskakující reklamy v prohlížeči
- Přílohy
-
- Addition.zip
- (9.87 KiB) Staženo 100 x
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač - vyskakující reklamy v prohlížeči
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný počítač - vyskakující reklamy v prohlížeči
# AdwCleaner v4.109 - Report created 31/01/2015 at 19:45:53
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Kalich - TOM��-PC
# Running from : C:\Users\Kalich\Desktop\adwcleaner_4.109.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : sbmntr
Service Deleted : SPBIUpd
Service Deleted : SPBIUpdd
Service Deleted : vToolbarUpdater18.1.9
[#] Service Deleted : Update snipsmart
[#] Service Deleted : Util snipsmart
Service Deleted : {123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw
Service Deleted : {1993b064-46e3-4c7d-8b20-2161564a7685}Gw
Service Deleted : {1a1d3262-ea38-4e09-b480-4c4c56f4843c}Gw
Service Deleted : {34f74bed-9d31-4690-9930-3756a4e56d17}Gw
Service Deleted : {4e3e587e-efda-440a-a603-354d622353c0}Gw
Service Deleted : {4fb14cf7-68ed-4851-b31a-2ffde2f748ba}Gw
Service Deleted : {632f6d44-7348-49cf-a62d-8be1f536f088}Gw
Service Deleted : {73301b39-32a5-47d5-818f-6c0d72682a5a}Gw
Service Deleted : {7a3b1fa0-6acc-4a4a-9930-456a27e1b6c1}Gw
Service Deleted : {7db8d663-3d4c-4384-b607-22c1e314b57e}Gw
Service Deleted : {809da842-a636-4d48-aeda-93730ef23d66}Gw
Service Deleted : {84349ed9-b96b-46bf-a939-ca539c08cecb}Gw
Service Deleted : {856173c0-c06a-4c20-82b9-b5cf563da6ff}Gw
Service Deleted : {8d843c52-2222-4b17-831f-d586c85aaf69}Gw
Service Deleted : {9402c0c0-fbb9-4bcc-91b2-29cc9bbac146}Gw
Service Deleted : {c81bffbe-797e-44f4-91a2-6d27e1157299}Gw
Service Deleted : {c93509d6-9689-4a5e-b559-c26da9e3343a}Gw
Service Deleted : {e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Security Toolbar
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
Folder Deleted : C:\Program Files\Dealio Toolbar
Folder Deleted : C:\Program Files\FilesFrog Update Checker
Folder Deleted : C:\Program Files\FTDownloader.com
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\Gophoto.it
Folder Deleted : C:\Program Files\Sense
Folder Deleted : C:\Program Files\ShopperPro
Folder Deleted : C:\Program Files\TornTV.com
Folder Deleted : C:\Program Files\YTDownloader
[!] Folder Deleted : C:\Program Files\snipsmart
Folder Deleted : C:\Program Files\Ge-Force
Folder Deleted : C:\Program Files\GotClip
Folder Deleted : C:\Program Files\HD-V2.2V09.11
[!] Folder Deleted : C:\Program Files\snipsmart
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\ShopperPro
Folder Deleted : C:\Program Files\Common Files\Spigot
Folder Deleted : C:\Users\Kalich\AppData\Local\Temp\snipsmart
Folder Deleted : C:\Users\Kalich\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Kalich\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Kalich\AppData\Local\pay-by-ads
Folder Deleted : C:\Users\Kalich\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Kalich\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Kalich\AppData\LocalLow\Sense
Folder Deleted : C:\Users\Kalich\AppData\LocalLow\Ge-Force
Folder Deleted : C:\Users\Kalich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen
Folder Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli
Folder Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa
File Deleted : C:\Windows\system32\drivers\{123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw.sys
File Deleted : C:\Windows\system32\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}Gw.sys
File Deleted : C:\Windows\system32\drivers\{1a1d3262-ea38-4e09-b480-4c4c56f4843c}Gw.sys
File Deleted : C:\Windows\system32\drivers\{34f74bed-9d31-4690-9930-3756a4e56d17}Gw.sys
File Deleted : C:\Windows\system32\drivers\{4e3e587e-efda-440a-a603-354d622353c0}Gw.sys
File Deleted : C:\Windows\system32\drivers\{4fb14cf7-68ed-4851-b31a-2ffde2f748ba}Gw.sys
File Deleted : C:\Windows\system32\drivers\{632f6d44-7348-49cf-a62d-8be1f536f088}Gw.sys
File Deleted : C:\Windows\system32\drivers\{73301b39-32a5-47d5-818f-6c0d72682a5a}Gw.sys
File Deleted : C:\Windows\system32\drivers\{7a3b1fa0-6acc-4a4a-9930-456a27e1b6c1}Gw.sys
File Deleted : C:\Windows\system32\drivers\{7db8d663-3d4c-4384-b607-22c1e314b57e}Gw.sys
File Deleted : C:\Windows\system32\drivers\{809da842-a636-4d48-aeda-93730ef23d66}Gw.sys
File Deleted : C:\Windows\system32\drivers\{84349ed9-b96b-46bf-a939-ca539c08cecb}Gw.sys
File Deleted : C:\Windows\system32\drivers\{856173c0-c06a-4c20-82b9-b5cf563da6ff}Gw.sys
File Deleted : C:\Windows\system32\drivers\{8d843c52-2222-4b17-831f-d586c85aaf69}Gw.sys
File Deleted : C:\Windows\system32\drivers\{9402c0c0-fbb9-4bcc-91b2-29cc9bbac146}Gw.sys
File Deleted : C:\Windows\system32\drivers\{c81bffbe-797e-44f4-91a2-6d27e1157299}Gw.sys
File Deleted : C:\Windows\system32\drivers\{c93509d6-9689-4a5e-b559-c26da9e3343a}Gw.sys
File Deleted : C:\Windows\system32\drivers\{e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw.sys
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plimopelmdneikoknbgpopffpbmlhgpa_0.localstorage
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plimopelmdneikoknbgpopffpbmlhgpa_0.localstorage-journal
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plimopelmdneikoknbgpopffpbmlhgpa
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_plimopelmdneikoknbgpopffpbmlhgpa_0
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.williamhill.com_0.localstorage
***** [ Scheduled Tasks ] *****
Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : SPDriver
Task Deleted : Yahoo! Search
Task Deleted : YTDownloader
Task Deleted : Yahoo! Search Updater
Task Deleted : YTDownloaderUpd
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-1
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-11
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-3
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-4
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-5
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-5_user
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-6
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-7
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-1
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-11
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-3
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-4
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-5
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-5_user
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-6
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-7
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-1
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-11
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-4
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-5
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-5_user
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-6
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-7
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetPacks Communicator
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKCU\Software\Classes\keepmysearch
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update snipsmart
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util snipsmart
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{10E9E863-3913-40D0-903D-D46DEB18C982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F9AF7E3-3853-473F-A49B-E470A3A41501}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10E9E863-3913-40D0-903D-D46DEB18C982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DADF82FD-0783-4CA9-98AA-615F657A2A9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611191111}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611191115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611381131}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192211}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192215}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622382231}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F9AF7E3-3853-473F-A49B-E470A3A41501}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DADF82FD-0783-4CA9-98AA-615F657A2A9E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195511}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195515}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655385531}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196611}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196615}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666386631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4086DF47-C0E9-4EA0-A7E4-FDD954B182A1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644194411}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644194415}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644384431}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0c8e7de5-d3f4-4ff0-be7d-2547ff22a3bb}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611381131}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611191111}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611191115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611381131}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611191111}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611191115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611381131}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4f37d9ce-0d37-415f-b45b-85ee1648a49f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{112e5775-89d1-4f8a-9c8f-61c34128509d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3b8e32e8-a1cd-4330-aa23-290729b55ab2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13783ca0-324c-4eb3-83f8-64e88fd8221a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67ea7799-5d2e-45c4-a06e-09bd89894b55}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC2E1690-7450-4FE3-A8BB-0FE13914A837}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\ShopperPro
Key Deleted : HKCU\Software\snipsmart
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKCU\Software\AppDataLow\Software\Ge-Force
Key Deleted : HKCU\Software\AppDataLow\Software\HD-V2.2V09.11
Key Deleted : HKLM\SOFTWARE\Application Updater
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\Dealio
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\MyAshampoo\toolbar
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Search Settings
Key Deleted : HKLM\SOFTWARE\Sense
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\snipsmart
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\Ge-Force
Key Deleted : HKLM\SOFTWARE\HD-V2.2V09.11
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Liveistream
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DA64E459-FBF3-4A9C-A3E8-FD0240C4E611}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sense
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\snipsmart
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HD-V2.2V09.11
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dsrlte.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.avg.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\rts.dsrlte.com
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v
[C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://rts.dsrlte.com?affID=pr_0db10bf2-6734-45ea-b6ce-387105b620c6&q={searchTerms}
*************************
AdwCleaner[R0].txt - [34277 octets] - [31/01/2015 19:42:11]
AdwCleaner[S0].txt - [33789 octets] - [31/01/2015 19:45:53]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [33850 octets] ##########
# Updated 24/01/2015 by Xplode
# Database : 2015-01-26.1 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Kalich - TOM��-PC
# Running from : C:\Users\Kalich\Desktop\adwcleaner_4.109.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
Service Deleted : sbmntr
Service Deleted : SPBIUpd
Service Deleted : SPBIUpdd
Service Deleted : vToolbarUpdater18.1.9
[#] Service Deleted : Update snipsmart
[#] Service Deleted : Util snipsmart
Service Deleted : {123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw
Service Deleted : {1993b064-46e3-4c7d-8b20-2161564a7685}Gw
Service Deleted : {1a1d3262-ea38-4e09-b480-4c4c56f4843c}Gw
Service Deleted : {34f74bed-9d31-4690-9930-3756a4e56d17}Gw
Service Deleted : {4e3e587e-efda-440a-a603-354d622353c0}Gw
Service Deleted : {4fb14cf7-68ed-4851-b31a-2ffde2f748ba}Gw
Service Deleted : {632f6d44-7348-49cf-a62d-8be1f536f088}Gw
Service Deleted : {73301b39-32a5-47d5-818f-6c0d72682a5a}Gw
Service Deleted : {7a3b1fa0-6acc-4a4a-9930-456a27e1b6c1}Gw
Service Deleted : {7db8d663-3d4c-4384-b607-22c1e314b57e}Gw
Service Deleted : {809da842-a636-4d48-aeda-93730ef23d66}Gw
Service Deleted : {84349ed9-b96b-46bf-a939-ca539c08cecb}Gw
Service Deleted : {856173c0-c06a-4c20-82b9-b5cf563da6ff}Gw
Service Deleted : {8d843c52-2222-4b17-831f-d586c85aaf69}Gw
Service Deleted : {9402c0c0-fbb9-4bcc-91b2-29cc9bbac146}Gw
Service Deleted : {c81bffbe-797e-44f4-91a2-6d27e1157299}Gw
Service Deleted : {c93509d6-9689-4a5e-b559-c26da9e3343a}Gw
Service Deleted : {e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\ShopperPro
Folder Deleted : C:\ProgramData\SweetIM
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\AVG Security Toolbar
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
Folder Deleted : C:\Program Files\Dealio Toolbar
Folder Deleted : C:\Program Files\FilesFrog Update Checker
Folder Deleted : C:\Program Files\FTDownloader.com
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Program Files\Gophoto.it
Folder Deleted : C:\Program Files\Sense
Folder Deleted : C:\Program Files\ShopperPro
Folder Deleted : C:\Program Files\TornTV.com
Folder Deleted : C:\Program Files\YTDownloader
[!] Folder Deleted : C:\Program Files\snipsmart
Folder Deleted : C:\Program Files\Ge-Force
Folder Deleted : C:\Program Files\GotClip
Folder Deleted : C:\Program Files\HD-V2.2V09.11
[!] Folder Deleted : C:\Program Files\snipsmart
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\ShopperPro
Folder Deleted : C:\Program Files\Common Files\Spigot
Folder Deleted : C:\Users\Kalich\AppData\Local\Temp\snipsmart
Folder Deleted : C:\Users\Kalich\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Kalich\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Kalich\AppData\Local\pay-by-ads
Folder Deleted : C:\Users\Kalich\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Kalich\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Kalich\AppData\LocalLow\Sense
Folder Deleted : C:\Users\Kalich\AppData\LocalLow\Ge-Force
Folder Deleted : C:\Users\Kalich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
Folder Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen
Folder Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli
Folder Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Folder Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa
File Deleted : C:\Windows\system32\drivers\{123aa796-6961-4ee8-8a16-25bf1adf65a4}Gw.sys
File Deleted : C:\Windows\system32\drivers\{1993b064-46e3-4c7d-8b20-2161564a7685}Gw.sys
File Deleted : C:\Windows\system32\drivers\{1a1d3262-ea38-4e09-b480-4c4c56f4843c}Gw.sys
File Deleted : C:\Windows\system32\drivers\{34f74bed-9d31-4690-9930-3756a4e56d17}Gw.sys
File Deleted : C:\Windows\system32\drivers\{4e3e587e-efda-440a-a603-354d622353c0}Gw.sys
File Deleted : C:\Windows\system32\drivers\{4fb14cf7-68ed-4851-b31a-2ffde2f748ba}Gw.sys
File Deleted : C:\Windows\system32\drivers\{632f6d44-7348-49cf-a62d-8be1f536f088}Gw.sys
File Deleted : C:\Windows\system32\drivers\{73301b39-32a5-47d5-818f-6c0d72682a5a}Gw.sys
File Deleted : C:\Windows\system32\drivers\{7a3b1fa0-6acc-4a4a-9930-456a27e1b6c1}Gw.sys
File Deleted : C:\Windows\system32\drivers\{7db8d663-3d4c-4384-b607-22c1e314b57e}Gw.sys
File Deleted : C:\Windows\system32\drivers\{809da842-a636-4d48-aeda-93730ef23d66}Gw.sys
File Deleted : C:\Windows\system32\drivers\{84349ed9-b96b-46bf-a939-ca539c08cecb}Gw.sys
File Deleted : C:\Windows\system32\drivers\{856173c0-c06a-4c20-82b9-b5cf563da6ff}Gw.sys
File Deleted : C:\Windows\system32\drivers\{8d843c52-2222-4b17-831f-d586c85aaf69}Gw.sys
File Deleted : C:\Windows\system32\drivers\{9402c0c0-fbb9-4bcc-91b2-29cc9bbac146}Gw.sys
File Deleted : C:\Windows\system32\drivers\{c81bffbe-797e-44f4-91a2-6d27e1157299}Gw.sys
File Deleted : C:\Windows\system32\drivers\{c93509d6-9689-4a5e-b559-c26da9e3343a}Gw.sys
File Deleted : C:\Windows\system32\drivers\{e8687d73-4a93-4590-9271-bf6f94b4cd22}Gw.sys
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plimopelmdneikoknbgpopffpbmlhgpa_0.localstorage
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_plimopelmdneikoknbgpopffpbmlhgpa_0.localstorage-journal
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plimopelmdneikoknbgpopffpbmlhgpa
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_plimopelmdneikoknbgpopffpbmlhgpa_0
File Deleted : C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.williamhill.com_0.localstorage
***** [ Scheduled Tasks ] *****
Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : ShopperPro
Task Deleted : ShopperProJSUpd
Task Deleted : SMupdate1
Task Deleted : SPDriver
Task Deleted : Yahoo! Search
Task Deleted : YTDownloader
Task Deleted : Yahoo! Search Updater
Task Deleted : YTDownloaderUpd
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-1
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-11
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-3
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-4
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-5
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-5_user
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-6
Task Deleted : 0f891c85-bcd5-4fe4-8baa-a359b3197499-7
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-1
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-11
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-3
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-4
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-5
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-5_user
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-6
Task Deleted : a6de59af-c0eb-4e97-afa7-64fd1878b0f8-7
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-1
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-11
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-4
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-5
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-5_user
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-6
Task Deleted : ec1d1229-664a-4f67-8ebf-c0f20097eaf5-7
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gkjoindjjcmbdpbfppabdgflnkgbbcli
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ocphobfcfafpclibolpjdafgaffkaoci
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ShopperPro.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Applications\iMeshV11.exe
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\FTDownloader
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Key Deleted : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetPacks Communicator
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKCU\Software\Classes\keepmysearch
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [YTDownloader]
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update snipsmart
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util snipsmart
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{58FDA6AF-67D8-4198-B7CD-94B17532C8D5}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{10E9E863-3913-40D0-903D-D46DEB18C982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F9AF7E3-3853-473F-A49B-E470A3A41501}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10E9E863-3913-40D0-903D-D46DEB18C982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DADF82FD-0783-4CA9-98AA-615F657A2A9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611191111}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611191115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611381131}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192211}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622192215}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622382231}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F9AF7E3-3853-473F-A49B-E470A3A41501}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DADF82FD-0783-4CA9-98AA-615F657A2A9E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195511}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655195515}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655385531}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196611}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666196615}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666386631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4086DF47-C0E9-4EA0-A7E4-FDD954B182A1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644194411}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644194415}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644384431}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0c8e7de5-d3f4-4ff0-be7d-2547ff22a3bb}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191111}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611191115}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611381131}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611191111}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611191115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611381131}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{68261aaa-dc9f-4c2b-a168-c323e304c3a2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611191111}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611191115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110611381131}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4f37d9ce-0d37-415f-b45b-85ee1648a49f}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{112e5775-89d1-4f8a-9c8f-61c34128509d}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3b8e32e8-a1cd-4330-aa23-290729b55ab2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13783ca0-324c-4eb3-83f8-64e88fd8221a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67ea7799-5d2e-45c4-a06e-09bd89894b55}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A1E75A0E-4397-4BA8-BB50-E19FB66890F4}]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EC2E1690-7450-4FE3-A8BB-0FE13914A837}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\InstalledBrowserExtensions
Key Deleted : HKCU\Software\ShopperPro
Key Deleted : HKCU\Software\snipsmart
Key Deleted : HKCU\Software\YTDownloader
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Sense
Key Deleted : HKCU\Software\AppDataLow\Software\Ge-Force
Key Deleted : HKCU\Software\AppDataLow\Software\HD-V2.2V09.11
Key Deleted : HKLM\SOFTWARE\Application Updater
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\Dealio
Key Deleted : HKLM\SOFTWARE\dt soft\daemon tools toolbar
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Deleted : HKLM\SOFTWARE\MyAshampoo\toolbar
Key Deleted : HKLM\SOFTWARE\Myfree Codec
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Search Settings
Key Deleted : HKLM\SOFTWARE\Sense
Key Deleted : HKLM\SOFTWARE\ShopperPro
Key Deleted : HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\snipsmart
Key Deleted : HKLM\SOFTWARE\YTDownloader
Key Deleted : HKLM\SOFTWARE\Ge-Force
Key Deleted : HKLM\SOFTWARE\HD-V2.2V09.11
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Liveistream
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DA64E459-FBF3-4A9C-A3E8-FD0240C4E611}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ea8fa6be-29be-4af2-9352-841f83215eb0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Sense
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ShopperPro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\snipsmart
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ge-Force
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HD-V2.2V09.11
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\dsrlte.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\isearch.avg.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\rts.dsrlte.com
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17496
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Google Chrome v
[C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://rts.dsrlte.com?affID=pr_0db10bf2-6734-45ea-b6ce-387105b620c6&q={searchTerms}
*************************
AdwCleaner[R0].txt - [34277 octets] - [31/01/2015 19:42:11]
AdwCleaner[S0].txt - [33789 octets] - [31/01/2015 19:45:53]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [33850 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač - vyskakující reklamy v prohlížeči
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný počítač - vyskakující reklamy v prohlížeči
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-01-2015 01
Ran by Kalich (administrator) on TOMÁŠ-PC on 31-01-2015 21:20:02
Running from C:\Users\Kalich\Desktop
Loaded Profiles: UpdatusUser & Kalich (Available profiles: UpdatusUser & Kalich)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Users\Kalich\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(IObit) C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\inf\mncowkgo\mncowkgo.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Kalich\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [1596224 2014-04-17] (IObit)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12111576 2015-01-12] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [mncowkgoSrv] => C:\Windows\inf\mncowkgo.vbe [1342 2014-01-19] ()
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2014-11-09] ()
HKU\S-1-5-21-2701772028-2260806180-3144982785-1004\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\S-1-5-21-2701772028-2260806180-3144982785-1004\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] => "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe" /PROMPT /CMPID=JUNE2013_HP
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Kalich\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2014-11-09] ()
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Kalich\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\...\Run: [Yahoo! Search] => C:\Users\Kalich\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {0969B2C9-287E-48FD-9428-8545C1C79911} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {13BF153B-E830-4DB8-A3D9-5FE3EA26738E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {600A3630-7BB2-4F49-8594-3C00417E942A} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {8B8BC08A-70E6-4045-B24D-11050FFEB57E} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {A595017E-6DD4-45C5-BF1F-CF47BF89D47E} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {A5A70F00-FC55-4685-94B7-5B6C0EF90892} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {A7D82650-586F-4D59-8B2E-CEE9CFDE2BF6} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {B9B6A460-E1C0-4C57-92ED-4F0F23BDA512} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {BAB5040E-6802-4B65-84BC-FAD66F84AE36} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: linkscanner - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @IObit.com/np_Asc_Plugin -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR RestoreOnStartup: Default -> "hxxp://rts.dsrlte.com?affID=pr_0db10bf2-6734-45ea-b6ce-387105b620c6"
CHR StartupUrls: Default -> "hxxp://rts.dsrlte.com?affID=pr_0db10bf2-6734-45ea-b6ce-387105b620c6"
CHR DefaultSearchKeyword: Default -> dsrlte.com
CHR DefaultNewTabURL: Default -> http://rts.dsrlte.com?affID=pr_0db10bf2 ... 7105b620c6
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-11]
CHR Extension: (Sense) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbepggeogbaibhgnhhndojpepiihcmeb [2014-11-12]
CHR Extension: (Peněženka Google) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-11]
CHR Extension: (snipsmart) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\peomhbeondbnfnbdghdkbdkimkmbfnco [2014-11-09]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
StartMenuInternet: Google Chrome.W6XA66A3XEITO5S3BKE4B7BPLA - C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1045840 2013-09-02] (Flexera Software LLC.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 MaintainerSvc3.35.6688013; C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe [123632 2015-01-31] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2010-08-28] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-11] (AVG Technologies)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [232312 2014-01-30] (Intel Corporation)
R3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-12] (REALiX(tm))
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [457856 2007-06-14] (PixArt Imaging Inc.)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2013-11-19] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2013-12-24] (IObit)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [443448 2011-09-07] () [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2013-11-19] (IObit.com)
S2 SPDRIVER_1.38.0.1425; \??\C:\Program Files\ShopperPro\JSDriver\1.38.0.1425\jsdrv.sys [X]
S3 Synth3dVsc; No ImagePath
S3 tsusbhub; No ImagePath
S3 usbbus; No ImagePath
S3 UsbDiag; No ImagePath
S3 USBModem; No ImagePath
S3 VGPU; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 21:11 - 2015-01-31 21:11 - 00000000 ____D () C:\Users\Kalich\AppData\Local\TeamViewer
2015-01-31 21:08 - 2015-01-31 21:10 - 00000000 ____D () C:\Program Files\TeamViewer
2015-01-31 21:08 - 2015-01-31 21:08 - 00001005 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-31 21:08 - 2015-01-31 21:08 - 00000993 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-01-31 21:08 - 2015-01-31 21:08 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\TeamViewer
2015-01-31 21:07 - 2015-01-31 21:07 - 07825216 _____ (TeamViewer GmbH) C:\Users\Kalich\Downloads\TeamViewer_Setup_cs.exe
2015-01-31 19:41 - 2015-01-31 19:48 - 00000000 ____D () C:\AdwCleaner
2015-01-31 19:41 - 2015-01-31 19:40 - 02194432 _____ () C:\Users\Kalich\Desktop\adwcleaner_4.109.exe
2015-01-31 19:40 - 2015-01-31 19:40 - 02194432 _____ () C:\Users\Kalich\Downloads\adwcleaner_4.109.exe
2015-01-31 19:22 - 2015-01-31 19:22 - 00010108 _____ () C:\Users\Kalich\Desktop\Addition.zip
2015-01-31 19:09 - 2015-01-31 21:21 - 00016561 _____ () C:\Users\Kalich\Desktop\FRST.txt
2015-01-31 19:08 - 2015-01-31 21:20 - 00000000 ____D () C:\FRST
2015-01-31 19:08 - 2015-01-31 19:08 - 00112640 _____ (forum.viry.cz) C:\Users\Kalich\Desktop\FRSTLauncher.exe
2015-01-31 19:07 - 2015-01-31 19:08 - 00112640 _____ (forum.viry.cz) C:\Users\Kalich\Downloads\FRSTLauncher.exe
2015-01-31 19:02 - 2015-01-31 19:02 - 01122304 _____ (Farbar) C:\Users\Kalich\Desktop\FRST.exe
2015-01-31 19:01 - 2015-01-31 19:02 - 01122304 _____ (Farbar) C:\Users\Kalich\Downloads\FRST.exe
2015-01-14 15:05 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:05 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:05 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 15:05 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:05 - 2014-12-11 18:47 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:05 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-12 21:10 - 2015-01-12 21:10 - 00002372 _____ () C:\Users\Kalich\Desktop\Google Chrome.lnk
2015-01-12 21:10 - 2015-01-12 21:10 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-12 19:52 - 2015-01-12 19:52 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2015-01-12 19:50 - 2015-01-12 19:50 - 00000000 ____D () C:\Windows\system32\Adobe
2015-01-12 19:49 - 2015-01-12 19:49 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-01-12 19:49 - 2015-01-12 19:48 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-12 19:49 - 2015-01-12 19:48 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-12 19:49 - 2015-01-12 19:48 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-12 19:49 - 2015-01-12 19:48 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2015-01-12 19:42 - 2015-01-12 19:42 - 13789440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 11878656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO30.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-01-12 19:42 - 2015-01-12 19:42 - 04713224 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 03343832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-01-12 19:42 - 2015-01-12 19:42 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 02513264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 02354544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-12 19:42 - 2015-01-12 19:42 - 01145600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO60.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 01053208 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00945456 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00927448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00844192 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00818000 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00386072 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-01-12 19:41 - 2015-01-12 19:42 - 01175888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2015-01-12 19:41 - 2015-01-12 19:41 - 01468608 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32APO.dll
2015-01-12 19:41 - 2015-01-12 19:41 - 00519368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2015-01-12 19:41 - 2015-01-12 19:41 - 00276128 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO.dll
2015-01-12 19:41 - 2015-01-12 19:41 - 00087864 _____ () C:\Windows\system32\audioLibVc.dll
2015-01-12 13:06 - 2015-01-12 13:09 - 00002094 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-01-12 13:06 - 2015-01-12 13:06 - 00023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2015-01-12 13:06 - 2015-01-12 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-01-12 13:02 - 2015-01-12 13:02 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2015-01-11 19:51 - 2015-01-12 00:42 - 00000000 ____D () C:\Users\Kalich\Downloads\Nová karta_files
2015-01-11 19:51 - 2015-01-11 19:51 - 00006330 _____ () C:\Users\Kalich\Downloads\Nová karta.html
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 21:20 - 2010-11-19 22:06 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-31 21:17 - 2014-07-11 19:26 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\Skype
2015-01-31 21:12 - 2011-10-22 20:40 - 00000982 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001UA.job
2015-01-31 20:51 - 2013-09-23 18:32 - 01959111 _____ () C:\Windows\WindowsUpdate.log
2015-01-31 20:27 - 2012-06-22 06:32 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-31 19:55 - 2014-11-09 11:35 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\Seznam.cz
2015-01-31 19:50 - 2013-01-15 12:39 - 00000342 _____ () C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job
2015-01-31 19:50 - 2010-11-19 22:06 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-31 19:50 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-31 19:49 - 2014-11-10 12:10 - 00007215 _____ () C:\Windows\setupact.log
2015-01-31 19:49 - 2014-11-10 12:10 - 00005138 _____ () C:\Windows\PFRO.log
2015-01-31 19:48 - 2009-07-14 03:04 - 00000863 _____ () C:\Windows\win.ini
2015-01-31 19:47 - 2014-11-08 23:27 - 00000000 ____D () C:\Program Files\snipsmart
2015-01-31 19:47 - 2010-08-27 22:28 - 00000000 ____D () C:\ProgramData\ICQ
2015-01-31 18:04 - 2014-11-09 01:01 - 00000000 ____D () C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65
2015-01-31 12:12 - 2011-10-22 20:40 - 00000960 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001Core.job
2015-01-30 21:15 - 2014-07-11 18:43 - 00000000 ____D () C:\Users\Kalich\AppData\Local\CrashDumps
2015-01-29 21:27 - 2014-03-18 09:42 - 00101888 _____ () C:\Users\Kalich\Desktop\HASIČI- kasa 2013.xls
2015-01-29 21:22 - 2014-03-15 00:07 - 00104448 _____ () C:\Users\Kalich\Desktop\HASIČI- kasa 2014.xls
2015-01-27 18:51 - 2014-11-19 11:28 - 00000000 ____D () C:\Users\Kalich\Desktop\iii
2015-01-25 22:29 - 2009-07-14 05:34 - 00013040 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 22:29 - 2009-07-14 05:34 - 00013040 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 13:27 - 2012-06-22 06:32 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-25 13:27 - 2011-09-12 08:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-25 12:25 - 2014-01-29 12:14 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-15 06:53 - 2010-12-22 19:54 - 00000000 ___RD () C:\Program Files\Skype
2015-01-15 06:53 - 2010-08-26 18:37 - 00000000 ____D () C:\ProgramData\Skype
2015-01-15 02:24 - 2013-08-16 15:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 02:23 - 2010-08-26 17:19 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-12 20:38 - 2010-11-19 22:06 - 00000000 ____D () C:\Program Files\Google
2015-01-12 19:52 - 2010-08-26 17:10 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-12 19:51 - 2014-07-11 18:39 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\Adobe
2015-01-12 19:50 - 2014-08-25 18:17 - 00000000 ____D () C:\Users\Kalich\AppData\Local\Adobe
2015-01-12 19:50 - 2011-05-05 14:35 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-01-12 19:45 - 2014-01-30 11:56 - 00000000 ____D () C:\Windows\system32\RTCOM
2015-01-12 00:44 - 2014-07-11 18:39 - 00000000 ____D () C:\Users\Kalich
2015-01-12 00:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-01-12 00:42 - 2014-07-11 18:40 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\ProductData
2015-01-12 00:42 - 2010-08-27 12:34 - 00000000 ____D () C:\Users\NeroMediaHomeUser.4
2015-01-12 00:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2015-01-12 00:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2015-01-10 18:47 - 2014-12-01 13:38 - 00000000 ____D () C:\Users\Kalich\Desktop\Nová složka (2)
2015-01-04 10:55 - 2010-08-26 17:03 - 01593310 _____ () C:\Windows\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2014-01-09 16:28 - 2014-01-09 16:29 - 0003730 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Kalich\AppData\Roaming\EUMSD
2014-11-09 11:33 - 2014-11-09 11:33 - 2025392 _____ (InfoHD-V2.2V09.11) C:\Users\Kalich\AppData\Roaming\EUMSD.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Kalich\AppData\Roaming\FPDAOV
2014-11-09 11:34 - 2014-11-09 11:34 - 1528752 _____ (InfoHD-V2.2V09.11) C:\Users\Kalich\AppData\Roaming\FPDAOV.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Kalich\AppData\Roaming\LYRACC
2014-11-08 23:28 - 2014-11-08 23:28 - 1957280 _____ (Object Browser) C:\Users\Kalich\AppData\Roaming\LYRACC.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Kalich\AppData\Roaming\VZ
2014-10-23 13:03 - 2014-11-06 12:10 - 0020992 _____ () C:\Users\Kalich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-23 15:47 - 2011-05-23 15:47 - 0000085 ___SH () C:\ProgramData\.zreglib
2010-11-05 13:37 - 2010-11-05 13:37 - 0000650 _____ () C:\ProgramData\02.htm
2014-01-30 11:57 - 2014-01-30 11:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-08-26 18:38 - 2010-08-26 18:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2013-07-31 18:49 - 2013-07-31 18:54 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2010-09-25 23:21 - 2010-09-25 23:21 - 0001502 _____ () C:\ProgramData\__wdump.txt
Some content of TEMP:
====================
C:\Users\Kalich\AppData\Local\Temp\db2.exe
C:\Users\Kalich\AppData\Local\Temp\dufgmr4c.exe
C:\Users\Kalich\AppData\Local\Temp\FlashPlayer__4369_i987899999_il36.exe
C:\Users\Kalich\AppData\Local\Temp\LiveiStream.exe
C:\Users\Kalich\AppData\Local\Temp\Quarantine.exe
C:\Users\Kalich\AppData\Local\Temp\ShopperProJSINJFull.exe
C:\Users\Kalich\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kalich\AppData\Local\Temp\soiygu3.exe
C:\Users\Kalich\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EUMSD.job => C:\Users\Kalich\AppData\Roaming\EUMSD.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001Core.job => C:\Users\tomáa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001UA.job => C:\Users\tomáa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FPDAOV.job => C:\Users\Kalich\AppData\Roaming\FPDAOV.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LYRACC.job => C:\Users\Kalich\AppData\Roaming\LYRACC.exe <==== ATTENTION
Task: C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files\AVG Secure Search\PostInstall\ROC.exe
Task: C:\Windows\Tasks\VZ.job => C:\Users\Kalich\AppData\Roaming\VZ.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Kalich\Desktop" je 178 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7
"C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Users\tom��\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
C:\Windows\system32\msstp.vbe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp
C:\Program Files\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"c:\program files\avg secure search\vprot.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
Re�im ECHO je vypnut.
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Ran by Kalich (administrator) on TOMÁŠ-PC on 31-01-2015 21:20:02
Running from C:\Users\Kalich\Desktop
Loaded Profiles: UpdatusUser & Kalich (Available profiles: UpdatusUser & Kalich)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
() C:\Users\Kalich\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(IObit) C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\inf\mncowkgo\mncowkgo.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Kalich\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [1596224 2014-04-17] (IObit)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12111576 2015-01-12] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [mncowkgoSrv] => C:\Windows\inf\mncowkgo.vbe [1342 2014-01-19] ()
HKLM\...\Run: [seznam-listicka-distribuce] => C:\Program Files\Seznam.cz\distribution\szninstall.exe [1062472 2014-11-09] ()
HKU\S-1-5-21-2701772028-2260806180-3144982785-1004\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\S-1-5-21-2701772028-2260806180-3144982785-1004\...\Run: [AVG-Secure-Search-Update_JUNE2013_HP] => "C:\Program Files\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_HP.exe" /PROMPT /CMPID=JUNE2013_HP
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Kalich\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2014-11-09] ()
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Kalich\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2701772028-2260806180-3144982785-1005\...\Run: [Yahoo! Search] => C:\Users\Kalich\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {0969B2C9-287E-48FD-9428-8545C1C79911} URL = http://www.mapy.cz/?query={searchTerms} ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {13BF153B-E830-4DB8-A3D9-5FE3EA26738E} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {600A3630-7BB2-4F49-8594-3C00417E942A} URL = http://search.seznam.cz/?q={searchTerms ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {8B8BC08A-70E6-4045-B24D-11050FFEB57E} URL = http://encyklopedie.seznam.cz/search?q= ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {A595017E-6DD4-45C5-BF1F-CF47BF89D47E} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {A5A70F00-FC55-4685-94B7-5B6C0EF90892} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {A7D82650-586F-4D59-8B2E-CEE9CFDE2BF6} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {B9B6A460-E1C0-4C57-92ED-4F0F23BDA512} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_16194
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1005 -> {BAB5040E-6802-4B65-84BC-FAD66F84AE36} URL = http://www.novinky.cz/hledej?w={searchT ... arch_16194
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: linkscanner - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @IObit.com/np_Asc_Plugin -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\np_Asc_plugin.dll (IObit)
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR RestoreOnStartup: Default -> "hxxp://rts.dsrlte.com?affID=pr_0db10bf2-6734-45ea-b6ce-387105b620c6"
CHR StartupUrls: Default -> "hxxp://rts.dsrlte.com?affID=pr_0db10bf2-6734-45ea-b6ce-387105b620c6"
CHR DefaultSearchKeyword: Default -> dsrlte.com
CHR DefaultNewTabURL: Default -> http://rts.dsrlte.com?affID=pr_0db10bf2 ... 7105b620c6
CHR DefaultSuggestURL: Default ->
CHR Profile: C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dokumenty Google) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-11]
CHR Extension: (Sense) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbepggeogbaibhgnhhndojpepiihcmeb [2014-11-12]
CHR Extension: (Peněženka Google) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-11]
CHR Extension: (snipsmart) - C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Extensions\peomhbeondbnfnbdghdkbdkimkmbfnco [2014-11-09]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
StartMenuInternet: Google Chrome.W6XA66A3XEITO5S3BKE4B7BPLA - C:\Users\Kalich\AppData\Local\Google\Chrome\Application\chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1045840 2013-09-02] (Flexera Software LLC.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 MaintainerSvc3.35.6688013; C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe [123632 2015-01-31] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2010-08-28] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-11] (AVG Technologies)
R3 e1express; C:\Windows\System32\DRIVERS\e1e6232.sys [232312 2014-01-30] (Intel Corporation)
R3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [21480 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2015-01-12] (REALiX(tm))
S3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [457856 2007-06-14] (PixArt Imaging Inc.)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2013-11-19] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2013-12-24] (IObit)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [443448 2011-09-07] () [File not signed]
R1 StarOpen; C:\Windows\system32\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [20944 2013-11-19] (IObit.com)
S2 SPDRIVER_1.38.0.1425; \??\C:\Program Files\ShopperPro\JSDriver\1.38.0.1425\jsdrv.sys [X]
S3 Synth3dVsc; No ImagePath
S3 tsusbhub; No ImagePath
S3 usbbus; No ImagePath
S3 UsbDiag; No ImagePath
S3 USBModem; No ImagePath
S3 VGPU; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 21:11 - 2015-01-31 21:11 - 00000000 ____D () C:\Users\Kalich\AppData\Local\TeamViewer
2015-01-31 21:08 - 2015-01-31 21:10 - 00000000 ____D () C:\Program Files\TeamViewer
2015-01-31 21:08 - 2015-01-31 21:08 - 00001005 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-01-31 21:08 - 2015-01-31 21:08 - 00000993 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-01-31 21:08 - 2015-01-31 21:08 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\TeamViewer
2015-01-31 21:07 - 2015-01-31 21:07 - 07825216 _____ (TeamViewer GmbH) C:\Users\Kalich\Downloads\TeamViewer_Setup_cs.exe
2015-01-31 19:41 - 2015-01-31 19:48 - 00000000 ____D () C:\AdwCleaner
2015-01-31 19:41 - 2015-01-31 19:40 - 02194432 _____ () C:\Users\Kalich\Desktop\adwcleaner_4.109.exe
2015-01-31 19:40 - 2015-01-31 19:40 - 02194432 _____ () C:\Users\Kalich\Downloads\adwcleaner_4.109.exe
2015-01-31 19:22 - 2015-01-31 19:22 - 00010108 _____ () C:\Users\Kalich\Desktop\Addition.zip
2015-01-31 19:09 - 2015-01-31 21:21 - 00016561 _____ () C:\Users\Kalich\Desktop\FRST.txt
2015-01-31 19:08 - 2015-01-31 21:20 - 00000000 ____D () C:\FRST
2015-01-31 19:08 - 2015-01-31 19:08 - 00112640 _____ (forum.viry.cz) C:\Users\Kalich\Desktop\FRSTLauncher.exe
2015-01-31 19:07 - 2015-01-31 19:08 - 00112640 _____ (forum.viry.cz) C:\Users\Kalich\Downloads\FRSTLauncher.exe
2015-01-31 19:02 - 2015-01-31 19:02 - 01122304 _____ (Farbar) C:\Users\Kalich\Desktop\FRST.exe
2015-01-31 19:01 - 2015-01-31 19:02 - 01122304 _____ (Farbar) C:\Users\Kalich\Downloads\FRST.exe
2015-01-14 15:05 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-14 15:05 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-14 15:05 - 2014-12-12 06:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-14 15:05 - 2014-12-12 06:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-14 15:05 - 2014-12-11 18:47 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-14 15:05 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-12 21:10 - 2015-01-12 21:10 - 00002372 _____ () C:\Users\Kalich\Desktop\Google Chrome.lnk
2015-01-12 21:10 - 2015-01-12 21:10 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-01-12 19:52 - 2015-01-12 19:52 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2015-01-12 19:50 - 2015-01-12 19:50 - 00000000 ____D () C:\Windows\system32\Adobe
2015-01-12 19:49 - 2015-01-12 19:49 - 00000000 ____D () C:\Program Files\Common Files\Java
2015-01-12 19:49 - 2015-01-12 19:48 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-01-12 19:49 - 2015-01-12 19:48 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-01-12 19:49 - 2015-01-12 19:48 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-01-12 19:49 - 2015-01-12 19:48 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 71040000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes.dat
2015-01-12 19:42 - 2015-01-12 19:42 - 13789440 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 11878656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO30.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2015-01-12 19:42 - 2015-01-12 19:42 - 04713224 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 03343832 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2015-01-12 19:42 - 2015-01-12 19:42 - 02588888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 02513264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 02354544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-12 19:42 - 2015-01-12 19:42 - 01145600 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO60.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 01053208 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00945456 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00927448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00844192 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo2.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00818000 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO20.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00790272 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00386072 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO.dll
2015-01-12 19:42 - 2015-01-12 19:42 - 00326680 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-01-12 19:41 - 2015-01-12 19:42 - 01175888 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO50.dll
2015-01-12 19:41 - 2015-01-12 19:41 - 01468608 _____ (Conexant Systems Inc.) C:\Windows\system32\CX32APO.dll
2015-01-12 19:41 - 2015-01-12 19:41 - 00519368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2015-01-12 19:41 - 2015-01-12 19:41 - 00276128 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO.dll
2015-01-12 19:41 - 2015-01-12 19:41 - 00087864 _____ () C:\Windows\system32\audioLibVc.dll
2015-01-12 13:06 - 2015-01-12 13:09 - 00002094 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-01-12 13:06 - 2015-01-12 13:06 - 00023840 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO32.SYS
2015-01-12 13:06 - 2015-01-12 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-01-12 13:02 - 2015-01-12 13:02 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2015-01-11 19:51 - 2015-01-12 00:42 - 00000000 ____D () C:\Users\Kalich\Downloads\Nová karta_files
2015-01-11 19:51 - 2015-01-11 19:51 - 00006330 _____ () C:\Users\Kalich\Downloads\Nová karta.html
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-31 21:20 - 2010-11-19 22:06 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-31 21:17 - 2014-07-11 19:26 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\Skype
2015-01-31 21:12 - 2011-10-22 20:40 - 00000982 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001UA.job
2015-01-31 20:51 - 2013-09-23 18:32 - 01959111 _____ () C:\Windows\WindowsUpdate.log
2015-01-31 20:27 - 2012-06-22 06:32 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-31 19:55 - 2014-11-09 11:35 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\Seznam.cz
2015-01-31 19:50 - 2013-01-15 12:39 - 00000342 _____ () C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job
2015-01-31 19:50 - 2010-11-19 22:06 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-31 19:50 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-31 19:49 - 2014-11-10 12:10 - 00007215 _____ () C:\Windows\setupact.log
2015-01-31 19:49 - 2014-11-10 12:10 - 00005138 _____ () C:\Windows\PFRO.log
2015-01-31 19:48 - 2009-07-14 03:04 - 00000863 _____ () C:\Windows\win.ini
2015-01-31 19:47 - 2014-11-08 23:27 - 00000000 ____D () C:\Program Files\snipsmart
2015-01-31 19:47 - 2010-08-27 22:28 - 00000000 ____D () C:\ProgramData\ICQ
2015-01-31 18:04 - 2014-11-09 01:01 - 00000000 ____D () C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65
2015-01-31 12:12 - 2011-10-22 20:40 - 00000960 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001Core.job
2015-01-30 21:15 - 2014-07-11 18:43 - 00000000 ____D () C:\Users\Kalich\AppData\Local\CrashDumps
2015-01-29 21:27 - 2014-03-18 09:42 - 00101888 _____ () C:\Users\Kalich\Desktop\HASIČI- kasa 2013.xls
2015-01-29 21:22 - 2014-03-15 00:07 - 00104448 _____ () C:\Users\Kalich\Desktop\HASIČI- kasa 2014.xls
2015-01-27 18:51 - 2014-11-19 11:28 - 00000000 ____D () C:\Users\Kalich\Desktop\iii
2015-01-25 22:29 - 2009-07-14 05:34 - 00013040 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-25 22:29 - 2009-07-14 05:34 - 00013040 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-25 13:27 - 2012-06-22 06:32 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-25 13:27 - 2011-09-12 08:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-25 12:25 - 2014-01-29 12:14 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-15 06:53 - 2010-12-22 19:54 - 00000000 ___RD () C:\Program Files\Skype
2015-01-15 06:53 - 2010-08-26 18:37 - 00000000 ____D () C:\ProgramData\Skype
2015-01-15 02:24 - 2013-08-16 15:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-15 02:23 - 2010-08-26 17:19 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-12 20:38 - 2010-11-19 22:06 - 00000000 ____D () C:\Program Files\Google
2015-01-12 19:52 - 2010-08-26 17:10 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-12 19:51 - 2014-07-11 18:39 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\Adobe
2015-01-12 19:50 - 2014-08-25 18:17 - 00000000 ____D () C:\Users\Kalich\AppData\Local\Adobe
2015-01-12 19:50 - 2011-05-05 14:35 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2015-01-12 19:45 - 2014-01-30 11:56 - 00000000 ____D () C:\Windows\system32\RTCOM
2015-01-12 00:44 - 2014-07-11 18:39 - 00000000 ____D () C:\Users\Kalich
2015-01-12 00:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-01-12 00:42 - 2014-07-11 18:40 - 00000000 ____D () C:\Users\Kalich\AppData\Roaming\ProductData
2015-01-12 00:42 - 2010-08-27 12:34 - 00000000 ____D () C:\Users\NeroMediaHomeUser.4
2015-01-12 00:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2015-01-12 00:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2015-01-10 18:47 - 2014-12-01 13:38 - 00000000 ____D () C:\Users\Kalich\Desktop\Nová složka (2)
2015-01-04 10:55 - 2010-08-26 17:03 - 01593310 _____ () C:\Windows\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2014-01-09 16:28 - 2014-01-09 16:29 - 0003730 _____ () C:\Program Files\Mozilla Firefoxavg-secure-search.xml
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Kalich\AppData\Roaming\EUMSD
2014-11-09 11:33 - 2014-11-09 11:33 - 2025392 _____ (InfoHD-V2.2V09.11) C:\Users\Kalich\AppData\Roaming\EUMSD.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Kalich\AppData\Roaming\FPDAOV
2014-11-09 11:34 - 2014-11-09 11:34 - 1528752 _____ (InfoHD-V2.2V09.11) C:\Users\Kalich\AppData\Roaming\FPDAOV.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0001248 _____ () C:\Users\Kalich\AppData\Roaming\LYRACC
2014-11-08 23:28 - 2014-11-08 23:28 - 1957280 _____ (Object Browser) C:\Users\Kalich\AppData\Roaming\LYRACC.exe
2014-09-01 09:18 - 2014-09-01 09:18 - 0002086 _____ () C:\Users\Kalich\AppData\Roaming\VZ
2014-10-23 13:03 - 2014-11-06 12:10 - 0020992 _____ () C:\Users\Kalich\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-05-23 15:47 - 2011-05-23 15:47 - 0000085 ___SH () C:\ProgramData\.zreglib
2010-11-05 13:37 - 2010-11-05 13:37 - 0000650 _____ () C:\ProgramData\02.htm
2014-01-30 11:57 - 2014-01-30 11:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-08-26 18:38 - 2010-08-26 18:38 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2013-07-31 18:49 - 2013-07-31 18:54 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2010-09-25 23:21 - 2010-09-25 23:21 - 0001502 _____ () C:\ProgramData\__wdump.txt
Some content of TEMP:
====================
C:\Users\Kalich\AppData\Local\Temp\db2.exe
C:\Users\Kalich\AppData\Local\Temp\dufgmr4c.exe
C:\Users\Kalich\AppData\Local\Temp\FlashPlayer__4369_i987899999_il36.exe
C:\Users\Kalich\AppData\Local\Temp\LiveiStream.exe
C:\Users\Kalich\AppData\Local\Temp\Quarantine.exe
C:\Users\Kalich\AppData\Local\Temp\ShopperProJSINJFull.exe
C:\Users\Kalich\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kalich\AppData\Local\Temp\soiygu3.exe
C:\Users\Kalich\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
==================== MBR and Partition Table ==================
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EUMSD.job => C:\Users\Kalich\AppData\Roaming\EUMSD.exe <==== ATTENTION
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001Core.job => C:\Users\tomáa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001UA.job => C:\Users\tomáa\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FPDAOV.job => C:\Users\Kalich\AppData\Roaming\FPDAOV.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\LYRACC.job => C:\Users\Kalich\AppData\Roaming\LYRACC.exe <==== ATTENTION
Task: C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files\AVG Secure Search\PostInstall\ROC.exe
Task: C:\Windows\Tasks\VZ.job => C:\Users\Kalich\AppData\Roaming\VZ.exe <==== ATTENTION
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Kalich\Desktop" je 178 MB.
***** Startup Programs *****
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7
"C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Users\tom��\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
C:\Windows\system32\msstp.vbe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSStp
C:\Program Files\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPDriver
"C:\Program Files\Common Files\Java\Java Update\jusched.exe"
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
"c:\program files\avg secure search\vprot.exe" [x]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate
Re�im ECHO je vypnut.
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
- Přílohy
-
- Addition.zip
- (7.92 KiB) Staženo 111 x
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač - vyskakující reklamy v prohlížeči
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [mncowkgoSrv] => C:\Windows\inf\mncowkgo.vbe [1342 2014-01-19] ()
C:\Windows\inf\mncowkgo.vbe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: linkscanner - No CLSID Value -
FF Plugin: @microsoft.com/GENUINE -> disabled No File
CHR DefaultNewTabURL: Default -> http://rts.dsrlte.com?affID=pr_0db10bf2 ... 7105b620c6
CHR DefaultSuggestURL: Default ->
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 Synth3dVsc; No ImagePath
S3 tsusbhub; No ImagePath
S3 usbbus; No ImagePath
S3 UsbDiag; No ImagePath
S3 USBModem; No ImagePath
S3 VGPU; No ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001Core.job
C:\Users\Kalich\AppData\Roaming\EUMSD
C:\Users\Kalich\AppData\Roaming\FPDAOV
C:\Users\Kalich\AppData\Roaming\LYRACC
C:\ProgramData\DP45977C.lfl
C:\Users\Kalich\AppData\Local\Temp
ask: C:\Windows\Tasks\EUMSD.job => C:\Users\Kalich\AppData\Roaming\EUMSD.exe <==== ATTENTION
C:\Users\Kalich\AppData\Roaming\EUMSD.exe
Task: C:\Windows\Tasks\FPDAOV.job => C:\Users\Kalich\AppData\Roaming\FPDAOV.exe <==== ATTENTION
C:\Users\Kalich\AppData\Roaming\FPDAOV.exe
Task: C:\Windows\Tasks\LYRACC.job => C:\Users\Kalich\AppData\Roaming\LYRACC.exe <==== ATTENTION
C:\Users\Kalich\AppData\Roaming\LYRACC.exe
Task: C:\Windows\Tasks\VZ.job => C:\Users\Kalich\AppData\Roaming\VZ.exe <==== ATTENTION
C:\Users\Kalich\AppData\Roaming\VZ.exe
Task: {8C08E253-5F83-4CCD-878B-1E727F32FB73} - System32\Tasks\UNELEVATE_14812 => C:\Program Files\ShopperPro\JSDriver\1.37.0.1398\jsdrv.exe <==== ATTENTION
Task: {98DA9C8C-F6DA-4CBE-95BB-090ABA9155A4} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {9938ADBF-70C1-4D59-91A8-9566D144507B} - System32\Tasks\UNELEVATE_18639 => C:\Program Files\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe <==== ATTENTION
Task: {CD56938B-60A3-4539-9AB6-BA38CAD82681} - System32\Tasks\UNELEVATE_10197 => C:\Program Files\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe <==== ATTENTION
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný počítač - vyskakující reklamy v prohlížeči
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-01-2015 01
Ran by Kalich at 2015-01-31 21:44:30 Run:1
Running from C:\Users\Kalich\Desktop
Loaded Profiles: UpdatusUser & Kalich (Available profiles: UpdatusUser & Kalich)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [mncowkgoSrv] => C:\Windows\inf\mncowkgo.vbe [1342 2014-01-19] ()
C:\Windows\inf\mncowkgo.vbe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: linkscanner - No CLSID Value -
FF Plugin: @microsoft.com/GENUINE -> disabled No File
CHR DefaultNewTabURL: Default -> http://rts.dsrlte.com?affID=pr_0db10bf2 ... 7105b620c6
CHR DefaultSuggestURL: Default ->
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 Synth3dVsc; No ImagePath
S3 tsusbhub; No ImagePath
S3 usbbus; No ImagePath
S3 UsbDiag; No ImagePath
S3 USBModem; No ImagePath
S3 VGPU; No ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001Core.job
C:\Users\Kalich\AppData\Roaming\EUMSD
C:\Users\Kalich\AppData\Roaming\FPDAOV
C:\Users\Kalich\AppData\Roaming\LYRACC
C:\ProgramData\DP45977C.lfl
C:\Users\Kalich\AppData\Local\Temp
ask: C:\Windows\Tasks\EUMSD.job => C:\Users\Kalich\AppData\Roaming\EUMSD.exe <==== ATTENTION
C:\Users\Kalich\AppData\Roaming\EUMSD.exe
Task: C:\Windows\Tasks\FPDAOV.job => C:\Users\Kalich\AppData\Roaming\FPDAOV.exe <==== ATTENTION
C:\Users\Kalich\AppData\Roaming\FPDAOV.exe
Task: C:\Windows\Tasks\LYRACC.job => C:\Users\Kalich\AppData\Roaming\LYRACC.exe <==== ATTENTION
C:\Users\Kalich\AppData\Roaming\LYRACC.exe
Task: C:\Windows\Tasks\VZ.job => C:\Users\Kalich\AppData\Roaming\VZ.exe <==== ATTENTION
C:\Users\Kalich\AppData\Roaming\VZ.exe
Task: {8C08E253-5F83-4CCD-878B-1E727F32FB73} - System32\Tasks\UNELEVATE_14812 => C:\Program Files\ShopperPro\JSDriver\1.37.0.1398\jsdrv.exe <==== ATTENTION
Task: {98DA9C8C-F6DA-4CBE-95BB-090ABA9155A4} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {9938ADBF-70C1-4D59-91A8-9566D144507B} - System32\Tasks\UNELEVATE_18639 => C:\Program Files\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe <==== ATTENTION
Task: {CD56938B-60A3-4539-9AB6-BA38CAD82681} - System32\Tasks\UNELEVATE_10197 => C:\Program Files\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe <==== ATTENTION
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mncowkgoSrv => value deleted successfully.
C:\Windows\inf\mncowkgo.vbe => Moved successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}" => Key deleted successfully.
HKCR\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => Key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-2701772028-2260806180-3144982785-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
CHR DefaultNewTabURL: Default -> http://rts.dsrlte.com?affID=pr_0db10bf2 ... 7105b620c6 => Error: No automatic fix found for this entry.
Chrome DefaultSuggestURL deleted successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
Synth3dVsc => Service deleted successfully.
tsusbhub => Service deleted successfully.
usbbus => Service deleted successfully.
UsbDiag => Service deleted successfully.
USBModem => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001Core.job => Moved successfully.
C:\Users\Kalich\AppData\Roaming\EUMSD => Moved successfully.
C:\Users\Kalich\AppData\Roaming\FPDAOV => Moved successfully.
C:\Users\Kalich\AppData\Roaming\LYRACC => Moved successfully.
C:\ProgramData\DP45977C.lfl => Moved successfully.
"C:\Users\Kalich\AppData\Local\Temp" directory move:
C:\Users\Kalich\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\au-descriptor-1.7.0_71-b14.xml => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\AUCHECK_PARSER.txt => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\awh706E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\db2.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\db2.exe.dat => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI1AC3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI242B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI2ECA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI38AF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI3DE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI40BE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI47D4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI4E9B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI561E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI5D43.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI6468.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI6BAC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI72E1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI7B7D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI7EF4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI82F1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI8A16.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI937D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI9AF0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMIA225.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMIA9C7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMIB0FC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMIB92B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMIC021.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMIC775.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMICE7B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMID64.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\dufgmr4c.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\etilqs_9TaacWX563hYQtq => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\etilqs_bJGTrIBRAZZwdnW => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\etilqs_eaLCKb25TAUM9Nq => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\etilqs_WSj6pEYIC4hcBFW => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\EULA.txt => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\FlashPlayer__4369_i987899999_il36.exe => Moved successfully.
Could not move "C:\Users\Kalich\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Kalich\AppData\Local\Temp\JAUReg.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\java_install.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\java_install_reg.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Kalich.bmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\LiveiStream.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\modules00 => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\modules11 => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\MSI2f811.LOG => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\MSI36fe5.LOG => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\MSIfff19.LOG => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\PCWD96E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\PCWD96E.xml => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\preferences00 => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\qtsingleapp-smplay-ca73-1-lockfile => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\RD5850.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\RD6EDB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1040.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw108E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw113A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw114A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1212.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1251.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw130C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1339.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1475.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1489.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw14C5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1571.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw158F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1735.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1764.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw18DA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1A0F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1A69.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1AD0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1B12.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1B42.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1B4C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1B5A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1B82.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1C31.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1C47.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1C70.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1C71.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1C8F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1E07.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1E90.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1F05.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1F0E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1F8C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1F90.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1FD0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw208B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw20F1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2176.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2191.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw21C7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw220B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw226.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw228D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw22B3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw22EB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2337.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw233C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw235B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2389.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2398.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw23CA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw23D4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw23FC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2409.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2410.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw249F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw24AB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw24DE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw25E5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2663.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw26A1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw26A2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw26C7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw26E5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw26F4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2714.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2792.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw27B0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw27B3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw27D1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw287F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw28A1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2905.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2992.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw29A5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw29C2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw29D3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2B9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2D39.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2D3D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2DFF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2E24.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2EC0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2EE0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2F52.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3091.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw30D5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3102.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw310F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw315E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw31D8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw31ED.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3237.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw324A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw327E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw32F1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw330B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3317.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw337F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw33B3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw33DC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw33F3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3418.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3423.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw34A8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw34F7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3523.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3538.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw354D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw35DF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw35F1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3617.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3620.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3642.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw370C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw373C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw375C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3798.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw389F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw38E3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3916.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3932.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3947.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3952.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw395C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw39A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3A7F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3A8C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3ACE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3AFD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3B3D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3B44.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3B86.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3BD1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3C00.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3C11.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3C33.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3C61.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3CC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3D2C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3DEB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3E36.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3E93.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3EB3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3F56.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3FB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3FD4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4023.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4156.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4157.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw41A9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4207.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4257.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw426B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw428.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw43F8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4412.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4486.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw44A5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4523.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4572.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4588.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4589.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw45AB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw45CF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4615.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4636.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4712.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw479F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw47A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4818.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw48D4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw48F8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4926.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4984.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4995.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4A6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4ACC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4ACD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4AF8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4B58.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4B87.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4C11.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4D2D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4D4C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4FF3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5009.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5023.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5062.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5144.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5170.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw524E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw524F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5276.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5278.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw52D5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw536E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw53A1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw53D4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw53FC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw543.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw54C0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw54D8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5651.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5662.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw575.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw579B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw57A5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw57F2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5827.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw582A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5845.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5856.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5877.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5883.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5893.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw58A7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5911.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5942.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw594E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw596F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5991.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw599D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw59EC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw59ED.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5A2D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5ACB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5B1D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5B4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5B6C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5B85.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5C0E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5C3E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5C7C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5C9C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5CAC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5CB5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5D1A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5D69.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5D6A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5E3F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5E54.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5E55.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5F3E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5FB0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5FC6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6006.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6026.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw606D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw609C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6143.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw619C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw61AF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw61DE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw61EE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw61EF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw620D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6365.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw63EC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw64CC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6524.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6544.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw65B2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6614.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw668D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6814.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6832.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6891.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw68FF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6902.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw69B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw69DB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw69DD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6A4F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6A5B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6B4A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6B7E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6BC8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6C0C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6CB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6DF5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6E71.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6FA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6FC6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7008.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw705.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7091.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7147.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7204.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw72B4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw72C0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw72F0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7350.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw73FF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw746C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7474.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7478.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw74D2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7554.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw75A4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7604.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw77D4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7883.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw794E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw797D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw79D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw79DB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7A7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7A8F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7ADA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7B0A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7B3A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7BD6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7C2E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7C44.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7CE8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7DBC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7DCE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7DDA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7E30.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7E31.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7F2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7F5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw809E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8169.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw819E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw824B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw827B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw83A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw841D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw84F4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8517.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw85D1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw863C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw866D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw86DB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8726.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw875F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw876A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8783.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw87B7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw87D9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw87E7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8806.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw882D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8846.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8847.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw885F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8866.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw889.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw88D4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8915.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8964.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw896C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw898.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8A02.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8A85.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8B78.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8BD6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8BE4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8C0B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8C26.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8C52.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8C89.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8CEF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8CF7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8D12.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8EFA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8F68.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8FB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9044.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw906.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw907B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw90D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9109.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw91A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw91F7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9217.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw925F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9388.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw93C3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9422.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw946.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9491.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw94AE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw94EF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9505.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw954E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw956F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw95BF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw960E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9641.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9680.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9699.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw96D0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw96D8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw96DA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9788.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw97D5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9824.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9832.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw986F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw98CE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw98F7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9900.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9936.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw994.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9954.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw995B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9965.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9966.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw99D6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9A06.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9A36.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9A54.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9AD0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9B0C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9B3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9B62.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9BBA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9BFF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9C0A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9C38.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9C7F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9C97.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9CE6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9D1D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9D4B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9D51.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9D8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9D8C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9D9A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9DBB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9E57.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9E58.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9E71.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9EE6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9EE7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9F06.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9FA4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9FBD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9FD4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA0FE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA12.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA17C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA22C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA25C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA28C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA359.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA378.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA406.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA409.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA417.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA48D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA4C2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA4F4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA528.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA529.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA5CD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA68D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA69A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA6BD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA6C9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA6CA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA6ED.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA77D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA7C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA7FB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA80B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA811.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA889.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA8E8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA92C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA975.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA9AA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA9E4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAA0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAA14.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAA18.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAA5E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAAEE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAB08.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAB11.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAB19.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAB60.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAB8F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAB9B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABB1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABB5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABCD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABCF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABED.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABEE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABFF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAC0D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAC5D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAC9C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwACF7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAD10.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAD46.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwADD9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwADDE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAE07.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAEB7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAEF8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAF5E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAF81.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAF91.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB0E8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB15E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB18C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB1D3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB211.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB268.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB28F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB29.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB335.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB35B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB3B9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB3E0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB430.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB4A2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB4C2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB57D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB58D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB60A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB651.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB71D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB771.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB78.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB7CA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB89.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB8D5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB8FF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB9A7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB9AC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB9E2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB9EB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBA24.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBA2C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBAB1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBAF4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBB00.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBB10.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBC50.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBC7D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBC97.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBE6D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBEDF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBEE3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBF71.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBFFD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC02D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC04D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC09B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC0EA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC122.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC1A7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC245.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC26E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC2BB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC2C3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC2CA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC2DB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC353.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC396.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC3E2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC3F6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC40C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC426.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC485.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC492.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC528.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC595.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC5B6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC5C6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC5E6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC644.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC72F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC7CF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC7EF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC80F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC899.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC8E5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC920.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC927.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC957.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCAB4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCB03.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCB39.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCBB0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCBB4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCBF5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCBFF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCC12.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCC32.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCC6F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCCBE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCCCE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCCFE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCD2D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCD7E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCDCD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCE15.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCE58.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCEA9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCFE6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD0C6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD21D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD32F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD39E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD3CE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD3DD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD43.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD46.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD582.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD5A3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD5B1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD5D5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD625.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD62E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD68D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD6AB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD6DB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD6EB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD6EC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD73E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD74E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD767.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD76E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD76F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD7C7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD7F5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD844.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD873.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD8C3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD90.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD930.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD9C2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD9CD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDA5C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDC32.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDCD0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD28.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD2D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD4A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD86.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD8D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDE23.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDED0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE055.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE065.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE0CF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE16.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE17E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE197.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE19C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE215.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE263.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE283.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE2E6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE305.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE340.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE35C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE3DA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE448.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE44D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE52.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE5A8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE5F0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE626.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE681.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE6A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE6B4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE72C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE7F7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE816.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE94A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE968.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE97E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEA09.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEA26.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEAA8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEAB4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEAB9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEB18.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEB23.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEB57.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEB84.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEBE2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEC38.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEC3C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEC4D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwECE0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwECED.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwED72.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEE3C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEE7B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEEC9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEF18.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEF19.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEF49.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEF95.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEFB5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEFC4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF004.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF0B2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF0EA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF11E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF257.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF276.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF31.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF330.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF391.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF4E5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF512.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF535.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF59F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF63C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF65F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF68A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF6A5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF6BC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF6E5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF718.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF724.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF7C4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF7E0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF815.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF8BC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF92C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF94D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF968.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFA65.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFA99.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFB46.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFB8F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFBFC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFC0B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFC12.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFC3B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFC68.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFC8A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFCC6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFCD4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFCE2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFDE1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFE59.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFE69.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFE89.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFF25.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFF72.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFF96.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFFC2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Setup Log 2014-11-09 #001.txt => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Setup Log 2015-01-12 #001.txt => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\ShopperProJSINJFull.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\soiygu3.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\toolbar_log.txt => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\wmplog01.sqm => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\~291.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\~9ACA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\~DF881601DC6C81E62B.TMP => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\~DFBFF1B6F205A1202E.TMP => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\~EA1C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\TeamViewer\TeamViewer_.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\TeamViewer\TV10Install.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\TeamViewer\tvinfo.ini => Moved successfully.
Could not move "C:\Users\Kalich\AppData\Local\Temp\Skype\DbTemp\temp-QqLgOcxHrods1nfXjpzQoaSw" => Scheduled to move on reboot.
Could not move "C:\Users\Kalich\AppData\Local\Temp\Skype\DbTemp\temp-rHMa0mZ0hKZH9Zcf4Nw8ZAky" => Scheduled to move on reboot.
C:\Users\Kalich\AppData\Local\Temp\nsz259D.tmp\D1958.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\nsz259D.tmp\NK.lky => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\nsz259D.tmp\setup1.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\nsw1DFC.tmp\D1958.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\nsw1DFC.tmp\NK.lky => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\nsw1DFC.tmp\setup1.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Low\datCAED.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\is-OV5GH.tmp\SkipUacTask.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\is-OV5GH.tmp\TaskMgr.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Install_11181\geforce.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Install_11181\sense.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Install_11181\shopperpro.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Install_11181\ytd.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\GoogleCrashHandler.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\GoogleUpdate.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\GoogleUpdateBroker.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\GoogleUpdateHelper.msi => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\GoogleUpdateOnDemand.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\goopdate.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\goopdateres_en.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\npGoogleUpdate4.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\psmachine.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\psuser.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\GoogleCrashHandler.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\GoogleUpdate.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\GoogleUpdateBroker.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\GoogleUpdateHelper.msi => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\GoogleUpdateOnDemand.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\goopdate.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\goopdateres_en.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\npGoogleUpdate4.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\psmachine.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\psuser.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\GoogleCrashHandler.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\GoogleUpdate.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\GoogleUpdateBroker.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\GoogleUpdateHelper.msi => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\GoogleUpdateOnDemand.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\goopdate.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\goopdateres_en.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\npGoogleUpdate4.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\psmachine.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\psuser.dll => Moved successfully.
Could not move "C:\Users\Kalich\AppData\Local\Temp" directory. => Scheduled to move on reboot.
ask: C:\Windows\Tasks\EUMSD.job => C:\Users\Kalich\AppData\Roaming\EUMSD.exe <==== ATTENTION => Error: No automatic fix found for this entry.
C:\Users\Kalich\AppData\Roaming\EUMSD.exe => Moved successfully.
C:\Windows\Tasks\FPDAOV.job => Moved successfully.
C:\Users\Kalich\AppData\Roaming\FPDAOV.exe => Moved successfully.
C:\Windows\Tasks\LYRACC.job => Moved successfully.
C:\Users\Kalich\AppData\Roaming\LYRACC.exe => Moved successfully.
C:\Windows\Tasks\VZ.job => Moved successfully.
"C:\Users\Kalich\AppData\Roaming\VZ.exe" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C08E253-5F83-4CCD-878B-1E727F32FB73}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C08E253-5F83-4CCD-878B-1E727F32FB73}" => Key deleted successfully.
C:\Windows\System32\Tasks\UNELEVATE_14812 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UNELEVATE_14812" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{98DA9C8C-F6DA-4CBE-95BB-090ABA9155A4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98DA9C8C-F6DA-4CBE-95BB-090ABA9155A4}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9938ADBF-70C1-4D59-91A8-9566D144507B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9938ADBF-70C1-4D59-91A8-9566D144507B}" => Key deleted successfully.
C:\Windows\System32\Tasks\UNELEVATE_18639 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UNELEVATE_18639" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD56938B-60A3-4539-9AB6-BA38CAD82681}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD56938B-60A3-4539-9AB6-BA38CAD82681}" => Key deleted successfully.
C:\Windows\System32\Tasks\UNELEVATE_10197 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UNELEVATE_10197" => Key deleted successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-31 21:49:48)<=
C:\Users\Kalich\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Skype\DbTemp\temp-QqLgOcxHrods1nfXjpzQoaSw => Is moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Skype\DbTemp\temp-rHMa0mZ0hKZH9Zcf4Nw8ZAky => Is moved successfully.
C:\Users\Kalich\AppData\Local\Temp => Moved successfully.
==== End of Fixlog 21:49:48 ====
Ran by Kalich at 2015-01-31 21:44:30 Run:1
Running from C:\Users\Kalich\Desktop
Loaded Profiles: UpdatusUser & Kalich (Available profiles: UpdatusUser & Kalich)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
HKLM\...\Run: [mncowkgoSrv] => C:\Windows\inf\mncowkgo.vbe [1342 2014-01-19] ()
C:\Windows\inf\mncowkgo.vbe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2701772028-2260806180-3144982785-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: linkscanner - No CLSID Value -
FF Plugin: @microsoft.com/GENUINE -> disabled No File
CHR DefaultNewTabURL: Default -> http://rts.dsrlte.com?affID=pr_0db10bf2 ... 7105b620c6
CHR DefaultSuggestURL: Default ->
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 Synth3dVsc; No ImagePath
S3 tsusbhub; No ImagePath
S3 usbbus; No ImagePath
S3 UsbDiag; No ImagePath
S3 USBModem; No ImagePath
S3 VGPU; No ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001Core.job
C:\Users\Kalich\AppData\Roaming\EUMSD
C:\Users\Kalich\AppData\Roaming\FPDAOV
C:\Users\Kalich\AppData\Roaming\LYRACC
C:\ProgramData\DP45977C.lfl
C:\Users\Kalich\AppData\Local\Temp
ask: C:\Windows\Tasks\EUMSD.job => C:\Users\Kalich\AppData\Roaming\EUMSD.exe <==== ATTENTION
C:\Users\Kalich\AppData\Roaming\EUMSD.exe
Task: C:\Windows\Tasks\FPDAOV.job => C:\Users\Kalich\AppData\Roaming\FPDAOV.exe <==== ATTENTION
C:\Users\Kalich\AppData\Roaming\FPDAOV.exe
Task: C:\Windows\Tasks\LYRACC.job => C:\Users\Kalich\AppData\Roaming\LYRACC.exe <==== ATTENTION
C:\Users\Kalich\AppData\Roaming\LYRACC.exe
Task: C:\Windows\Tasks\VZ.job => C:\Users\Kalich\AppData\Roaming\VZ.exe <==== ATTENTION
C:\Users\Kalich\AppData\Roaming\VZ.exe
Task: {8C08E253-5F83-4CCD-878B-1E727F32FB73} - System32\Tasks\UNELEVATE_14812 => C:\Program Files\ShopperPro\JSDriver\1.37.0.1398\jsdrv.exe <==== ATTENTION
Task: {98DA9C8C-F6DA-4CBE-95BB-090ABA9155A4} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {9938ADBF-70C1-4D59-91A8-9566D144507B} - System32\Tasks\UNELEVATE_18639 => C:\Program Files\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe <==== ATTENTION
Task: {CD56938B-60A3-4539-9AB6-BA38CAD82681} - System32\Tasks\UNELEVATE_10197 => C:\Program Files\ShopperPro\JSDriver\1.38.0.1425\jsdrv.exe <==== ATTENTION
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mncowkgoSrv => value deleted successfully.
C:\Windows\inf\mncowkgo.vbe => Moved successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}" => Key deleted successfully.
HKCR\CLSID\{80c554b9-c7f8-4a21-9471-06d606da78a2} => Key not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-2701772028-2260806180-3144982785-1004\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
CHR DefaultNewTabURL: Default -> http://rts.dsrlte.com?affID=pr_0db10bf2 ... 7105b620c6 => Error: No automatic fix found for this entry.
Chrome DefaultSuggestURL deleted successfully.
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => Service deleted successfully.
Synth3dVsc => Service deleted successfully.
tsusbhub => Service deleted successfully.
usbbus => Service deleted successfully.
UsbDiag => Service deleted successfully.
USBModem => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2701772028-2260806180-3144982785-1001Core.job => Moved successfully.
C:\Users\Kalich\AppData\Roaming\EUMSD => Moved successfully.
C:\Users\Kalich\AppData\Roaming\FPDAOV => Moved successfully.
C:\Users\Kalich\AppData\Roaming\LYRACC => Moved successfully.
C:\ProgramData\DP45977C.lfl => Moved successfully.
"C:\Users\Kalich\AppData\Local\Temp" directory move:
C:\Users\Kalich\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\adwcleaner.db => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\au-descriptor-1.7.0_71-b14.xml => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\AUCHECK_PARSER.txt => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\awh706E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\db2.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\db2.exe.dat => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI1AC3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI242B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI2ECA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI38AF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI3DE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI40BE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI47D4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI4E9B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI561E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI5D43.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI6468.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI6BAC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI72E1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI7B7D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI7EF4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI82F1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI8A16.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI937D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMI9AF0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMIA225.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMIA9C7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMIB0FC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMIB92B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMIC021.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMIC775.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMICE7B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\DMID64.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\dufgmr4c.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\etilqs_9TaacWX563hYQtq => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\etilqs_bJGTrIBRAZZwdnW => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\etilqs_eaLCKb25TAUM9Nq => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\etilqs_WSj6pEYIC4hcBFW => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\EULA.txt => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\FlashPlayer__4369_i987899999_il36.exe => Moved successfully.
Could not move "C:\Users\Kalich\AppData\Local\Temp\FXSAPIDebugLogFile.txt" => Scheduled to move on reboot.
C:\Users\Kalich\AppData\Local\Temp\JAUReg.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\JavaDeployReg.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\java_install.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\java_install_reg.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\jusched.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Kalich.bmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\LiveiStream.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\modules00 => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\modules11 => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\MSI2f811.LOG => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\MSI36fe5.LOG => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\MSIfff19.LOG => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\PCWD96E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\PCWD96E.xml => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\preferences00 => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\qtsingleapp-smplay-ca73-1-lockfile => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\RD5850.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\RD6EDB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1040.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw108E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw113A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw114A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1212.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1251.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw130C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1339.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1475.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1489.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw14C5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1571.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw158F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1735.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1764.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw18DA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1A0F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1A69.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1AD0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1B12.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1B42.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1B4C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1B5A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1B82.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1C31.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1C47.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1C70.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1C71.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1C8F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1E07.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1E90.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1F05.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1F0E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1F8C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1F90.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw1FD0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw208B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw20F1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2176.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2191.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw21C7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw220B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw226.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw228D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw22B3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw22EB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2337.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw233C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw235B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2389.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2398.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw23CA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw23D4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw23FC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2409.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2410.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw249F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw24AB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw24DE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw25E5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2663.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw26A1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw26A2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw26C7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw26E5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw26F4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2714.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2792.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw27B0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw27B3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw27D1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw287F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw28A1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2905.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2992.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw29A5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw29C2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw29D3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2B9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2D39.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2D3D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2DFF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2E24.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2EC0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2EE0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw2F52.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3091.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw30D5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3102.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw310F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw315E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw31D8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw31ED.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3237.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw324A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw327E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw32F1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw330B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3317.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw337F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw33B3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw33DC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw33F3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3418.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3423.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw34A8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw34F7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3523.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3538.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw354D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw35DF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw35F1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3617.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3620.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3642.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw370C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw373C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw375C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3798.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw389F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw38E3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3916.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3932.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3947.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3952.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw395C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw39A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3A7F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3A8C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3ACE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3AFD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3B3D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3B44.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3B86.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3BD1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3C00.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3C11.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3C33.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3C61.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3CC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3D2C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3DEB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3E36.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3E93.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3EB3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3F56.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3FB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw3FD4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4023.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4156.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4157.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw41A9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4207.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4257.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw426B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw428.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw43F8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4412.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4486.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw44A5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4523.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4572.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4588.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4589.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw45AB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw45CF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4615.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4636.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4712.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw479F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw47A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4818.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw48D4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw48F8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4926.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4984.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4995.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4A6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4ACC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4ACD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4AF8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4B58.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4B87.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4C11.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4D2D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4D4C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw4FF3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5009.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5023.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5062.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5144.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5170.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw524E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw524F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5276.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5278.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw52D5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw536E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw53A1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw53D4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw53FC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw543.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw54C0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw54D8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5651.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5662.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw575.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw579B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw57A5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw57F2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5827.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw582A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5845.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5856.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5877.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5883.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5893.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw58A7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5911.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5942.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw594E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw596F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5991.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw599D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw59EC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw59ED.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5A2D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5ACB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5B1D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5B4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5B6C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5B85.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5C0E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5C3E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5C7C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5C9C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5CAC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5CB5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5D1A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5D69.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5D6A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5E3F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5E54.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5E55.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5F3E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5FB0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw5FC6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6006.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6026.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw606D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw609C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6143.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw619C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw61AF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw61DE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw61EE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw61EF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw620D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6365.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw63EC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw64CC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6524.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6544.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw65B2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6614.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw668D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6814.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6832.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6891.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw68FF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6902.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw69B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw69DB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw69DD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6A4F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6A5B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6B4A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6B7E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6BC8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6C0C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6CB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6DF5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6E71.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6FA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw6FC6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7008.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw705.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7091.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7147.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7204.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw72B4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw72C0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw72F0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7350.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw73FF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw746C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7474.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7478.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw74D2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7554.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw75A4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7604.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw77D4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7883.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw794E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw797D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw79D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw79DB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7A7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7A8F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7ADA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7B0A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7B3A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7BD6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7C2E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7C44.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7CE8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7DBC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7DCE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7DDA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7E30.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7E31.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7F2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw7F5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw809E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8169.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw819E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw824B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw827B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw83A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw841D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw84F4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8517.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw85D1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw863C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw866D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw86DB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8726.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw875F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw876A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8783.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw87B7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw87D9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw87E7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8806.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw882D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8846.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8847.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw885F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8866.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw889.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw88D4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8915.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8964.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw896C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw898.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8A02.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8A85.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8B78.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8BD6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8BE4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8C0B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8C26.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8C52.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8C89.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8CEF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8CF7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8D12.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8EFA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8F68.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw8FB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9044.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw906.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw907B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw90D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9109.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw91A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw91F7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9217.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw925F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9388.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw93C3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9422.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw946.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9491.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw94AE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw94EF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9505.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw954E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw956F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw95BF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw960E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9641.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9680.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9699.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw96D0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw96D8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw96DA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9788.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw97D5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9824.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9832.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw986F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw98CE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw98F7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9900.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9936.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw994.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9954.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw995B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9965.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9966.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw99D6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9A06.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9A36.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9A54.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9AD0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9B0C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9B3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9B62.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9BBA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9BFF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9C0A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9C38.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9C7F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9C97.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9CE6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9D1D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9D4B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9D51.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9D8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9D8C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9D9A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9DBB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9E57.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9E58.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9E71.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9EE6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9EE7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9F06.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9FA4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9FBD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbw9FD4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA0FE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA12.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA17C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA22C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA25C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA28C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA359.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA378.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA406.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA409.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA417.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA48D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA4C2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA4F4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA528.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA529.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA5CD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA68D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA69A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA6BD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA6C9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA6CA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA6ED.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA77D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA7C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA7FB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA80B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA811.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA889.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA8E8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA92C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA975.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA9AA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwA9E4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAA0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAA14.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAA18.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAA5E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAAEE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAB08.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAB11.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAB19.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAB60.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAB8F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAB9B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABB1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABB5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABCD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABCF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABED.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABEE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwABFF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAC0D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAC5D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAC9C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwACF7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAD10.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAD46.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwADD9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwADDE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAE07.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAEB7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAEF8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAF5E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAF81.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwAF91.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB0E8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB15E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB18C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB1D3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB211.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB268.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB28F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB29.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB335.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB35B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB3B9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB3E0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB430.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB4A2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB4C2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB57D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB58D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB60A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB651.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB71D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB771.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB78.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB7CA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB89.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB8D5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB8FF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB9A7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB9AC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB9E2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwB9EB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBA24.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBA2C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBAB1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBAF4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBB00.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBB10.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBC50.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBC7D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBC97.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBE6D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBEDF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBEE3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBF71.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwBFFD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC02D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC04D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC09B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC0EA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC122.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC1A7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC245.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC26E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC2BB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC2C3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC2CA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC2DB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC353.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC396.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC3E2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC3F6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC40C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC426.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC485.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC492.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC528.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC595.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC5B6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC5C6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC5E6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC644.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC72F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC7CF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC7EF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC80F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC899.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC8E5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC920.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC927.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwC957.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCAB4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCB03.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCB39.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCBB0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCBB4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCBF5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCBFF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCC12.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCC32.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCC6F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCCBE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCCCE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCCFE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCD2D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCD7E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCDCD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCE15.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCE58.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCEA9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwCFE6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD0C6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD21D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD32F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD39E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD3CE.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD3DD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD43.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD46.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD582.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD5A3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD5B1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD5D5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD625.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD62E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD68D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD6AB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD6DB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD6EB.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD6EC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD73E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD74E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD767.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD76E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD76F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD7C7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD7F5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD844.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD873.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD8C3.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD90.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD930.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD9C2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwD9CD.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDA5C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDC32.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDCD0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD28.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD2D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD4A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD86.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDD8D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDE23.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwDED0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE055.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE065.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE0CF.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE16.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE17E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE197.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE19C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE215.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE263.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE283.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE2E6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE305.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE340.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE35C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE3DA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE448.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE44D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE52.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE5A8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE5F0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE626.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE681.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE6A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE6B4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE72C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE7F7.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE816.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE94A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE968.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwE97E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEA09.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEA26.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEAA8.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEAB4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEAB9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEB18.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEB23.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEB57.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEB84.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEBE2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEC38.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEC3C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEC4D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwECE0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwECED.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwED72.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEE3C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEE7B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEEC9.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEF18.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEF19.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEF49.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEF95.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEFB5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwEFC4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF004.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF0B2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF0EA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF11E.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF257.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF276.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF31.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF330.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF391.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF4E5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF512.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF535.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF59F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF63C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF65F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF68A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF6A5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF6BC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF6E5.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF718.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF724.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF7C4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF7E0.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF815.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF8BC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF92C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF94D.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwF968.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFA65.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFA99.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFB46.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFB8F.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFBFC.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFC0B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFC12.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFC3B.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFC68.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFC8A.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFCC6.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFCD4.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFCE2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFDE1.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFE59.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFE69.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFE89.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFF25.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFF72.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFF96.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sbwFFC2.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Setup Log 2014-11-09 #001.txt => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Setup Log 2015-01-12 #001.txt => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\ShopperProJSINJFull.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\soiygu3.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\sqlite3.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\StructuredQuery.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\toolbar_log.txt => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\wmplog00.sqm => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\wmplog01.sqm => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\~291.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\~9ACA.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\~DF881601DC6C81E62B.TMP => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\~DFBFF1B6F205A1202E.TMP => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\~EA1C.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\TeamViewer\TeamViewer_.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\TeamViewer\TV10Install.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\TeamViewer\tvinfo.ini => Moved successfully.
Could not move "C:\Users\Kalich\AppData\Local\Temp\Skype\DbTemp\temp-QqLgOcxHrods1nfXjpzQoaSw" => Scheduled to move on reboot.
Could not move "C:\Users\Kalich\AppData\Local\Temp\Skype\DbTemp\temp-rHMa0mZ0hKZH9Zcf4Nw8ZAky" => Scheduled to move on reboot.
C:\Users\Kalich\AppData\Local\Temp\nsz259D.tmp\D1958.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\nsz259D.tmp\NK.lky => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\nsz259D.tmp\setup1.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\nsw1DFC.tmp\D1958.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\nsw1DFC.tmp\NK.lky => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\nsw1DFC.tmp\setup1.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Low\datCAED.tmp => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Low\JavaDeployReg.log => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\is-OV5GH.tmp\SkipUacTask.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\is-OV5GH.tmp\TaskMgr.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Install_11181\geforce.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Install_11181\sense.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Install_11181\shopperpro.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Install_11181\ytd.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\GoogleCrashHandler.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\GoogleUpdate.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\GoogleUpdateBroker.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\GoogleUpdateHelper.msi => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\GoogleUpdateOnDemand.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\goopdate.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\goopdateres_en.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\npGoogleUpdate4.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\psmachine.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.439903\psuser.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\GoogleCrashHandler.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\GoogleUpdate.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\GoogleUpdateBroker.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\GoogleUpdateHelper.msi => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\GoogleUpdateOnDemand.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\goopdate.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\goopdateres_en.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\npGoogleUpdate4.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\psmachine.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.241351\psuser.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\GoogleCrashHandler.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\GoogleUpdate.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\GoogleUpdateBroker.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\GoogleUpdateHelper.msi => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\GoogleUpdateOnDemand.exe => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\goopdate.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\goopdateres_en.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\npGoogleUpdate4.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\psmachine.dll => Moved successfully.
C:\Users\Kalich\AppData\Local\Temp\comh.157887\psuser.dll => Moved successfully.
Could not move "C:\Users\Kalich\AppData\Local\Temp" directory. => Scheduled to move on reboot.
ask: C:\Windows\Tasks\EUMSD.job => C:\Users\Kalich\AppData\Roaming\EUMSD.exe <==== ATTENTION => Error: No automatic fix found for this entry.
C:\Users\Kalich\AppData\Roaming\EUMSD.exe => Moved successfully.
C:\Windows\Tasks\FPDAOV.job => Moved successfully.
C:\Users\Kalich\AppData\Roaming\FPDAOV.exe => Moved successfully.
C:\Windows\Tasks\LYRACC.job => Moved successfully.
C:\Users\Kalich\AppData\Roaming\LYRACC.exe => Moved successfully.
C:\Windows\Tasks\VZ.job => Moved successfully.
"C:\Users\Kalich\AppData\Roaming\VZ.exe" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8C08E253-5F83-4CCD-878B-1E727F32FB73}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8C08E253-5F83-4CCD-878B-1E727F32FB73}" => Key deleted successfully.
C:\Windows\System32\Tasks\UNELEVATE_14812 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UNELEVATE_14812" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{98DA9C8C-F6DA-4CBE-95BB-090ABA9155A4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{98DA9C8C-F6DA-4CBE-95BB-090ABA9155A4}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9938ADBF-70C1-4D59-91A8-9566D144507B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9938ADBF-70C1-4D59-91A8-9566D144507B}" => Key deleted successfully.
C:\Windows\System32\Tasks\UNELEVATE_18639 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UNELEVATE_18639" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CD56938B-60A3-4539-9AB6-BA38CAD82681}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CD56938B-60A3-4539-9AB6-BA38CAD82681}" => Key deleted successfully.
C:\Windows\System32\Tasks\UNELEVATE_10197 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UNELEVATE_10197" => Key deleted successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2015-01-31 21:49:48)<=
C:\Users\Kalich\AppData\Local\Temp\FXSAPIDebugLogFile.txt => Is moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Skype\DbTemp\temp-QqLgOcxHrods1nfXjpzQoaSw => Is moved successfully.
C:\Users\Kalich\AppData\Local\Temp\Skype\DbTemp\temp-rHMa0mZ0hKZH9Zcf4Nw8ZAky => Is moved successfully.
C:\Users\Kalich\AppData\Local\Temp => Moved successfully.
==== End of Fixlog 21:49:48 ====
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač - vyskakující reklamy v prohlížeči
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný počítač - vyskakující reklamy v prohlížeči
Počet reklam se snížil, ale pořád nějaké vyskakují
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač - vyskakující reklamy v prohlížeči
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zavirovaný počítač - vyskakující reklamy v prohlížeči
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 1.2.2015
Scan Time: 15:42:01
Logfile:
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.02.01.04
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Kalich
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 420676
Time Elapsed: 21 min, 47 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
PUP.Optional.MaintainerSvc.A, C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe, 3808, , [d87064b5c4c6fb3b70fbac408a77e818]
Modules: 0
(No malicious items detected)
Registry Keys: 8
PUP.Optional.MaintainerSvc.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MaintainerSvc3.35.6688013, , [d87064b5c4c6fb3b70fbac408a77e818],
PUP.Optional.SnipSmart.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{68261AAA-DC9F-4C2B-A168-C323E304C3A2}, , [f8500c0db6d4af87c9598e6939c9629e],
PUP.Optional.SnipSmart.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{68261AAA-DC9F-4C2B-A168-C323E304C3A2}, , [f8500c0db6d4af87c9598e6939c9629e],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\HD-V2.2V09.11-nv, , [67e1fd1c1971b87e6666692710f3d22e],
PUP.Optional.SnipSmart.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\snipsmart, , [8cbc52c7b2d87eb8e25e0a8d42c18a76],
PUP.Optional.GeForce.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Ge-Force, , [5eea8e8b7a10f442f47220df7094fb05],
PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HD-V2.2V09.11, , [d2760f0a1179cc6a05c9830d8083dd23],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [ee5a67b29feb270ffd8b61842bd9e020],
Registry Values: 2
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, , [ee5a67b29feb270ffd8b61842bd9e020]
PUP.Optional.PayByAds.A, HKU\S-1-5-21-2701772028-2260806180-3144982785-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Yahoo! Search, C:\Users\Kalich\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe, , [7ccc3ddc7a102214bfdb1d7360a36997]
Registry Data: 0
(No malicious items detected)
Folders: 4
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\bitstreams, , [81c7e2377c0ee0565f91fa4f689b748c],
PUP.Optional.CrossRider.A, C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plimopelmdneikoknbgpopffpbmlhgpa, , [cc7c1ffabfcbc373b59aa3ccd52e57a9],
PUP.Optional.CrossRider.A, C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_plimopelmdneikoknbgpopffpbmlhgpa_0, , [e66222f77e0c2e08173992ddbc4750b0],
Files: 30
PUP.Optional.MaintainerSvc.A, C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe, , [d87064b5c4c6fb3b70fbac408a77e818],
PUP.Optional.SwiftBrowse, C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.bak, , [89bf25f4c6c4f83ea10247b4c33e59a7],
PUP.Optional.Nova.A, C:\Program Files\19471881-2af6-489e-8fd4-e35c71616f3f\0e3bf70d-7ae5-40cc-9f25-775441615fb5.dll, , [390f8b8e0e7c63d3711de520ce3409f7],
PUP.Optional.Nova.A, C:\Program Files\6847c2db-cc97-46d2-b3f4-f6792a36eb17\f71be73f-05da-4ec4-95db-85cd8c41f093.dll, , [b69217024f3bc67085092ed70ef48779],
PUP.Optional.Nova.A, C:\Program Files\7-Zip\665022a6-e0e6-4106-9b5e-e29892441589.dll, , [4cfc1efbdeac6acca0ee8283a45ed52b],
PUP.Optional.Nova.A, C:\Program Files\AC3Filter\12408153-eae6-4f2c-82d9-82495e8b13a5.dll, , [b7910217602a43f30e80ca3b2ed4d62a],
PUP.Optional.Nova.A, C:\Program Files\AC3Filter\15da69e3-e663-441a-8e92-e1c026123e97.dll, , [1f2936e3b6d48ea8aae4be47649e17e9],
PUP.Optional.Nova.A, C:\Program Files\f1fdce29-faa7-4d69-b520-0fd1405514ef\e7fab34c-bb5b-4795-9087-02b4cf090429.dll, , [de6a7c9d1d6d88aec8c622e3897946ba],
PUP.Optional.OutBrowse, C:\Users\Kalich\Downloads\Installation (1).exe, , [6fd91405a3e768ce6b7297407a876799],
PUP.Optional.OutBrowse, C:\Users\Kalich\Downloads\Installation (2).exe, , [81c7b5643d4d49edba234a8dcf3232ce],
PUP.Optional.OutBrowse, C:\Users\Kalich\Downloads\Installation (3).exe, , [8cbc55c4f99149ed429b15c2738ecd33],
PUP.Optional.OutBrowse, C:\Users\Kalich\Downloads\Installation (4).exe, , [86c205142b5f6fc7706dc90e8b7632ce],
PUP.Optional.OutBrowse, C:\Users\Kalich\Downloads\Installation.exe, , [34144acfbfcbfc3a2db01bbc42bf41bf],
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_3734373437303036372d3437415a556c2a3223346c41, , [bb8d35e4e8a25fd7de18326618ebde22],
Trojan.Agent.VBS, C:\Windows\System32\msstp.vbe, , [3117e8319febb086c340606158ab25db],
Malware.Trace, C:\Windows\inf\ntvdm.inf, , [f35532e7cebc37ffbc02746b81837d83],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\diablo130302.cl, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\diakgcn121016.cl, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\libcurl-4.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\libeay32.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\libidn-11.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\librtmp.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\libssh2.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\mncowkgo.exe, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\phatk121016.cl, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\poclbm130302.cl, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\scrypt130511.cl, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\ssleay32.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\zlib1.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [81c7e2377c0ee0565f91fa4f689b748c],
Physical Sectors: 0
(No malicious items detected)
(end)
www.malwarebytes.org
Scan Date: 1.2.2015
Scan Time: 15:42:01
Logfile:
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.02.01.04
Rootkit Database: v2015.01.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Kalich
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 420676
Time Elapsed: 21 min, 47 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
PUP.Optional.MaintainerSvc.A, C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe, 3808, , [d87064b5c4c6fb3b70fbac408a77e818]
Modules: 0
(No malicious items detected)
Registry Keys: 8
PUP.Optional.MaintainerSvc.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MaintainerSvc3.35.6688013, , [d87064b5c4c6fb3b70fbac408a77e818],
PUP.Optional.SnipSmart.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{68261AAA-DC9F-4C2B-A168-C323E304C3A2}, , [f8500c0db6d4af87c9598e6939c9629e],
PUP.Optional.SnipSmart.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{68261AAA-DC9F-4C2B-A168-C323E304C3A2}, , [f8500c0db6d4af87c9598e6939c9629e],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\HD-V2.2V09.11-nv, , [67e1fd1c1971b87e6666692710f3d22e],
PUP.Optional.SnipSmart.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\snipsmart, , [8cbc52c7b2d87eb8e25e0a8d42c18a76],
PUP.Optional.GeForce.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Ge-Force, , [5eea8e8b7a10f442f47220df7094fb05],
PUP.Optional.CrossRider.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HD-V2.2V09.11, , [d2760f0a1179cc6a05c9830d8083dd23],
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT, , [ee5a67b29feb270ffd8b61842bd9e020],
Registry Values: 2
PUP.Optional.InstallBrain.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WNLT|URL, MYSTART, , [ee5a67b29feb270ffd8b61842bd9e020]
PUP.Optional.PayByAds.A, HKU\S-1-5-21-2701772028-2260806180-3144982785-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Yahoo! Search, C:\Users\Kalich\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.19.2\dsrlte.exe, , [7ccc3ddc7a102214bfdb1d7360a36997]
Registry Data: 0
(No malicious items detected)
Folders: 4
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\bitstreams, , [81c7e2377c0ee0565f91fa4f689b748c],
PUP.Optional.CrossRider.A, C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\plimopelmdneikoknbgpopffpbmlhgpa, , [cc7c1ffabfcbc373b59aa3ccd52e57a9],
PUP.Optional.CrossRider.A, C:\Users\Kalich\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_plimopelmdneikoknbgpopffpbmlhgpa_0, , [e66222f77e0c2e08173992ddbc4750b0],
Files: 30
PUP.Optional.MaintainerSvc.A, C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.exe, , [d87064b5c4c6fb3b70fbac408a77e818],
PUP.Optional.SwiftBrowse, C:\ProgramData\83b32e09-56dd-4d15-bbc7-350e8627ec65\maintainer.bak, , [89bf25f4c6c4f83ea10247b4c33e59a7],
PUP.Optional.Nova.A, C:\Program Files\19471881-2af6-489e-8fd4-e35c71616f3f\0e3bf70d-7ae5-40cc-9f25-775441615fb5.dll, , [390f8b8e0e7c63d3711de520ce3409f7],
PUP.Optional.Nova.A, C:\Program Files\6847c2db-cc97-46d2-b3f4-f6792a36eb17\f71be73f-05da-4ec4-95db-85cd8c41f093.dll, , [b69217024f3bc67085092ed70ef48779],
PUP.Optional.Nova.A, C:\Program Files\7-Zip\665022a6-e0e6-4106-9b5e-e29892441589.dll, , [4cfc1efbdeac6acca0ee8283a45ed52b],
PUP.Optional.Nova.A, C:\Program Files\AC3Filter\12408153-eae6-4f2c-82d9-82495e8b13a5.dll, , [b7910217602a43f30e80ca3b2ed4d62a],
PUP.Optional.Nova.A, C:\Program Files\AC3Filter\15da69e3-e663-441a-8e92-e1c026123e97.dll, , [1f2936e3b6d48ea8aae4be47649e17e9],
PUP.Optional.Nova.A, C:\Program Files\f1fdce29-faa7-4d69-b520-0fd1405514ef\e7fab34c-bb5b-4795-9087-02b4cf090429.dll, , [de6a7c9d1d6d88aec8c622e3897946ba],
PUP.Optional.OutBrowse, C:\Users\Kalich\Downloads\Installation (1).exe, , [6fd91405a3e768ce6b7297407a876799],
PUP.Optional.OutBrowse, C:\Users\Kalich\Downloads\Installation (2).exe, , [81c7b5643d4d49edba234a8dcf3232ce],
PUP.Optional.OutBrowse, C:\Users\Kalich\Downloads\Installation (3).exe, , [8cbc55c4f99149ed429b15c2738ecd33],
PUP.Optional.OutBrowse, C:\Users\Kalich\Downloads\Installation (4).exe, , [86c205142b5f6fc7706dc90e8b7632ce],
PUP.Optional.OutBrowse, C:\Users\Kalich\Downloads\Installation.exe, , [34144acfbfcbfc3a2db01bbc42bf41bf],
PUP.Optional.ShopperPro, C:\Windows\System32\Tasks\SPBIW_UpdateTask_Time_3734373437303036372d3437415a556c2a3223346c41, , [bb8d35e4e8a25fd7de18326618ebde22],
Trojan.Agent.VBS, C:\Windows\System32\msstp.vbe, , [3117e8319febb086c340606158ab25db],
Malware.Trace, C:\Windows\inf\ntvdm.inf, , [f35532e7cebc37ffbc02746b81837d83],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\diablo130302.cl, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\diakgcn121016.cl, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\libcurl-4.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\libeay32.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\libidn-11.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\librtmp.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\libssh2.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\mncowkgo.exe, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\phatk121016.cl, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\poclbm130302.cl, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\scrypt130511.cl, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\ssleay32.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\zlib1.dll, , [81c7e2377c0ee0565f91fa4f689b748c],
Trojan.Agent.BCM, C:\Windows\inf\mncowkgo\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [81c7e2377c0ee0565f91fa4f689b748c],
Physical Sectors: 0
(No malicious items detected)
(end)
-
Rudy
- Site Admin
- Příspěvky: 118275
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zavirovaný počítač - vyskakující reklamy v prohlížeči
Vše, co MBAM nalezl, smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?