VIRY.CZ

Dobrý večer,
prosím o pomoc a kontrolu logu. Můj PC něco provedl a smazaly se některé součásti programů, zbyl jen zástupce na ploše no ve startu. Např avast - zůstala složka ale exe aplikace nikde. Chtěl jsem ho nainstalovat znova a nejde to. Podobný problém tu měl včera kolega.
Předem uvádím, že můj operační systém by měl být legální (byl součástí kupovaného PC v obchodě, i když už to je hodně pátků nazpátek ...)
Přikládám log

Děkuji za pomoc

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014
Ran by Comfor (administrator) on TRAXLER on 05-06-2014 21:26:20
Running from C:\Users\Comfor\Desktop
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(forum.viry.cz) C:\Users\Comfor\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4317184 2006-12-29] (Realtek Semiconductor)
HKLM\...\Run: [Device Detector] => DevDetect.exe -autorun
HKLM\...\Run: [LifeCam] => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [707360 2006-12-06] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\MountPoints2: {b5494747-6c57-11dc-bffc-00004d2d893c} - G:\TrueCrypt\TrueCrypt.exe /q background /e /c y /m ro /m rm /v "Secret\Corsair.tc"
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\MountPoints2: {eae167b4-025d-11de-a65e-001a4d2a5c6f} - G:\WDSetup.exe
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\MountPoints2: {f352cb0f-0345-11e2-8df7-001a4d2a5c6f} - F:\unlock.exe autoplay=true
Startup: C:\Users\Comfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (No File)

==================== Internet (Whitelisted) ====================

ProxyServer: 10.1.1.30:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchT ... d=ie7&rlz=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = http://www.icq.com/search/results.php?q ... &ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - DefaultScope {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://www.icq.com/search/results.php?q ... &ch_id=osd
SearchScopes: HKCU - {104EE3F6-6FB5-478D-9388-A3341FD5CF21} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKCU - {23AE915A-9767-420D-8D86-8985BEA15275} URL = http://search.seznam.cz/searchScreen?w= ... rms}&mod=f
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = http://www.icq.com/search/results.php?q ... &ch_id=osd
SearchScopes: HKCU - {BE9654C9-9D79-42ec-B55A-3CAEB12DBF58} URL = http://www.icq.com/search/results.php?q ... &ch_id=osd
BHO: No Name - {055FD26D-3A88-4e15-963D-DC8493744B1D} - No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll No File
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Toolbar: HKCU - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 213.192.60.6 213.192.60.5

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.3088 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll No File
FF Plugin: @real.com/nprpjplug;version=6.0.11.3006 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR HomePage: www.google.com
CHR StartupUrls: "www.google.com"
CHR Extension: (YouTube) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-27]
CHR Extension: (Google Search) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-29]
CHR Extension: (Skype Click to Call) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-14]
CHR Extension: (Google Wallet) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-14]
CHR Extension: (Gmail) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-29]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-02-29]

========================== Services (Whitelisted) =================

S3 Adobe LM Service; "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" [X]
S2 avast! Antivirus; "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [X]
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 MSCamSvc; "C:\Program Files\Microsoft LifeCam\MSCamS32.exe" [X]
S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X]
S2 nvUpdatusService; "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [X]
S2 RichVideo; "C:\Program Files\CyberLink\Shared Files\RichVideo.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1121536 2006-11-22] (Philips Semiconductors GmbH)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-05-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-05-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-05-15] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-05-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-05-01] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-05-01] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2007-08-27] (Padus, Inc.)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2007-10-27] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U3 anothkoj; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-05 21:26 - 2014-06-05 21:27 - 00011522 _____ () C:\Users\Comfor\Desktop\FRST.txt
2014-06-05 21:25 - 2014-06-05 21:26 - 00000000 ____D () C:\FRST
2014-06-05 21:23 - 2014-06-05 21:23 - 00112640 _____ (forum.viry.cz) C:\Users\Comfor\Desktop\FRSTLauncher.exe
2014-06-05 21:22 - 2014-06-05 21:22 - 01059840 _____ (Farbar) C:\Users\Comfor\Desktop\FRST.exe
2014-06-03 19:59 - 2014-06-03 19:59 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-03 19:55 - 2014-06-03 20:23 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-03 19:55 - 2014-06-03 19:55 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-03 19:55 - 2014-06-03 19:55 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-05-29 15:50 - 2014-05-29 15:51 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-29 15:50 - 2012-10-30 23:50 - 00227648 _____ (AVAST Software) C:\Windows\system32\asw77DD.tmp
2014-05-29 14:21 - 2014-05-29 14:21 - 04796856 _____ (AVAST Software) C:\Users\Comfor\Downloads\avast_free_antivirus_setup_online.exe
2014-05-29 07:09 - 2014-05-29 07:09 - 00000000 ____D () C:\Users\Comfor\AppData\Local\Adobe
2014-05-29 06:51 - 2014-05-29 07:19 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-29 06:51 - 2014-05-29 06:51 - 00001896 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-27 15:44 - 2014-05-27 15:44 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-15 23:26 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 23:26 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 23:26 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 09:10 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

==================== One Month Modified Files and Folders =======

2014-06-05 21:27 - 2014-06-05 21:26 - 00011522 _____ () C:\Users\Comfor\Desktop\FRST.txt
2014-06-05 21:27 - 2007-08-27 13:34 - 00000000 ____D () C:\Users\Comfor\AppData\Local\Temp
2014-06-05 21:26 - 2014-06-05 21:25 - 00000000 ____D () C:\FRST
2014-06-05 21:23 - 2014-06-05 21:23 - 00112640 _____ (forum.viry.cz) C:\Users\Comfor\Desktop\FRSTLauncher.exe
2014-06-05 21:22 - 2014-06-05 21:22 - 01059840 _____ (Farbar) C:\Users\Comfor\Desktop\FRST.exe
2014-06-05 21:19 - 2007-08-21 16:05 - 00000000 ____D () C:\install
2014-06-05 21:10 - 2012-04-30 20:42 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-05 21:07 - 2007-08-28 09:59 - 00002635 _____ () C:\Users\Comfor\Desktop\Microsoft Office Word 2007.lnk
2014-06-05 20:54 - 2006-11-02 14:52 - 01066875 _____ () C:\Windows\WindowsUpdate.log
2014-06-05 20:49 - 2012-02-27 19:03 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-05 20:49 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-05 20:49 - 2006-11-02 14:47 - 00005168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-05 20:49 - 2006-11-02 14:47 - 00005168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-05 20:49 - 2006-11-02 14:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-06-05 20:47 - 2014-04-08 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-05 20:47 - 2009-06-27 15:26 - 00000000 ___RD () C:\Program Files\Skype
2014-06-05 20:47 - 2007-08-28 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-05 20:47 - 2007-08-27 16:28 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-05 20:47 - 2007-08-27 15:47 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\GHISLER
2014-06-05 20:47 - 2007-08-21 15:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-05 20:47 - 2007-08-21 15:32 - 00000000 ____D () C:\Program Files\Adobe
2014-06-05 20:47 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool
2014-06-05 20:47 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2014-06-05 20:47 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-05 20:18 - 2006-11-02 15:01 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-05 14:40 - 2012-02-27 19:03 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-04 08:40 - 2012-11-08 20:24 - 00100832 _____ () C:\Users\Comfor\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-04 08:40 - 2012-11-08 20:23 - 00372856 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-04 08:39 - 2013-10-03 11:33 - 00642912 _____ () C:\Windows\PFRO.log
2014-06-03 20:23 - 2014-06-03 19:55 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-03 19:59 - 2014-06-03 19:59 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-03 19:56 - 2007-08-28 09:57 - 00002661 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Otevřít dokument sady Microsoft Office.lnk
2014-06-03 19:56 - 2007-08-28 09:57 - 00002637 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Nový dokument sady Microsoft Office.lnk
2014-06-03 19:55 - 2014-06-03 19:55 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-03 19:55 - 2014-06-03 19:55 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-06-02 21:50 - 2006-11-02 12:33 - 01532822 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-02 13:53 - 2007-10-31 20:49 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\Skype
2014-06-02 11:53 - 2012-09-14 09:02 - 00002505 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-02 11:53 - 2007-10-31 20:44 - 00000000 ____D () C:\ProgramData\Skype
2014-05-29 15:51 - 2014-05-29 15:50 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-29 14:21 - 2014-05-29 14:21 - 04796856 _____ (AVAST Software) C:\Users\Comfor\Downloads\avast_free_antivirus_setup_online.exe
2014-05-29 14:13 - 2012-02-27 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-29 07:19 - 2014-05-29 06:51 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-29 07:16 - 2007-08-27 16:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-29 07:09 - 2014-05-29 07:09 - 00000000 ____D () C:\Users\Comfor\AppData\Local\Adobe
2014-05-29 07:09 - 2007-08-27 14:05 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\Adobe
2014-05-29 06:51 - 2014-05-29 06:51 - 00001896 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-28 08:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-28 08:02 - 2010-02-24 19:33 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-05-27 15:44 - 2014-05-27 15:44 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-27 10:22 - 2011-08-08 21:07 - 00000000 ____D () C:\Program Files\Common Files\Panasonic
2014-05-27 10:22 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-05-27 10:22 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2014-05-27 10:22 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-27 10:22 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Movie Maker
2014-05-27 10:22 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-05-27 10:22 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-27 10:21 - 2007-08-27 16:04 - 00000000 ____D () C:\Program Files\Common Files\ACD Systems
2014-05-27 10:13 - 2007-08-22 09:29 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-05-24 09:41 - 2012-11-19 01:12 - 00000789 _____ () C:\Windows\setupact.log
2014-05-15 23:33 - 2013-07-17 15:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 23:29 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-15 21:01 - 2011-06-29 13:43 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 21:01 - 2008-04-06 20:13 - 00411680 ____N (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 21:01 - 2007-10-04 08:07 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswrdr.sys
2014-05-14 15:10 - 2012-04-30 20:42 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 15:10 - 2011-07-06 08:11 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-06 01:32 - 2014-05-15 23:26 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 01:14 - 2014-05-15 23:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 01:14 - 2014-05-15 23:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

Some content of TEMP:
====================
C:\Users\Comfor\AppData\Local\Temp\mpegc.dll
C:\Users\Comfor\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Comfor\AppData\Local\Temp\nvStInst.exe
C:\Users\Comfor\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Comfor\AppData\Local\Temp\_isD5A6.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================


Available physical RAM: 1134.21 MB
Total physical RAM: 2046.83 MB
Percentage of memory in use: 44%

==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Comfor\Desktop" je 1 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut
"C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTV 310i Antenna Power
"C:\Program Files\Pinnacle\Shared Files\Drivers\Tools\PCTV 310i Antenna Power.exe" /silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toolbar_eula_launcher
C:\install\google\eula\EULALauncher.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.1 HD Lite Edition.lnk
C:\PROGRA~1\COMMON~1\PANASO~1\PHOTOF~1\AUTOST~1.EXE [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Zdravím!
Spusťte nejprve tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Provedeno, zde je log:

# AdwCleaner v3.212 - Report created 07/06/2014 at 08:32:25
# Updated 05/06/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Comfor - TRAXLER
# Running from : C:\Users\Comfor\Desktop\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\Users\Comfor\Documents\Updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.XTTBPos00
Key Deleted : HKLM\SOFTWARE\Classes\ToolBand.XTTBPos00.1
Key Deleted : HKLM\SOFTWARE\Classes\XTTB00001.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\XTTB00001.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\XTTB00001.XTTB00001
Key Deleted : HKLM\SOFTWARE\Classes\XTTB00001.XTTB00001.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BE9654C9-9D79-42EC-B55A-3CAEB12DBF58}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : HKCU\Software\ICQToolbar
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16545

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Google Chrome v

[ File : C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2146 octets] - [07/06/2014 08:30:37]
AdwCleaner[S0].txt - [2025 octets] - [07/06/2014 08:32:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2085 octets] ##########

Dejte nový log FRST.

nový log

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:06-06-2014
Ran by Comfor (administrator) on TRAXLER on 07-06-2014 12:51:58
Running from C:\Users\Comfor\Desktop
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_13_0_0_214_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(forum.viry.cz) C:\Users\Comfor\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4317184 2006-12-29] (Realtek Semiconductor)
HKLM\...\Run: [Device Detector] => DevDetect.exe -autorun
HKLM\...\Run: [LifeCam] => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [707360 2006-12-06] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\MountPoints2: {b5494747-6c57-11dc-bffc-00004d2d893c} - G:\TrueCrypt\TrueCrypt.exe /q background /e /c y /m ro /m rm /v "Secret\Corsair.tc"
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\MountPoints2: {eae167b4-025d-11de-a65e-001a4d2a5c6f} - G:\WDSetup.exe
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\MountPoints2: {f352cb0f-0345-11e2-8df7-001a4d2a5c6f} - F:\unlock.exe autoplay=true
Startup: C:\Users\Comfor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (No File)

==================== Internet (Whitelisted) ====================

ProxyServer: 10.1.1.30:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com/search?q={searchT ... d=ie7&rlz=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
SearchScopes: HKCU - {104EE3F6-6FB5-478D-9388-A3341FD5CF21} URL = http://www.google.cz/search?q={searchTe ... {startPage}
SearchScopes: HKCU - {23AE915A-9767-420D-8D86-8985BEA15275} URL = http://search.seznam.cz/searchScreen?w= ... rms}&mod=f
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll No File
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanner.ikea.com/CZ/Core/ ... _Win32.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 213.192.60.6 213.192.60.5

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.3088 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll No File
FF Plugin: @real.com/nprpjplug;version=6.0.11.3006 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

Chrome:
=======
CHR HomePage: www.google.com
CHR StartupUrls: "www.google.com"
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\34.0.1847.116\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-29]
CHR Extension: (Skype Click to Call) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-12-14]
CHR Extension: (Peněženka Google) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-14]
CHR Extension: (Gmail) - C:\Users\Comfor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-29]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-02-29]

========================== Services (Whitelisted) =================

S3 Adobe LM Service; "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" [X]
S2 avast! Antivirus; "C:\Program Files\Alwil Software\Avast5\AvastSvc.exe" [X]
S2 gupdate; "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 MSCamSvc; "C:\Program Files\Microsoft LifeCam\MSCamS32.exe" [X]
S3 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X]
S2 nvUpdatusService; "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" [X]
S2 RichVideo; "C:\Program Files\CyberLink\Shared Files\RichVideo.exe" [X]

==================== Drivers (Whitelisted) ====================

S3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1121536 2006-11-22] (Philips Semiconductors GmbH)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-05-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-05-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-05-15] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-05-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-05-15] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-05-01] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-05-01] ()
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2007-08-27] (Padus, Inc.)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [685816 2007-10-27] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U3 an9u5taa; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-07 12:51 - 2014-06-07 12:52 - 00012694 _____ () C:\Users\Comfor\Desktop\FRST.txt
2014-06-07 12:51 - 2014-06-07 12:51 - 00000000 ____D () C:\Users\Comfor\Desktop\FRST-OlderVersion
2014-06-07 08:31 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-06-07 08:30 - 2014-06-07 08:32 - 00000000 ____D () C:\AdwCleaner
2014-06-07 08:28 - 2014-06-07 08:28 - 01333465 _____ () C:\Users\Comfor\Desktop\adwcleaner_3.212.exe
2014-06-05 21:31 - 2014-06-05 21:32 - 00000000 ____D () C:\rsit
2014-06-05 21:31 - 2014-06-05 21:31 - 01107968 _____ () C:\Users\Comfor\Desktop\RSIT.exe
2014-06-05 21:31 - 2014-06-05 21:31 - 00000000 ____D () C:\Program Files\trend micro
2014-06-05 21:25 - 2014-06-07 12:51 - 00000000 ____D () C:\FRST
2014-06-05 21:22 - 2014-06-07 12:51 - 01063424 _____ (Farbar) C:\Users\Comfor\Desktop\FRST.exe
2014-06-03 19:59 - 2014-06-03 19:59 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-03 19:55 - 2014-06-03 20:23 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-03 19:55 - 2014-06-03 19:55 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-03 19:55 - 2014-06-03 19:55 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-05-29 15:50 - 2014-05-29 15:51 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-29 15:50 - 2012-10-30 23:50 - 00227648 _____ (AVAST Software) C:\Windows\system32\asw77DD.tmp
2014-05-29 14:21 - 2014-05-29 14:21 - 04796856 _____ (AVAST Software) C:\Users\Comfor\Downloads\avast_free_antivirus_setup_online.exe
2014-05-29 07:09 - 2014-05-29 07:09 - 00000000 ____D () C:\Users\Comfor\AppData\Local\Adobe
2014-05-29 06:51 - 2014-05-29 07:19 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-29 06:51 - 2014-05-29 06:51 - 00001896 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-27 15:44 - 2014-05-27 15:44 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-15 23:26 - 2014-05-06 01:32 - 12347392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 23:26 - 2014-05-06 01:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 23:26 - 2014-05-06 01:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 09:10 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

==================== One Month Modified Files and Folders =======

2014-06-07 12:52 - 2014-06-07 12:51 - 00012694 _____ () C:\Users\Comfor\Desktop\FRST.txt
2014-06-07 12:52 - 2007-08-27 13:34 - 00000000 ____D () C:\Users\Comfor\AppData\Local\Temp
2014-06-07 12:51 - 2014-06-07 12:51 - 00000000 ____D () C:\Users\Comfor\Desktop\FRST-OlderVersion
2014-06-07 12:51 - 2014-06-05 21:25 - 00000000 ____D () C:\FRST
2014-06-07 12:51 - 2014-06-05 21:22 - 01063424 _____ (Farbar) C:\Users\Comfor\Desktop\FRST.exe
2014-06-07 12:40 - 2012-02-27 19:03 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-07 12:33 - 2006-11-02 14:47 - 00005168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-07 12:33 - 2006-11-02 14:47 - 00005168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-07 12:10 - 2012-04-30 20:42 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-07 08:38 - 2006-11-02 14:52 - 01117373 _____ () C:\Windows\WindowsUpdate.log
2014-06-07 08:34 - 2006-11-02 14:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-06-07 08:33 - 2013-10-03 11:33 - 00643218 _____ () C:\Windows\PFRO.log
2014-06-07 08:33 - 2012-02-27 19:03 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-07 08:33 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-07 08:32 - 2014-06-07 08:30 - 00000000 ____D () C:\AdwCleaner
2014-06-07 08:32 - 2009-07-15 15:00 - 00000000 ____D () C:\ProgramData\ICQ
2014-06-07 08:32 - 2006-11-02 15:01 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-07 08:28 - 2014-06-07 08:28 - 01333465 _____ () C:\Users\Comfor\Desktop\adwcleaner_3.212.exe
2014-06-05 21:32 - 2014-06-05 21:31 - 00000000 ____D () C:\rsit
2014-06-05 21:31 - 2014-06-05 21:31 - 01107968 _____ () C:\Users\Comfor\Desktop\RSIT.exe
2014-06-05 21:31 - 2014-06-05 21:31 - 00000000 ____D () C:\Program Files\trend micro
2014-06-05 21:19 - 2007-08-21 16:05 - 00000000 ____D () C:\install
2014-06-05 21:07 - 2007-08-28 09:59 - 00002635 _____ () C:\Users\Comfor\Desktop\Microsoft Office Word 2007.lnk
2014-06-05 20:47 - 2014-04-08 11:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-05 20:47 - 2009-06-27 15:26 - 00000000 ___RD () C:\Program Files\Skype
2014-06-05 20:47 - 2007-08-28 09:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-06-05 20:47 - 2007-08-27 16:28 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-06-05 20:47 - 2007-08-27 15:47 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\GHISLER
2014-06-05 20:47 - 2007-08-21 15:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-05 20:47 - 2007-08-21 15:32 - 00000000 ____D () C:\Program Files\Adobe
2014-06-05 20:47 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\spool
2014-06-05 20:47 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\registration
2014-06-05 20:47 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-04 08:40 - 2012-11-08 20:24 - 00100832 _____ () C:\Users\Comfor\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-04 08:40 - 2012-11-08 20:23 - 00372856 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-03 20:23 - 2014-06-03 19:55 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-03 19:59 - 2014-06-03 19:59 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-06-03 19:56 - 2007-08-28 09:57 - 00002661 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Otevřít dokument sady Microsoft Office.lnk
2014-06-03 19:56 - 2007-08-28 09:57 - 00002637 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Nový dokument sady Microsoft Office.lnk
2014-06-03 19:55 - 2014-06-03 19:55 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-06-03 19:55 - 2014-06-03 19:55 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio
2014-06-02 21:50 - 2006-11-02 12:33 - 01532822 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-02 13:53 - 2007-10-31 20:49 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\Skype
2014-06-02 11:53 - 2012-09-14 09:02 - 00002505 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-06-02 11:53 - 2007-10-31 20:44 - 00000000 ____D () C:\ProgramData\Skype
2014-05-29 15:51 - 2014-05-29 15:50 - 00000000 ____D () C:\Program Files\AVAST Software
2014-05-29 14:21 - 2014-05-29 14:21 - 04796856 _____ (AVAST Software) C:\Users\Comfor\Downloads\avast_free_antivirus_setup_online.exe
2014-05-29 14:13 - 2012-02-27 19:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-29 07:19 - 2014-05-29 06:51 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-29 07:16 - 2007-08-27 16:28 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-29 07:09 - 2014-05-29 07:09 - 00000000 ____D () C:\Users\Comfor\AppData\Local\Adobe
2014-05-29 07:09 - 2007-08-27 14:05 - 00000000 ____D () C:\Users\Comfor\AppData\Roaming\Adobe
2014-05-29 06:51 - 2014-05-29 06:51 - 00001896 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-05-28 08:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-28 08:02 - 2010-02-24 19:33 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-05-27 15:44 - 2014-05-27 15:44 - 00000000 ____D () C:\Program Files\MSBuild
2014-05-27 10:22 - 2011-08-08 21:07 - 00000000 ____D () C:\Program Files\Common Files\Panasonic
2014-05-27 10:22 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-05-27 10:22 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2014-05-27 10:22 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Windows Journal
2014-05-27 10:22 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Movie Maker
2014-05-27 10:22 - 2006-11-02 14:37 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-05-27 10:22 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\System
2014-05-27 10:21 - 2007-08-27 16:04 - 00000000 ____D () C:\Program Files\Common Files\ACD Systems
2014-05-27 10:13 - 2007-08-22 09:29 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-05-24 09:41 - 2012-11-19 01:12 - 00000789 _____ () C:\Windows\setupact.log
2014-05-15 23:33 - 2013-07-17 15:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 23:29 - 2006-11-02 12:24 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-05-15 21:01 - 2011-06-29 13:43 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 21:01 - 2008-04-06 20:13 - 00411680 ____N (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-15 21:01 - 2007-10-04 08:07 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswrdr.sys
2014-05-14 15:10 - 2012-04-30 20:42 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-14 15:10 - 2011-07-06 08:11 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Comfor\AppData\Local\Temp\mpegc.dll
C:\Users\Comfor\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Comfor\AppData\Local\Temp\nvStInst.exe
C:\Users\Comfor\AppData\Local\Temp\Quarantine.exe
C:\Users\Comfor\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Comfor\AppData\Local\Temp\_isD5A6.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================


Available physical RAM: 1107.48 MB
Total physical RAM: 2046.83 MB
Percentage of memory in use: 45%

==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Comfor\Desktop" je 4 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut
"C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCTV 310i Antenna Power
"C:\Program Files\Pinnacle\Shared Files\Drivers\Tools\PCTV 310i Antenna Power.exe" /silent [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
"C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl
"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Toolbar_eula_launcher
C:\install\google\eula\EULALauncher.exe [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.1 HD Lite Edition.lnk
C:\PROGRA~1\COMMON~1\PANASO~1\PHOTOF~1\AUTOST~1.EXE [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\MountPoints2: {b5494747-6c57-11dc-bffc-00004d2d893c} - G:\TrueCrypt\TrueCrypt.exe /q background /e /c y /m ro /m rm /v "Secret\Corsair.tc"
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\MountPoints2: {eae167b4-025d-11de-a65e-001a4d2a5c6f} - G:\WDSetup.exe
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\MountPoints2: {f352cb0f-0345-11e2-8df7-001a4d2a5c6f} - F:\unlock.exe autoplay=true
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
C:\Program Files\Skype\Toolbars
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
U3 an9u5taa; No ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Comfor\AppData\Local\Temp
End

Uložte na plochu jako fixlist.txt. Pak znovu spusťte FRST a klikněte na >Fix<. Zkopírujte sem pak log, který se na závěr vytvoří.

Vytvořený log:

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:06-06-2014
Ran by Comfor at 2014-06-07 13:14:58 Run:1
Running from C:\Users\Comfor\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\MountPoints2: {b5494747-6c57-11dc-bffc-00004d2d893c} - G:\TrueCrypt\TrueCrypt.exe /q background /e /c y /m ro /m rm /v "Secret\Corsair.tc"
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\MountPoints2: {eae167b4-025d-11de-a65e-001a4d2a5c6f} - G:\WDSetup.exe
HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\...\MountPoints2: {f352cb0f-0345-11e2-8df7-001a4d2a5c6f} - F:\unlock.exe autoplay=true
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTer ... DF&PC=AV01
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll No File
C:\Program Files\Skype\Toolbars
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
U3 an9u5taa; No ImagePath
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Comfor\AppData\Local\Temp
End
*****************

'HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b5494747-6c57-11dc-bffc-00004d2d893c}' => Key deleted successfully.
'HKCR\CLSID\{b5494747-6c57-11dc-bffc-00004d2d893c}'=> Key not found.
'HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eae167b4-025d-11de-a65e-001a4d2a5c6f}' => Key deleted successfully.
'HKCR\CLSID\{eae167b4-025d-11de-a65e-001a4d2a5c6f}'=> Key not found.
'HKU\S-1-5-21-4277153804-2581763958-2727245661-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f352cb0f-0345-11e2-8df7-001a4d2a5c6f}' => Key deleted successfully.
'HKCR\CLSID\{f352cb0f-0345-11e2-8df7-001a4d2a5c6f}'=> Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}'=> Key not found.
'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}' => Key deleted successfully.
'HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}' => Key deleted successfully.
"C:\Program Files\Skype\Toolbars" => File/Directory not found.
C:\Program Files\QuickTime\plugins\npqtplugin.dll not found.
C:\Program Files\QuickTime\plugins\npqtplugin2.dll not found.
C:\Program Files\QuickTime\plugins\npqtplugin3.dll not found.
C:\Program Files\QuickTime\plugins\npqtplugin4.dll not found.
C:\Program Files\QuickTime\plugins\npqtplugin5.dll not found.
C:\Program Files\QuickTime\plugins\npqtplugin6.dll not found.
C:\Program Files\QuickTime\plugins\npqtplugin7.dll not found.
C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll not found.
C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll not found.
C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll not found.
c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll not found.
an9u5taa => Service deleted successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.

"C:\Users\Comfor\AppData\Local\Temp" directory move:

C:\Users\Comfor\AppData\Local\Temp\1053381.od => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\1334167.od => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\AdobeARM.log => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\AdobeARM_NotLocked.log => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\AdobeSFX.log => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\AdwCleaner.jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\aeuA4E5.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\aeuA4E5.tmp.dld => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\ASPNETSetup_00000.log => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\ASPNETSetup_00001.log => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\bch285B.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\bch31B2.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\bchD688.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\bchE70F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\bchFA17.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\chrome_installer.log => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Cleaning.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Comfor.bmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\CVR12C5.tmp.cvr => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\CVR5B87.tmp.cvr => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\dd_dotNetFx40LP_Full_x86cs_decompression_log.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\dd_dotNetFx40_Full_setup_decompression_log.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\dd_SetupUtility.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\dd_TMPF93A.tmp_decompression_log.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\dd_wcf_CA_smci_20130609_160238_804.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Donate.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\EULA.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\GCHWCfg.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\GimmeSetup(20140603195819D78).log => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\log3 => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20130609_180110953-MSI_netfx_Extended_x86.msi.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_20130609_180110953.html => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework Language Pack Setup_20130609_180528600-MSI_netfx_ExtendedLP_x86.msi.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework Language Pack Setup_20130609_180528600.html => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\mpegc.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\MSI1736b.LOG => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\MSI1e5fb.LOG => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\MSI34ebb.LOG => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\MSI82646.LOG => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\MSI8289.LOG => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\MSIe4e8.LOG => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\nvSCPAPI.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\nvStInst.exe => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Report.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Scan.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\set165D.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\SetupExe(20140603195654D78).log => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\TEMP1174.cdx => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\TEMP1174.dbf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\TEMP1289.cdx => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\TEMP1289.dbf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\TEMP2000.cdx => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\TEMP2000.dbf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\TEMP2004.cdx => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\TEMP2004.dbf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\TEMP8611.cdx => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\TEMP8611.dbf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\tmp16EA.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\tmp9F20.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\tmpAD8F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\tmpDC81.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\tmpF337.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Uninstall.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\wmsetup.log => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\_isD5A6.exe => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\{AC76BA86-7AD7-1029-7B44-A81200000003}.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~321C.bat => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~321C.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~3D72.bat => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~3D72.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~AC.bat => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~AC.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF13A.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF187E.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF18C3.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF1A74.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF1B0A.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF1B44.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF1C56.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF1C9B.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF1D18.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF202F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF20F0.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF2267.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF247F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF25D4.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF2617.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF2636.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF2912.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF292A.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF2BDC.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF2D00.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF2DB0.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF300F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF308.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF309F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF310E.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF3377.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF33A.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF33F6.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF343A.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF343F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF3547.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF38B8.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF3B23.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF3B79.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF3C17.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF3E92.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF3F95.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF4284.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF433E.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF4410.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF498F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF4A02.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF4A1.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF4BD.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF4E7B.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF4EDC.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF4FED.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF50FC.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF522D.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF53E6.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF547.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF5512.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF551A.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF5574.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF5706.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF5707.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF5781.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF5A1B.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF5C79.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF5C98.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF5F9C.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF610D.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF6231.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF63B9.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF640D.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF64BE.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF65E2.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF66F5.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF698E.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF6BCD.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF6BFC.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF6CE5.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF6E2B.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF704D.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF7165.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF71D1.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF74AD.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF754F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF78CA.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF798C.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF7A4B.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF7D1F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF7E2A.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF7F00.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF8065.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF819.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF81EA.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF820B.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF820C.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF8478.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF863D.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF8A16.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF8B56.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF8C4.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF8D37.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF8DA1.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF8ED0.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF8FA6.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF9021.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF924.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF9676.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF97DC.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF9823.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF98EC.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF9937.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF99A1.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF9B9A.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF9CA7.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF9CF.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF9F36.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DF9F7B.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFA09D.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFA3DD.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFA8D.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFA9F4.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFAC33.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFAE6F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFAF56.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFAF7B.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFAF7F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFB06E.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFB1BD.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFB1CA.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFB500.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFB61.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFB837.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFB84D.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFBA15.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFBB10.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFBB32.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFBC4C.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFBC93.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFBDE7.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFBEA8.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFC00.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFC35.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFC40E.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFC41.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFC46.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFC53F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFC559.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFC5DC.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFC841.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFC8EB.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFC988.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFCC30.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFCD38.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFCF8C.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFD17.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFD35A.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFD5A4.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFD5D8.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFD66C.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFD8EB.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFD9A8.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFD9C2.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFD9FB.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFDA2.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFDBA5.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFDC1B.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFDC73.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFDEAB.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFDEBC.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFDEE1.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFDF21.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFDF33.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFDF59.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFE13B.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFE287.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFE2C3.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFE31B.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFE3DD.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFE561.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFE879.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFE87A.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFE903.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFE9F4.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFEB7E.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFEBCA.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFEE16.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFEE33.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFEF26.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFF036.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFF190.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFF1BB.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFF1D6.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFF204.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFF378.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFF3B4.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFF6A4.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFF7B7.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFF841.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFFA34.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFFB96.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFFBE8.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFFCC7.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFFDD3.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFFDE5.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFFE00.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\~DFFF29.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\{9C3BB36F-064D-4660-A2A7-463BBE669BB0}\{F78AC3C0-578C-49AB-BD4E-3107A6036A13}\SI.bin => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\_av_sfx.tm~a05528\setup_av_free.exe => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Word8.0\MSForms.exd => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\desktop.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\index.dat => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\JC3JT5GR\avatar[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\JC3JT5GR\avatar[2].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\JC3JT5GR\desktop.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\GMU8Z85X\avatar[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\GMU8Z85X\avatar[2].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\GMU8Z85X\desktop.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\7R5IQK0A\avatar[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\7R5IQK0A\avatar[2].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\7R5IQK0A\desktop.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\3N1KP1PN\avatar[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\3N1KP1PN\desktop.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\3N1KP1PN\xml[1].xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Temporary Internet Files\Content.IE5\3N1KP1PN\xml[3].xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Skype\DbTemp\temp-2OaqfVtfI0GcreLzeQK5WfOW => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Skype\DbTemp\temp-62YP1fjeDm0Ddga2wUOKYU5e => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Setup00000d78\BRANDING.XML => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Setup00000d78\OSETUP.DLL => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Setup00000d78\OSETUPUI.DLL => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Setup00000d78\SETUP.CHM => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Rar$ML00.107\CTVoD.Client.rar => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Rar$DI00.268\recept-str2.jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\msohtmlclip1\01\clip_colorschememapping.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\msohtmlclip1\01\clip_themedata.thmx => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\DHtmlHeader.html => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\DisplayIcon.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\dotNetFx40LP_Full_x86cs.exe => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\header.bmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\netfx_Extended.mzz => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\netfx_Extended_x86.msi => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\ParameterInfo.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Setup.exe => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupEngine.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUi.xsd => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SetupUtility.exe => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\SplashScreen.bmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\sqmapi.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Strings.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\UiInfo.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\watermark.bmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Windows6.0-KB956250-v6001-x86.msu => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Windows6.1-KB958488-v6001-x86.msu => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Print.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate1.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate2.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate3.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate4.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate5.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate6.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate7.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Rotate8.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Save.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\Setup.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\stop.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\SysReqMet.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\SysReqNotMet.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Graphics\warn.ico => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Extended\Parameterinfo.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Extended\UiInfo.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Client\Parameterinfo.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\Client\UiInfo.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3082\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\3076\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2070\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\2052\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1055\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1053\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1049\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1046\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1045\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1044\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1043\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1042\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1041\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1040\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1038\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1037\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1036\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1035\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1033\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1032\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1031\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1030\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1029\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1028\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\eula.rtf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\LocalizedData.xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Microsoft .NET Framework 4 Setup_4.0.30319\1025\SetupResources.dll => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\dat12A6.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\dat43B3.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\dat469A.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\dat5C62.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\dat5C82.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\dat5CA2.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\dat5CA4.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\dat741.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\dat74F5.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\dat92A5.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datC11E.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datC710.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datD0.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datD940.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datE52.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datF868.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datFAF5.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datFB15.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datFB26.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datFB36.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datFC3D.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datFC79.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\datFC7A.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2r10.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2r1670.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2r1C79.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2r3AA0.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2r5E04.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2r5F07.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2r6CB4.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2r7361.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2r87D8.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2r94AA.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2rBC85.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2rD9FA.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\h2rF9FE.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2h166F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2h1C78.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2h3A9F.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2h5E03.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2h5F06.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2h6CB3.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2h7360.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2h87D7.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2h94A9.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2hBC84.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2hD9F9.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2hF.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\r2hF9FD.tmp => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\desktop.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\index.dat => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\36f8865ff0.360[1].mp4 => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\Adform.Bootstrap[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\arrow-down[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\arrow-stream[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\bar_bck[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\BebasNeue-webfont[1].woff => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\crossdomain[1].xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\desktop.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\ico-homepage[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\ipv6test_semnicneposilejte_cz[1].htm => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\lite[1].css => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\lite[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\l_42834a60[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\novinky_all[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\plusone[2].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\settings-hover-arrow[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\skin-grad[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\stin[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\style[1].css => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\userweb[1].css => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\userweb_print[1].css => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\utek-z-vezeni[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\video[1].swf => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\vrchni_stin[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\wtsky0Emo_J[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\xd_arbiter[1].htm => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\z_clanky_bottom[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\SGM24CAQ\z_encyklopedie_bottom[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\01x10-kejkle[1].htm => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\01x13-konec-tunelu[1].htm => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\aes_light[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\bg[2].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\bubble-white[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\cb=gapi[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\csfd[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\desktop.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\dot-small[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\edbffa95e9.360[1].mp4 => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\funkce[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\ga[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\lights_off[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\loader_nav13132_3[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\loader_nav13136_3[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\l_2ba3b517[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\nadpis[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\nazev_en[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\nazev_sk[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\predchozi[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\sipka_schovat[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\sprite4-a67f741843ffc4220554c34bd01bb0bb[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\upload[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\userweb_handheld[1].css => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\x[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\ZCjlUoyJSKd[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\z_firmy_bottom[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\z_fulltext_bottom[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\R7D4W8CG\z_slovnik_bottom[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\0-homepage[2].css => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\01x11-dalsi-do-hry[1].htm => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\ads_close[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\all[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\cb=gapi[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\cb=gapi[2].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\cb=gapi[3].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\desktop.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\dot-small[2].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\f7c51e251e.360[1].mp4 => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\gemius[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\homepage-all[2].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\ico-download[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\ico-set-content[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\im-adform[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\im2[2].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\imdb[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\lang3_0[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\lightbox[1].css => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\lights_on[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\l_10beabdc[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\l_5167578a[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\l_5f2c8a51[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\l_65048769[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\nazev_cz[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\pata[2].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\PIE[1].txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\pirati[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\seznam_cz[1].htm => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\widgets[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3P14TP36\zhasnuto[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\01x12-jeden-z-kola-ven[1].htm => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\activateFlashObject[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\Adform.RMB[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\aes_light[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\article_standard[1].css => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\button[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\cb=gapi[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\crossdomain[1].xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\crossdomain[2].xml => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\cz[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\desktop.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\fb_fans[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\inputbck[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\ipprototest[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\jquery-latest[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\jwplayer[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\l_201967c0[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\l_fd627359[1].jpg => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\nasledujici[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\plusone[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\sipka_zobrazit[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\szn-script[1].js => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\upload_inv_mono[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\w13[1].png => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\xd_arbiter[1].htm => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\z_mapy_bottom[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\z_obrazky_bottom[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5\3528UPGR\z_zbozi_bottom[1].gif => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\History\History.IE5\desktop.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\History\History.IE5\index.dat => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\0FXARQ97.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\1Q3G5E96.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\44NYLQOF.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\73HNE5CM.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\7ZXG2RDA.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\GMJ8CBC4.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\index.dat => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\JUWX866E.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\LGQWM2TM.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\LPNIECVC.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\NGCNJY44.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\PKDWB4K0.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\QH5C7C1W.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\W8101XQK.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Low\Cookies\WBPGCKE6.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\History\History.IE5\desktop.ini => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\History\History.IE5\index.dat => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\CRX_75DAF8CB7768\crl-set => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\CRX_75DAF8CB7768\manifest.json => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Cookies\3TEQSHTC.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Cookies\index.dat => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\Cookies\X72YG6NI.txt => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\avastBCLTMP\chrome\Default\Web Data => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\afolder\MSGBOX.EXE => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\7444_5685\crl-set => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\7444_5685\manifest.fingerprint => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\7444_5685\manifest.json => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\4132_14598\crl-set => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\4132_14598\manifest.fingerprint => Moved successfully.
C:\Users\Comfor\AppData\Local\Temp\4132_14598\manifest.json => Moved successfully.
Could not move "C:\Users\Comfor\AppData\Local\Temp" directory. => Scheduled to move on reboot.


=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-06-07 13:19:23)<=

C:\Users\Comfor\AppData\Local\Temp => Moved successfully.

==== End of Fixlog ====

Smazáno. Nastala nějaká změna?

Bohužel žádnou změnu nevidím Programy stále nenalezeny. Na ploše zůstali pouze zástupci odkazující na *.exe soubory, ale ty se "ztratily".
Například zmizel Avast, ale když jsem zkoušel nainstalovat nový, tak mi to nedovolil s o´dkazem na to, že se to aktuální verzi Avastu nelíbí, že to nepovolí nebo tak něco
2 dny takto nebyl k nalezení WMP, ale ten se (pro mě záhadně) zase objevil (možná se sám znovu nainstaloval). To samé zkoušel při otevření Wordovského dokumentu. Napsal, že to nejde a sám se začal "instalovat" znova, aniž by cokoli chtěl. A pak Word fungovat ...
Nerozumím tomu, jak se mohlo několik programůnajednou "ztratit"

Já také ne, tenhle problém jsme tu dosud neměli.zkuste obnovu systému k datu,kdy korektně fungoval a sdělte mi,co se změnilo.

To už jsem zkoušel a bohužel se nezdařila Opakoval jsem pokus k ještě staršímu datu, ale ani to se nezdařilo. Ale nepsal nějaké důvody proč. Jen že se obnova nezdařila

Vypadá to na poškození systému. Dejte log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

provedeno, překvapilo mě, že nechtěl restart ...
zde je log:

ComboFix 14-06-04.01 - Comfor 07.06.2014 18:22:57.1.2 - x86
Spuštěný z: c:\users\Comfor\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\asw77DD.tmp
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-05-07 do 2014-06-07 )))))))))))))))))))))))))))))))
.
.
2014-06-07 16:31 . 2014-06-07 16:32 -------- d-----w- c:\users\Comfor\AppData\Local\temp
2014-06-07 16:31 . 2014-06-07 16:31 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-06-07 16:31 . 2014-06-07 16:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-07 06:31 . 2010-08-30 06:34 536576 ----a-w- c:\windows\system32\sqlite3.dll
2014-06-07 06:30 . 2014-06-07 06:32 -------- d-----w- C:\AdwCleaner
2014-06-06 15:53 . 2014-04-30 23:37 8073384 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{B35D3849-9B06-47FB-ACDA-E498D861D00E}\mpengine.dll
2014-06-05 19:31 . 2014-06-05 19:32 -------- d-----w- C:\rsit
2014-06-05 19:31 . 2014-06-05 19:31 -------- d-----w- c:\program files\trend micro
2014-06-05 19:25 . 2014-06-07 11:25 -------- d-----w- C:\FRST
2014-06-03 17:55 . 2014-06-03 17:55 -------- d-----w- c:\program files\Microsoft.NET
2014-05-29 13:50 . 2014-05-29 13:51 -------- d-----w- c:\program files\AVAST Software
2014-05-29 05:09 . 2014-05-29 05:09 -------- d-----w- c:\users\Comfor\AppData\Local\Adobe
2014-05-27 13:44 . 2014-05-27 13:44 -------- d-----w- c:\program files\MSBuild
2014-05-15 21:26 . 2014-05-05 23:14 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-15 19:01 . 2011-06-29 11:43 777488 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-05-15 19:01 . 2008-04-06 18:13 411680 ------w- c:\windows\system32\drivers\aswsp.sys
2014-05-15 19:01 . 2007-10-04 06:07 54832 ----a-w- c:\windows\system32\drivers\aswrdr.sys
2014-05-14 13:10 . 2012-04-30 18:42 692400 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-14 13:10 . 2011-07-06 06:11 70832 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-01 07:49 . 2014-05-01 07:50 24184 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-01 07:49 . 2013-04-21 15:57 180632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-01 07:49 . 2013-04-21 15:57 49944 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-01 07:49 . 2011-06-29 11:43 776976 ----a-w- c:\windows\system32\drivers\aswsnx.sys.1400180499575
2014-05-01 07:49 . 2007-10-04 06:07 57672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2014-05-01 07:49 . 2007-10-04 06:07 67824 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-01 07:49 . 2014-05-01 07:49 43152 ------w- c:\windows\avastSS.scr
2014-05-01 07:49 . 2007-10-04 06:07 54832 ----a-w- c:\windows\system32\drivers\aswrdr.sys.1400180499575
2014-05-01 07:49 . 2007-10-04 06:07 271264 ------w- c:\windows\system32\aswBoot.exe
2014-03-31 20:46 . 2014-03-31 20:46 130712 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2014-03-31 20:46 . 2014-03-31 20:46 1070232 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2014-03-31 07:35 . 2009-10-03 07:43 231584 ------w- c:\windows\system32\MpSigStub.exe
2014-03-30 06:39 . 2007-08-27 14:24 87608 ----a-w- c:\users\Comfor\AppData\Roaming\inst.exe
2014-03-30 06:39 . 2007-08-27 14:24 47360 ----a-w- c:\users\Comfor\AppData\Roaming\pcouffin.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Device Detector"="DevDetect.exe -autorun" [X]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-29 4317184]
"VX3000"="c:\windows\vVX3000.exe" [2006-12-05 707360]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 6.1 HD Lite Edition.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 6.1 HD Lite Edition.lnk
backup=c:\windows\pss\PHOTOfunSTUDIO 6.1 HD Lite Edition.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OrderReminder]
2006-01-30 16:00 98304 ----a-r- c:\program files\Hewlett-Packard\OrderReminder\OrderReminder.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"AntiVirusOverride"=dword:00000001
.
R3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE;c:\windows\system32\DRIVERS\3xHybrid.sys [2006-11-22 1121536]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Obsah adresáře 'Naplánované úlohy'
.
2014-06-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-30 13:10]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
mStart Page = www.google.com
uInternet Settings,ProxyServer = 10.1.1.30:8080
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 213.192.60.6 213.192.60.5
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
HKLM-Run-LifeCam - c:\program files\Microsoft LifeCam\LifeExp.exe
HKLM-Run-APSDaemon - c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
HKLM-Run-AvastUI.exe - c:\program files\Alwil Software\Avast5\AvastUI.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-LanguageShortcut - c:\program files\CyberLink\PowerDVD\Language\Language.exe
MSConfigStartUp-NeroFilterCheck - c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
MSConfigStartUp-PCTV 310i Antenna Power - c:\program files\Pinnacle\Shared Files\Drivers\Tools\PCTV 310i Antenna Power.exe
MSConfigStartUp-QuickTime Task - c:\program files\QuickTime\QTTask.exe
MSConfigStartUp-RemoteControl - c:\program files\CyberLink\PowerDVD\PDVDServ.exe
MSConfigStartUp-Toolbar_eula_launcher - c:\install\google\eula\EULALauncher.exe
HKLM_ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - c:\program files\Google\Chrome\Application\34.0.1847.137\Installer\chrmstp.exe
AddRemove-CCleaner - c:\program files\CCleaner\uninst.exe
AddRemove-CTVoD - c:\program files\VisualConnection\VideopujcovnaCT\CTVoD_Uninst.exe
AddRemove-Google Chrome - c:\program files\Google\Chrome\Application\34.0.1847.137\Installer\setup.exe
AddRemove-KLiteCodecPack_is1 - c:\program files\K-Lite Codec Pack\unins000.exe
AddRemove-Nero - Burning Rom!UninstallKey - c:\program files\Nero\Nero 7\\nero\uninstall\UNNERO.exe
AddRemove-WinRAR archiver - c:\program files\WinRAR\uninstall.exe
AddRemove-winscp3_is1 - c:\program files\WinSCP\unins000.exe
AddRemove-Zachraň kamarády! - c:\program files\Zachraň kamarády!\uninstal.exe
AddRemove-{60DE4033-9503-48D1-A483-7846BD217CA9} - c:\program files\InstallShield Installation Information\{60DE4033-9503-48D1-A483-7846BD217CA9}\setup.exe
AddRemove-{7E653036-DE31-4BFD-96BB-421CC72E06FC} - c:\program files\InstallShield Installation Information\{7E653036-DE31-4BFD-96BB-421CC72E06FC}\setup.exe
AddRemove-{8833FFB6-5B0C-4764-81AA-06DFEED9A476} - c:\program files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver - c:\program files\NVIDIA Corporation\Installer2\installer.{086FEFE3-0171-4DDB-AFF9-40BC383AA829}\NVI2.DLL
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB - c:\program files\NVIDIA Corporation\Installer2\installer.{086FEFE3-0171-4DDB-AFF9-40BC383AA829}\NVI2.DLL
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX - c:\program files\NVIDIA Corporation\Installer2\installer.{086FEFE3-0171-4DDB-AFF9-40BC383AA829}\NVI2.DLL
AddRemove-{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update - c:\program files\NVIDIA Corporation\Installer2\installer.{180EC21A-8C5D-467D-9094-A94262256903}\NVI2.DLL
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-06-07 18:32
Windows 6.0.6002 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
Celkový čas: 2014-06-07 18:35:14
ComboFix-quarantined-files.txt 2014-06-07 16:35
.
Před spuštěním: Volných bajtů: 152 272 650 240
Po spuštění: Volných bajtů: 152 983 007 232
.
- - End Of File - - C5DAF81730F142D816E1E7BB6C4D8631
5C616939100B85E558DA92B899A0FC36

Něco CF smazal, ale nic podstatného. Proč se vám programy smazaly, nevím, ale původcem není virus. zbytek logu je OK. Budete muset programy přeinstalovat.

No jen nějak netuším, jak mám znova nainstalovat Avast, když tam není, ale tváří se jako že je
Teda nevím, jak teď po pročištění. To ještě zkusím ...
Děkuji za pomoc