Prosím o pomoc

[zonik]

Již kratší čas docházelo k zpomalení PC. Objevila se mi modrá obrazovka, při večerejším testu Avastu nalezen vir, po testu po restartu hned několik, postupoval jsem podle doporučení antiviru, nyní však po zapnutí mi to hlásí, že OS Windows Vista je nepravá a mám žádat o legální Microsoft software. Přitom počítač mám od roku 2007 a nikdy žádný problém nebyl, byl kupován s originálním softwerem, včetně OS Vista. Prosím pomozte.

[zonik]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Martin at 2014-02-17 16:33:31
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 11 GB (4%) free of 285 GB
Total RAM: 2045 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:34:59, on 17.2.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16533)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Windows\System32\rundll32.exe
C:\Windows\PixArt\PAC7302\Monitor.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Martin\Dokumenty\Plocha\RSIT.exe
C:\Program Files\trend micro\Martin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: CrossriderApp0051108 - {11111111-1111-1111-1111-110511111108} - C:\Program Files\Plus-HD-8.1\Plus-HD-8.1-bho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [USBToolTip] C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PAC7302_Monitor] C:\Windows\PixArt\PAC7302\Monitor.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\Alwil Software\Avast5\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [icq] C:\Users\Martin\AppData\Roaming\ICQM\icq.exe -CU
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Martin\AppData\Roaming\ICQM\icq.exe (HKCU)
O9 - Extra 'Tools' menuitem: ICQ - {086C8477-4F71-4550-87FB-AF0AE8DF3E98} - C:\Users\Martin\AppData\Roaming\ICQM\icq.exe (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate1ca00a16af0aeac) (gupdate1ca00a16af0aeac) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 7249 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Plus-HD-8.1-codedownloader.job
C:\Windows\tasks\Plus-HD-8.1-enabler.job
C:\Windows\tasks\Plus-HD-8.1-firefoxinstaller.job
C:\Windows\tasks\Plus-HD-8.1-updater.job
C:\Windows\tasks\Plus-HD-8.1-validator.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://www.google.cz/"
prefs.js - "extensions.enabledItems" - "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1, vk@sergeykolosov.mp:0.3.1, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}"=C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
"wrc@avast.com"=C:\Program Files\Alwil Software\Avast5\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 12.0.0.44 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@ei.VideoDownloadConverter_4z.com/Plugin]
"Description"=VideoDownloadConverter Plugin
"Path"=C:\Program Files\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.51.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pack.google.com/Google Updater;version=14]
"Description"=Google Updater
"Path"=C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1]
"Description"=Rhapsody Control
"Path"=C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
browsercomps.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll

C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\extensions\
8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
maps@ovi.com

C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\searchplugins\
freeonlineradioplayerrecorder-v1-customized-web-search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}]
Plus-HD-8.1 - C:\Program Files\Plus-HD-8.1\Plus-HD-8.1-bho.dll [2014-02-15 624128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-12-18 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-02-01 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2011-09-06 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-12-18 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll [2014-02-01 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-05-10 4468736]
"USBToolTip"=C:\PROGRA~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe [2007-02-20 199752]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-11-06 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-11-06 8530464]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-11-06 81920]
"PAC7302_Monitor"=C:\Windows\PixArt\PAC7302\Monitor.exe [2006-11-03 319488]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"AvastUI.exe"=C:\Program Files\Alwil Software\Avast5\AvastUI.exe [2014-02-01 3767096]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02 254336]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"icq"=C:\Users\Martin\AppData\Roaming\ICQM\icq.exe [2014-02-10 33664344]

C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\prwntdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\prwntdrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"MSVideo8"=VfWWDM32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=l3codeca.acm
"msacm.sl_anet"=sl_anet.acm
"vidc.XVID"=xvidvfw.dll
"vidc.mjpg"=pvmjpg30.dll
"vidc.lags"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2014-02-17 16:33:31 ----DC---- C:\rsit
2014-02-16 16:38:26 ----D---- C:\ProgramData\OO Software
2014-02-15 17:57:40 ----DC---- C:\Program Files\Real
2014-02-15 17:33:52 ----DC---- C:\Program Files\Plus-HD-8.1
2014-02-15 01:58:50 ----DC---- C:\Program Files\Mozilla Firefox
2014-02-14 03:02:13 ----A---- C:\Windows\system32\mshtmled.dll
2014-02-14 03:02:12 ----A---- C:\Windows\system32\vbscript.dll
2014-02-14 03:02:10 ----A---- C:\Windows\system32\jsproxy.dll
2014-02-14 03:02:10 ----A---- C:\Windows\system32\ieui.dll
2014-02-14 03:02:09 ----A---- C:\Windows\system32\msfeeds.dll
2014-02-14 03:02:09 ----A---- C:\Windows\system32\ieUnatt.exe
2014-02-14 03:02:08 ----A---- C:\Windows\system32\wininet.dll
2014-02-14 03:02:01 ----A---- C:\Windows\system32\jscript.dll
2014-02-14 03:02:00 ----A---- C:\Windows\system32\jscript9.dll
2014-02-14 03:01:59 ----A---- C:\Windows\system32\url.dll
2014-02-14 03:01:57 ----A---- C:\Windows\system32\iertutil.dll
2014-02-14 03:01:54 ----A---- C:\Windows\system32\urlmon.dll
2014-02-14 03:01:51 ----A---- C:\Windows\system32\ieframe.dll
2014-02-14 03:01:49 ----A---- C:\Windows\system32\mshtml.dll
2014-02-13 21:03:55 ----A---- C:\Windows\system32\msxml3.dll
2014-01-18 08:16:10 ----A---- C:\Windows\system32\javaws.exe
2014-01-18 08:16:01 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2014-01-18 08:16:01 ----A---- C:\Windows\system32\javaw.exe
2014-01-18 08:16:01 ----A---- C:\Windows\system32\java.exe

======List of files/folders modified in the last 1 month======

2014-02-17 16:33:35 ----DC---- C:\Program Files\Trend Micro
2014-02-17 16:33:22 ----D---- C:\Windows\temp
2014-02-17 15:58:16 ----SHD---- C:\Windows\Installer
2014-02-17 15:58:15 ----RDC---- C:\Program Files
2014-02-17 15:58:15 ----D---- C:\ProgramData
2014-02-17 15:58:11 ----D---- C:\Users\Martin\AppData\Roaming\RealNetworks
2014-02-17 15:57:03 ----D---- C:\Windows\Prefetch
2014-02-17 15:54:21 ----D---- C:\ProgramData\Real
2014-02-17 15:53:32 ----D---- C:\Users\Martin\AppData\Roaming\Real
2014-02-17 15:53:28 ----D---- C:\Windows\winsxs
2014-02-17 15:53:24 ----D---- C:\Windows\System32
2014-02-17 15:51:38 ----D---- C:\Windows\system32\Tasks
2014-02-17 08:08:07 ----SHD---- C:\System Volume Information
2014-02-16 18:40:45 ----D---- C:\Windows\Tasks
2014-02-16 18:12:22 ----D---- C:\Windows\inf
2014-02-16 18:12:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-02-16 17:07:07 ----DC---- C:\Program Files\Mozilla Maintenance Service
2014-02-15 20:11:55 ----A---- C:\Windows\NeroDigital.ini
2014-02-15 18:32:37 ----DC---- C:\Program Files\EASEUS
2014-02-15 17:58:19 ----A---- C:\Windows\system32\rmoc3260.dll
2014-02-15 17:58:03 ----A---- C:\Windows\system32\pndx5032.dll
2014-02-15 17:58:03 ----A---- C:\Windows\system32\pndx5016.dll
2014-02-15 17:57:47 ----A---- C:\Windows\system32\msvcr71.dll
2014-02-15 17:24:49 ----DC---- C:\Program Files\The KMPlayer
2014-02-14 03:49:06 ----D---- C:\Windows\Microsoft.NET
2014-02-14 03:48:10 ----RSD---- C:\Windows\assembly
2014-02-14 03:35:38 ----D---- C:\Windows\system32\migration
2014-02-14 03:35:37 ----D---- C:\Program Files\Internet Explorer
2014-02-14 03:14:07 ----D---- C:\Windows\system32\MRT
2014-02-14 03:10:58 ----A---- C:\Windows\system32\mrt.exe
2014-02-14 03:04:46 ----D---- C:\Windows\system32\catroot
2014-02-14 03:04:23 ----D---- C:\Windows\system32\catroot2
2014-02-10 11:41:52 ----D---- C:\Users\Martin\AppData\Roaming\ICQM
2014-02-05 21:32:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2014-02-01 10:58:01 ----D---- C:\Windows
2014-02-01 09:02:41 ----A---- C:\Windows\system32\aswBoot.exe
2014-01-29 21:00:25 ----D---- C:\Program Files\Common Files\Adobe AIR
2014-01-29 20:26:11 ----D---- C:\Users\Martin\AppData\Roaming\gtk-2.0
2014-01-27 18:57:26 ----D---- C:\Users\Martin\AppData\Roaming\OpenOffice.org2
2014-01-18 08:16:01 ----D---- C:\Program Files\Java

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AFS;AFS; C:\Windows\system32\drivers\AFS.sys [2010-12-05 77004]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-21 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-12-24 180248]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-09-20 443448]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr.sys [2014-02-01 54832]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-01 775952]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-01 410784]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2014-02-01 57672]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-01 67824]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-04-13 228224]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-05-10 1775712]
R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2005-09-23 171520]
R3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-11-06 8230496]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 66560]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 155136]
R3 X10Hid;X10 Hid Device; C:\Windows\System32\Drivers\x10hid.sys [2006-11-17 13976]
S3 3xHybrid;Philips SAA713x PCI Card; C:\Windows\system32\DRIVERS\3xHybrid.sys [2007-01-08 1136600]
S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-19 45696]
S3 athrusb;Atheros Wireless LAN USB device driver; C:\Windows\system32\DRIVERS\athrusb.sys [2006-12-22 449536]
S3 Avc;Zařízení AVC; C:\Windows\system32\DRIVERS\avc.sys [2008-01-19 40448]
S3 AVerFx2hbtv;AVerMedia USB SW Hybrid Tuner; C:\Windows\system32\drivers\AVerFx2hbtv.sys [2009-07-01 436480]
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 FETNDIS;VIA Rhine-Family Fast Ethernet Adapter Driver Service; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-19 52608]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 PAC7302;CANYON USB PC CAMERA; C:\Windows\system32\DRIVERS\PAC7302.SYS [2007-11-08 458752]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2013-07-12 73344]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 XUIF;X10 USB Wireless Transceiver; C:\Windows\System32\Drivers\x10ufx2.sys [2006-11-30 27416]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-18 65432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-02-18 110592]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2014-02-01 50344]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate1ca00a16af0aeac;Služba Google Update (gupdate1ca00a16af0aeac); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-09 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-06 194104]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-07-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05 257928]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-09 133104]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-15 118896]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-12-05 774144]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2006-12-23 262144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WPFFontCache_v0400;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 754856]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 x10nets;X10 Device Network Service; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe []

-----------------EOF-----------------

[vyosek]

Zdravim

S hlasenim o nelegalnosti se obratte na podporu microsoftu

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[zonik]

Zdravim

# AdwCleaner v3.019 - Report created 17/02/2014 at 16:41:46
# Updated 17/02/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Martin - MARTIN-PC
# Running from : C:\Users\Martin\Dokumenty\Plocha\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\SimilarSites
Folder Deleted : C:\Program Files\Plus-HD-8.1
Folder Deleted : C:\Users\Martin\AppData\Roaming\SimilarSites
Folder Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\FoxTab
Folder Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\ICQToolbarData
Folder Deleted : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\8ef36653-7dcd-4c5f-81f5-7870fda4b7b7@67e486b0-922d-4a2d-9e3f-77394107f67c.com
Folder Deleted : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj
File Deleted : C:\Windows\Tasks\Plus-HD-8.1-codedownloader.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-8.1-codedownloader
File Deleted : C:\Windows\Tasks\Plus-HD-8.1-enabler.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-8.1-enabler
File Deleted : C:\Windows\Tasks\Plus-HD-8.1-firefoxinstaller.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-8.1-firefoxinstaller
File Deleted : C:\Windows\Tasks\Plus-HD-8.1-updater.job
File Deleted : C:\Windows\System32\Tasks\Plus-HD-8.1-updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F16F3064-B9DC-425A-9B65-112A3A0E3F37}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{14D0A603-35CE-4B15-AD49-F86EAE397C6D}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{14D0A603-35CE-4B15-AD49-F86EAE397C6D}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6B472634-8972-4F4A-80EC-86CDE4C0260D}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B472634-8972-4F4A-80EC-86CDE4C0260D}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DCABD7A1-0407-420E-A4DE-4E7BEE5E1377}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCABD7A1-0407-420E-A4DE-4E7BEE5E1377}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4784680A-A8B8-4E19-B7A9-CF0626236830}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4784680A-A8B8-4E19-B7A9-CF0626236830}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051108.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051108.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051108.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0051108.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511111108}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522112208}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555115508}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566116608}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544114408}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4736d593-3374-4867-9707-30eb39a57ead}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f61b834c-85c4-45e9-8a64-66c97e7621d4}
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Plus-HD-8.1
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\Plus-HD-8.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-8.1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Plus-HD-8.1

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533


-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\prefs.js ]

Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.InstallationThankYouPage", true);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.InstallationTime", 1392482026);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.active", true);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.addressbar", "NA");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.addressbarenhanced", "");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.asyncdb.was_copied", "true");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.asyncdb_dbWasSet", true);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.asyncdb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.asyncinternaldb.was_copied", "true");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.asyncinternaldb_dbWasSet", true);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.backgroundver", 1);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.certdomaininstaller", "");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.changeprevious", false);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.cookie.InstallationTime.value", "%221392482026%22");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001071%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.cookie.jw_token.value", "%2262afdf44-0a38-e4be-d62a-8d06304e5ead%22");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.description", "Turn YouTube videos to High Definition by default");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.domain", "");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.enablesearch", false);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.homepage", "");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.iframe", false);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22EBCA393BB71647D59C8378136B049[...]
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22001071%22%2C%22sub_id%22%3A%220%22%2C%[...]
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22001071%22%2C%22sub_id%22%3A%220%2[...]
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22EBCA393BB71647D59C83[...]
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_appVer.value", "8");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_lastVersion.value", "1");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_nextCheck.expiration", "Mon Feb 17 2014 22:10:12 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.__defualt_browser__.value", "%22ff%22");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22EBCA393B[...]
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.monetization_plugin_last_executable_request.expiration", "Sun Feb 16 2014 06:30:56 GMT+[...]
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.internaldb.monetization_plugin_last_executable_request.value", "%22hxxp%3A//download.slunecnice.cz[...]
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.lastDailyReport", "1392649811605");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.lastUpdate", "1392649812431");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.manifesturl", "");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.name", "Plus-HD-8.1");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.newtab", "");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.opensearch", "");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/51108/plugins/093/ff/plugins.json");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.pluginsversion", 5);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.publisher", "Plus HD");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.searchstatus", 0);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.setnewtab", false);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.thankyou", "");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.updateinterval", 360);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.51108.ver", 8);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.FilesValidatorDueTime", "1392649244150");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.apps", "51108");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.bic", "1443672c3c9bf58540ce3790043b6e94");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.cid", 51108);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.firstrun", false);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.hadappinstalled", true);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.installationdate", 1392482895);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.modetype", "production");
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.reportInstall", true);
Line Deleted : user_pref("extensions.a8ef366537dcd4c5f81f57870fda4b7b767e486b0922d4a2d9e3f77394107f67ccom51108.statsDailyCounter", 6);
Line Deleted : user_pref("extensions.crossrider.bic", "1443672c3c9bf58540ce3790043b6e94");

-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [17871 octets] - [17/02/2014 16:40:53]
AdwCleaner[S0].txt - [17862 octets] - [17/02/2014 16:41:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17923 octets] ##########

[vyosek]

Stahnete Malwarebytes' Anti-Malware (zkracene MBAM) http://forum.viry.cz/viewtopic.php?f=29&t=115222

• Provedte aktualizaci
• Provedte uplny sken - nic nemazte
• MBAM miva obcas falesne detekce, proto vlozte log do prispevku a pockejte na posouzeni

[zonik]

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Verze: v2014.02.17.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Martin :: MARTIN-PC [administrátor]

17.2.2014 17:04:02
MBAM-log-2014-02-17 (19-42-03).txt

Typ: Kompletní kontrola (C:\|D:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 520893
Uplynulý čas: 2 hodin, 37 minut, 31 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 3
C:\Users\Martin\AppData\Local\temp\KMP_3.8.0.120.exe (PUP.Optional.Softonic.A) -> Nebyla provedena žádná instrukce.
C:\Users\Martin\AppData\Local\temp\plus-hd-8-1.exe (Heuristics.Shuriken) -> Nebyla provedena žádná instrukce.
C:\Windows\Tasks\Plus-HD-8.1-validator.job (PUP.Optional.PlusHD.A) -> Nebyla provedena žádná instrukce.

(konec)

[vyosek]

Nalezy nemazte

Dejte lgo z FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[zonik]

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-02-2014
Ran by Martin (administrator) on MARTIN-PC on 17-02-2014 21:26:13
Running from C:\Users\Martin\Dokumenty\Plocha
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Apple, Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Pinnacle Systems GmbH) C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4468736 2007-05-10] (Realtek Semiconductor)
HKLM\...\Run: [USBToolTip] - C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe [199752 2007-02-20] (Pinnacle Systems GmbH)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [NvSvc] - C:\Windows\system32\nvsvc.dll [86016 2007-11-06] (NVIDIA Corporation)
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [8530464 2007-11-06] (NVIDIA Corporation)
HKLM\...\Run: [NvMediaCenter] - C:\Windows\system32\NvMcTray.dll [81920 2007-11-06] (NVIDIA Corporation)
HKLM\...\Run: [PAC7302_Monitor] - C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096 2014-02-01] (AVAST Software)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKU\S-1-5-21-2126688981-4244795158-810744998-1000\...\Run: [icq] - C:\Users\Martin\AppData\Roaming\ICQM\icq.exe [33664344 2014-02-10] (ICQ)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 02 %SystemRoot%\system32\napinsp.dll [50176] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default
FF Homepage: hxxp://www.google.cz/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin: @ei.VideoDownloadConverter_4z.com/Plugin - C:\Program Files\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISB.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @real.com/RhapsodyPlayerEngine,version=1.1 - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\searchplugins\freeonlineradioplayerrecorder-v1-customized-web-search.xml
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\heureka-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\jyxo-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\seznam-cz.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\slunecnice-cz.xml
FF Extension: Ovi Maps 3D browser plugin - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\maps@ovi.com [2011-07-15]
FF Extension: MP4 Downloader - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\mp4downloader@jeff.net.xpi [2013-07-08]
FF Extension: ВКонтакте.ру Downloader - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\vk@sergeykolosov.mp.xpi [2011-06-14]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-15]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-17]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\Alwil Software\Avast5\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\Alwil Software\Avast5\WebRep\FF [2011-03-02]

Chrome:
=======
CHR HomePage: hxxp://www.google.cz/webhp?hl=cs&tab=iw
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.4.5) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Corp. DRM Netscape Plugin) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (RealNetworks Rhapsody Player Engine) - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll No File
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-02-29]
CHR Extension: (Vyhledávání Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-02-29]
CHR Extension: (Peněženka Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (WebSite Recommendation) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\olakgnkoldmagdblaalodobkmeokmgjj [2013-09-22]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-02-29]

========================== Services (Whitelisted) =================

R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [110592 2008-02-18] (Apple, Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344 2014-02-01] (AVAST Software)
S2 gupdate1ca00a16af0aeac; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-07-09] (Google Inc.)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
S4 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [X]

==================== Drivers (Whitelisted) ====================

S3 3xHybrid; C:\Windows\System32\DRIVERS\3xHybrid.sys [1136600 2007-01-08] (Philips Semiconductors GmbH)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [45696 2008-01-19] (Microsoft Corporation)
R0 AFS; C:\Windows\system32\Drivers\AFS.sys [77004 2010-12-05] (Oak Technology Inc.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-02-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-02-01] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-10-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-02-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-02-01] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-02-01] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2013-12-24] ()
S3 AVerFx2hbtv; C:\Windows\System32\drivers\AVerFx2hbtv.sys [436480 2009-07-01] (AVerMedia TECHNOLOGIES, Inc.)
S3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd5.sys [45568 2006-11-02] (VIA Technologies, Inc. )
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [190424 2009-04-11] (Společnost Microsoft)
R3 MarvinBus; C:\Windows\System32\DRIVERS\MarvinBus.sys [171520 2005-09-23] (Pinnacle Systems GmbH)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-02-17] (Malwarebytes Corporation)
R3 Ntfs; C:\Windows\system32\Drivers\Ntfs.sys [1082232 2013-03-03] (Společnost Microsoft)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [458752 2007-11-08] (PixArt Imaging Inc.)
R3 Ph3xIB32; C:\Windows\System32\DRIVERS\Ph3xIB32.sys [1131136 2007-04-03] (Philips Semiconductors GmbH)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [443448 2011-09-20] ()
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13976 2006-11-17] (X10 Wireless Technology, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-17 21:25 - 2014-02-17 21:26 - 00000000 ___DC () C:\FRST
2014-02-17 17:02 - 2014-02-17 17:03 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-02-17 17:02 - 2014-02-17 17:02 - 00000000 ___DC () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-17 17:02 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-02-17 16:40 - 2014-02-17 16:42 - 00000000 ___DC () C:\AdwCleaner
2014-02-17 16:33 - 2014-02-17 16:35 - 00000000 ___DC () C:\rsit
2014-02-16 17:18 - 2014-02-16 17:21 - 00000000 ____D () C:\Users\Martin\Dokumenty\Recover
2014-02-16 16:38 - 2014-02-16 16:38 - 00000000 ____D () C:\ProgramData\OO Software
2014-02-15 17:57 - 2014-02-17 15:54 - 00000000 ___DC () C:\Program Files\Real
2014-02-15 17:34 - 2014-02-17 17:34 - 00002382 _____ () C:\Windows\Tasks\Plus-HD-8.1-validator.job
2014-02-15 01:58 - 2014-02-15 01:59 - 00000000 ___DC () C:\Program Files\Mozilla Firefox
2014-02-14 03:02 - 2014-02-05 09:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 03:02 - 2014-02-05 09:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 03:02 - 2014-02-05 09:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-14 03:02 - 2014-02-05 09:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 03:02 - 2014-02-05 09:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 03:02 - 2014-02-05 09:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 03:02 - 2014-02-05 09:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 03:02 - 2014-02-05 09:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 03:02 - 2014-02-05 09:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-14 03:02 - 2014-02-05 09:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 03:01 - 2014-02-05 09:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 03:01 - 2014-02-05 09:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 03:01 - 2014-02-05 09:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 03:01 - 2014-02-05 09:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 03:01 - 2014-02-05 09:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-14 03:01 - 2014-02-05 09:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-13 21:03 - 2013-12-05 03:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-01 10:58 - 2014-02-16 18:11 - 00001592 _____ () C:\Windows\setupact.log
2014-02-01 10:58 - 2014-02-01 10:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-01-18 08:16 - 2013-12-18 21:10 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-18 08:16 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-18 08:16 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-18 08:16 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-18 08:15 - 2014-01-18 08:16 - 00005163 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log

==================== One Month Modified Files and Folders =======

2014-02-17 21:26 - 2014-02-17 21:25 - 00000000 ___DC () C:\FRST
2014-02-17 21:26 - 2010-10-31 20:40 - 00000000 ____D () C:\Users\Martin\Dokumenty\Plocha
2014-02-17 21:08 - 2011-10-26 10:21 - 01411201 _____ () C:\Windows\WindowsUpdate.log
2014-02-17 20:54 - 2013-10-09 21:33 - 00000940 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-17 20:49 - 2006-11-02 13:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-17 20:49 - 2006-11-02 13:47 - 00003568 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-17 20:32 - 2013-12-23 08:31 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-17 17:34 - 2014-02-15 17:34 - 00002382 _____ () C:\Windows\Tasks\Plus-HD-8.1-validator.job
2014-02-17 17:03 - 2014-02-17 17:02 - 00040776 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamswissarmy.sys
2014-02-17 17:02 - 2014-02-17 17:02 - 00000000 ___DC () C:\Program Files\Malwarebytes' Anti-Malware
2014-02-17 16:51 - 2006-11-02 13:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-17 16:48 - 2013-10-09 21:33 - 00000936 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-17 16:48 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-17 16:45 - 2006-11-02 14:01 - 00032546 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-17 16:42 - 2014-02-17 16:40 - 00000000 ___DC () C:\AdwCleaner
2014-02-17 16:35 - 2014-02-17 16:33 - 00000000 ___DC () C:\rsit
2014-02-17 16:33 - 2010-07-22 11:17 - 00000000 ___DC () C:\Program Files\Trend Micro
2014-02-17 16:13 - 2013-12-26 14:37 - 00000000 ____D () C:\Users\Martin\Dokumenty\Dokumenty na ploše
2014-02-17 15:58 - 2013-01-12 10:46 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\RealNetworks
2014-02-17 15:54 - 2014-02-15 17:57 - 00000000 ___DC () C:\Program Files\Real
2014-02-17 15:54 - 2011-12-25 14:33 - 00000000 ____D () C:\ProgramData\Real
2014-02-17 15:54 - 2008-02-04 11:56 - 00000000 ___RD () C:\Users\Martin\Dokumenty
2014-02-17 15:53 - 2008-02-04 15:41 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Real
2014-02-17 10:08 - 2013-08-31 16:24 - 00000924 _____ () C:\Windows\Tasks\Google Software Updater.job
2014-02-16 22:23 - 2008-07-27 14:54 - 00000151 _____ () C:\Users\Martin\AppData\default.pls
2014-02-16 19:56 - 2008-02-04 11:56 - 00000000 ____D () C:\Users\Martin
2014-02-16 18:12 - 2006-11-02 11:33 - 01525678 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-16 18:11 - 2014-02-01 10:58 - 00001592 _____ () C:\Windows\setupact.log
2014-02-16 17:21 - 2014-02-16 17:18 - 00000000 ____D () C:\Users\Martin\Dokumenty\Recover
2014-02-16 17:07 - 2014-01-03 22:11 - 00000982 _____ () C:\Windows\PFRO.log
2014-02-16 17:07 - 2012-08-30 18:20 - 00000000 ___DC () C:\Program Files\Mozilla Maintenance Service
2014-02-16 16:38 - 2014-02-16 16:38 - 00000000 ____D () C:\ProgramData\OO Software
2014-02-15 20:11 - 2008-10-04 21:02 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-02-15 18:32 - 2009-02-16 21:36 - 00000000 ___DC () C:\Program Files\EASEUS
2014-02-15 17:58 - 2008-09-10 15:56 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\system32\rmoc3260.dll
2014-02-15 17:58 - 2008-02-04 15:42 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5016.dll
2014-02-15 17:58 - 2008-02-04 15:42 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\system32\pndx5032.dll
2014-02-15 17:57 - 2007-05-31 18:53 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2014-02-15 17:24 - 2013-09-23 20:11 - 00000000 ___DC () C:\Program Files\The KMPlayer
2014-02-15 01:59 - 2014-02-15 01:58 - 00000000 ___DC () C:\Program Files\Mozilla Firefox
2014-02-14 03:49 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-14 03:14 - 2013-07-13 00:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 03:10 - 2006-11-02 11:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-11 11:40 - 2011-10-26 14:03 - 00000680 _____ () C:\Users\Martin\AppData\Local\d3d9caps.dat
2014-02-11 11:13 - 2011-09-30 19:54 - 00000000 ____D () C:\Users\Martin\Dokumenty\Obec
2014-02-10 11:41 - 2013-07-29 23:29 - 00001573 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk
2014-02-10 11:41 - 2013-07-29 23:29 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ
2014-02-10 11:41 - 2013-07-29 23:29 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\ICQM
2014-02-05 21:32 - 2013-09-23 22:26 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 21:32 - 2013-09-23 22:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 10:36 - 2013-04-28 10:24 - 00000000 ____D () C:\Users\Martin\Dokumenty\Scenaře
2014-02-05 09:58 - 2014-02-14 03:01 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 09:56 - 2014-02-14 03:02 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 09:53 - 2014-02-14 03:01 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 09:51 - 2014-02-14 03:01 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 09:50 - 2014-02-14 03:02 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 09:49 - 2014-02-14 03:01 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 09:49 - 2014-02-14 03:01 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 09:48 - 2014-02-14 03:02 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 09:48 - 2014-02-14 03:02 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 09:48 - 2014-02-14 03:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 09:48 - 2014-02-14 03:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 09:48 - 2014-02-14 03:01 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 09:47 - 2014-02-14 03:02 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 09:47 - 2014-02-14 03:02 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 09:47 - 2014-02-14 03:02 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 09:46 - 2014-02-14 03:02 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-02 18:46 - 2006-11-02 12:18 - 00000000 ___RD () C:\Users\Public
2014-02-02 18:23 - 2013-08-06 13:14 - 00000000 ____D () C:\Users\Martin\Dokumenty\DT2014
2014-02-01 10:58 - 2014-02-01 10:58 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-01 09:02 - 2011-03-02 17:40 - 00775952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-01 09:02 - 2010-06-30 08:20 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-01 09:02 - 2008-11-10 12:02 - 00410784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-02-01 09:02 - 2008-11-10 12:02 - 00057672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-02-01 09:02 - 2008-11-10 12:02 - 00054832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-02-01 09:02 - 2008-11-10 12:01 - 00270240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-01 09:02 - 2008-11-10 12:01 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-01-29 21:00 - 2008-11-22 12:20 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-01-29 20:53 - 2008-02-04 12:47 - 00000000 ____D () C:\Users\Martin\AppData\Local\Adobe
2014-01-29 20:28 - 2013-09-29 11:38 - 00000000 ____D () C:\Users\Martin\.gimp-2.4
2014-01-29 20:26 - 2008-08-14 16:03 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\gtk-2.0
2014-01-27 18:57 - 2008-05-16 11:10 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\OpenOffice.org2
2014-01-25 11:30 - 2008-02-04 16:37 - 00242176 _____ () C:\Users\Martin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-19 14:20 - 2011-09-11 13:59 - 00000000 ____D () C:\Users\Martin\Dokumenty\Dějepis
2014-01-18 08:16 - 2014-01-18 08:15 - 00005163 _____ () C:\Windows\system32\jupdate-1.7.0_51-b13.log
2014-01-18 08:16 - 2008-04-04 20:39 - 00000000 ____D () C:\Program Files\Java

Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\temp\KMP_3.8.0.120.exe
C:\Users\Martin\AppData\Local\temp\plus-hd-8-1.exe
C:\Users\Martin\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-17 16:59

==================== End Of Log ============================

[zonik]

Dobrý den, mohu se zeptat,

co mám dělat dál ? Už druhý den mi běží PC, když nemám mazat ty nálezy?

[vyosek]

V MBAMu nalezy nemazte, smazu je pres FRST

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
  HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
  HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
  HKLM\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
  HKU\S-1-5-21-2126688981-4244795158-810744998-1000\...\Run: [icq] - C:\Users\Martin\AppData\Roaming\ICQM\icq.exe [33664344 2014-02-10] (ICQ)
  Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk
  
  HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
  URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
  SearchScopes: HKLM - DefaultScope value is missing.
  
  FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
  FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\searchplugins\freeonlineradioplayerrecorder-v1-customized-web-search.xml
  FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\searchplugins\searchplugins-backup
  FF Extension: MP4 Downloader - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\mp4downloader@jeff.net.xpi [2013-07-08]
  FF Extension: ВКонтакте.ру Downloader - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\vk@sergeykolosov.mp.xpi [2011-06-14]
  FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-15]
  FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
  FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-17]
  
  S4 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [X]
  
  C:\Windows\tasks\Adobe Flash Player Updater.job
  C:\Windows\tasks\Google Software Updater.job
  C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  C:\Windows\tasks\Plus-HD-8.1-codedownloader.job
  C:\Windows\tasks\Plus-HD-8.1-enabler.job
  C:\Windows\tasks\Plus-HD-8.1-firefoxinstaller.job
  C:\Windows\tasks\Plus-HD-8.1-updater.job
  C:\Windows\tasks\Plus-HD-8.1-validator.job
  C:\Users\Martin\AppData\Local\temp\jre-7u51-windows-i586-iftw.exe
  C:\Users\Martin\AppData\Local\temp\KMP_3.8.0.120.exe
  C:\Users\Martin\AppData\Local\temp\plus-hd-8-1.exe
  C:\Users\Martin\AppData\Local\temp\Quarantine.exe
  C:\Windows\Tasks\Plus-HD-8.1-validator.job
  
  Hosts:
  CMD: shutdown /r /f /t 2
  
  End

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[zonik]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 16-02-2014
Ran by Martin at 2014-02-18 16:24:55 Run:1
Running from C:\Users\Martin\Dokumenty\Plocha
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKU\S-1-5-21-2126688981-4244795158-810744998-1000\...\Run: [icq] - C:\Users\Martin\AppData\Roaming\ICQM\icq.exe [33664344 2014-02-10] (ICQ)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
URLSearchHook: HKLM - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
SearchScopes: HKLM - DefaultScope value is missing.

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\searchplugins\freeonlineradioplayerrecorder-v1-customized-web-search.xml
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\searchplugins\searchplugins-backup
FF Extension: MP4 Downloader - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\mp4downloader@jeff.net.xpi [2013-07-08]
FF Extension: ?????????.?? Downloader - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\vk@sergeykolosov.mp.xpi [2011-06-14]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-02-15]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-17]

S4 x10nets; C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe [X]

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Plus-HD-8.1-codedownloader.job
C:\Windows\tasks\Plus-HD-8.1-enabler.job
C:\Windows\tasks\Plus-HD-8.1-firefoxinstaller.job
C:\Windows\tasks\Plus-HD-8.1-updater.job
C:\Windows\tasks\Plus-HD-8.1-validator.job
C:\Users\Martin\AppData\Local\temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\temp\KMP_3.8.0.120.exe
C:\Users\Martin\AppData\Local\temp\plus-hd-8-1.exe
C:\Users\Martin\AppData\Local\temp\Quarantine.exe
C:\Windows\Tasks\Plus-HD-8.1-validator.job

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Malwarebytes Anti-Malware => Value deleted successfully.
HKU\S-1-5-21-2126688981-4244795158-810744998-1000\Software\Microsoft\Windows\CurrentVersion\Run\\icq => Value deleted successfully.
C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully.
HKLM\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin => Key deleted successfully.
C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll => Moved successfully.
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\searchplugins\freeonlineradioplayerrecorder-v1-customized-web-search.xml => Moved successfully.
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\searchplugins\searchplugins-backup => Moved successfully.
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\mp4downloader@jeff.net.xpi => Moved successfully.
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\7zgvqbrp.default\Extensions\vk@sergeykolosov.mp.xpi => Moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} => Moved successfully.
HKLM\Software\Mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4} => Value deleted successfully.
C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext => Moved successfully.
x10nets => Service deleted successfully.
C:\Windows\tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\tasks\Google Software Updater.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
"C:\Windows\tasks\Plus-HD-8.1-codedownloader.job" => File/Directory not found.
"C:\Windows\tasks\Plus-HD-8.1-enabler.job" => File/Directory not found.
"C:\Windows\tasks\Plus-HD-8.1-firefoxinstaller.job" => File/Directory not found.
"C:\Windows\tasks\Plus-HD-8.1-updater.job" => File/Directory not found.
C:\Windows\tasks\Plus-HD-8.1-validator.job => Moved successfully.
C:\Users\Martin\AppData\Local\temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
C:\Users\Martin\AppData\Local\temp\KMP_3.8.0.120.exe => Moved successfully.
C:\Users\Martin\AppData\Local\temp\plus-hd-8-1.exe => Moved successfully.
C:\Users\Martin\AppData\Local\temp\Quarantine.exe => Moved successfully.
"C:\Windows\Tasks\Plus-HD-8.1-validator.job" => File/Directory not found.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====


zase mi při nabíhání modrá obrazovka

[vyosek]

Modra obrazovka, mate na mysli BSOD??

[zonik]

to ne , jenom když to nabíhá, tak je jakoby plocha modrá a pak teprev naskočí ikony a pozadí, už asi vidím problém, ve všem :/ omlouvám se Vám, ale radši se ptám

[vyosek]

V pohode, nemate na plose nejake velke soubory (data, filmy atd.)?? Na plose maji byt defakto jen zastupci

[zonik]

Na ploše mám koš, počítač, a příslušnou složku USERS.