VIRY.CZ

Zdravim panove,
nejdrive napisu trochu textu

V noci z 23. na 24. jsme si uhnal neco do PC a od te doby mam problemy s prohlizeci (Chrome a Operou - ti ale jiz ted nemam nainstalovanou).
Problem je v tom, ze se mi do prohlizece neustale dostava (predtim i do te Opery) rozsireni Browser optimizer. Toto rozsireni me po kazdem vypnuti odhlasuje z Chrome a blokuje vsechny ostatni rozsireni a jejich nastaveni, k tomu se dostanu, az kdyz toto rozsireni ukoncim, potom se mohu v klidu nalogovat do prohlizece a pracovat s ostatnimi rozsirenimi.

Zkusel jsem uz mnoho antiviru, programu na malware, preinstalaci prohlizecu, ale stale bez uspechu. Browser optimizer se vraci. Google taky moc neporadil

Prosim Vas tedy moc o pomoc.

Diky.

Obrázek

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by mencik (administrator) on MENCIK-PC on 28-07-2014 22:08:33
Running from C:\Users\mencik\Desktop
Platform: Windows 8.1 Pro with Media Center (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(SoundGraph, Inc.) C:\Program Files (x86)\SoundGraph\iMON\iMON.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [mncpwfvSrv] => C:\Windows\system32\mncpwfv.vbe
HKLM-x32\...\Run: [iMON] => C:\Program Files (x86)\SoundGraph\iMON\iMON.exe [3833856 2011-12-02] (SoundGraph, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [winregis] => C:\Windows\winregis.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2206862274-3680358267-3520448362-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-2206862274-3680358267-3520448362-1001\...\Run: [GoogleChromeAutoLaunch_9CF7BE73300425A88E8C7ABFB689E824] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Extension: (Avira Browser Safety) - C:\Users\mencik\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-07-28]
CHR Extension: (Google Wallet) - C:\Users\mencik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-28]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\mencik\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-07-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-02] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-07-02] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-07-02] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 Ph3xIB64; C:\Windows\system32\DRIVERS\Ph3xIB64.sys [1627520 2011-05-31] (NXP Semiconductors)
R3 SGIR; C:\Windows\system32\drivers\iMON_x64.sys [30208 2005-12-16] ()
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 cleanhlp; \??\C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 21:35 - 2014-07-28 21:35 - 00037581 _____ () C:\Users\mencik\Desktop\Addition.txt
2014-07-28 21:33 - 2014-07-28 22:08 - 00010255 _____ () C:\Users\mencik\Desktop\FRST.txt
2014-07-28 21:33 - 2014-07-28 22:08 - 00000000 ____D () C:\FRST
2014-07-28 21:32 - 2014-07-28 21:32 - 02093568 _____ (Farbar) C:\Users\mencik\Desktop\FRST64.exe
2014-07-28 21:14 - 2014-07-28 21:14 - 00009014 _____ () C:\Users\mencik\Desktop\hijackthis.log
2014-07-28 21:12 - 2014-07-28 21:12 - 00388608 _____ (Trend Micro Inc.) C:\Users\mencik\Downloads\HijackThis.exe
2014-07-28 20:53 - 2014-07-28 22:00 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\Lavasoft
2014-07-28 20:44 - 2014-07-28 20:44 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\LavasoftStatistics
2014-07-28 20:44 - 2014-07-28 20:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-28 20:42 - 2014-07-28 20:42 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-28 20:41 - 2014-07-28 20:41 - 01707144 _____ () C:\Users\mencik\Downloads\Adaware_Installer.exe
2014-07-28 20:38 - 2014-07-28 20:38 - 00001044 _____ () C:\Users\mencik\Desktop\aaaa.txt
2014-07-28 20:30 - 2014-07-28 20:31 - 04431200 _____ (Avira Operations GmbH & Co. KG) C:\Users\mencik\Downloads\avira_en_av___ws2 (1).exe
2014-07-28 20:05 - 2014-07-28 22:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-28 20:04 - 2014-07-28 20:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\mencik\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-28 20:04 - 2014-07-28 20:04 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-28 20:04 - 2014-07-28 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-28 20:04 - 2014-07-28 20:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-28 20:04 - 2014-07-28 20:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-28 20:04 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-28 20:04 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-28 20:04 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-28 20:03 - 2014-07-28 20:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\mencik\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-28 19:14 - 2014-07-28 19:14 - 00185800 _____ (Лаборатория Касперского) C:\Users\mencik\Downloads\kss12.0.1.117abru_en_de_fr_es_it_ja_pt_zh_5981.exe
2014-07-28 18:31 - 2014-07-28 18:30 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-28 18:30 - 2014-07-28 18:30 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\Avira
2014-07-28 18:29 - 2014-07-02 13:06 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-28 18:29 - 2014-07-02 13:06 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-28 18:29 - 2014-07-02 13:06 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-28 18:28 - 2014-07-28 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-28 18:27 - 2014-07-28 18:29 - 00000000 ____D () C:\ProgramData\Avira
2014-07-28 18:27 - 2014-07-28 18:29 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-28 18:27 - 2014-07-28 18:28 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-28 18:26 - 2014-07-28 18:26 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-07-28 18:20 - 2014-07-28 18:20 - 04431200 _____ (Avira Operations GmbH & Co. KG) C:\Users\mencik\Downloads\avira_en_av___ws2.exe
2014-07-28 17:52 - 2014-07-28 18:42 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-07-28 17:50 - 2014-07-28 17:50 - 217949112 _____ (Emsisoft GmbH ) C:\Users\mencik\Downloads\EmsisoftAntiMalwareSetup.exe
2014-07-27 21:45 - 2014-07-27 21:57 - 00000777 _____ () C:\Users\mencik\AppData\Local\MRDownloader.err
2014-07-27 19:11 - 2014-07-27 19:11 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2014-07-27 19:10 - 2014-07-28 22:05 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-27 19:10 - 2014-07-27 19:10 - 00003708 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cfa9bd993cea37
2014-07-27 19:10 - 2014-07-27 19:10 - 00000968 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfa9bd993cea37.job
2014-07-27 19:10 - 2014-07-27 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-27 19:09 - 2014-07-27 19:10 - 00000000 ____D () C:\Users\mencik\AppData\Local\Google
2014-07-27 19:03 - 2014-07-27 19:03 - 00895120 _____ (Google Inc.) C:\Users\mencik\Downloads\googledrivesync.exe
2014-07-27 17:56 - 2014-07-27 17:56 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfa9b3503d1cea
2014-07-27 17:56 - 2014-07-27 17:56 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfa9b3503d1cea.job
2014-07-27 17:51 - 2014-07-27 17:51 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-26 19:03 - 2014-07-26 19:03 - 218417448 _____ () C:\Users\mencik\Downloads\cm-11-20140726-NIGHTLY-maguro.zip
2014-07-26 14:26 - 2014-07-26 14:26 - 00120659 _____ () C:\Users\mencik\Downloads\helper_last.crx
2014-07-26 14:18 - 2014-07-26 14:18 - 00412929 _____ () C:\Users\mencik\Downloads\helper.user.js
2014-07-26 14:16 - 2014-07-26 14:16 - 00374648 _____ (SaveFrom.net) C:\Users\mencik\Downloads\SaveFromNetHelper-Web-723ebcf475.exe
2014-07-26 00:08 - 2014-07-26 00:08 - 00873688 _____ (Opera Software) C:\Users\mencik\Downloads\Opera_NI_stable.exe
2014-07-24 22:58 - 2014-07-24 22:58 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\ESET
2014-07-24 22:58 - 2014-07-24 22:58 - 00000000 ____D () C:\Users\mencik\AppData\Local\ESET
2014-07-24 22:44 - 2014-07-28 21:08 - 00000000 ____D () C:\Program Files\trend micro
2014-07-24 22:44 - 2014-07-24 22:45 - 00000000 ____D () C:\rsit
2014-07-24 22:44 - 2014-07-24 22:44 - 00832273 _____ () C:\Users\mencik\Downloads\RSITx64.exe
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
2014-07-19 20:12 - 2014-07-19 20:12 - 00004460 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-19 20:12 - 2014-07-19 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-19 20:12 - 2014-07-11 03:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-19 20:12 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-19 20:12 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-19 20:12 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-15 18:33 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-07-15 18:32 - 2014-07-15 18:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-15 18:25 - 2014-07-01 00:45 - 00688128 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-15 18:25 - 2014-06-28 09:48 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-15 18:25 - 2014-06-28 09:07 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-07-15 18:25 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-15 18:25 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-15 18:25 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-15 18:25 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-15 18:25 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-15 18:25 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-15 18:25 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-15 18:25 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-15 18:25 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-15 18:25 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-15 18:25 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-15 18:25 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-15 18:25 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-15 18:25 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-15 18:25 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-15 18:25 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-15 18:25 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-15 18:25 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-15 18:25 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-15 18:25 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-15 18:25 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-15 18:25 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-15 18:25 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-15 18:25 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-15 18:25 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-15 18:25 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-15 18:25 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-15 18:25 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-15 18:25 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-15 18:25 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-15 18:25 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-15 18:25 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-15 18:25 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-15 18:25 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2014-07-15 18:25 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-07-15 18:25 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-07-15 18:25 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-15 18:25 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-15 18:25 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-15 18:25 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-15 18:25 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-15 18:25 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-15 18:25 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-15 18:25 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-07-15 18:25 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-07-15 18:25 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-07-15 18:25 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-07-15 18:25 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-15 18:25 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-07-15 18:25 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-07-15 18:25 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-07-15 18:25 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-07-15 18:25 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-07-15 18:25 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-15 18:19 - 2014-07-15 18:19 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-07-01 18:13 - 2014-07-01 18:13 - 217290290 _____ () C:\Users\mencik\Downloads\cm-11-20140627-NIGHTLY-maguro.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 22:08 - 2014-07-28 21:33 - 00010255 _____ () C:\Users\mencik\Desktop\FRST.txt
2014-07-28 22:08 - 2014-07-28 21:33 - 00000000 ____D () C:\FRST
2014-07-28 22:08 - 2014-03-27 21:49 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2206862274-3680358267-3520448362-1001
2014-07-28 22:05 - 2014-07-27 19:10 - 00002207 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-28 22:05 - 2014-03-27 23:01 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\SoundGraph
2014-07-28 22:04 - 2014-07-28 20:05 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-28 22:03 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-28 22:02 - 2014-03-27 22:05 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\AIMP3
2014-07-28 22:00 - 2014-07-28 20:53 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\Lavasoft
2014-07-28 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-28 21:47 - 2014-03-29 21:14 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-28 21:35 - 2014-07-28 21:35 - 00037581 _____ () C:\Users\mencik\Desktop\Addition.txt
2014-07-28 21:32 - 2014-07-28 21:32 - 02093568 _____ (Farbar) C:\Users\mencik\Desktop\FRST64.exe
2014-07-28 21:14 - 2014-07-28 21:14 - 00009014 _____ () C:\Users\mencik\Desktop\hijackthis.log
2014-07-28 21:12 - 2014-07-28 21:12 - 00388608 _____ (Trend Micro Inc.) C:\Users\mencik\Downloads\HijackThis.exe
2014-07-28 21:08 - 2014-07-24 22:44 - 00000000 ____D () C:\Program Files\trend micro
2014-07-28 21:01 - 2014-03-27 21:37 - 02076248 _____ () C:\Windows\WindowsUpdate.log
2014-07-28 20:44 - 2014-07-28 20:44 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\LavasoftStatistics
2014-07-28 20:44 - 2014-07-28 20:44 - 00000000 ____D () C:\Program Files\Lavasoft
2014-07-28 20:42 - 2014-07-28 20:42 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-07-28 20:41 - 2014-07-28 20:41 - 01707144 _____ () C:\Users\mencik\Downloads\Adaware_Installer.exe
2014-07-28 20:38 - 2014-07-28 20:38 - 00001044 _____ () C:\Users\mencik\Desktop\aaaa.txt
2014-07-28 20:31 - 2014-07-28 20:30 - 04431200 _____ (Avira Operations GmbH & Co. KG) C:\Users\mencik\Downloads\avira_en_av___ws2 (1).exe
2014-07-28 20:04 - 2014-07-28 20:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\mencik\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-07-28 20:04 - 2014-07-28 20:04 - 00001122 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-28 20:04 - 2014-07-28 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-28 20:04 - 2014-07-28 20:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-28 20:04 - 2014-07-28 20:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-28 20:04 - 2014-07-28 20:03 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\mencik\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-28 19:14 - 2014-07-28 19:14 - 00185800 _____ (Лаборатория Касперского) C:\Users\mencik\Downloads\kss12.0.1.117abru_en_de_fr_es_it_ja_pt_zh_5981.exe
2014-07-28 18:42 - 2014-07-28 17:52 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-07-28 18:42 - 2014-03-27 21:30 - 00136480 _____ () C:\Windows\PFRO.log
2014-07-28 18:42 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-07-28 18:30 - 2014-07-28 18:31 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-07-28 18:30 - 2014-07-28 18:30 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\Avira
2014-07-28 18:30 - 2014-07-28 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-07-28 18:29 - 2014-07-28 18:27 - 00000000 ____D () C:\ProgramData\Avira
2014-07-28 18:29 - 2014-07-28 18:27 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-07-28 18:28 - 2014-07-28 18:27 - 00001153 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-07-28 18:27 - 2014-03-27 21:48 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-28 18:26 - 2014-07-28 18:26 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-07-28 18:20 - 2014-07-28 18:20 - 04431200 _____ (Avira Operations GmbH & Co. KG) C:\Users\mencik\Downloads\avira_en_av___ws2.exe
2014-07-28 18:02 - 2014-03-27 21:44 - 00000000 ____D () C:\Users\mencik\AppData\Local\VirtualStore
2014-07-28 17:50 - 2014-07-28 17:50 - 217949112 _____ (Emsisoft GmbH ) C:\Users\mencik\Downloads\EmsisoftAntiMalwareSetup.exe
2014-07-28 17:42 - 2014-03-27 21:46 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{579D97FF-4C29-4310-8942-F1C819BF5F19}
2014-07-27 22:04 - 2014-05-03 20:08 - 00001064 _____ () C:\Users\mencik\AppData\Local\MRDownloader.nast
2014-07-27 21:57 - 2014-07-27 21:45 - 00000777 _____ () C:\Users\mencik\AppData\Local\MRDownloader.err
2014-07-27 20:58 - 2014-03-29 21:48 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-07-27 19:11 - 2014-07-27 19:11 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2014-07-27 19:10 - 2014-07-27 19:10 - 00003708 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cfa9bd993cea37
2014-07-27 19:10 - 2014-07-27 19:10 - 00000968 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfa9bd993cea37.job
2014-07-27 19:10 - 2014-07-27 19:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-27 19:10 - 2014-07-27 19:09 - 00000000 ____D () C:\Users\mencik\AppData\Local\Google
2014-07-27 19:10 - 2014-03-27 21:46 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-27 19:08 - 2014-03-27 22:03 - 00000000 ____D () C:\Data
2014-07-27 19:08 - 2014-03-27 21:43 - 00000000 ____D () C:\Users\mencik
2014-07-27 19:03 - 2014-07-27 19:03 - 00895120 _____ (Google Inc.) C:\Users\mencik\Downloads\googledrivesync.exe
2014-07-27 17:56 - 2014-07-27 17:56 - 00003944 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfa9b3503d1cea
2014-07-27 17:56 - 2014-07-27 17:56 - 00000972 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfa9b3503d1cea.job
2014-07-27 17:51 - 2014-07-27 17:51 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-07-27 16:51 - 2014-03-27 21:49 - 01658450 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-27 16:51 - 2013-10-11 19:12 - 00704264 _____ () C:\Windows\system32\perfh005.dat
2014-07-27 16:51 - 2013-10-11 19:12 - 00143624 _____ () C:\Windows\system32\perfc005.dat
2014-07-27 16:48 - 2013-08-22 16:46 - 00036860 _____ () C:\Windows\setupact.log
2014-07-27 02:52 - 2014-05-03 19:50 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\vlc
2014-07-26 14:26 - 2014-07-26 14:26 - 00120659 _____ () C:\Users\mencik\Downloads\helper_last.crx
2014-07-26 14:18 - 2014-07-26 14:18 - 00412929 _____ () C:\Users\mencik\Downloads\helper.user.js
2014-07-26 14:16 - 2014-07-26 14:16 - 00374648 _____ (SaveFrom.net) C:\Users\mencik\Downloads\SaveFromNetHelper-Web-723ebcf475.exe
2014-07-26 00:08 - 2014-07-26 00:08 - 00873688 _____ (Opera Software) C:\Users\mencik\Downloads\Opera_NI_stable.exe
2014-07-24 22:58 - 2014-07-24 22:58 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\ESET
2014-07-24 22:58 - 2014-07-24 22:58 - 00000000 ____D () C:\Users\mencik\AppData\Local\ESET
2014-07-24 22:45 - 2014-07-24 22:44 - 00000000 ____D () C:\rsit
2014-07-24 22:44 - 2014-07-24 22:44 - 00832273 _____ () C:\Users\mencik\Downloads\RSITx64.exe
2014-07-24 01:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-21 23:05 - 2014-03-27 22:19 - 00000000 ____D () C:\Users\mencik\AppData\Roaming\uTorrent
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
2014-07-19 20:14 - 2014-03-27 22:05 - 00000925 _____ () C:\Users\Public\Desktop\AIMP3.lnk
2014-07-19 20:14 - 2014-03-27 22:05 - 00000000 ____D () C:\Program Files (x86)\AIMP3
2014-07-19 20:12 - 2014-07-19 20:12 - 00004460 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-19 20:12 - 2014-07-19 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-19 20:12 - 2014-04-01 21:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-19 20:12 - 2014-03-29 21:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-16 13:25 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2014-07-16 13:09 - 2013-08-22 16:44 - 00347472 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-16 00:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ToastData
2014-07-16 00:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-16 00:54 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-16 00:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\WinStore
2014-07-15 18:47 - 2014-03-29 21:14 - 00003802 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-15 18:34 - 2014-03-29 13:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-15 18:34 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-15 18:33 - 2014-03-29 13:01 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-15 18:32 - 2014-07-15 18:32 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-15 18:32 - 2013-08-22 21:11 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-15 18:19 - 2014-07-15 18:19 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2014-07-15 18:18 - 2014-04-03 18:52 - 00001122 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-15 18:18 - 2014-04-03 18:52 - 00001110 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-11 03:02 - 2014-07-19 20:12 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-11 02:56 - 2014-07-19 20:12 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-11 02:56 - 2014-07-19 20:12 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-11 02:55 - 2014-07-19 20:12 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-02 13:06 - 2014-07-28 18:29 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-07-02 13:06 - 2014-07-28 18:29 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-02 13:06 - 2014-07-28 18:29 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-07-01 18:13 - 2014-07-01 18:13 - 217290290 _____ () C:\Users\mencik\Downloads\cm-11-20140627-NIGHTLY-maguro.zip
2014-07-01 00:45 - 2014-07-15 18:25 - 00688128 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 14:12 - 2014-04-11 18:27 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-06-28 09:48 - 2014-07-15 18:25 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-28 09:07 - 2014-07-15 18:25 - 00385536 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

Some content of TEMP:
====================
C:\Users\mencik\AppData\Local\Temp\avgnt.exe
C:\Users\mencik\AppData\Local\Temp\InstHelper.exe
C:\Users\mencik\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\mencik\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\mencik\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\mencik\AppData\Local\Temp\tmp228A.exe
C:\Users\mencik\AppData\Local\Temp\tmpA04A.exe
C:\Users\mencik\AppData\Local\Temp\tmpA5A0.exe
C:\Users\mencik\AppData\Local\Temp\tmpD63.exe
C:\Users\mencik\AppData\Local\Temp\tmpFAB8.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-21 18:21

==================== End Of Log ============================

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [mncpwfvSrv] => C:\Windows\system32\mncpwfv.vbe
C:\Windows\system32\mncpwfv.vbe
HKLM-x32\...\Run: [winregis] => C:\Windows\winregis.exe
C:\Windows\winregis.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cfa9bd993cea37
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cfa9bd993cea37.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cfa9b3503d1cea
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfa9b3503d1cea.job
C:\Users\mencik\AppData\Local\Temp
HKLM\...\StartupApproved\Run32: => "mncpwfvSrv"
HKLM\...\StartupApproved\Run32: => "MSStp"
HKLM\...\StartupApproved\Run32: => "winregis"
HKCU\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_9CF7BE73300425A88E8C7ABFB689E824"
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

V priloze, ma to moc znaku.

Vaše zpráva obsahuje 3048804 znaků. Maximální povolený počet znaků je 100000.

Smazáno. Nastala nějaká změna?

Bohuzel porad stejne, Chrome je stale pod nadvladou Browser optimizeru.

Ještě spusťte:

1.

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

2.

Stáhněte Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
-Uložte program na plochu a spusťte . Pak se zobrazí se licenční podminky - potvrďte start libovolnou klávesou.
- vytvoří se záloha a proběhne skenování.
Po skončení skenování na Vás vyběhne log (bude uložen v c:\JRT jako JRT.txt) - zkopírujte jej sem

# AdwCleaner v3.302 - Report created 30/07/2014 at 23:10:21
# Updated 30/07/2014 by Xplode
# Operating System : Windows 8.1 Pro with Media Center (64 bits)
# Username : mencik - MENCIK-PC
# Running from : C:\Users\mencik\Desktop\adwcleaner_3.302.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\adawarebp

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\mencik\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [724 octets] - [30/07/2014 23:10:21]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [783 octets] ##########

---------------------------------------------------------------------------------------------

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 Pro with Media Center x64
Ran by mencik on st 30. 07. 2014 at 23:14:41,13
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 30. 07. 2014 at 23:19:32,49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Spusťte ještě jednou ADW a klikněte na >clean<. Restartujte PC.

# AdwCleaner v3.302 - Report created 31/07/2014 at 19:41:00
# Updated 30/07/2014 by Xplode
# Operating System : Windows 8.1 Pro with Media Center (64 bits)
# Username : mencik - MENCIK-PC
# Running from : C:\Users\mencik\Desktop\adwcleaner_3.302.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\mencik\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [862 octets] - [30/07/2014 23:10:21]
AdwCleaner[R1].txt - [864 octets] - [31/07/2014 19:38:57]
AdwCleaner[S0].txt - [786 octets] - [31/07/2014 19:41:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [845 octets] ##########

-------------------------------------------------------------------------------------------------

Bohuzel to ale stale nepomaha. Chrome stale nabiha bez prihlaseni a s temito rozsirenimi, z nichz pak zustane pouze Browser optimizer (viz prvni obrazek v prvnim prispevku):
Obrázek

Po jeho killnuti a prihlaseni jedou moje:
Obrázek

Co zkusit nejake totalni odinstalovani a procisteni TEMP a spol?

Dejte ještě log ComboFix:

Stahnete a ulozte nejlepe na plochu ComboFix: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

pote spustte aplikaci pod uctem s administratorskym opravnenim

hned po startu se zobrazi obrazovka s licencnimi podminkami, pokracujte kliknutim na tlacitko Ano.

v klidu si postavte na kafe (cela akce trva cca. 5-10 minut, nekdy i dele - dle toho, o jak rychly stroj se

jedna a kolika soubory se skener bude muset prodirat), behem skenu se nepokousejte spoustet zadne jine

aplikace ani nic jineho

behem skenovani nepropadejte panice, vas stroj muze byt restartovan (predevsim pri prvni aplikaci skeneru)

upozorneni: pokud pouzivate antispyware s rezidentnim stitem, prepnete jeho rezidentni stit do Install Mode,

pripadne jej po dobu skenu uplne deaktivujte, protoze dochazi pri skenu a vymazu pripadneho malware k

nezadoucim kolizim s rezidentem antispyware.

Tak dalsi problém, program nelze spustit ... ani v zadnem rezimu kompatibility

Zazálohujte GChrpomocí Chrome backup: http://www.stahuj.centrum.cz/internet_a ... me-backup/ Pak Chrome odinstalujte vč.profilu. Znovu nainstalujte a ze zálohy zpět nakopírujte pouze záložky, příp. hesla.

Takze program rikal blbost viz obr.:
Obrázek

Tak jsem odinstaloval Chrome, stahl CCleaner, nechal prolezt a vycistit PC, nainstaloval Chrome a zatim je vse, tak jak ma byt

Chrome si pamatuje moje prihlaseni a Browser optimizer nikde, tak uvidime

Mam udelat nejakej log na kontrolu?

Není třeba, v logách ho stejně nevidím. CF by ho asi ukázal, jenže na 8.1 ho nerozběháme. Pokud PV funguje, jak má. je všechno v pořádku.

Takze vsechno jiz je opravdu OK, diky za pomoc a posilam aspon nejakou SMS za pomoc a cas.
Diky.

VIRY.CZ

ROzsireni pro Chrome a Operu - Browser optimizer

ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer

Re: ROzsireni pro Chrome a Operu - Browser optimizer