VIRY.CZ

Ahoj.

Prosím o kontrolu logu.
Dnes se mi začaly měnit ikonky na Liště záložek u prohlížeče Chrome.
Vypadá to takto:

http://img24.cz/images/76680594477968336533.jpg

Myslím že se do systému mohlo dostat nějaké "smetí".
Firefox to ale nedělá.
Prosím o kontrolu logu.

Děkuji.

--------------------------------------
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by Milan (administrator) on MILAN on 21-06-2015 18:28:26
Running from D:\Staženo z webu
Loaded Profiles: Milan (Available Profiles: Milan & Guest)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ZONER software) D:\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\Run: [TomTomHOME.exe] => D:\TomTom\\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\Run: [SkyDrive] => C:\Users\Milan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-04-02] (ZONER software)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_Plugin.exe [927920 2015-06-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\MountPoints2: {2c38ff37-4c07-11e2-be76-00215a5a544d} - "G:\setup.exe"
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2007596338-2558511808-3841995970-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL =
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-17] (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\..\Interfaces\{9A8995CB-36F8-4629-8B1E-B3B0B01A28C3}: [NameServer] 8.8.8.8,8.8.4.4
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\r3jpb4vn.default
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-06-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Mask My IP - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\r3jpb4vn.default\Extensions\support@mask-myip.com.xpi [2015-06-16]
FF HKLM-x32\...\Firefox\Extensions: [Player@Wondershare.com] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com

Chrome:
=======
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Replace Favicon) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2015-06-21]
CHR Extension: (YouTube) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-04]
CHR Extension: (Adblock Plus) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-01]
CHR Extension: (Google Search) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-04]
CHR Extension: (Guitar Tuner) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhglmpmegfnbclojedloihcbkemoiddi [2013-07-30]
CHR Extension: (Guitar Tab Viewer) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkdmbkpfnfkhalmhebdelpldipheihng [2013-08-04]
CHR Extension: (AdBlock) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-01]
CHR Extension: (MEGA) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpgogfgfingilcbkpahnggpfdabapnol [2013-12-28]
CHR Extension: (Video Downloader [FVD]) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2013-07-27]
CHR Extension: (ButtonBeats Guitar) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf [2013-12-20]
CHR Extension: (Google Wallet) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-04]
CHR Extension: (RSS Feed Reader) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2015-05-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-04-25] (Advanced Micro Devices)
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [25056 2011-12-21] (IVT Corporation.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2012-12-22] (DT Soft Ltd)
S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.)
S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-11-17] (Windows (R) Win 7 DDK provider)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-11-12] (Basil Projects)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-21 18:28 - 2015-06-21 18:28 - 00004332 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-21 18:04 - 2015-06-21 18:04 - 00000000 ____D C:\rsit
2015-06-21 18:04 - 2015-06-21 18:04 - 00000000 ____D C:\Program Files\trend micro
2015-06-21 07:26 - 2015-06-21 07:26 - 00000000 ____D C:\Users\Milan\AppData\Local\CrashRpt
2015-06-20 09:38 - 2015-06-21 08:01 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-06-20 09:38 - 2015-06-21 07:29 - 00000000 ____D C:\Users\Milan\AppData\Roaming\Opera Software
2015-06-20 09:38 - 2015-06-21 07:29 - 00000000 ____D C:\Users\Milan\AppData\Local\Opera Software
2015-06-20 09:38 - 2015-06-21 07:21 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-20 09:38 - 2015-06-20 09:38 - 00000000 ____D C:\Users\Milan\AppData\Local\globalUpdate
2015-06-20 09:37 - 2015-06-21 07:29 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-16 21:16 - 2015-06-16 21:16 - 00000000 ____D C:\Users\Milan\AppData\Roaming\MaskMyIP
2015-06-16 21:16 - 2015-06-16 21:16 - 00000000 ____D C:\ProgramData\MaskMyIP
2015-06-10 17:38 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 17:38 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 17:38 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 17:38 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 17:38 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 17:38 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 17:38 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 17:38 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 17:38 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 17:38 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 17:38 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 17:38 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 17:38 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 17:38 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 17:38 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 17:38 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 17:38 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 17:38 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 17:38 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 17:38 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 17:38 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 17:38 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 17:38 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 17:38 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 17:38 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 17:38 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 17:38 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 17:38 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 17:38 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 17:38 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 17:38 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 17:38 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 17:38 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 17:38 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 17:38 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 17:38 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 17:38 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 17:38 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 17:38 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 17:38 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 17:38 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-10 17:38 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-10 17:37 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 17:37 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 17:37 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 17:37 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 17:37 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 17:37 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 17:37 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 17:37 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 17:37 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 17:37 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 17:37 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 17:37 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 17:37 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 17:37 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 17:37 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 17:37 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 17:37 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 17:37 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 17:37 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 17:37 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 17:37 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 17:37 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 17:37 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 17:37 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 17:37 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 17:37 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 17:37 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 17:37 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 17:37 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 17:37 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 17:37 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 17:37 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 17:37 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 17:37 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 17:37 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 17:37 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 17:37 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 17:37 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 17:37 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-05 16:28 - 2015-06-05 16:28 - 00000000 ___HD C:\$WINDOWS.~BT
2015-06-01 17:27 - 2015-06-01 17:27 - 00000000 ____D C:\Users\Milan\AppData\Local\GWX
2015-05-27 19:27 - 2015-05-30 09:51 - 00000719 _____ C:\Users\Milan\Desktop\TrucksBook Uploader.lnk
2015-05-27 19:27 - 2015-05-27 19:27 - 00000000 ____D C:\Users\Milan\Documents\TB Uploader
2015-05-24 19:45 - 2015-05-24 19:45 - 00001207 _____ C:\Users\Milan\Documents\oscam(1).conf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-21 18:28 - 2014-12-25 11:27 - 00000000 ____D C:\FRST
2015-06-21 18:27 - 2012-12-13 17:31 - 00000000 ____D C:\Users\Milan\AppData\Roaming\Skype
2015-06-21 18:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-21 17:58 - 2013-04-25 19:28 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-21 17:58 - 2013-04-13 16:11 - 00000000 ____D C:\Users\Milan\AppData\Roaming\uTorrent
2015-06-21 17:37 - 2013-05-07 04:31 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-21 17:18 - 2014-12-09 09:11 - 00000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2015-06-21 13:20 - 2012-12-13 17:33 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2007596338-2558511808-3841995970-1001
2015-06-21 13:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-21 08:13 - 2014-10-29 15:25 - 00004958 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MILAN-Milan Milan
2015-06-21 08:03 - 2014-10-29 15:24 - 00000000 ___DO C:\Users\Milan\OneDrive
2015-06-21 08:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\security
2015-06-21 08:02 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-21 08:02 - 2013-05-07 04:31 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-21 08:01 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-21 07:42 - 2014-12-25 12:23 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-21 07:40 - 2015-04-19 17:40 - 00000000 ____D C:\xampp
2015-06-21 07:38 - 2015-01-31 12:03 - 00000000 ____D C:\Program Files (x86)\R-Studio
2015-06-21 07:32 - 2013-07-22 14:52 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-06-21 07:32 - 2013-01-20 11:45 - 00000000 ____D C:\Program Files (x86)\AMD APP
2015-06-21 07:30 - 2014-12-26 17:42 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-21 07:29 - 2014-11-13 11:00 - 00000000 __SHD C:\Users\Milan\AppData\Local\EmieBrowserModeList
2015-06-21 07:29 - 2014-11-12 01:31 - 00000000 __SHD C:\Users\Milan\AppData\Local\EmieUserList
2015-06-21 07:29 - 2014-11-12 01:31 - 00000000 __SHD C:\Users\Milan\AppData\Local\EmieSiteList
2015-06-21 07:27 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-06-20 06:00 - 2014-03-18 17:33 - 01935052 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-20 06:00 - 2014-03-18 16:54 - 00800964 _____ C:\WINDOWS\system32\perfh005.dat
2015-06-20 06:00 - 2014-03-18 16:54 - 00183494 _____ C:\WINDOWS\system32\perfc005.dat
2015-06-19 21:50 - 2015-04-11 08:28 - 00000000 ____D C:\Users\Milan\Documents\Euro Truck Simulator 2
2015-06-15 20:20 - 2015-01-24 18:43 - 00458752 ___SH C:\Users\Milan\Documents\Thumbs.db
2015-06-14 07:37 - 2012-12-14 05:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-13 07:34 - 2014-11-12 11:11 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-06-11 18:23 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-11 16:51 - 2013-01-06 16:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 16:50 - 2013-02-11 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-11 16:09 - 2012-12-13 17:34 - 00002279 _____ C:\Users\Milan\Desktop\Google Chrome.lnk
2015-06-11 04:30 - 2013-08-22 16:44 - 00482984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-10 22:19 - 2015-04-15 21:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-10 22:19 - 2014-12-22 18:08 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-10 22:19 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-10 22:19 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-10 17:56 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-10 17:54 - 2013-08-15 09:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 17:50 - 2012-12-14 17:49 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-09 04:41 - 2014-12-20 09:19 - 00000000 ____D C:\Users\Milan\AppData\Local\Adobe
2015-06-09 04:38 - 2013-02-27 13:28 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-08 19:38 - 2013-02-19 12:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-05 16:28 - 2014-11-12 01:07 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2015-06-05 16:28 - 2014-11-12 01:07 - 00001908 _____ C:\WINDOWS\diagerr.xml
2015-06-03 18:18 - 2014-11-13 00:04 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2014-11-13 00:04 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-01 19:55 - 2014-11-01 10:56 - 00509440 _____ C:\Users\Milan\Documents\tabulka spotreby energii 2015.xls
2015-05-31 12:47 - 2015-05-03 08:38 - 00000000 ____D C:\Users\Milan\AppData\Local\JDownloader 2.0
2015-05-30 15:56 - 2012-12-13 17:25 - 00000000 ____D C:\Users\Milan\AppData\Local\Packages
2015-05-30 12:07 - 2012-12-17 07:59 - 00013312 _____ C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-30 06:30 - 2012-12-22 15:04 - 00000000 ____D C:\Users\Milan\AppData\Roaming\DAEMON Tools Lite
2015-05-30 06:29 - 2013-01-28 14:09 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-05-30 06:29 - 2013-01-28 14:09 - 00000000 ____D C:\Program Files\CCleaner
2015-05-27 04:32 - 2012-12-13 17:31 - 00000000 ____D C:\ProgramData\Skype
2015-05-23 23:29 - 2014-12-25 12:23 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-23 23:29 - 2014-12-25 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-23 23:29 - 2014-12-25 12:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-23 22:57 - 2015-03-31 19:18 - 00000000 ____D C:\Users\Milan\AppData\Roaming\Seznam.cz
2015-05-23 22:57 - 2015-03-31 19:18 - 00000000 ____D C:\Program Files (x86)\Seznam.cz

==================== Files in the root of some directories =======

2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Milan\AppData\Roaming\PTTOQ
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Milan\AppData\Roaming\XPEQGO
2012-12-17 07:59 - 2015-05-30 12:07 - 0013312 _____ () C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-09 15:35 - 2013-06-09 15:35 - 0000001 _____ () C:\Users\Milan\AppData\Local\llftool.4.25.agreement
2013-06-16 11:58 - 2013-06-16 11:58 - 0000019 _____ () C:\Users\Milan\AppData\Local\llftool.license
2014-11-17 19:37 - 2014-11-17 19:37 - 0000000 ___SH () C:\Users\Milan\AppData\Local\LumaEmu
2012-12-20 16:56 - 2014-12-14 17:55 - 0007648 _____ () C:\Users\Milan\AppData\Local\resmon.resmoncfg
2014-11-12 01:02 - 2014-11-12 01:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Milan\en_res.dll
C:\Users\Milan\es_res.dll
C:\Users\Milan\fr_res.dll
C:\Users\Milan\grm_res.dll
C:\Users\Milan\it_res.dll
C:\Users\Milan\jp_res.dll
C:\Users\Milan\mfc80u.dll
C:\Users\Milan\msvcr80.dll
C:\Users\Milan\PCPE Setup.exe
C:\Users\Milan\pt_res.dll
C:\Users\Milan\ResourceReader.dll
C:\Users\Milan\ru_res.dll
C:\Users\Milan\zh_res.dll

Some files in TEMP:
====================
C:\Users\Milan\AppData\Local\Temp\bedeiffhca.exe
C:\Users\Milan\AppData\Local\Temp\tu17p84.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-21 13:07

==================== End of log ============================

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Děkuji.

Posílám ten log:

# AdwCleaner v4.206 - Log vytvořen 21/06/2015 v 19:34:17
# Aktualizováno 01/06/2015 by Xplode
# Databáze : 2015-06-17.1 [Server]
# Operační system : Windows 8.1 Pro (x64)
# Uživatelské jméno : Milan - MILAN
# Spuštěno z : D:\Staženo z webu\adwcleaner_4.206.exe
# Nastavení : Čištění

***** [ Služby ] *****

Služba Smazáno : sp_rsdrv2

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\Program Files (x86)\globalUpdate
Složka Smazáno : C:\Program Files (x86)\XTab
Složka Smazáno : C:\Users\Milan\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh
Složka Smazáno : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
Soubor Smazáno : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fdloijijlkoblmigdofommgnheckmaki_0.localstorage
Soubor Smazáno : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
Soubor Smazáno : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
Soubor Smazáno : C:\Program Files\Common Files\System\SysMenu.dll
Soubor Smazáno : C:\Program Files\Common Files\System\SysMenu64.dll
Soubor Smazáno : C:\Users\Milan\AppData\Roaming\PTTOQ
Soubor Smazáno : C:\Users\Milan\AppData\Roaming\XPEQGO
Soubor Smazáno : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.icq.com_0.localstorage
Soubor Smazáno : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
Soubor Smazáno : C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage

***** [ Naplánované úlohy ] *****

Úloha Smazáno : amiupdaterExd
Úloha Smazáno : amiupdaterExi
Úloha Smazáno : PTTOQ
Úloha Smazáno : XPEQGO

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Klíč Smazáno : HKLM\SOFTWARE\Classes\SDP
Klíč Smazáno : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Klíč Smazáno : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Klíč Smazáno : HKCU\Software\GlobalUpdate
Klíč Smazáno : HKCU\Software\DownLite
Klíč Smazáno : HKLM\SOFTWARE\GlobalUpdate
Klíč Smazáno : HKLM\SOFTWARE\SupDp
Klíč Smazáno : [x64] HKLM\SOFTWARE\ShopperPro

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17840

-\\ Mozilla Firefox v38.0.5 (x86 cs)

[r3jpb4vn.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.alias", "istartsurf");
[r3jpb4vn.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/web/favicon.ico");
[r3jpb4vn.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.name", "istartsurf");
[r3jpb4vn.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=dspp&ts=14 ... earchTerms}");
[r3jpb4vn.default\prefs.js] - Řádek Smazáno : user_pref("extensions.quick_start.enable_search1", false);
[r3jpb4vn.default\prefs.js] - Řádek Smazáno : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);

-\\ Google Chrome v44.0.2403.52

*************************

AdwCleaner[R0].txt - [12763 bytů] - [14/12/2014 11:24:44]
AdwCleaner[R1].txt - [3599 bytů] - [25/12/2014 13:11:31]
AdwCleaner[R2].txt - [1005 bytů] - [25/12/2014 23:44:02]
AdwCleaner[R3].txt - [6996 bytů] - [31/01/2015 17:14:04]
AdwCleaner[R4].txt - [5793 bytů] - [21/06/2015 19:27:40]
AdwCleaner[S0].txt - [12458 bytů] - [14/12/2014 11:26:42]
AdwCleaner[S1].txt - [4556 bytů] - [25/12/2014 13:15:20]
AdwCleaner[S2].txt - [1066 bytů] - [25/12/2014 23:44:51]
AdwCleaner[S3].txt - [6899 bytů] - [31/01/2015 17:16:25]
AdwCleaner[S4].txt - [5613 bytů] - [21/06/2015 19:34:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [5671 bytů] ##########

No to je paráda - ikonky se po otevření stránky opět vracej.
Co mi tam prosím vás vlastně vlezlo?

Ještě musíme dočistit. Dejte nový log FRST. Měl jste tam AdWare a zbytečnosti.

Zde je log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-06-2015 01
Ran by Milan (administrator) on MILAN on 21-06-2015 20:48:00
Running from D:\Staženo z webu
Loaded Profiles: Milan (Available Profiles: Milan & Guest)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21969480 2015-05-19] (Google)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\Run: [TomTomHOME.exe] => D:\TomTom\\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\Run: [SkyDrive] => C:\Users\Milan\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [277672 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\Run: [Zoner Photo Studio Autoupdate] => D:\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-04-02] (ZONER software)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\MountPoints2: {2c38ff37-4c07-11e2-be76-00215a5a544d} - "G:\setup.exe"
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-13] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-17] (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwar ... PIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwar ... TSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwar ... /CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\..\Interfaces\{9A8995CB-36F8-4629-8B1E-B3B0B01A28C3}: [NameServer] 8.8.8.8,8.8.4.4
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\r3jpb4vn.default
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-06-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-06-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-06-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Extension: Mask My IP - C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\r3jpb4vn.default\Extensions\support@mask-myip.com.xpi [2015-06-16]
FF HKLM-x32\...\Firefox\Extensions: [Player@Wondershare.com] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com

Chrome:
=======
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\akaelkiagnbfcccfnmbimdbplecgbikh [2015-06-21]
CHR Extension: (YouTube) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-04]
CHR Extension: (Adblock Plus) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-01]
CHR Extension: (Google Search) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-04]
CHR Extension: (Guitar Tuner) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhglmpmegfnbclojedloihcbkemoiddi [2013-07-30]
CHR Extension: (Guitar Tab Viewer) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkdmbkpfnfkhalmhebdelpldipheihng [2013-08-04]
CHR Extension: (AdBlock) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-01]
CHR Extension: (MEGA) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpgogfgfingilcbkpahnggpfdabapnol [2013-12-28]
CHR Extension: (No Name) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-06-21]
CHR Extension: (ButtonBeats Guitar) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcpeekapbmklcidenkpbjcpcicmjmnf [2013-12-20]
CHR Extension: (Google Wallet) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-04]
CHR Extension: (RSS Feed Reader) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2015-05-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [977088 2014-03-02] () [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-04-25] (Advanced Micro Devices)
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek )
S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
S3 BtHidBus; C:\Windows\System32\Drivers\BtHidBus.sys [25056 2011-12-21] (IVT Corporation.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2012-12-22] (DT Soft Ltd)
S3 IvtAudioBusSrv; C:\Windows\System32\Drivers\IvtBtBus.sys [27256 2012-12-24] (IVT Corporation.)
S3 IvtPanBusSrv; C:\Windows\System32\Drivers\btnetBus.sys [31480 2012-12-24] (IVT Corporation.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-11-12] (Basil Projects)
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-21 19:35 - 2015-06-21 19:35 - 00000077 _____ C:\WINDOWS\setupact.log
2015-06-21 19:35 - 2015-06-21 19:35 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-21 19:34 - 2015-06-21 19:34 - 00000354 _____ C:\WINDOWS\PFRO.log
2015-06-21 18:28 - 2015-06-21 20:18 - 00123333 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-21 18:04 - 2015-06-21 18:04 - 00000000 ____D C:\rsit
2015-06-21 18:04 - 2015-06-21 18:04 - 00000000 ____D C:\Program Files\trend micro
2015-06-21 07:26 - 2015-06-21 07:26 - 00000000 ____D C:\Users\Milan\AppData\Local\CrashRpt
2015-06-20 09:38 - 2015-06-21 07:29 - 00000000 ____D C:\Users\Milan\AppData\Roaming\Opera Software
2015-06-20 09:38 - 2015-06-21 07:29 - 00000000 ____D C:\Users\Milan\AppData\Local\Opera Software
2015-06-20 09:38 - 2015-06-21 07:21 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-06-20 09:37 - 2015-06-21 07:29 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-16 21:16 - 2015-06-16 21:16 - 00000000 ____D C:\Users\Milan\AppData\Roaming\MaskMyIP
2015-06-16 21:16 - 2015-06-16 21:16 - 00000000 ____D C:\ProgramData\MaskMyIP
2015-06-10 17:38 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 17:38 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 17:38 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 17:38 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 17:38 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 17:38 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 17:38 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 17:38 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 17:38 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 17:38 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 17:38 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 17:38 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 17:38 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 17:38 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 17:38 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 17:38 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 17:38 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 17:38 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 17:38 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 17:38 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 17:38 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 17:38 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 17:38 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 17:38 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 17:38 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 17:38 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 17:38 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 17:38 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 17:38 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 17:38 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 17:38 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 17:38 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 17:38 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 17:38 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 17:38 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 17:38 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 17:38 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 17:38 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 17:38 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 17:38 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 17:38 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-10 17:38 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-10 17:37 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 17:37 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 17:37 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 17:37 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 17:37 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 17:37 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 17:37 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 17:37 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 17:37 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 17:37 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 17:37 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 17:37 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 17:37 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 17:37 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 17:37 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 17:37 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 17:37 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 17:37 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 17:37 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 17:37 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 17:37 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 17:37 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 17:37 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 17:37 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 17:37 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 17:37 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 17:37 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 17:37 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 17:37 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 17:37 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 17:37 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 17:37 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 17:37 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 17:37 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 17:37 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 17:37 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 17:37 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 17:37 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 17:37 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-05 16:28 - 2015-06-05 16:28 - 00000000 ___HD C:\$WINDOWS.~BT
2015-06-01 17:27 - 2015-06-01 17:27 - 00000000 ____D C:\Users\Milan\AppData\Local\GWX
2015-05-27 19:27 - 2015-05-30 09:51 - 00000719 _____ C:\Users\Milan\Desktop\TrucksBook Uploader.lnk
2015-05-27 19:27 - 2015-05-27 19:27 - 00000000 ____D C:\Users\Milan\Documents\TB Uploader
2015-05-24 19:45 - 2015-05-24 19:45 - 00001207 _____ C:\Users\Milan\Documents\oscam(1).conf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-21 20:48 - 2014-12-25 11:27 - 00000000 ____D C:\FRST
2015-06-21 20:46 - 2012-12-13 17:31 - 00000000 ____D C:\Users\Milan\AppData\Roaming\Skype
2015-06-21 20:45 - 2014-10-29 15:25 - 00004958 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MILAN-Milan Milan
2015-06-21 20:37 - 2013-05-07 04:31 - 00000962 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-21 20:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-21 19:58 - 2013-04-25 19:28 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-21 19:47 - 2014-12-14 11:24 - 00000000 ____D C:\AdwCleaner
2015-06-21 19:35 - 2014-10-29 15:24 - 00000000 ___DO C:\Users\Milan\OneDrive
2015-06-21 19:35 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-21 19:35 - 2013-05-07 04:31 - 00000958 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-21 19:34 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\System
2015-06-21 19:34 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-21 17:58 - 2013-04-13 16:11 - 00000000 ____D C:\Users\Milan\AppData\Roaming\uTorrent
2015-06-21 17:18 - 2014-12-09 09:11 - 00000000 ____D C:\Users\Milan\AppData\Roaming\vlc
2015-06-21 13:20 - 2012-12-13 17:33 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2007596338-2558511808-3841995970-1001
2015-06-21 13:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-06-21 08:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\security
2015-06-21 07:42 - 2014-12-25 12:23 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-06-21 07:40 - 2015-04-19 17:40 - 00000000 ____D C:\xampp
2015-06-21 07:38 - 2015-01-31 12:03 - 00000000 ____D C:\Program Files (x86)\R-Studio
2015-06-21 07:32 - 2013-07-22 14:52 - 00000000 ____D C:\Program Files (x86)\7-Zip
2015-06-21 07:32 - 2013-01-20 11:45 - 00000000 ____D C:\Program Files (x86)\AMD APP
2015-06-21 07:30 - 2014-12-26 17:42 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-21 07:29 - 2014-11-13 11:00 - 00000000 __SHD C:\Users\Milan\AppData\Local\EmieBrowserModeList
2015-06-21 07:29 - 2014-11-12 01:31 - 00000000 __SHD C:\Users\Milan\AppData\Local\EmieUserList
2015-06-21 07:29 - 2014-11-12 01:31 - 00000000 __SHD C:\Users\Milan\AppData\Local\EmieSiteList
2015-06-20 06:00 - 2014-03-18 17:33 - 01935052 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-20 06:00 - 2014-03-18 16:54 - 00800964 _____ C:\WINDOWS\system32\perfh005.dat
2015-06-20 06:00 - 2014-03-18 16:54 - 00183494 _____ C:\WINDOWS\system32\perfc005.dat
2015-06-19 21:50 - 2015-04-11 08:28 - 00000000 ____D C:\Users\Milan\Documents\Euro Truck Simulator 2
2015-06-15 20:20 - 2015-01-24 18:43 - 00458752 ___SH C:\Users\Milan\Documents\Thumbs.db
2015-06-14 07:37 - 2012-12-14 05:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-06-13 07:34 - 2014-11-12 11:11 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-06-11 18:23 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-11 16:51 - 2013-01-06 16:25 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-11 16:50 - 2013-02-11 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-06-11 16:09 - 2012-12-13 17:34 - 00002279 _____ C:\Users\Milan\Desktop\Google Chrome.lnk
2015-06-11 04:30 - 2013-08-22 16:44 - 00482984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-10 22:19 - 2015-04-15 21:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-10 22:19 - 2014-12-22 18:08 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-10 22:19 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-10 22:19 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-10 17:56 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-10 17:54 - 2013-08-15 09:15 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-10 17:50 - 2012-12-14 17:49 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-09 04:41 - 2014-12-20 09:19 - 00000000 ____D C:\Users\Milan\AppData\Local\Adobe
2015-06-09 04:38 - 2013-02-27 13:28 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-08 19:38 - 2013-02-19 12:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-05 16:28 - 2014-11-12 01:07 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2015-06-05 16:28 - 2014-11-12 01:07 - 00001908 _____ C:\WINDOWS\diagerr.xml
2015-06-03 18:18 - 2014-11-13 00:04 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-03 18:18 - 2014-11-13 00:04 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-01 19:55 - 2014-11-01 10:56 - 00509440 _____ C:\Users\Milan\Documents\tabulka spotreby energii 2015.xls
2015-05-31 12:47 - 2015-05-03 08:38 - 00000000 ____D C:\Users\Milan\AppData\Local\JDownloader 2.0
2015-05-30 15:56 - 2012-12-13 17:25 - 00000000 ____D C:\Users\Milan\AppData\Local\Packages
2015-05-30 12:07 - 2012-12-17 07:59 - 00013312 _____ C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-30 06:30 - 2012-12-22 15:04 - 00000000 ____D C:\Users\Milan\AppData\Roaming\DAEMON Tools Lite
2015-05-30 06:29 - 2013-01-28 14:09 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-05-30 06:29 - 2013-01-28 14:09 - 00000000 ____D C:\Program Files\CCleaner
2015-05-27 04:32 - 2012-12-13 17:31 - 00000000 ____D C:\ProgramData\Skype
2015-05-23 23:29 - 2014-12-25 12:23 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-23 23:29 - 2014-12-25 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-23 23:29 - 2014-12-25 12:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-23 22:57 - 2015-03-31 19:18 - 00000000 ____D C:\Users\Milan\AppData\Roaming\Seznam.cz
2015-05-23 22:57 - 2015-03-31 19:18 - 00000000 ____D C:\Program Files (x86)\Seznam.cz

==================== Files in the root of some directories =======

2012-12-17 07:59 - 2015-05-30 12:07 - 0013312 _____ () C:\Users\Milan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-09 15:35 - 2013-06-09 15:35 - 0000001 _____ () C:\Users\Milan\AppData\Local\llftool.4.25.agreement
2013-06-16 11:58 - 2013-06-16 11:58 - 0000019 _____ () C:\Users\Milan\AppData\Local\llftool.license
2014-11-17 19:37 - 2014-11-17 19:37 - 0000000 ___SH () C:\Users\Milan\AppData\Local\LumaEmu
2012-12-20 16:56 - 2014-12-14 17:55 - 0007648 _____ () C:\Users\Milan\AppData\Local\resmon.resmoncfg
2014-11-12 01:02 - 2014-11-12 01:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Milan\en_res.dll
C:\Users\Milan\es_res.dll
C:\Users\Milan\fr_res.dll
C:\Users\Milan\grm_res.dll
C:\Users\Milan\it_res.dll
C:\Users\Milan\jp_res.dll
C:\Users\Milan\mfc80u.dll
C:\Users\Milan\msvcr80.dll
C:\Users\Milan\PCPE Setup.exe
C:\Users\Milan\pt_res.dll
C:\Users\Milan\ResourceReader.dll
C:\Users\Milan\ru_res.dll
C:\Users\Milan\zh_res.dll

Some files in TEMP:
====================
C:\Users\Milan\AppData\Local\Temp\bedeiffhca.exe
C:\Users\Milan\AppData\Local\Temp\tu17p84.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-06-21 20:08

==================== End of log ============================

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\MountPoints2: {2c38ff37-4c07-11e2-be76-00215a5a544d} - "G:\setup.exe"
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR Extension: (No Name) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-06-21]
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\Milan\en_res.dll
C:\Users\Milan\es_res.dll
C:\Users\Milan\fr_res.dll
C:\Users\Milan\grm_res.dll
C:\Users\Milan\it_res.dll
C:\Users\Milan\jp_res.dll
C:\Users\Milan\mfc80u.dll
C:\Users\Milan\msvcr80.dll
C:\Users\Milan\PCPE Setup.exe
C:\Users\Milan\pt_res.dll
C:\Users\Milan\ResourceReader.dll
C:\Users\Milan\ru_res.dll
C:\Users\Milan\zh_res.dll
C:\Users\Milan\AppData\Local\Temp
C:\Program Files\KMSnano Final
AlternateDataStreams: C:\ProgramData\TEMP:0888F409
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47
AlternateDataStreams: C:\ProgramData\TEMP:66633281
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\Milan\OneDrive:ms-properties
C:\Program Files\KMSpico
End

Uložte do D:\Staženo z webu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Tak snad jsem to nespletl

Fix result of Farbar Recovery Scan Tool (x64) Version:21-06-2015 01
Ran by Milan at 2015-06-21 21:12:28 Run:2
Running from D:\Staženo z webu
Loaded Profiles: Milan (Available Profiles: Milan & Guest)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\...\MountPoints2: {2c38ff37-4c07-11e2-be76-00215a5a544d} - "G:\setup.exe"
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR Extension: (No Name) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-06-21]
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
C:\Users\Milan\en_res.dll
C:\Users\Milan\es_res.dll
C:\Users\Milan\fr_res.dll
C:\Users\Milan\grm_res.dll
C:\Users\Milan\it_res.dll
C:\Users\Milan\jp_res.dll
C:\Users\Milan\mfc80u.dll
C:\Users\Milan\msvcr80.dll
C:\Users\Milan\PCPE Setup.exe
C:\Users\Milan\pt_res.dll
C:\Users\Milan\ResourceReader.dll
C:\Users\Milan\ru_res.dll
C:\Users\Milan\zh_res.dll
C:\Users\Milan\AppData\Local\Temp
C:\Program Files\KMSnano Final
AlternateDataStreams: C:\ProgramData\TEMP:0888F409
AlternateDataStreams: C:\ProgramData\TEMP:3440EB47
AlternateDataStreams: C:\ProgramData\TEMP:66633281
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\Milan\OneDrive:ms-properties
C:\Program Files\KMSpico
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
"HKU\S-1-5-21-2007596338-2558511808-3841995970-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2c38ff37-4c07-11e2-be76-00215a5a544d}" => key removed successfully
HKCR\CLSID\{2c38ff37-4c07-11e2-be76-00215a5a544d} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\ProgramData\DP45977C.lfl => moved successfully.
C:\Users\Milan\en_res.dll => moved successfully.
C:\Users\Milan\es_res.dll => moved successfully.
C:\Users\Milan\fr_res.dll => moved successfully.
C:\Users\Milan\grm_res.dll => moved successfully.
C:\Users\Milan\it_res.dll => moved successfully.
C:\Users\Milan\jp_res.dll => moved successfully.
C:\Users\Milan\mfc80u.dll => moved successfully.
C:\Users\Milan\msvcr80.dll => moved successfully.
C:\Users\Milan\PCPE Setup.exe => moved successfully.
C:\Users\Milan\pt_res.dll => moved successfully.
C:\Users\Milan\ResourceReader.dll => moved successfully.
C:\Users\Milan\ru_res.dll => moved successfully.
C:\Users\Milan\zh_res.dll => moved successfully.

"C:\Users\Milan\AppData\Local\Temp" folder move:

Could not move "C:\Users\Milan\AppData\Local\Temp" folder => Scheduled to move on reboot.

"C:\Program Files\KMSnano Final" => File/Folder not found.
C:\ProgramData\TEMP => ":0888F409" ADS removed successfully.
C:\ProgramData\TEMP => ":3440EB47" ADS removed successfully.
C:\ProgramData\TEMP => ":66633281" ADS removed successfully.
C:\ProgramData\TEMP => ":9A870F8B" ADS removed successfully.
C:\Users\Milan\OneDrive => ":ms-properties" ADS removed successfully.
C:\Program Files\KMSpico => moved successfully.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-06-21 21:14:01)<=

C:\Users\Milan\AppData\Local\Temp => moved successfully

==== End of Fixlog 21:14:01 ====

Nespletl, vše smazáno. PC by teď měl být čistý.

Vše je OK.

Děkuji.
Hezký večer.

I vám hezký večer a nemáte zač!

VIRY.CZ

Prosím o kontrolu - mění se mi ikonky záložek ve Chrome

Prosím o kontrolu - mění se mi ikonky záložek ve Chrome

Re: Prosím o kontrolu - mění se mi ikonky záložek ve Chrome

Re: Prosím o kontrolu - mění se mi ikonky záložek ve Chrome

Re: Prosím o kontrolu - mění se mi ikonky záložek ve Chrome

Re: Prosím o kontrolu - mění se mi ikonky záložek ve Chrome

Re: Prosím o kontrolu - mění se mi ikonky záložek ve Chrome

Re: Prosím o kontrolu - mění se mi ikonky záložek ve Chrome

Re: Prosím o kontrolu - mění se mi ikonky záložek ve Chrome

Re: Prosím o kontrolu - mění se mi ikonky záložek ve Chrome

Re: Prosím o kontrolu - mění se mi ikonky záložek ve Chrome

Re: Prosím o kontrolu - mění se mi ikonky záložek ve Chrome