nemecky ntb - problem

Zpráva

Mio · #1 Příspěvek od **Mio** » 28 zář 2015 20:02

Dobry vecer. Mam pozicany notebook od kolegu z prace v nemecku lebo na mojom dosluzil harddisk.
Ale je to katastrofa, spomaleny, vyskakujuce reklamy, presmerovanie na ine stranky...
Doklikat sa az sem na forum a prihlasit sa mi dalo fakt zabrat. Nenasiel som tu ziadny aktivny antivirus,
kat som sem nainstaloval 30-dnovy AVG, ak bude kolega chciet tak si ho predlzi. Prvy scan nasiel niekolko virusov
a odstranil ich. Ale problemy pokracuju. Prosim o pomoc. Dakujem

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sulliroy at 2015-09-28 20:36:08
WIN_7 Service Pack 1
System drive C: has 98 GB (49%) free of 202 GB
Total RAM: 4010 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:37:06, on 28.09.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\PremierOpinion\pmropn.exe
C:\PROGRA~2\PREMIE~1\pmropn32.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\windows\SysWOW64\ctfmon.exe
C:\Program Files\trend micro\Sulliroy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.palikan.com/?f=1&a=plk_vit_1 ... 033701&ir=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {E6E66045-E911-4C01-961D-32387BF12768} - C:\Users\Sulliroy\AppData\LocalLow\Browser-Security\safe_url.dll
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [OKAYFREEDOM_Update] "C:\Program Files (x86)\OkayFreedom\Updater.exe" --resume --verbosity silent
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://markettizer.net/as/ext/GetClasif ... 2&asv=2400
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://www.systweak.com/registryCleaner ... nstalled=0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1001\..\Run: [OKAYFREEDOM_Update] "C:\Program Files (x86)\OkayFreedom\Updater.exe" --resume --verbosity silent (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1001\..\RunOnce: [Application Restart #1] C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://markettizer.net/as/ext/GetClasif ... 2&asv=2400 (User '?')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Users\Sulliroy\AppData\Local\RGMService\nzxdvt\mcbjjf.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\N360.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PremierOpinion - VoiceFive, Inc. - C:\Program Files (x86)\PremierOpinion\pmservice.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update surf slide - Unknown owner - C:\Program Files (x86)\surf slide\updatesurfslide.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11024 bytes

======Listing Processes======

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\gaming_companion_helper_service.job - C:\Program Files (x86)\Gaming Companion\gaming_companion_helper_service.exe /installationtime=1433112989 /AppName="Gaming Companion"
C:\windows\tasks\Go_Palikan.job - C:\Users\Sulliroy\AppData\Local\{5AE36~1\UNINST~1.EXE /Check
C:\windows\tasks\progames_companion_helper_service.job - C:\Program Files (x86)\proGames Companion\progames_companion_helper_service.exe /installationtime=1433084586 /AppName="proGames Companion"

=========Mozilla firefox=========

ProfilePath - C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"
prefs.js - "keyword.URL" - "http://feed.sonic-search.com/?p=mKO_AwF ... l5mutK7&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\extensions\
abs@avira.com
b6e4f54065ff48dd97db30ca@c9b45f807bf54a45a4669e51c.com
nadir.kadem@gmail.com
{60aa72ee-e51c-4e54-9ad2-6f5b27b8653a}

C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29 388504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6E66045-E911-4C01-961D-32387BF12768}]
C:\Users\Sulliroy\AppData\LocalLow\Browser-Security\safe_url.dll [2015-07-22 2516480]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-12 12558440]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-07-18 168216]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-07-18 391960]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-07-18 418584]
"3D BubbleSound"=C:\Program Files\BubbleSound\3D BubbleSound.exe []
"smrt"=C:\Program Files (x86)\ProductUI\Startup.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OKAYFREEDOM_Update"=C:\Program Files (x86)\OkayFreedom\Updater.exe --resume --verbosity silent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://markettizer.net/as/ext/GetClasif ... 2&asv=2400 []
"Application Restart #0"=C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://www.systweak.com/registryCleaner ... nstalled=0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BoBrowser]
C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartWeb]
C:\Users\Sulliroy\AppData\Local\SmartWeb\SmartWebHelper.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [2010-09-20 87336]
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
"gmsd_de_196"= []
"gmsd_de_207"= []
"gmsd_de_233"= []
"gmsd_de_338"= []
"mbot_de_246"= []
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-09-10 1125800]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-09-12 3804072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Users\Sulliroy\AppData\Local\RGMService\nzxdvt\fifnv.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-12-16 384000]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-28 20:36:09 ----D---- C:\Program Files\trend micro
2015-09-28 20:36:08 ----D---- C:\rsit
2015-09-28 18:29:42 ----D---- C:\Users\Sulliroy\AppData\Roaming\AVG
2015-09-28 18:28:36 ----D---- C:\Program Files\Common Files\AV
2015-09-28 18:28:16 ----D---- C:\Users\Sulliroy\AppData\Roaming\TuneUp Software
2015-09-28 18:27:26 ----HD---- C:\$AVG
2015-09-28 18:20:59 ----D---- C:\ProgramData\Avg
2015-09-28 18:20:59 ----D---- C:\Program Files (x86)\AVG
2015-09-28 18:18:52 ----HD---- C:\ProgramData\Common Files
2015-09-28 18:18:52 ----D---- C:\ProgramData\MFAData
2015-09-27 15:09:15 ----D---- C:\Users\Sulliroy\AppData\Roaming\WinRAR
2015-09-27 15:08:55 ----D---- C:\Program Files\WinRAR
2015-09-27 14:39:13 ----D---- C:\ProgramData\UniqueId
2015-09-11 15:59:08 ----A---- C:\windows\system32\drivers\avgidsdrivera.sys
2015-09-11 15:50:48 ----A---- C:\windows\system32\UtcResources.dll
2015-09-11 15:50:48 ----A---- C:\windows\system32\diagtrack.dll
2015-09-11 13:54:22 ----A---- C:\windows\SYSWOW64\pmls.dll
2015-09-11 13:54:22 ----A---- C:\windows\system32\pmls64.dll
2015-09-07 20:49:29 ----D---- C:\Program Files (x86)\PremierOpinion
2015-09-07 20:46:58 ----D---- C:\Users\Sulliroy\AppData\Roaming\Browser-Security
2015-09-05 12:25:07 ----D---- C:\AdwCleaner
2015-09-05 12:05:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of files/folders modified in the last 1 month======

2015-09-28 20:37:00 ----D---- C:\windows\Temp
2015-09-28 20:36:09 ----RD---- C:\Program Files
2015-09-28 20:16:05 ----SHD---- C:\System Volume Information
2015-09-28 19:19:16 ----SHD---- C:\windows\Installer
2015-09-28 19:01:27 ----D---- C:\Program Files (x86)\Umtayyznhndq1ntz
2015-09-28 19:00:26 ----D---- C:\Program Files (x86)\gmsd_de_332
2015-09-28 18:51:36 ----D---- C:\ProgramData\PtGkYWamF
2015-09-28 18:29:34 ----D---- C:\Program Files (x86)\proGames Companion
2015-09-28 18:29:29 ----D---- C:\Program Files (x86)\Gaming Companion
2015-09-28 18:28:47 ----SHD---- C:\Config.Msi
2015-09-28 18:28:36 ----D---- C:\Program Files\Common Files
2015-09-28 18:28:07 ----D---- C:\windows\system32\drivers
2015-09-28 18:22:05 ----D---- C:\windows\SysWOW64
2015-09-28 18:22:01 ----D---- C:\windows\System32
2015-09-28 18:20:59 ----HD---- C:\ProgramData
2015-09-28 18:20:59 ----D---- C:\Program Files (x86)
2015-09-28 17:55:08 ----D---- C:\windows\Prefetch
2015-09-28 17:53:00 ----D---- C:\windows\inf
2015-09-28 17:50:04 ----D---- C:\windows\system32\LogFiles
2015-09-28 17:50:04 ----D---- C:\Windows
2015-09-28 06:31:57 ----D---- C:\windows\winsxs
2015-09-28 06:30:25 ----D---- C:\windows\system32\config
2015-09-27 16:38:35 ----D---- C:\Program Files (x86)\Smwyyntm1ndi1zdz
2015-09-27 11:26:23 ----D---- C:\windows\system32\NDF
2015-09-12 21:00:30 ----D---- C:\windows\Microsoft.NET
2015-09-12 20:14:06 ----D---- C:\windows\debug
2015-09-12 20:03:18 ----D---- C:\windows\system32\Tasks
2015-09-12 19:51:15 ----D---- C:\windows\system32\MRT
2015-09-11 15:38:42 ----D---- C:\windows\system32\catroot2
2015-09-11 14:19:21 ----D---- C:\windows\SYSWOW64\LogFiles
2015-09-11 13:49:49 ----D---- C:\windows\tracing
2015-09-07 21:22:21 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-09-07 20:48:30 ----D---- C:\Program Files (x86)\Opera
2015-09-07 20:47:02 ----D---- C:\windows\Tasks
2015-09-07 20:29:01 ----SD---- C:\ProgramData\Microsoft
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\wbem
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\Setup
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\oobe
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\com
2015-09-05 21:29:22 ----D---- C:\windows\system32\wfp
2015-09-05 21:29:22 ----D---- C:\windows\system32\wbem
2015-09-05 21:29:22 ----D---- C:\windows\system32\Setup
2015-09-05 21:29:22 ----D---- C:\windows\system32\oobe
2015-09-05 21:29:22 ----D---- C:\windows\system32\Msdtc
2015-09-05 21:29:22 ----D---- C:\windows\system32\DriverStore
2015-09-05 21:29:22 ----D---- C:\windows\system32\com
2015-09-05 21:29:22 ----D---- C:\windows\IME
2015-09-05 21:29:21 ----RSD---- C:\windows\Fonts
2015-09-05 21:29:04 ----D---- C:\ProgramData\WinClon
2015-09-05 21:28:21 ----D---- C:\windows\registration
2015-09-05 12:05:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-09-04 22:31:49 ----D---- C:\windows\SoftwareDistribution
2015-09-04 22:17:55 ----SD---- C:\Users\Sulliroy\AppData\Roaming\Microsoft
2015-09-04 21:42:14 ----D---- C:\windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\windows\system32\DRIVERS\avgidsha.sys [2015-08-20 298416]
R0 Avgloga;AVG Logging Driver; C:\windows\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\windows\system32\DRIVERS\avgmfx64.sys [2015-08-10 251312]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\windows\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2011-06-05 25960]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\windows\system32\drivers\N360x64\1501000.012\SYMDS64.SYS [2013-09-10 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS [2013-09-27 1147480]
R1 Avgdiska;AVG Disk Driver; C:\windows\system32\DRIVERS\avgdiska.sys [2015-08-10 197040]
R1 AVGIDSDriver;AVGIDSDriver; C:\windows\system32\DRIVERS\avgidsdrivera.sys [2015-09-11 312752]
R1 Avgldx64;AVG AVI Loader Driver; C:\windows\system32\DRIVERS\avgldx64.sys [2015-08-10 293296]
R1 Avgtdia;AVG TDI Driver; C:\windows\system32\DRIVERS\avgtdia.sys [2015-08-28 301488]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131002.001\BHDrvx64.sys [2013-09-26 1525848]
R1 ccSet_N360;N360 Settings Manager; C:\windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [2013-09-26 162392]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20130930.001\IDSVia64.sys [2013-09-24 520280]
R1 mgjmm2n2ynm4bgr;mgjmm2n2ynm4bgr; C:\windows\system32\drivers\mgjmm2n2ynm4bgr.sys [2015-07-24 50520]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-30 13824]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [2013-09-10 36952]
R1 SymIRON;Symantec Iron Driver; C:\windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [2013-09-27 264280]
R1 SymNetS;Symantec Network Security WFP Driver; C:\windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [2013-09-26 590936]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-03-12 242992]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-12-16 12256512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-12-01 11417088]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2015-06-10 177752]
S1 mwiynzm4ndy1yjz;mwiynzm4ndy1yjz; C:\windows\system32\drivers\mwiynzm4ndy1yjz.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-12-12 2797056]
S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys []
S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth-Porttreiber; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys []
S3 EraserUtilDrv11311;EraserUtilDrv11311; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys []
S3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\ENG64.SYS [2013-10-04 126040]
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\EX64.SYS [2013-10-04 2099288]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [2013-09-27 858200]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-09-12 3793392]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-09-10 1042344]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-09-12 595832]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\N360.exe [2013-10-08 264360]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-06-04 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-06-05 1997416]
R2 PremierOpinion;PremierOpinion; C:\Program Files (x86)\PremierOpinion\pmservice.exe [2015-07-21 206136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 Update surf slide;Update surf slide; C:\Program Files (x86)\surf slide\updatesurfslide.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-07 269000]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-09-12 603120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-26 149160]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

#2 Příspěvek od **Rudy** » 28 zář 2015 20:07

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Mio · #3 Příspěvek od **Mio** » 28 zář 2015 20:54

prvy test nevysiel lebo program prestal pracovat pri mazani najdenych problemov. druhykrat to uz islo ale nenasiel uz nic. tu je log

# AdwCleaner v5.009 - Bericht erstellt am 28/09/2015 um 21:26:13
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-27.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Sulliroy - SULLIROY-PC
# Gestartet von : C:\Users\Sulliroy\Downloads\adwcleaner_5.009.exe
# Option : Löschen
# Unterstützung : http://toolslib.net/forum

***** [ Dienste ] *****

***** [ Ordner ] *****

***** [ Dateien ] *****

***** [ Verknüpfungen ] *****

***** [ Geplante Tasks ] *****

***** [ Registrierungsdatenbank ] *****

[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten Wiederhergestellt : HKU\S-1-5-21-1656143743-13120863-1912775482-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs]

***** [ Internetbrowser ] *****

[-] [C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.ab6e4f54065ff48dd97db30cac9b45f807bf54a45a4669e51ccom67913.67913.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22am[...]
[-] [C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.ab6e4f54065ff48dd97db30cac9b45f807bf54a45a4669e51ccom67913.67913.internaldb.__defualt_browser__.value", "%22bobrowser%22");
[-] [C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.ab6e4f54065ff48dd97db30cac9b45f807bf54a45a4669e51ccom67913.67913.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%[...]
[-] [C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.ab8b24adfa10849babecf5bfb678b44471a3cb7cb954cd1b599b05acom71385.71385.internaldb.__defualt_browser__.value", "%22bobrowser%22");
[-] [C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.ab8b24adfa10849babecf5bfb678b44471a3cb7cb954cd1b599b05acom71385.71385.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%2[...]
[-] [C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.crossrider.bic", "14f9cf8a15d30a5b69b05a823416c16d");
[-] [C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[-] [C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\prefs.js] [Preference] Gelöscht : user_pref("keyword.URL", "hxxp://feed.sonic-search.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMTiMNTUnXylRyyBLUEhg76tFeJKIm_uEtiLhqnJPU9YBawGtRYT4_ir5AMN5m0l6s0KZX4j3e7Pcph71I9zgpLxcJqyn7sD2I96kp2IUiUf3G_[...]

*************************

:: Winsock Einstellungen zurückgesetzt

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [3631 Bytes] ##########

#4 Příspěvek od **Rudy** » 28 zář 2015 20:59

Dejte nový log RSIT.

Mio · #5 Příspěvek od **Mio** » 28 zář 2015 21:04

novy RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sulliroy at 2015-09-28 22:01:32
WIN_7 Service Pack 1
stem drive C: has 98 GB (49%) free of 202 GB
Total RAM: 4010 MB (55% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:01:35, on 28.09.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
C:\Program Files\trend micro\Sulliroy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [OKAYFREEDOM_Update] "C:\Program Files (x86)\OkayFreedom\Updater.exe" --resume --verbosity silent
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://markettizer.net/as/ext/GetClasif ... 2&asv=2400
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://www.systweak.com/registryCleaner ... nstalled=0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1001\..\Run: [OKAYFREEDOM_Update] "C:\Program Files (x86)\OkayFreedom\Updater.exe" --resume --verbosity silent (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1001\..\RunOnce: [Application Restart #1] C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://markettizer.net/as/ext/GetClasif ... 2&asv=2400 (User '?')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\N360.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update surf slide - Unknown owner - C:\Program Files (x86)\surf slide\updatesurfslide.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10217 bytes

======Listing Processes======

=========Mozilla firefox=========

ProfilePath - C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\extensions\
abs@avira.com
b6e4f54065ff48dd97db30ca@c9b45f807bf54a45a4669e51c.com
nadir.kadem@gmail.com
{60aa72ee-e51c-4e54-9ad2-6f5b27b8653a}

C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29 388504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-12 12558440]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-07-18 168216]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-07-18 391960]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-07-18 418584]
"3D BubbleSound"=C:\Program Files\BubbleSound\3D BubbleSound.exe []
"smrt"=C:\Program Files (x86)\ProductUI\Startup.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OKAYFREEDOM_Update"=C:\Program Files (x86)\OkayFreedom\Updater.exe --resume --verbosity silent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://markettizer.net/as/ext/GetClasif ... 2&asv=2400 []
"Application Restart #0"=C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://www.systweak.com/registryCleaner ... nstalled=0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BoBrowser]
C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartWeb]
C:\Users\Sulliroy\AppData\Local\SmartWeb\SmartWebHelper.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [2010-09-20 87336]
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-09-10 1125800]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-09-12 3804072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-12-16 384000]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-28 20:36:09 ----D---- C:\Program Files\trend micro
2015-09-28 20:36:08 ----D---- C:\rsit
2015-09-28 18:29:42 ----D---- C:\Users\Sulliroy\AppData\Roaming\AVG
2015-09-28 18:28:36 ----D---- C:\Program Files\Common Files\AV
2015-09-28 18:28:16 ----D---- C:\Users\Sulliroy\AppData\Roaming\TuneUp Software
2015-09-28 18:27:26 ----HD---- C:\$AVG
2015-09-28 18:20:59 ----D---- C:\ProgramData\Avg
2015-09-28 18:20:59 ----D---- C:\Program Files (x86)\AVG
2015-09-28 18:18:52 ----HD---- C:\ProgramData\Common Files
2015-09-28 18:18:52 ----D---- C:\ProgramData\MFAData
2015-09-27 15:09:15 ----D---- C:\Users\Sulliroy\AppData\Roaming\WinRAR
2015-09-27 15:08:55 ----D---- C:\Program Files\WinRAR
2015-09-27 14:39:13 ----D---- C:\ProgramData\UniqueId
2015-09-11 15:59:08 ----A---- C:\windows\system32\drivers\avgidsdrivera.sys
2015-09-11 13:54:22 ----A---- C:\windows\SYSWOW64\pmls.dll
2015-09-11 13:54:22 ----A---- C:\windows\system32\pmls64.dll
2015-09-05 12:25:07 ----D---- C:\AdwCleaner
2015-09-05 12:05:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of files/folders modified in the last 1 month======

2015-09-28 22:01:35 ----D---- C:\windows\Prefetch
2015-09-28 22:01:33 ----D---- C:\windows\Temp
2015-09-28 21:48:02 ----D---- C:\windows\system32\config
2015-09-28 21:35:48 ----D---- C:\windows\winsxs
2015-09-28 21:31:29 ----D---- C:\windows\System32
2015-09-28 21:28:30 ----D---- C:\Windows
2015-09-28 21:24:14 ----D---- C:\windows\Tasks
2015-09-28 21:24:14 ----D---- C:\windows\system32\Tasks
2015-09-28 21:24:12 ----SHD---- C:\System Volume Information
2015-09-28 21:24:06 ----D---- C:\Program Files (x86)
2015-09-28 20:36:09 ----RD---- C:\Program Files
2015-09-28 19:19:16 ----SHD---- C:\windows\Installer
2015-09-28 19:03:49 ----D---- C:\ProgramData\Packer7abd1f03-4407-4053-a033-724f570d658c
2015-09-28 19:01:28 ----D---- C:\Program Files (x86)\Umtayyznhndq1ntz
2015-09-28 18:51:36 ----D---- C:\ProgramData\PtGkYWamF
2015-09-28 18:29:34 ----D---- C:\Program Files (x86)\proGames Companion
2015-09-28 18:29:29 ----D---- C:\Program Files (x86)\Gaming Companion
2015-09-28 18:28:47 ----SHD---- C:\Config.Msi
2015-09-28 18:28:36 ----D---- C:\Program Files\Common Files
2015-09-28 18:28:07 ----D---- C:\windows\system32\drivers
2015-09-28 18:22:05 ----D---- C:\windows\SysWOW64
2015-09-28 18:20:59 ----HD---- C:\ProgramData
2015-09-28 17:53:00 ----D---- C:\windows\inf
2015-09-28 17:50:04 ----D---- C:\windows\system32\LogFiles
2015-09-27 16:38:35 ----D---- C:\Program Files (x86)\Smwyyntm1ndi1zdz
2015-09-27 11:26:23 ----D---- C:\windows\system32\NDF
2015-09-12 21:00:30 ----D---- C:\windows\Microsoft.NET
2015-09-12 20:14:06 ----D---- C:\windows\debug
2015-09-12 19:51:15 ----D---- C:\windows\system32\MRT
2015-09-11 15:38:42 ----D---- C:\windows\system32\catroot2
2015-09-11 14:19:21 ----D---- C:\windows\SYSWOW64\LogFiles
2015-09-11 13:49:49 ----D---- C:\windows\tracing
2015-09-07 21:22:21 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-09-07 20:48:30 ----D---- C:\Program Files (x86)\Opera
2015-09-07 20:29:01 ----SD---- C:\ProgramData\Microsoft
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\wbem
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\Setup
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\oobe
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\com
2015-09-05 21:29:22 ----D---- C:\windows\system32\wfp
2015-09-05 21:29:22 ----D---- C:\windows\system32\wbem
2015-09-05 21:29:22 ----D---- C:\windows\system32\Setup
2015-09-05 21:29:22 ----D---- C:\windows\system32\oobe
2015-09-05 21:29:22 ----D---- C:\windows\system32\Msdtc
2015-09-05 21:29:22 ----D---- C:\windows\system32\DriverStore
2015-09-05 21:29:22 ----D---- C:\windows\system32\com
2015-09-05 21:29:22 ----D---- C:\windows\IME
2015-09-05 21:29:21 ----RSD---- C:\windows\Fonts
2015-09-05 21:29:04 ----D---- C:\ProgramData\WinClon
2015-09-05 21:28:21 ----D---- C:\windows\registration
2015-09-05 12:05:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-09-04 22:31:49 ----D---- C:\windows\SoftwareDistribution
2015-09-04 22:17:55 ----SD---- C:\Users\Sulliroy\AppData\Roaming\Microsoft
2015-09-04 21:42:14 ----D---- C:\windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\windows\system32\DRIVERS\avgidsha.sys [2015-08-20 298416]
R0 Avgloga;AVG Logging Driver; C:\windows\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\windows\system32\DRIVERS\avgmfx64.sys [2015-08-10 251312]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\windows\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2011-06-05 25960]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\windows\system32\drivers\N360x64\1501000.012\SYMDS64.SYS [2013-09-10 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS [2013-09-27 1147480]
R1 Avgdiska;AVG Disk Driver; C:\windows\system32\DRIVERS\avgdiska.sys [2015-08-10 197040]
R1 AVGIDSDriver;AVGIDSDriver; C:\windows\system32\DRIVERS\avgidsdrivera.sys [2015-09-11 312752]
R1 Avgldx64;AVG AVI Loader Driver; C:\windows\system32\DRIVERS\avgldx64.sys [2015-08-10 293296]
R1 Avgtdia;AVG TDI Driver; C:\windows\system32\DRIVERS\avgtdia.sys [2015-08-28 301488]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131002.001\BHDrvx64.sys [2013-09-26 1525848]
R1 ccSet_N360;N360 Settings Manager; C:\windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [2013-09-26 162392]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20130930.001\IDSVia64.sys [2013-09-24 520280]
R1 mgjmm2n2ynm4bgr;mgjmm2n2ynm4bgr; C:\windows\system32\drivers\mgjmm2n2ynm4bgr.sys [2015-07-24 50520]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-30 13824]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [2013-09-10 36952]
R1 SymIRON;Symantec Iron Driver; C:\windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [2013-09-27 264280]
R1 SymNetS;Symantec Network Security WFP Driver; C:\windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [2013-09-26 590936]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-03-12 242992]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-12-16 12256512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-12-01 11417088]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2015-06-10 177752]
S1 mwiynzm4ndy1yjz;mwiynzm4ndy1yjz; C:\windows\system32\drivers\mwiynzm4ndy1yjz.sys []
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-12-12 2797056]
S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys []
S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth-Porttreiber; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys []
S3 EraserUtilDrv11311;EraserUtilDrv11311; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys []
S3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\ENG64.SYS [2013-10-04 126040]
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\EX64.SYS [2013-10-04 2099288]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [2013-09-27 858200]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-09-12 3793392]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-09-10 1042344]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-09-12 595832]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\N360.exe [2013-10-08 264360]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-06-04 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-06-05 1997416]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 Update surf slide;Update surf slide; C:\Program Files (x86)\surf slide\updatesurfslide.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-07 269000]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-09-12 603120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-26 149160]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 28 zář 2015 21:50

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Users\Sulliroy\AppData\Local\BoBrowser
C:\ProgramData\Packer7abd1f03-4407-4053-a033-724f570d658c
C:\Program Files (x86)\Umtayyznhndq1ntz
C:\ProgramData\PtGkYWamF
C:\Program Files (x86)\Smwyyntm1ndi1zdz

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BoBrowser]/64

:services
mgjmm2n2ynm4bgr
mwiynzm4ndy1yjz

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte AVG a po něm restartujte PC. Dejte nový log RSIT.

V PC jsou 2 antiviry (AVG a Norton360). Jeden z nich odinstalujte.

Mio · #7 Příspěvek od **Mio** » 29 zář 2015 16:59

Dobry den.
Norton 360 sa mi odinstalovat nepodarilo. Ten program vobec nereaguje, neda sa spustit ani odinstalovat.
Vypol som AVG a postupoval podla pokynov. Vsetko prebehlo v pohode.

Inak ten AVG mi stale vyhadzuje hlasku:
Threat: Virus found JS/Redir
Object name: asrv-a.akamaihd.net/sd/1700/1037.js
Thread has been succesfully removed.

Toto vyhadzuje stale kazdu chvilu. Je tam aj moznost ´more info´ o viruse, tak ked tak este toto napisem.

tu je novy rsit log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sulliroy at 2015-09-29 17:49:40
WIN_7 Service Pack 1
System drive C: has 101 GB (50%) free of 202 GB
Total RAM: 4010 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:49:46, on 29.09.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
C:\Program Files\trend micro\Sulliroy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKCU\..\Run: [OKAYFREEDOM_Update] "C:\Program Files (x86)\OkayFreedom\Updater.exe" --resume --verbosity silent
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://markettizer.net/as/ext/GetClasif ... 2&asv=2400
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://www.systweak.com/registryCleaner ... nstalled=0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1001\..\Run: [OKAYFREEDOM_Update] "C:\Program Files (x86)\OkayFreedom\Updater.exe" --resume --verbosity silent (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1001\..\RunOnce: [Application Restart #1] C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://markettizer.net/as/ext/GetClasif ... 2&asv=2400 (User '?')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\N360.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update surf slide - Unknown owner - C:\Program Files (x86)\surf slide\updatesurfslide.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10165 bytes

======Listing Processes======

======Scheduled tasks folder======

C:\windows\tasks\AVG_SYS_TASK_0615pit_DELETE.job - C:\ProgramData\Avg_Update_0615pit\AVG-Secure-Search-Update_0615pit.exe /CMPID=0615pit /CMPN_DELETE_ALL
C:\windows\tasks\AVG_SYS_TASK_0615pit_VALID.job - C:\ProgramData\Avg_Update_0615pit\AVG-Secure-Search-Update_0615pit.exe /CNFG_UNVALIDATED /CMPID=0615pit /RUNBY=AV /USERINFO=1 /INFORETRY=3 /CNFG_UNVALIDATED

=========Mozilla firefox=========

ProfilePath - C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\extensions\
abs@avira.com
b6e4f54065ff48dd97db30ca@c9b45f807bf54a45a4669e51c.com
nadir.kadem@gmail.com
{60aa72ee-e51c-4e54-9ad2-6f5b27b8653a}

C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Norton 360\Engine64\21.1.0.18\coIEPlg.dll [2013-10-06 769360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Norton Identity Protection - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\coIEPlg.dll [2013-10-06 526672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\IPS\IPSBHO.DLL [2013-09-29 388504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-12 12558440]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-07-18 168216]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-07-18 391960]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-07-18 418584]
"3D BubbleSound"=C:\Program Files\BubbleSound\3D BubbleSound.exe []
"smrt"=C:\Program Files (x86)\ProductUI\Startup.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OKAYFREEDOM_Update"=C:\Program Files (x86)\OkayFreedom\Updater.exe --resume --verbosity silent []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://markettizer.net/as/ext/GetClasif ... 2&asv=2400 []
"Application Restart #0"=C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://www.systweak.com/registryCleaner ... nstalled=0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartWeb]
C:\Users\Sulliroy\AppData\Local\SmartWeb\SmartWebHelper.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [2010-09-20 87336]
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-09-10 1125800]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-09-12 3804072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-12-16 384000]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-29 17:42:15 ----D---- C:\_OTM
2015-09-29 17:23:25 ----D---- C:\ProgramData\Avg_Update_0615pit
2015-09-28 20:36:09 ----D---- C:\Program Files\trend micro
2015-09-28 20:36:08 ----D---- C:\rsit
2015-09-28 18:29:42 ----D---- C:\Users\Sulliroy\AppData\Roaming\AVG
2015-09-28 18:28:36 ----D---- C:\Program Files\Common Files\AV
2015-09-28 18:28:16 ----D---- C:\Users\Sulliroy\AppData\Roaming\TuneUp Software
2015-09-28 18:27:26 ----HD---- C:\$AVG
2015-09-28 18:20:59 ----D---- C:\ProgramData\Avg
2015-09-28 18:20:59 ----D---- C:\Program Files (x86)\AVG
2015-09-28 18:18:52 ----HD---- C:\ProgramData\Common Files
2015-09-28 18:18:52 ----D---- C:\ProgramData\MFAData
2015-09-27 15:09:15 ----D---- C:\Users\Sulliroy\AppData\Roaming\WinRAR
2015-09-27 15:08:55 ----D---- C:\Program Files\WinRAR
2015-09-27 14:39:13 ----D---- C:\ProgramData\UniqueId
2015-09-11 15:59:08 ----A---- C:\windows\system32\drivers\avgidsdrivera.sys
2015-09-11 15:50:48 ----A---- C:\windows\system32\UtcResources.dll
2015-09-11 15:50:48 ----A---- C:\windows\system32\diagtrack.dll
2015-09-11 13:54:22 ----A---- C:\windows\SYSWOW64\pmls.dll
2015-09-11 13:54:22 ----A---- C:\windows\system32\pmls64.dll
2015-09-05 12:25:07 ----D---- C:\AdwCleaner
2015-09-05 12:05:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of files/folders modified in the last 1 month======

2015-09-29 17:49:05 ----D---- C:\windows\Temp
2015-09-29 17:47:11 ----D---- C:\windows\Prefetch
2015-09-29 17:46:48 ----D---- C:\windows\system32\Tasks
2015-09-29 17:46:47 ----D---- C:\windows\Tasks
2015-09-29 17:46:40 ----D---- C:\windows\system32\config
2015-09-29 17:42:17 ----HD---- C:\ProgramData
2015-09-29 17:42:17 ----D---- C:\Program Files (x86)
2015-09-29 17:27:14 ----SHD---- C:\System Volume Information
2015-09-29 17:19:19 ----D---- C:\windows\system32\LogFiles
2015-09-29 06:27:14 ----D---- C:\windows\winsxs
2015-09-29 06:27:13 ----D---- C:\windows\System32
2015-09-28 21:28:30 ----D---- C:\Windows
2015-09-28 20:36:09 ----RD---- C:\Program Files
2015-09-28 19:19:16 ----SHD---- C:\windows\Installer
2015-09-28 18:29:34 ----D---- C:\Program Files (x86)\proGames Companion
2015-09-28 18:29:29 ----D---- C:\Program Files (x86)\Gaming Companion
2015-09-28 18:28:47 ----SHD---- C:\Config.Msi
2015-09-28 18:28:36 ----D---- C:\Program Files\Common Files
2015-09-28 18:28:07 ----D---- C:\windows\system32\drivers
2015-09-28 18:22:05 ----D---- C:\windows\SysWOW64
2015-09-28 17:53:00 ----D---- C:\windows\inf
2015-09-27 11:26:23 ----D---- C:\windows\system32\NDF
2015-09-12 21:00:30 ----D---- C:\windows\Microsoft.NET
2015-09-12 20:14:06 ----D---- C:\windows\debug
2015-09-12 19:51:15 ----D---- C:\windows\system32\MRT
2015-09-11 15:38:42 ----D---- C:\windows\system32\catroot2
2015-09-11 14:19:21 ----D---- C:\windows\SYSWOW64\LogFiles
2015-09-11 13:49:49 ----D---- C:\windows\tracing
2015-09-07 21:22:21 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-09-07 20:48:30 ----D---- C:\Program Files (x86)\Opera
2015-09-07 20:29:01 ----SD---- C:\ProgramData\Microsoft
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\wbem
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\Setup
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\oobe
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\com
2015-09-05 21:29:22 ----D---- C:\windows\system32\wfp
2015-09-05 21:29:22 ----D---- C:\windows\system32\wbem
2015-09-05 21:29:22 ----D---- C:\windows\system32\Setup
2015-09-05 21:29:22 ----D---- C:\windows\system32\oobe
2015-09-05 21:29:22 ----D---- C:\windows\system32\Msdtc
2015-09-05 21:29:22 ----D---- C:\windows\system32\DriverStore
2015-09-05 21:29:22 ----D---- C:\windows\system32\com
2015-09-05 21:29:22 ----D---- C:\windows\IME
2015-09-05 21:29:21 ----RSD---- C:\windows\Fonts
2015-09-05 21:29:04 ----D---- C:\ProgramData\WinClon
2015-09-05 21:28:21 ----D---- C:\windows\registration
2015-09-05 12:05:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-09-04 22:31:49 ----D---- C:\windows\SoftwareDistribution
2015-09-04 22:17:55 ----SD---- C:\Users\Sulliroy\AppData\Roaming\Microsoft
2015-09-04 21:42:14 ----D---- C:\windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\windows\system32\DRIVERS\avgidsha.sys [2015-08-20 298416]
R0 Avgloga;AVG Logging Driver; C:\windows\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\windows\system32\DRIVERS\avgmfx64.sys [2015-08-10 251312]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\windows\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2011-06-05 25960]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 SymDS;Symantec Data Store; C:\windows\system32\drivers\N360x64\1501000.012\SYMDS64.SYS [2013-09-10 493656]
R0 SymEFA;Symantec Extended File Attributes; C:\windows\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS [2013-09-27 1147480]
R1 Avgdiska;AVG Disk Driver; C:\windows\system32\DRIVERS\avgdiska.sys [2015-08-10 197040]
R1 AVGIDSDriver;AVGIDSDriver; C:\windows\system32\DRIVERS\avgidsdrivera.sys [2015-09-11 312752]
R1 Avgldx64;AVG AVI Loader Driver; C:\windows\system32\DRIVERS\avgldx64.sys [2015-08-10 293296]
R1 Avgtdia;AVG TDI Driver; C:\windows\system32\DRIVERS\avgtdia.sys [2015-08-28 301488]
R1 BHDrvx64;BHDrvx64; \??\C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20131002.001\BHDrvx64.sys [2013-09-26 1525848]
R1 ccSet_N360;N360 Settings Manager; C:\windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [2013-09-26 162392]
R1 IDSVia64;IDSVia64; \??\C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20130930.001\IDSVia64.sys [2013-09-24 520280]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-30 13824]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [2013-09-10 36952]
R1 SymIRON;Symantec Iron Driver; C:\windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [2013-09-27 264280]
R1 SymNetS;Symantec Network Security WFP Driver; C:\windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [2013-09-26 590936]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-03-12 242992]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-12-16 12256512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-12-01 11417088]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
R3 SymEvent;SymEvent; \??\C:\windows\system32\Drivers\SYMEVENT64x86.SYS [2015-06-10 177752]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-12-12 2797056]
S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys []
S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth-Porttreiber; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys []
S3 EraserUtilDrv11311;EraserUtilDrv11311; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys []
S3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\ENG64.SYS [2013-10-04 126040]
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton 360\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20131004.035\EX64.SYS [2013-10-04 2099288]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SRTSP;Symantec Real Time Storage Protection x64; C:\windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [2013-09-27 858200]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-09-12 3793392]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-09-10 1042344]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-09-12 595832]
R2 N360;Norton 360; C:\Program Files (x86)\Norton 360\Norton 360\Engine\21.1.0.18\N360.exe [2013-10-08 264360]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-06-04 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-06-05 1997416]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 Update surf slide;Update surf slide; C:\Program Files (x86)\surf slide\updatesurfslide.exe []
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-07 269000]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-09-12 603120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-26 149160]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 29 zář 2015 17:43

Zkuste nejprve Norton360 odinstalovat pomocí utility SymNrt: https://support.norton.com/sp/en/us/hom ... file_en_us . Pak budeme pokačovat.

Mio · #9 Příspěvek od **Mio** » 29 zář 2015 18:48

Norton odinstalovany. aky je dalsi postup? zatial dakujem

#10 Příspěvek od **Rudy** » 29 zář 2015 19:12

Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Dále udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

Mio · #11 Příspěvek od **Mio** » 29 zář 2015 21:11

vsetko hotovo. tu je log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Dátum skenovania: 29.09.2015
Scan ??as: 20:57
Logfile: log.txt
Správca: áno

Verzia: 2.1.8.1057
Malware databázy: v2015.09.29.05
Rootkit databázy: v2015.09.22.01
Licencia: Zadarmo
Ochrana pred škodlivým softvérom: Telesne
Škodlivých webových stránok Ochrana: Telesne
Sebaobrany: Telesne

OS: Windows 7 Service Pack 1
CPU: x64
Systém súborov: NTFS
Používatel: Sulliroy

Typ skenu: Hrozba Scan
Výsledok: Dokon??ené
Objekty naskenované: 395806
Uplynulý ??as: 21 min, 29 sec

Pamät: Povolené
Pri spustení: Povolené
Súborový systém: Povolené
Archív: Povolené
Rootkity: Telesne
Heuristiky: Povolené
ŠTENA: Povolené
VYKUROVAC: Povolené

Procesy: 0
(Žiadne zákernej položky neboli zistené)

Moduly: 0
(Žiadne zákernej položky neboli zistené)

Klú??e databázy Registry: 44
PUP.Optional.SnapDo, HKU\S-1-5-21-1656143743-13120863-1912775482-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, , [446544f1236869cd2b697f6b857dae52],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\MICROSOFT\TRACING\SpeedCheckerService_RASAPI32, , [f5b485b0b9d2da5c0cc64c8f6d97b54b],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\MICROSOFT\TRACING\SpeedCheckerService_RASMANCS, , [b2f759dcc4c74de9557d4d8e15ef11ef],
PUP.Optional.StormWatch, HKLM\SOFTWARE\MICROSOFT\TRACING\StormWatch_RASAPI32, , [7237a19419720c2adac109bd7b89e61a],
PUP.Optional.StormWatch, HKLM\SOFTWARE\MICROSOFT\TRACING\StormWatch_RASMANCS, , [57523ef76922e1555249c006aa5a26da],
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , , [486158dd0784bd7932b2e5e5bb49ae52],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, , [139659dc7219e05681a70e6c59ab2cd4],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, , [6049191ce8a3b68071b6f189a85c05fb],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\avaxvyyvyf, , [d8d14aeb2f5cac8a04745d63f90b39c7],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\avayvxvaxc, , [f0b9ba7bb4d74bebafc9744c57ad15eb],
PUP.Optional.ApplicationHosting, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Application Hosting.exe, , [5059fa3be3a8e0561e85b7d7788cef11],
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, , [5059f5407e0d171fc1bcd506d331e11f],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [28815bdac3c83204c6b15e2534d001ff],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\Cinema Plus v6V24.07-nv-ie, , [9d0c1f16ed9ec76f5003d0ccfb096898],
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\HD Cinema Plus 1..7V15.03-nv-ie, , [b2f745f03358ac8a400bd7c5f311d927],
PUP.Optional.MediaPlayerLtdEd, HKLM\SOFTWARE\WOW6432NODE\MediaPlayerLtdEd1.2, , [f7b290a569220a2c3f89bff021e3659b],
PUP.Optional.MediaPlayerLtdEd, HKLM\SOFTWARE\WOW6432NODE\MediaPlayerLtdEd1.2-nv-ie, , [a40565d0f09b71c57c4c436c64a0bc44],
PUP.Optional.QuickRef, HKLM\SOFTWARE\WOW6432NODE\QuickRef_1.10.0.8, , [d1d86fc66e1dad8941e5417b39cb43bd],
PUP.Optional.QuickRef, HKLM\SOFTWARE\WOW6432NODE\QuickRef_1.10.0.9, , [f2b774c10f7c201675b1506c4db741bf],
Adware.SmartBar, HKLM\SOFTWARE\WOW6432NODE\Smartbar, , [bced68cd8209b1851006b034927157a9],
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AdvancedSystemProtector_RASAPI32, , [affa5cd9127977bf10e4c6155ba906fa],
PUP.Optional.AdvancedSystemProtector, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AdvancedSystemProtector_RASMANCS, , [3277a78ef596ae88e014e9f2c63e3ec2],
PUP.Optional.FastPlayer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\FastPlayer_RASAPI32, , [fdac7cb9dbb04fe72b55435ecf3552ae],
PUP.Optional.FastPlayer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\FastPlayer_RASMANCS, , [2782fa3b92f90c2a710fb8e964a09868],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PCSUSpeedTest_RASAPI32, , [258448edc2c97db98b469546758fcb35],
PUP.Optional.PCSpeedUp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\PCSUSpeedTest_RASMANCS, , [72373203afdc1b1b8a4718c3ee1618e8],
PUP.Optional.ApplicationHosting, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Application Hosting.exe, , [684179bcb7d4f244544f088690745fa1],
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\Stpro.exe, , [1891260f97f4a98d4637459647bd5da3],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [5851ef4674174beb40372063ff05ec14],
PUP.Optional.SurfSlide, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update surf slide, , [b4f5d65f216aed496523b90ec440bf41],
PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\Cinema Plus v6V24.07-nv-ie, , [f6b31d18018abd79897aeab1ba4aaf51],
PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\HD Cinema Plus 1..7V15.03-nv-ie, , [228749ec513ac47251aab8e2a460768a],
PUP.Optional.MediaPlayerLtdEd, HKU\S-1-5-18\SOFTWARE\MediaPlayerLtdEd1.2-nv-ie, , [e0c90e276922e452685f1d92f21219e7],
PUP.Optional.WebProtector, HKU\S-1-5-21-1656143743-13120863-1912775482-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\kfecnpmgnlnbmipaogfhoacoioifjgko, , [02a787aef398d75fc1113a94768e9e62],
PUP.Optional.CrossRider, HKU\S-1-5-21-1656143743-13120863-1912775482-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\13641, , [763305309dee95a14ed7c5d650b4ae52],
PUP.Optional.CrossRider, HKU\S-1-5-21-1656143743-13120863-1912775482-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, , [a5045adbb4d71422cc59debd1ce8d12f],
PUP.Optional.CrossRider, HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\Cinema Plus v6V24.07-nv-ie, , [abfea98ce3a8132320e39704fd075fa1],
PUP.Optional.CrossRider, HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\HD Cinema Plus 1..7V15.03-nv-ie, , [3574f4414d3ecf6718e34d4dc044758b],
PUP.Optional.CrossRider, HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\HDCinemaPlus1..7V15.03, , [882143f25c2fc571dc1fdac064a03fc1],
PUP.Optional.InstallCore, HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\ICSW1.14, , [f0b9211454371a1cb1cf3377e1234fb1],
PUP.Optional.MediaPlayerLtdEd, HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\MediaPlayerLtdEd1.2, , [05a45ed7c9c270c63a8d09a60cf8f20e],
PUP.Optional.MediaPlayerLtdEd, HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\MediaPlayerLtdEd1.2-nv-ie, , [00a91e17ff8c8fa7cdfa8a2508fc16ea],
PUP.Optional.ClkApp, HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\CLKAPP, , [38716fc6ef9cfb3bb59a069052b20df3],
PUP.Optional.ShoppingHelper, HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\SMARTBAR, , [fcadc174701ba096e1c5d3ef90740af6],

Hodnoty databázy Registry: 18
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130738504429008312, , [60499b9a3f4c4beb6f74efdbf60e0ef2]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130738504429008312, , [f2b7f1447219d95d598aeedce71d4db3]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130738504429008312, , [a9000b2a95f67bbbaa39e3e762a241bf]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130738504429008312, , [4564cb6a3d4e072fb23176547a8a8c74]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130738504429008312, , [00a9fc39ccbf2d093da6438750b4926e]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130738504429008312, , [dacf33021f6c261027bce9e19a6a2bd5]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130738504429008312, , [486158dd0784bd7932b2e5e5bb49ae52]
PUP.Optional.3DBubbleSound, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|3D BubbleSound, "C:\Program Files\BubbleSound\3D BubbleSound.exe", , [5455d065eba0c96da6065c30bb492fd1]
PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|smrt, C:\Program Files (x86)\ProductUI\Startup.exe, , [0e9b5fd6bccf94a2095fa00d0103da26]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [28815bdac3c83204c6b15e2534d001ff]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [5851ef4674174beb40372063ff05ec14]
PUP.Optional.SonicSearch, HKU\S-1-5-21-1656143743-13120863-1912775482-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.sonic-search.com/?p=mKO_AwF ... earchTerms}, , [6049e94c7714ab8bd05aafdda95b03fd]
PUP.Optional.SonicSearch, HKU\S-1-5-21-1656143743-13120863-1912775482-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.sonic-search.com/?p=mKO_AwF ... earchTerms}, , [01a8ed48a3e813231317e2aa877de61a]
PUP.Optional.SnapDo, HKU\S-1-5-21-1656143743-13120863-1912775482-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, , [624703322566f5417bc5dbb15aaae020]
PUP.Optional.SonicSearch, HKU\S-1-5-21-1656143743-13120863-1912775482-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, http://feed.sonic-search.com/?p=mKO_AwF ... earchTerms}, , [7534a68f1d6ec472b811ebd99b697888]
PUP.Optional.ClkApp, HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\CLKAPP|u1, 3600, , [38716fc6ef9cfb3bb59a069052b20df3]
PUP.Optional.ClkApp, HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\CLKAPP|u2, 1800, , [d7d2062fc4c7dd591c33abeb2ed67888]
PUP.Optional.ShoppingHelper, HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\SMARTBAR|publisher, ShoppingHelper, , [fcadc174701ba096e1c5d3ef90740af6]

Údaje databázy Registry: 9
PUP.Optional.HttpBreaker, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp, Dobrá:)www.google.com), Zlá:)http://www.<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp),,[426770c5c7c4b2845cbaf788a75e7789]
PUP.Optional.HttpBreaker, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp, Dobrá:)www.google.com), Zlá:)http://www.<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp),,[5752a590c8c3d85eeb2be29d6b9a16ea]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Dobrá:){0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Zlá:){33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[07a280b5f19a57df457358243acb55ab]
PUP.Optional.HttpBreaker, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp, Dobrá:)www.google.com), Zlá:)http://www.<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp),,[adfc5bda8b00a88ebc5ab6c920e57987]
PUP.Optional.HttpBreaker, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp, Dobrá:)www.google.com), Zlá:)http://www.<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp),,[466370c5becd4beb17ffd5aa788d28d8]
PUP.Optional.SonicSearch, HKU\S-1-5-21-1656143743-13120863-1912775482-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://feed.sonic-search.com/?p=mKO_AwF ... earchTerms}, Dobrá:)www.google.com), Zlá:)http://feed.sonic-search.com/?p=mKO_AwF ... earchTerms}),,[cadf6fc657342b0bc64e6d11897cdf21]
PUP.Optional.SnapDo, HKU\S-1-5-21-1656143743-13120863-1912775482-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://feed.snapdo.com/?p=mKO_AwFzXIpYR ... TbdJlBtacj, Dobrá:)www.google.com), Zlá:)http://feed.snapdo.com/?p=mKO_AwFzXIpYR ... TbdJlBtacj),,[416846ef6823bc7a63e48df3040142be]
PUP.Optional.SonicSearch, HKU\S-1-5-21-1656143743-13120863-1912775482-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.sonic-search.com/?p=mKO_AwF ... earchTerms}, Dobrá:)www.google.com), Zlá:)http://feed.sonic-search.com/?p=mKO_AwF ... earchTerms}),,[e0c970c52c5f082e789cabd3b55002fe]
PUP.Optional.HttpBreaker, HKU\S-1-5-21-1656143743-13120863-1912775482-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www. html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp, Dobrá:)www.google.com), Zlá:)http://www.<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Frameset//EN"?type=hppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppppp),,[b5f4a19458333204a17283fcb1548b75]

Prie??inky: 21
PUP.Optional.BundleInstaller, C:\Users\Sulliroy\AppData\Roaming\0V1L2Z2Z1T1I1L1T, , [d8d111246b20053172592ce48083ad53],
PUP.Optional.BundleInstaller, C:\Users\Sulliroy\AppData\Roaming\0V1L2Z2Z1T1I1L1T\Internet Explorer 11 Packages, , [d8d111246b20053172592ce48083ad53],
PUP.Optional.DataMngr, C:\Users\Sulliroy\AppData\LocalLow\DataMngr, , [cbded2637f0c72c41f80b86203003ac6],
PUP.Optional.FastPlayer, C:\Users\Sulliroy\AppData\Local\com\FastPlayer.exe_Url_ypw5ldaz5xtubzl3ykl5vaw3nmhswq1q, , [cedb48ede5a6b680eb67a875c63d09f7],
PUP.Optional.FastPlayer, C:\Users\Sulliroy\AppData\Local\com\FastPlayer.exe_Url_ypw5ldaz5xtubzl3ykl5vaw3nmhswq1q\1.0.0.2, , [cedb48ede5a6b680eb67a875c63d09f7],
PUP.Optional.MagnoPlayer, C:\Users\Sulliroy\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar, , [03a6a095c6c5d066514954cfdc2705fb],
PUP.Optional.MagnoPlayer, C:\Users\Sulliroy\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar\2.1.2.10, , [03a6a095c6c5d066514954cfdc2705fb],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avaxvyyvyf, , [7b2e9a9bdeadea4ce55fd35a7c8707f9],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avayvxvaxc, , [505950e58704e3532d17e6473dc6f010],
PUP.Optional.RelevantKnowledge, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle, , [6148dd58d7b41521eef810279073a55b],
PUP.Optional.RelevantKnowledge, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0, , [6148dd58d7b41521eef810279073a55b],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\api, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\popupResource, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\userCode, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\icons, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\icons\actions, , [a30680b5414aa195e7b83286739254ac],

Súbory: 133
PUP.Optional.InstallCore, C:\Users\Sulliroy\AppData\Roaming\0V1L2Z2Z1T1I1L1T\Internet Explorer 11 Packages\uninstaller.exe, , [57520d28b4d7d85ece7c902e2fd2a060],
Adware.PremierOpinion, C:\Windows\System32\pmls64.dll, , [b2f75bda8506e6508a095e53a45c46ba],
Adware.PremierOpinion, C:\Windows\SysWOW64\pmls.dll, , [9d0c2a0b8ffc2e080093535ec0404cb4],
PUP.Optional.PrxySvrRST, C:\Windows\System32\drivers\mgjmm2n2ynm4bgr.sys, , [5a4fe84d7a11cd691ec05260c342758b],
PUP.Optional.PCSpeedUp, C:\Users\Sulliroy\Documents\PCSpeedUp-Silent-Update.exe, , [8f1afb3a90fb211571b9c8f821e0a45c],
PUP.Optional.AnyProtect, C:\Users\Sulliroy\AppData\Local\nsr714.tmp, , [3277d06596f5e551c7ba7121ed152fd1],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avaxvyyvyf\avaxvyyvyf.exe, , [e8c19f961c6fdc5ae618c28fed149d63],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avayvxvaxc\avayvxvaxc.exe, , [1d8c34013b50e650e41ab79ae21fd927],
PUP.Optional.SmartBar, C:\Windows\Installer\MSIAFD9.tmp-\Smartbar.Installer.CustomActions.dll, , [7d2c46ef1972e84e7e88de4d8f7117e9],
PUP.Optional.SmartBar, C:\Windows\Installer\MSI6EB3.tmp-\Smartbar.Installer.CustomActions.dll, , [6247f73e2665f73f31d543e8de22a15f],
PUP.Optional.SmartBar, C:\Windows\Installer\MSIF17B.tmp-\Smartbar.Installer.CustomActions.dll, , [acfd15200a81a78fce38ab8052aee818],
PUP.Optional.SearchProtect, C:\Windows\System32\Tasks\avaxvyyvyf, , [9217082d127987afc1a5ae1224e0c937],
PUP.Optional.SearchProtect, C:\Windows\System32\Tasks\avayvxvaxc, , [4762ef460883aa8c1e48fac63acae41c],
PUP.Optional.WebInstr, C:\Windows\System32\drivers\Msft_Kernel_webinstrNHK_01009.Wdf, , [5554f243375461d5c8d245894eb6758b],
PUP.Optional.Pakilan, C:\Users\Sulliroy\AppData\LocalLow\Microsoft\Internet Explorer\Services\Go_Palikan.ico, , [cfda7cb9d1ba96a0493059838d779967],
PUP.Optional.DataMngr, C:\Users\Sulliroy\AppData\LocalLow\DataMngr\{99BB1406-1CFB-488C-90D1-2D978E04F707}64, , [cbded2637f0c72c41f80b86203003ac6],
PUP.Optional.FastPlayer, C:\Users\Sulliroy\AppData\Local\com\FastPlayer.exe_Url_ypw5ldaz5xtubzl3ykl5vaw3nmhswq1q\1.0.0.2\user.config, , [cedb48ede5a6b680eb67a875c63d09f7],
PUP.Optional.MagnoPlayer, C:\Users\Sulliroy\AppData\Local\com\MagnoPlayer.exe_Url_1mhbegbsljequujxisnv3adbpqk4e3ar\2.1.2.10\user.config, , [03a6a095c6c5d066514954cfdc2705fb],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avaxvyyvyf\bahvxfk, , [7b2e9a9bdeadea4ce55fd35a7c8707f9],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avaxvyyvyf\mkfvxfk, , [7b2e9a9bdeadea4ce55fd35a7c8707f9],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avaxvyyvyf\pvpqbjobmlpfqlovvawq, , [7b2e9a9bdeadea4ce55fd35a7c8707f9],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avaxvyyvyf\qokvxfk, , [7b2e9a9bdeadea4ce55fd35a7c8707f9],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avaxvyyvyf\rfobmlpfqlovvawq, , [7b2e9a9bdeadea4ce55fd35a7c8707f9],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avaxvyyvyf\rpboobmlpfqlovvawq, , [7b2e9a9bdeadea4ce55fd35a7c8707f9],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avaxvyyvyf\stb.dat, , [7b2e9a9bdeadea4ce55fd35a7c8707f9],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avaxvyyvyf\ycfvxfk, , [7b2e9a9bdeadea4ce55fd35a7c8707f9],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avayvxvaxc\bahvxfk, , [505950e58704e3532d17e6473dc6f010],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avayvxvaxc\mkfvxfk, , [505950e58704e3532d17e6473dc6f010],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avayvxvaxc\pvpqbjobmlpfqlovvawq, , [505950e58704e3532d17e6473dc6f010],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avayvxvaxc\qokvxfk, , [505950e58704e3532d17e6473dc6f010],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avayvxvaxc\rfobmlpfqlovvawq, , [505950e58704e3532d17e6473dc6f010],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avayvxvaxc\rpboobmlpfqlovvawq, , [505950e58704e3532d17e6473dc6f010],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avayvxvaxc\stb.dat, , [505950e58704e3532d17e6473dc6f010],
PUP.Optional.SearchProtect, C:\Users\Sulliroy\AppData\Local\avayvxvaxc\ycfvxfk, , [505950e58704e3532d17e6473dc6f010],
PUP.Optional.RelevantKnowledge, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0\background.js, , [6148dd58d7b41521eef810279073a55b],
PUP.Optional.RelevantKnowledge, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0\contentscript.js, , [6148dd58d7b41521eef810279073a55b],
PUP.Optional.RelevantKnowledge, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0\manifest.json, , [6148dd58d7b41521eef810279073a55b],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\817e1f0efa12750db90548f3fb409145.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\5b31e0882ff5209293a0fc720d29102d.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\main.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\api\2497831e26d76b6878c40fe940028f2b.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\api\54247c0c3f47d84b82b4562a2f6cf1e7.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\api\7ed5ab1ac2972544580f2c80db406292.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\api\a9df1add4b84f7ac2e7080949b02f04e.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\api\c53a49e19bf5ee9e50b5c7ed21fcd95a.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\api\pageAction.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\app_api.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\106b689146e5c7fd2adb6c3f00950b25.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\55b959f410a5efd8c062260ac396e4c8.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\57c6ed44bd61977dfcea25c8e495362f.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\5ebca2530d2ce437cff0417b7d357d19.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\705bf3e741d5ac7b71cf4c7d0cb470ad.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\8661299f94738479ca4a3e53ed526553.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\9c6bc6ff46d57245dfe774389ee8cc4f.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\afbaf2295731c2ce06e56f6b49169522.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\b0fd05e723863b1762aaa752d59b6e29.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\c4cc5845eb83e1fc276af1bbfaf1274a.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\ddcacdd41c537b32a2e6785304710a50.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\e05ec0c20697449267ee1add446aed55.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\e13c245fc74d7c709f27927aa9cbd3a6.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\f944e9119a4f5fe9d0254213c30fdb2e.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\installer.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\popupResource\newPopup.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\js\lib\popupResource\popup.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\background.html, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\chromeCoreFilesIndex.txt, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\manifest.json, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\popup.html, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\Settings.json, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\manifest.xml, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins.json, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\281.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\102.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\119.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\123.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\13.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\14.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\17.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\178.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\179.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\180.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\184.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\19.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\195.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\200.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\220.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\221.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\223.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\231.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\232.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\234.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\242.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\246.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\252.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\253.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\260.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\262.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\263.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\264.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\273.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\286.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\288.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\289.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\300.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\334.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\335.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\339.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\345.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\354.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\356.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\375.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\379.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\380.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\385.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\388.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\389.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\390.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\391.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\4.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\47.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\64.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\7.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\78.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\80.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\9.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\91.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\93.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\plugins\97.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData\userCode\extension.js, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\icons\icon128.png, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\icons\icon16.png, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\icons\icon48.png, , [a30680b5414aa195e7b83286739254ac],
PUP.Optional.CrossRider, C:\Users\Sulliroy\AppData\Roaming\Opera Software\Opera Stable\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\icons\actions\1.png, , [a30680b5414aa195e7b83286739254ac],

Fyzický sektory: 0
(Žiadne zákernej položky neboli zistené)

(end)

#12 Příspěvek od **Rudy** » 29 zář 2015 21:37

Všechny nálezy smažte.

Mio · #13 Příspěvek od **Mio** » 30 zář 2015 16:18

Dobry den. Vsetko som to vymazal. PC bezi ovela lepsie, rychlejsie a konecne uz ziadne vyskakujuce okna a reklamy. Dakujem
Pridavam novy RSIT log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Sulliroy at 2015-09-30 17:16:33
WIN_7 Service Pack 1
System drive C: has 98 GB (49%) free of 202 GB
Total RAM: 4010 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:16:52, on 30.09.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Samsung\Easy Support Center\SSCKbdHk.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Sulliroy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
O4 - HKCU\..\Run: [OKAYFREEDOM_Update] "C:\Program Files (x86)\OkayFreedom\Updater.exe" --resume --verbosity silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://markettizer.net/as/ext/GetClasif ... 2&asv=2400
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://www.systweak.com/registryCleaner ... nstalled=0
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1001\..\Run: [OKAYFREEDOM_Update] "C:\Program Files (x86)\OkayFreedom\Updater.exe" --resume --verbosity silent (User '?')
O4 - HKUS\S-1-5-21-1656143743-13120863-1912775482-1001\..\RunOnce: [Application Restart #1] C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://markettizer.net/as/ext/GetClasif ... 2&asv=2400 (User '?')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9574 bytes

======Listing Processes======

======Scheduled tasks folder======

C:\windows\tasks\AVG_SYS_TASK_0615pit_DELETE.job - C:\ProgramData\Avg_Update_0615pit\AVG-Secure-Search-Update_0615pit.exe /CMPID=0615pit /CMPN_DELETE_ALL
C:\windows\tasks\AVG_SYS_TASK_0615pit_VALID.job - C:\ProgramData\Avg_Update_0615pit\AVG-Secure-Search-Update_0615pit.exe /CNFG_UNVALIDATED /CMPID=0615pit /RUNBY=AV /USERINFO=1 /INFORETRY=3 /CNFG_UNVALIDATED

=========Mozilla firefox=========

ProfilePath - C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.sk/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Users\Sulliroy\AppData\Roaming\Mozilla\Firefox\Profiles\np60q26u.default\searchplugins\
Google.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-07-12 12558440]
"IgfxTray"=C:\windows\system32\igfxtray.exe [2011-07-18 168216]
"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2011-07-18 391960]
"Persistence"=C:\windows\system32\igfxpers.exe [2011-07-18 418584]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OKAYFREEDOM_Update"=C:\Program Files (x86)\OkayFreedom\Updater.exe --resume --verbosity silent []
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-09-17 57872912]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://markettizer.net/as/ext/GetClasif ... 2&asv=2400 []
"Application Restart #0"=C:\Users\Sulliroy\AppData\Local\BoBrowser\Application\bobrowser.exe --flag-switches-begin --flag-switches-end --restore-last-session -- http://www.systweak.com/registryCleaner ... nstalled=0 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartWeb]
C:\Users\Sulliroy\AppData\Local\SmartWeb\SmartWebHelper.exe []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"=C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe [2010-09-20 87336]
"CLMLServer"=C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2009-11-02 103720]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-09-10 1125800]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-09-12 3804072]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"=C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [2015-06-18 54072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\windows\system32\igfxdev.dll [2010-12-16 384000]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-09-30 17:16:33 ----D---- C:\rsit
2015-09-29 20:53:08 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2015-09-29 20:52:50 ----D---- C:\ProgramData\Malwarebytes
2015-09-29 20:52:50 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-29 20:52:50 ----A---- C:\windows\system32\drivers\mwac.sys
2015-09-29 20:52:50 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2015-09-29 20:52:50 ----A---- C:\windows\system32\drivers\mbam.sys
2015-09-29 19:52:10 ----RD---- C:\Program Files (x86)\Skype
2015-09-29 19:13:25 ----D---- C:\Users\Sulliroy\AppData\Roaming\Skype
2015-09-29 17:23:25 ----D---- C:\ProgramData\Avg_Update_0615pit
2015-09-28 20:36:09 ----D---- C:\Program Files\trend micro
2015-09-28 18:29:42 ----D---- C:\Users\Sulliroy\AppData\Roaming\AVG
2015-09-28 18:28:36 ----D---- C:\Program Files\Common Files\AV
2015-09-28 18:28:16 ----D---- C:\Users\Sulliroy\AppData\Roaming\TuneUp Software
2015-09-28 18:27:26 ----HD---- C:\$AVG
2015-09-28 18:20:59 ----D---- C:\ProgramData\Avg
2015-09-28 18:20:59 ----D---- C:\Program Files (x86)\AVG
2015-09-28 18:18:52 ----HD---- C:\ProgramData\Common Files
2015-09-28 18:18:52 ----D---- C:\ProgramData\MFAData
2015-09-27 15:09:15 ----D---- C:\Users\Sulliroy\AppData\Roaming\WinRAR
2015-09-27 15:08:55 ----D---- C:\Program Files\WinRAR
2015-09-27 14:39:13 ----D---- C:\ProgramData\UniqueId
2015-09-11 15:59:08 ----A---- C:\windows\system32\drivers\avgidsdrivera.sys
2015-09-11 15:50:48 ----A---- C:\windows\system32\UtcResources.dll
2015-09-11 15:50:48 ----A---- C:\windows\system32\diagtrack.dll
2015-09-05 12:25:07 ----D---- C:\AdwCleaner
2015-09-05 12:05:44 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

======List of files/folders modified in the last 1 month======

2015-09-30 17:16:32 ----SHD---- C:\System Volume Information
2015-09-30 17:15:59 ----D---- C:\windows\Temp
2015-09-30 06:29:21 ----D---- C:\windows\winsxs
2015-09-30 06:29:21 ----D---- C:\windows\System32
2015-09-30 06:28:41 ----D---- C:\windows\SysWOW64
2015-09-30 06:28:41 ----D---- C:\windows\system32\Tasks
2015-09-30 06:28:41 ----D---- C:\windows\system32\drivers
2015-09-29 20:52:50 ----HD---- C:\ProgramData
2015-09-29 20:52:50 ----D---- C:\Program Files (x86)
2015-09-29 20:50:59 ----D---- C:\windows\system32\config
2015-09-29 20:50:34 ----D---- C:\windows\Tasks
2015-09-29 20:40:57 ----D---- C:\windows\system32\wdi
2015-09-29 20:39:56 ----D---- C:\windows\Prefetch
2015-09-29 19:52:38 ----SHD---- C:\windows\Installer
2015-09-29 19:52:38 ----D---- C:\ProgramData\Skype
2015-09-29 19:52:37 ----SHD---- C:\Config.Msi
2015-09-29 19:52:11 ----D---- C:\Program Files (x86)\Common Files
2015-09-29 19:03:55 ----D---- C:\Windows
2015-09-29 19:03:55 ----D---- C:\ProgramData\Norton
2015-09-29 19:03:55 ----D---- C:\Program Files (x86)\Norton 360
2015-09-29 18:59:15 ----D---- C:\Program Files\Common Files\Symantec Shared
2015-09-29 18:56:55 ----D---- C:\ProgramData\NortonInstaller
2015-09-29 18:30:04 ----D---- C:\Program Files (x86)\Opera
2015-09-29 17:19:19 ----D---- C:\windows\system32\LogFiles
2015-09-28 20:36:09 ----RD---- C:\Program Files
2015-09-28 18:29:34 ----D---- C:\Program Files (x86)\proGames Companion
2015-09-28 18:29:29 ----D---- C:\Program Files (x86)\Gaming Companion
2015-09-28 18:28:36 ----D---- C:\Program Files\Common Files
2015-09-28 17:53:00 ----D---- C:\windows\inf
2015-09-27 11:26:23 ----D---- C:\windows\system32\NDF
2015-09-12 21:00:30 ----D---- C:\windows\Microsoft.NET
2015-09-12 20:14:06 ----D---- C:\windows\debug
2015-09-12 19:51:15 ----D---- C:\windows\system32\MRT
2015-09-11 15:38:42 ----D---- C:\windows\system32\catroot2
2015-09-11 14:19:21 ----D---- C:\windows\SYSWOW64\LogFiles
2015-09-11 13:49:49 ----D---- C:\windows\tracing
2015-09-07 21:22:21 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2015-09-07 20:29:01 ----SD---- C:\ProgramData\Microsoft
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\wbem
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\Setup
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\oobe
2015-09-05 21:29:22 ----D---- C:\windows\SYSWOW64\com
2015-09-05 21:29:22 ----D---- C:\windows\system32\wfp
2015-09-05 21:29:22 ----D---- C:\windows\system32\wbem
2015-09-05 21:29:22 ----D---- C:\windows\system32\Setup
2015-09-05 21:29:22 ----D---- C:\windows\system32\oobe
2015-09-05 21:29:22 ----D---- C:\windows\system32\Msdtc
2015-09-05 21:29:22 ----D---- C:\windows\system32\DriverStore
2015-09-05 21:29:22 ----D---- C:\windows\system32\com
2015-09-05 21:29:22 ----D---- C:\windows\IME
2015-09-05 21:29:21 ----RSD---- C:\windows\Fonts
2015-09-05 21:29:04 ----D---- C:\ProgramData\WinClon
2015-09-05 21:28:21 ----D---- C:\windows\registration
2015-09-05 12:05:43 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-09-04 22:31:49 ----D---- C:\windows\SoftwareDistribution
2015-09-04 22:17:55 ----SD---- C:\Users\Sulliroy\AppData\Roaming\Microsoft
2015-09-04 21:42:14 ----D---- C:\windows\system32\catroot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\windows\system32\DRIVERS\avgidsha.sys [2015-08-20 298416]
R0 Avgloga;AVG Logging Driver; C:\windows\system32\DRIVERS\avgloga.sys [2015-08-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\windows\system32\DRIVERS\avgmfx64.sys [2015-08-10 251312]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\windows\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-02-18 439320]
R0 nvpciflt;nvpciflt; C:\windows\system32\DRIVERS\nvpciflt.sys [2011-06-05 25960]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 Avgdiska;AVG Disk Driver; C:\windows\system32\DRIVERS\avgdiska.sys [2015-08-10 197040]
R1 AVGIDSDriver;AVGIDSDriver; C:\windows\system32\DRIVERS\avgidsdrivera.sys [2015-09-11 312752]
R1 Avgldx64;AVG AVI Loader Driver; C:\windows\system32\DRIVERS\avgldx64.sys [2015-08-10 293296]
R1 Avgtdia;AVG TDI Driver; C:\windows\system32\DRIVERS\avgtdia.sys [2015-08-28 301488]
R1 SABI;SAMSUNG Kernel Driver For Windows 7; \??\C:\windows\system32\Drivers\SABI.sys [2011-07-30 13824]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2011-01-25 60416]
R2 SGDrv;SGDrv; C:\windows\system32\DRIVERS\SGdrv64.sys [2011-04-11 7680]
R3 ETD;ELAN PS/2 Port Input Device; C:\windows\system32\DRIVERS\ETD.sys [2012-03-12 242992]
R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [2010-12-16 12256512]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys [2011-07-12 2917096]
R3 IntcDAud;Intel(R) Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2011-12-01 11417088]
R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2011-04-22 471144]
S3 AthBTPort;Atheros Virtual Bluetooth Class; C:\windows\system32\DRIVERS\btath_flt.sys []
S3 athr;Atheros Extensible Wireless LAN device driver; C:\windows\system32\DRIVERS\athrx.sys [2011-12-12 2797056]
S3 atikmdag;atikmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2009-07-13 5020672]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\windows\system32\drivers\btath_a2dp.sys []
S3 BTATH_BUS;Atheros Bluetooth Bus; C:\windows\system32\DRIVERS\btath_bus.sys []
S3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\windows\system32\DRIVERS\btath_hcrp.sys []
S3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\windows\system32\DRIVERS\btath_lwflt.sys []
S3 BTATH_RCP;Bluetooth AVRCP Device; C:\windows\system32\DRIVERS\btath_rcp.sys []
S3 BtFilter;BtFilter; C:\windows\system32\DRIVERS\btfilter.sys []
S3 BthEnum;Bluetooth-Anforderungsblocktreiber; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth-Porttreiber; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;USB-Treiber für Bluetooth-Funkgerät; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 clwvd;CyberLink WebCam Virtual Driver; C:\windows\system32\DRIVERS\clwvd.sys []
S3 EraserUtilDrv11311;EraserUtilDrv11311; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11311.sys []
S3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2015-06-18 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2015-06-18 63704]
S3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-09-12 3793392]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-09-10 1042344]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-09-12 595832]
R2 NVSvc;NVIDIA Driver Helper Service; C:\windows\system32\nvvsvc.exe [2011-06-04 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-06-05 1997416]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-12-01 244904]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-07 269000]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-09-12 603120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2015-01-12 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-08-26 149160]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

#14 Příspěvek od **Rudy** » 30 zář 2015 20:23

Log je OK. Nemáte zač!

VIRY.CZ

nemecky ntb - problem

nemecky ntb - problem

Re: nemecky ntb - problem

Re: nemecky ntb - problem

Re: nemecky ntb - problem

Re: nemecky ntb - problem

Re: nemecky ntb - problem

Re: nemecky ntb - problem

Re: nemecky ntb - problem

Re: nemecky ntb - problem

Re: nemecky ntb - problem

Re: nemecky ntb - problem

Re: nemecky ntb - problem

Re: nemecky ntb - problem

Re: nemecky ntb - problem