VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

goodle.su co to je ???

https://forum.viry.cz:443/viewtopic.php?t=150029

Stránka 1 z 1

goodle.su co to je ???

Napsal: 18 zář 2016 09:56
od dany007119966
:x :x cawte z nicoho nic toto neviem odstranit presiel som aj pc s rsit a combofix a stale to nabieha pri kazdom spusteni firefoxu a chrome ale ak sa prekliknem na ikonu domu domovska stranka tak mi normal nabehne http://www.google.sk a aj vyhladavanie ide OK
ktoru mam aj ako dom. nastavenu tak stale nechapem co za p...ina to nabieha

mozte mi nejako pomoct ako to odstranit ? inak v nastaveniach oboch prehliadacov to ani vo vyhlad. nastrojoch nie je a vsade je normal nastaveny ako vyhlad nastroj google.

screen

Obrázek

diki za pomoc chlapi

log RSIT


Logfile of random's system information tool 1.10 (written by random/random)
Run by Dany at 2016-09-18 10:25:38
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 45 GB (61%) free of 74 GB
Total RAM: 2038 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:26:23, on 18. 9. 2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18450)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Windows\PixArt\PAC207\Monitor.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskhost.exe
C:\Users\Dany\Desktop\RSIT.exe
C:\Program Files\trend micro\Dany.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Kies3PDLR.exe] C:\Program Files\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe Run Kies3
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stiahnuť s Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O9 - Extra 'Tools' menuitem: Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\PROGRA~1\PCTRAN~1\webie.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: WSAllMyTubechrome - (no CLSID) - (no file)
O18 - Protocol: WSWSVCUchrome - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files\Wondershare\WAF\2.2.4.1\WsAppService.exe

--
End of file - 6085 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job - C:\Windows\system32\Macromed\Flash\FlashUtil32_23_0_0_162_pepper.exe -check pepperplugin
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Dany\AppData\Roaming\Mozilla\Firefox\Profiles\srgx2enq.default

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "https://www.google.sk/"

"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.162 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf]
"Description"=
"Path"=C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.102.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.102.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2016-09-06 441400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-09-07 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-09-07 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PROGRA~1\PCTRAN~1\webie.dll [2004-05-13 319488]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-09-23 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-09-23 173592]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-09-23 150552]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-09-12 9107616]
"PAC207_Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2007-12-10 323584]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Kies3PDLR.exe"=C:\Program Files\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [2016-03-25 1023664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DelaypluginInstall]
C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PAC207_Monitor]
C:\Windows\PixArt\PAC207\Monitor.exe [2007-12-10 323584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL]
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2015-06-18 12336856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2016-08-17 29538432]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber]
C:\Users\Dany\AppData\Local\Viber\Viber.exe StartMinimized []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-09-23 218112]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\70584753.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\70584753.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=0xDD000000
"NoSimpleNetIDList"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=153

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"msacm.l3codecp"=l3codecp.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-09-18 10:25:38 ----D---- C:\rsit
2016-09-18 09:31:15 ----D---- C:\KVRT_Data
2016-09-18 07:43:29 ----D---- C:\Program Files\Trend Micro
2016-09-18 07:32:28 ----A---- C:\Windows\system32\CSVer.dll
2016-09-18 07:32:16 ----D---- C:\Intel
2016-09-18 07:24:18 ----D---- C:\ProgramData\Intel
2016-09-18 07:23:19 ----D---- C:\Users\Dany\AppData\Roaming\CrystalIdea Software
2016-09-18 07:03:46 ----D---- C:\Program Files\HomeDev
2016-09-17 10:34:47 ----D---- C:\ProgramData\BlueStacksSetup
2016-09-17 09:37:32 ----D---- C:\Users\Dany\AppData\Roaming\Leapdroid
2016-09-17 06:39:02 ----D---- C:\AdwCleaner
2016-09-15 11:29:45 ----A---- C:\Windows\system32\WSCM32.dll
2016-09-15 11:29:33 ----D---- C:\Program Files\Wondershare
2016-09-15 10:39:25 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-09-15 10:39:25 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-09-15 10:39:24 ----A---- C:\Windows\system32\smss.exe
2016-09-15 10:39:24 ----A---- C:\Windows\system32\schannel.dll
2016-09-15 10:39:24 ----A---- C:\Windows\system32\rpcrt4.dll
2016-09-15 10:39:24 ----A---- C:\Windows\system32\ntdll.dll
2016-09-15 10:39:24 ----A---- C:\Windows\system32\lsasrv.dll
2016-09-15 10:39:24 ----A---- C:\Windows\system32\kerberos.dll
2016-09-15 10:39:24 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-09-15 10:39:24 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-09-15 10:39:24 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-09-15 10:39:24 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-09-15 10:39:24 ----A---- C:\Windows\system32\csrsrv.dll
2016-09-15 10:39:24 ----A---- C:\Windows\system32\advapi32.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\wdigest.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\TSpkg.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\sspisrv.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\sspicli.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\srcore.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\srclient.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\secur32.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\rstrui.exe
2016-09-15 10:39:23 ----A---- C:\Windows\system32\rpchttp.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\ncrypt.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\msv1_0.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\msobjs.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\msaudite.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\lsass.exe
2016-09-15 10:39:23 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-09-15 10:39:23 ----A---- C:\Windows\system32\drivers\appid.sys
2016-09-15 10:39:23 ----A---- C:\Windows\system32\cryptbase.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\credssp.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\auditpol.exe
2016-09-15 10:39:23 ----A---- C:\Windows\system32\appidsvc.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-09-15 10:39:23 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-09-15 10:39:23 ----A---- C:\Windows\system32\appidapi.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\apisetschema.dll
2016-09-15 10:39:23 ----A---- C:\Windows\system32\adtschema.dll
2016-09-15 10:39:18 ----A---- C:\Windows\system32\oleaut32.dll
2016-09-15 10:39:17 ----A---- C:\Windows\system32\win32k.sys
2016-09-15 10:39:16 ----A---- C:\Windows\system32\user32.dll
2016-09-15 10:39:11 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-09-15 10:39:11 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-09-15 10:39:10 ----A---- C:\Windows\system32\urlmon.dll
2016-09-15 10:39:10 ----A---- C:\Windows\system32\occache.dll
2016-09-15 10:39:10 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-09-15 10:39:10 ----A---- C:\Windows\system32\jsproxy.dll
2016-09-15 10:39:10 ----A---- C:\Windows\system32\jscript9diag.dll
2016-09-15 10:39:10 ----A---- C:\Windows\system32\inseng.dll
2016-09-15 10:39:10 ----A---- C:\Windows\system32\ieUnatt.exe
2016-09-15 10:39:10 ----A---- C:\Windows\system32\iernonce.dll
2016-09-15 10:39:10 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-09-15 10:39:10 ----A---- C:\Windows\system32\iedkcs32.dll
2016-09-15 10:39:10 ----A---- C:\Windows\system32\ie4uinit.exe
2016-09-15 10:39:10 ----A---- C:\Windows\system32\dxtmsft.dll
2016-09-15 10:39:09 ----A---- C:\Windows\system32\msfeeds.dll
2016-09-15 10:39:09 ----A---- C:\Windows\system32\ieapfltr.dll
2016-09-15 10:39:08 ----A---- C:\Windows\system32\webcheck.dll
2016-09-15 10:39:08 ----A---- C:\Windows\system32\msrating.dll
2016-09-15 10:39:07 ----A---- C:\Windows\system32\wininet.dll
2016-09-15 10:39:07 ----A---- C:\Windows\system32\iesetup.dll
2016-09-15 10:39:07 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-09-15 10:39:06 ----A---- C:\Windows\system32\dxtrans.dll
2016-09-15 10:39:05 ----A---- C:\Windows\system32\ieui.dll
2016-09-15 10:39:05 ----A---- C:\Windows\system32\ieframe.dll
2016-09-15 10:39:03 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-09-15 10:39:03 ----A---- C:\Windows\system32\mshtmled.dll
2016-09-15 10:39:03 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-09-15 10:39:02 ----A---- C:\Windows\system32\iertutil.dll
2016-09-15 10:39:01 ----A---- C:\Windows\system32\mshtml.dll
2016-09-15 10:39:00 ----A---- C:\Windows\system32\jscript9.dll
2016-09-15 10:38:59 ----A---- C:\Windows\system32\vbscript.dll
2016-09-15 10:38:59 ----A---- C:\Windows\system32\jscript.dll
2016-09-15 10:38:53 ----A---- C:\Windows\system32\drivers\srvnet.sys
2016-09-15 10:38:53 ----A---- C:\Windows\system32\drivers\srv2.sys
2016-09-15 10:38:52 ----A---- C:\Windows\system32\drivers\srv.sys
2016-09-15 10:38:09 ----A---- C:\Windows\system32\inetcomm.dll
2016-09-15 10:38:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2016-09-15 10:38:09 ----A---- C:\Windows\system32\drivers\netio.sys
2016-09-15 10:38:08 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2016-09-15 10:38:08 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2016-09-15 10:38:07 ----A---- C:\Windows\system32\INETRES.dll
2016-09-15 10:20:58 ----D---- C:\Windows\system32\catroot2
2016-09-15 10:20:28 ----A---- C:\Windows\system32\msimsg.dll
2016-09-15 10:20:27 ----A---- C:\Windows\system32\wintrust.dll
2016-09-15 10:20:27 ----A---- C:\Windows\system32\cryptsvc.dll
2016-09-15 10:20:27 ----A---- C:\Windows\system32\cryptnet.dll
2016-09-15 10:20:27 ----A---- C:\Windows\system32\consent.exe
2016-09-15 10:20:26 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-09-15 10:20:26 ----A---- C:\Windows\system32\msiexec.exe
2016-09-15 10:20:25 ----A---- C:\Windows\system32\appinfo.dll
2016-09-15 10:20:24 ----A---- C:\Windows\system32\wups2.dll
2016-09-15 10:20:24 ----A---- C:\Windows\system32\wups.dll
2016-09-15 10:20:24 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-09-15 10:20:24 ----A---- C:\Windows\system32\olepro32.dll
2016-09-15 10:20:24 ----A---- C:\Windows\system32\msihnd.dll
2016-09-15 10:20:24 ----A---- C:\Windows\system32\asycfilt.dll
2016-09-15 10:20:21 ----A---- C:\Windows\system32\crypt32.dll
2016-09-15 10:20:14 ----A---- C:\Windows\system32\wuwebv.dll
2016-09-15 10:20:14 ----A---- C:\Windows\system32\wudriver.dll
2016-09-15 10:20:14 ----A---- C:\Windows\system32\wucltux.dll
2016-09-15 10:20:14 ----A---- C:\Windows\system32\wuaueng.dll
2016-09-15 10:20:14 ----A---- C:\Windows\system32\wuauclt.exe
2016-09-15 10:20:14 ----A---- C:\Windows\system32\wuapp.exe
2016-09-15 10:20:14 ----A---- C:\Windows\system32\wuapi.dll
2016-09-15 10:20:14 ----A---- C:\Windows\system32\msi.dll
2016-09-15 10:20:14 ----A---- C:\Windows\system32\authui.dll
2016-09-14 16:40:20 ----D---- C:\Windows\SoftwareDistribution
2016-09-14 16:33:34 ----A---- C:\Windows\system32\perfh01B.dat
2016-09-14 16:33:34 ----A---- C:\Windows\system32\perfc01B.dat
2016-09-13 18:17:14 ----D---- C:\ProgramData\Wondershare AllMyTube
2016-09-13 18:17:12 ----D---- C:\ProgramData\Wondershare Application Common Data
2016-09-13 18:00:37 ----D---- C:\Windows\Jaksta
2016-09-13 17:50:02 ----D---- C:\Downloads
2016-09-09 20:27:17 ----A---- C:\Windows\system32\FNTCACHE.DAT
2016-09-09 17:30:06 ----A---- C:\Windows\system32\drivers\idmwfp.sys
2016-09-07 20:12:01 ----A---- C:\Windows\system32\WindowsAccessBridge.dll
2016-09-07 18:36:24 ----D---- C:\Users\Dany\AppData\Roaming\JetBrains
2016-09-07 18:18:03 ----A---- C:\Windows\system32\javaws.exe
2016-09-07 15:44:33 ----D---- C:\ProgramData\AdFender
2016-09-07 11:59:55 ----D---- C:\Program Files\Common Files\Java
2016-09-05 13:42:30 ----D---- C:\Program Files\IrfanView
2016-09-05 12:03:28 ----A---- C:\Windows\system32\WinUSBCoInstaller.dll
2016-09-05 12:03:28 ----A---- C:\Windows\system32\WdfCoInstaller01007.dll
2016-09-05 08:48:05 ----A---- C:\Windows\system32\tbs.dll
2016-09-05 08:48:05 ----A---- C:\Windows\system32\fveapibase.dll
2016-09-05 08:48:05 ----A---- C:\Windows\system32\fveapi.dll
2016-09-05 08:47:42 ----A---- C:\Windows\system32\drivers\disk.sys
2016-09-05 08:47:41 ----A---- C:\Windows\system32\rpcss.dll
2016-09-05 08:47:39 ----A---- C:\Windows\system32\mtxoci.dll
2016-09-05 08:47:39 ----A---- C:\Windows\system32\msorcl32.dll
2016-09-05 08:47:32 ----A---- C:\Windows\system32\tzres.dll
2016-09-05 08:47:25 ----A---- C:\Windows\system32\webio.dll
2016-09-05 08:47:24 ----A---- C:\Windows\system32\invagent.dll
2016-09-05 08:47:24 ----A---- C:\Windows\system32\generaltel.dll
2016-09-05 08:47:24 ----A---- C:\Windows\system32\devinv.dll
2016-09-05 08:47:24 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-09-05 08:47:24 ----A---- C:\Windows\system32\centel.dll
2016-09-05 08:47:24 ----A---- C:\Windows\system32\appraiser.dll
2016-09-05 08:47:24 ----A---- C:\Windows\system32\aepic.dll
2016-09-05 08:47:24 ----A---- C:\Windows\system32\aeinv.dll
2016-09-05 08:47:24 ----A---- C:\Windows\system32\acmigration.dll
2016-09-05 08:47:23 ----A---- C:\Windows\system32\InkEd.dll
2016-09-05 05:47:38 ----A---- C:\Windows\system32\drivers\ssudmdm.sys
2016-09-05 05:47:32 ----A---- C:\Windows\system32\drivers\ssudbus.sys
2016-09-04 19:29:12 ----D---- C:\Users\Dany\AppData\Roaming\Wise Euask
2016-09-04 19:25:57 ----D---- C:\Users\Dany\AppData\Roaming\WiseUpdate
2016-09-04 19:00:32 ----D---- C:\Program Files\Mozilla Firefox
2016-09-04 17:12:52 ----D---- C:\Users\Dany\AppData\Roaming\Mozilla
2016-09-04 17:11:22 ----D---- C:\ProgramData\Foxit Software
2016-09-04 17:11:16 ----D---- C:\ProgramData\Foxit ContentPlatform
2016-08-24 08:27:02 ----A---- C:\Windows\system32\aswBoot.exe
2016-08-24 08:26:38 ----A---- C:\Windows\avastSS.scr

======List of files/folders modified in the last 1 month======

2016-09-18 10:19:24 ----D---- C:\Windows\system32\drivers
2016-09-18 10:13:21 ----D---- C:\Users\Dany\AppData\Roaming\uTorrent
2016-09-18 10:13:21 ----D---- C:\Users\Dany\AppData\Roaming\IDM
2016-09-18 10:13:12 ----D---- C:\Windows\inf
2016-09-18 10:13:04 ----D---- C:\Windows\Logs
2016-09-18 10:13:04 ----D---- C:\Windows
2016-09-18 10:13:02 ----D---- C:\Windows\Temp
2016-09-18 09:40:34 ----D---- C:\Program Files\Internet Explorer
2016-09-18 08:44:30 ----D---- C:\Users\Dany\AppData\Roaming\vlc
2016-09-18 08:04:51 ----D---- C:\Windows\System32
2016-09-18 07:58:41 ----D---- C:\Users\Dany\AppData\Roaming\Google Chrome Backup
2016-09-18 07:56:57 ----D---- C:\Program Files\Google Chrome Backup
2016-09-18 07:46:08 ----SHD---- C:\Windows\Installer
2016-09-18 07:45:55 ----SHD---- C:\System Volume Information
2016-09-18 07:43:29 ----RD---- C:\Program Files
2016-09-18 07:36:50 ----D---- C:\Windows\system32\catroot
2016-09-18 07:34:23 ----D---- C:\Windows\system32\directx
2016-09-18 07:32:51 ----D---- C:\Windows\system32\DriverStore
2016-09-18 07:32:28 ----D---- C:\Program Files\Intel
2016-09-18 07:31:48 ----D---- C:\ProgramData\Package Cache
2016-09-18 07:30:50 ----D---- C:\Windows\system32\Tasks
2016-09-18 07:24:38 ----D---- C:\Windows\winsxs
2016-09-18 07:24:34 ----D---- C:\Windows\system32\config
2016-09-18 07:24:18 ----HD---- C:\ProgramData
2016-09-18 06:49:57 ----D---- C:\Users\Dany\AppData\Roaming\Adobe
2016-09-18 06:27:06 ----A---- C:\Windows\win.ini
2016-09-17 17:34:02 ----D---- C:\Windows\system32\Macromed
2016-09-17 10:42:09 ----D---- C:\Windows\system32\LogFiles
2016-09-16 20:02:29 ----D---- C:\Users\Dany\AppData\Roaming\Skype
2016-09-16 07:56:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-09-15 20:00:02 ----D---- C:\Users\Dany\AppData\Roaming\DMCache
2016-09-15 14:57:40 ----D---- C:\ProgramData\Wondershare
2016-09-15 12:13:54 ----D---- C:\ProgramData\Wondershare Video Converter Ultimate
2016-09-15 10:44:31 ----D---- C:\Windows\system32\sk-SK
2016-09-15 10:44:31 ----D---- C:\Windows\system32\en-US
2016-09-15 10:44:31 ----D---- C:\Windows\system32\cs-CZ
2016-09-15 10:43:16 ----D---- C:\ProgramData\Microsoft Help
2016-09-14 15:15:30 ----D---- C:\Windows\system32\wbem
2016-09-14 15:15:30 ----D---- C:\Windows\system32\migration
2016-09-14 15:15:30 ----D---- C:\Windows\PolicyDefinitions
2016-09-14 13:27:55 ----D---- C:\Windows\Microsoft.NET
2016-09-14 12:20:41 ----D---- C:\Program Files\Microsoft Silverlight
2016-09-14 12:04:10 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-09-13 18:55:57 ----D---- C:\Program Files\Common Files\Wondershare
2016-09-13 18:08:04 ----SD---- C:\Users\Dany\AppData\Roaming\Microsoft
2016-09-13 13:44:43 ----D---- C:\Users\Dany\AppData\Roaming\Wise Disk Cleaner
2016-09-13 10:16:44 ----D---- C:\Program Files\TeamViewer
2016-09-13 08:03:49 ----D---- C:\Windows\Tasks
2016-09-12 08:00:55 ----D---- C:\Program Files\Java
2016-09-10 10:12:50 ----D---- C:\Program Files\Internet Download Manager
2016-09-09 20:27:28 ----D---- C:\Windows\debug
2016-09-09 19:39:35 ----D---- C:\Program Files\WinRAR
2016-09-07 12:00:02 ----D---- C:\ProgramData\Oracle
2016-09-07 11:59:55 ----D---- C:\Program Files\Common Files
2016-09-07 11:54:03 ----D---- C:\Users\Dany\AppData\Roaming\Foxit Software
2016-09-07 10:41:07 ----D---- C:\Program Files\CDBurnerXP
2016-09-05 09:40:51 ----D---- C:\Program Files\totalcmd
2016-09-05 09:07:37 ----D---- C:\Windows\system32\drivers\en-US
2016-09-05 09:07:37 ----D---- C:\Windows\system32\drivers\cs-CZ
2016-09-05 09:07:37 ----D---- C:\Windows\system32\appraiser
2016-09-05 09:07:37 ----D---- C:\Windows\AppPatch
2016-08-30 15:11:04 ----D---- C:\ProgramData\Skype
2016-08-30 15:10:59 ----RD---- C:\Program Files\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-08-24 60424]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-08-24 224616]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-08-24 35096]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-08-24 91232]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-09-13 735488]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-08-24 434144]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-08-24 92256]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-08-24 118664]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2016-08-05 143472]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-09-23 4808192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2015-06-18 3522264]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-08-24 34008]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-09-05 109184]
S3 jakstaVA;Digital Video Recorder; C:\Windows\system32\DRIVERS\jaksta_va.sys [2014-12-09 91784]
S3 PAC207;Trust 100K Series Webcam; C:\Windows\system32\DRIVERS\PFC027.SYS [2008-02-13 618112]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-09-05 147072]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]
S3 trufos;trufos; C:\Windows\system32\drivers\trufos.sys [2015-12-28 343456]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 usbrndis6;USB RNDIS6 Adapter; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 15872]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-08-24 197128]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FoxitReaderService;Foxit Reader Service; C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2016-08-05 1648840]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-07-22 754784]
R2 TeamViewer;TeamViewer 11; C:\Program Files\TeamViewer\TeamViewer_Service.exe [2016-08-25 7534864]
R2 WsAppService;Wondershare Application Framework Service; C:\Program Files\Wondershare\WAF\2.2.4.1\WsAppService.exe [2016-07-12 417792]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-07-14 107192]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-19 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14 270016]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-19 107848]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-01 102912]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2016-07-14 47288]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2016-07-14 136360]

-----------------EOF-----------------

Re: goodle.su co to je ???

Napsal: 18 zář 2016 10:14
od Rudy
Zdravím!
Jak je na to váš oper. systém s legalitou?

Re: goodle.su co to je ???

Napsal: 18 zář 2016 10:39
od dany007119966
win je OK

Re: goodle.su co to je ???

Napsal: 18 zář 2016 11:44
od Rudy
Udělejte následující sken:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:
CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s
a klikněte na >Prohledat<. Dejte oba logy.

Re: goodle.su co to je ???

Napsal: 18 zář 2016 14:26
od dany007119966
:oops: uz som to odj...l akurat nie som si isty ci je to uz z pc ven uplne

nasiel som v zlozke google chrome nieco ako

goodle.bat a chrome.exe bolo tam 2x

a vo firefoxe bolo taktiez firefox.exe 2x

tak som zmazal to bat a firefox. exe a chrome.exe

a po zmazani a spusteni ff a chromu uz normal nabehla dom stranka google.sk :) v obidvoch aj vyhladavac je OK

ale stale nechapem co je to za malware spyware alebo co to bolo ?

o chvilu pripojim log z OTL

Re: goodle.su co to je ???

Napsal: 18 zář 2016 16:50
od Rudy
OK.

Re: goodle.su co to je ???

Napsal: 19 zář 2016 06:44
od dany007119966
OTL logfile created on: 19. 9. 2016 6:43:11 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dany\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.18449)
Locale: 0000041b | Country: Slovenská republika | Language: SKY | Date Format: d. M. yyyy

1,99 Gb Total Physical Memory | 0,72 Gb Available Physical Memory | 36,16% Memory free
3,98 Gb Paging File | 2,56 Gb Available in Paging File | 64,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 72,66 Gb Total Space | 44,11 Gb Free Space | 60,71% Space Free | Partition Type: NTFS
Drive D: | 76,29 Gb Total Space | 55,27 Gb Free Space | 72,44% Space Free | Partition Type: NTFS

Computer Name: DANY-PC | User Name: Dany | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2016/09/19 06:42:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dany\Desktop\OTL.exe
PRC - [2016/09/14 02:38:40 | 000,967,496 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2016/09/12 14:04:29 | 009,107,616 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2016/08/25 14:21:21 | 007,534,864 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\TeamViewer_Service.exe
PRC - [2016/08/24 08:26:28 | 000,197,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2016/08/05 11:51:16 | 001,648,840 | ---- | M] (Foxit Software Inc.) -- C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
PRC - [2016/07/22 09:21:08 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) -- C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
PRC - [2016/07/12 16:20:38 | 000,417,792 | ---- | M] (Wondershare) -- C:\Program Files\Wondershare\WAF\2.2.4.1\WsAppService.exe
PRC - [2016/03/25 14:30:46 | 001,023,664 | ---- | M] (Samsung) -- C:\Program Files\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe
PRC - [2016/01/22 07:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2015/05/19 13:52:35 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2007/12/10 16:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\Windows\PixArt\PAC207\Monitor.exe


========== Modules (No Company Name) ==========

MOD - [2016/09/07 13:35:10 | 017,754,304 | ---- | M] () -- C:\Users\Dany\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.164\pepflashplayer.dll
MOD - [2016/09/06 12:00:38 | 005,197,312 | ---- | M] () -- C:\Users\Dany\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
MOD - [2016/09/06 12:00:36 | 000,147,456 | ---- | M] () -- C:\Users\Dany\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
MOD - [2016/08/24 08:26:29 | 000,169,064 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
MOD - [2016/06/25 20:16:31 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll


========== Services (SafeList) ==========

SRV - [2016/09/14 12:04:11 | 000,270,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2016/09/01 04:24:38 | 000,102,912 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2016/08/25 14:21:21 | 007,534,864 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\TeamViewer_Service.exe -- (TeamViewer)
SRV - [2016/08/24 08:26:28 | 000,197,128 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2016/08/05 11:51:16 | 001,648,840 | ---- | M] (Foxit Software Inc.) [Auto | Running] -- C:\Program Files\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe -- (FoxitReaderService)
SRV - [2016/07/25 12:36:12 | 000,324,224 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2016/07/22 09:21:08 | 000,754,784 | ---- | M] (DEVGURU Co., LTD.) [Auto | Running] -- C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe -- (ss_conn_service)
SRV - [2016/07/12 16:20:38 | 000,417,792 | ---- | M] (Wondershare) [Auto | Running] -- C:\Program Files\Wondershare\WAF\2.2.4.1\WsAppService.exe -- (WsAppService)
SRV - [2015/07/22 19:53:34 | 000,937,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\diagtrack.dll -- (DiagTrack)
SRV - [2013/05/27 06:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)


========== Driver Services (SafeList) ==========

DRV - [2016/09/13 13:24:33 | 000,735,488 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2016/09/05 05:47:38 | 000,147,072 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2016/09/05 05:47:32 | 000,109,184 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2016/08/24 08:26:59 | 000,224,616 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2016/08/24 08:26:59 | 000,118,664 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2016/08/24 08:26:58 | 000,434,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2016/08/24 08:26:58 | 000,092,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2016/08/24 08:26:58 | 000,091,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2016/08/24 08:26:58 | 000,060,424 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2016/08/24 08:26:58 | 000,034,008 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2016/08/24 08:26:26 | 000,035,096 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2016/08/05 16:04:22 | 000,143,472 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
DRV - [2015/12/28 19:01:37 | 000,343,456 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\trufos.sys -- (trufos)
DRV - [2014/12/09 04:58:34 | 000,091,784 | ---- | M] (e2eSoft) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jaksta_va.sys -- (jakstaVA)
DRV - [2013/10/02 02:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2013/02/12 05:32:45 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb80236.sys -- (usbrndis6)
DRV - [2012/08/23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2008/02/13 14:17:26 | 000,618,112 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PFC027.SYS -- (PAC207)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sk
IE - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A6 34 7A 5F 19 92 D0 01 [binary data]
IE - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 8E E2 4E AF 68 0E D2 01 [binary data]
IE - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
IE - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "SK"
FF - prefs.js..browser.search.hiddenOneOffs: "Azet,Atlas,DuckDuckGo,Dunaj,eBay,Slovnik.sk (EN-SK),Wikipédia (sk),Zoznam"
FF - prefs.js..browser.search.region: "SK"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "https://www.google.sk/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:48.0.2
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.102.2: C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.102.2: C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/08/24 08:27:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016/08/03 17:34:56 | 000,030,345 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Dany\AppData\Roaming\IDM\idmmzcc5 [2016/09/15 19:56:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016/08/03 17:34:56 | 000,030,345 | ---- | M] ()

[2016/09/04 17:12:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\Extensions
[2016/09/15 10:51:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\Firefox\Profiles\srgx2enq.default\extensions
[2016/09/08 19:28:13 | 000,023,373 | ---- | M] () (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\firefox\profiles\srgx2enq.default\extensions\firefox-hotfix@mozilla.org.xpi
[2016/09/04 21:04:24 | 000,047,575 | ---- | M] () (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\firefox\profiles\srgx2enq.default\extensions\jid1-6MGm94JnyY2VkA@jetpack.xpi
[2016/09/04 20:55:18 | 001,036,367 | ---- | M] () (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\firefox\profiles\srgx2enq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/09/05 19:18:15 | 000,006,321 | ---- | M] () (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\firefox\profiles\srgx2enq.default\features\{8e13b3a9-f87f-4c4c-85cd-8eb406b05ebd}\e10srollout@mozilla.org.xpi
[2016/09/05 19:18:15 | 000,781,661 | ---- | M] () (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\firefox\profiles\srgx2enq.default\features\{8e13b3a9-f87f-4c4c-85cd-8eb406b05ebd}\firefox@getpocket.com.xpi
[2016/09/05 19:18:16 | 002,034,437 | ---- | M] () (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\firefox\profiles\srgx2enq.default\features\{8e13b3a9-f87f-4c4c-85cd-8eb406b05ebd}\loop@mozilla.org.xpi
[2016/09/04 19:00:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions

O1 HOSTS File: ([2016/09/18 10:40:44 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WebTranslator) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC Translator\webie.dll ()
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000..\Run: [Kies3PDLR.exe] C:\Program Files\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe (Samsung)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 153
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSimpleNetIDList = 1
O7 - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Od&oslať do programu OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Stiahnuť s Mipony - file://C:\Program Files\MiPony\Browser\IEContext.htm File not found
O9 - Extra Button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: WebTran - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\Program Files\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : &Nastaviť prekladač - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\Program Files\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : Preložiť &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\Program Files\PC Translator\webie.dll ()
O9 - Extra 'Tools' menuitem : Preložiť &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\Program Files\PC Translator\webie.dll ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 217.23.254.124 217.23.254.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3746CE4-8F42-44AB-A303-964E33EDCDFF}: DhcpNameServer = 217.23.254.124 217.23.254.125
O18 - Protocol\Handler\WSAllMyTubechrome - No CLSID value found
O18 - Protocol\Handler\WSWSVCUchrome - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\System32\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin

========== Files/Folders - Created Within 30 Days ==========

[2016/09/19 06:42:54 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dany\Desktop\OTL.exe
[2016/09/19 06:37:19 | 001,493,984 | ---- | C] (SpeedyFox) -- C:\Users\Dany\speedyfox.exe
[2016/09/18 10:40:48 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2016/09/18 10:38:59 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Local\temp
[2016/09/18 10:30:34 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2016/09/18 10:30:34 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2016/09/18 10:30:34 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2016/09/18 10:30:02 | 000,000,000 | ---D | C] -- C:\Qoobox
[2016/09/18 10:29:41 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2016/09/18 10:25:38 | 000,000,000 | ---D | C] -- C:\rsit
[2016/09/18 07:56:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
[2016/09/18 07:43:29 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2016/09/18 07:32:28 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2016/09/18 07:32:16 | 000,000,000 | ---D | C] -- C:\Intel
[2016/09/18 07:25:46 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Local\Intel
[2016/09/18 07:24:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2016/09/18 07:23:19 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Roaming\CrystalIdea Software
[2016/09/18 07:06:41 | 000,000,000 | ---D | C] -- C:\Users\Dany\Documents\PatchCleanerBackup
[2016/09/18 07:04:34 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Local\HomeDev
[2016/09/18 07:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HomeDev
[2016/09/18 07:03:46 | 000,000,000 | ---D | C] -- C:\Program Files\HomeDev
[2016/09/17 10:34:47 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
[2016/09/17 09:37:32 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Roaming\Leapdroid
[2016/09/17 06:39:02 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2016/09/17 06:27:26 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2016/09/15 11:29:33 | 000,000,000 | ---D | C] -- C:\Program Files\Wondershare
[2016/09/15 10:39:25 | 004,000,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2016/09/15 10:39:25 | 003,944,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2016/09/15 10:39:24 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2016/09/15 10:39:23 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2016/09/15 10:39:23 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2016/09/15 10:39:23 | 000,262,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2016/09/15 10:39:23 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2016/09/15 10:39:23 | 000,146,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2016/09/15 10:39:23 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2016/09/15 10:39:23 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidpolicyconverter.exe
[2016/09/15 10:39:23 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2016/09/15 10:39:23 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidapi.dll
[2016/09/15 10:39:23 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2016/09/15 10:39:23 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2016/09/15 10:39:23 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appidcertstorecheck.exe
[2016/09/15 10:39:23 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2016/09/15 10:39:23 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2016/09/15 10:39:17 | 002,399,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2016/09/15 10:39:11 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016/09/15 10:39:11 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016/09/15 10:39:10 | 000,689,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016/09/15 10:39:10 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016/09/15 10:39:10 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016/09/15 10:39:10 | 000,416,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016/09/15 10:39:10 | 000,346,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016/09/15 10:39:10 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016/09/15 10:39:10 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2016/09/15 10:39:10 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016/09/15 10:39:10 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016/09/15 10:39:10 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016/09/15 10:39:09 | 002,724,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016/09/15 10:39:09 | 000,710,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016/09/15 10:39:09 | 000,692,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016/09/15 10:39:08 | 002,055,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016/09/15 10:39:08 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016/09/15 10:39:07 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016/09/15 10:39:07 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016/09/15 10:39:06 | 000,279,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016/09/15 10:39:05 | 000,476,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016/09/15 10:39:04 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016/09/15 10:39:03 | 001,155,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016/09/15 10:39:03 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016/09/15 10:39:00 | 004,607,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2016/09/15 10:38:09 | 000,240,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2016/09/15 10:38:08 | 000,187,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2016/09/15 10:38:07 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\INETRES.dll
[2016/09/15 10:20:58 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2
[2016/09/15 10:20:28 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msimsg.dll
[2016/09/15 10:20:27 | 000,105,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2016/09/15 10:20:26 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinSetupUI.dll
[2016/09/15 10:20:24 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msihnd.dll
[2016/09/15 10:20:24 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2016/09/15 10:20:24 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2016/09/15 10:20:24 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2016/09/15 10:20:24 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wu.upgrade.ps.dll
[2016/09/15 10:20:14 | 002,945,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2016/09/15 10:20:14 | 001,806,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\authui.dll
[2016/09/15 10:20:14 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2016/09/15 10:20:14 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2016/09/15 10:20:14 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2016/09/15 10:20:14 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2016/09/14 16:40:20 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2016/09/13 18:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Wondershare AllMyTube
[2016/09/13 18:17:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Wondershare Application Common Data
[2016/09/13 18:00:37 | 000,000,000 | ---D | C] -- C:\Windows\Jaksta
[2016/09/13 18:00:35 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Local\Jaksta_Technologies_Pty_L
[2016/09/13 17:50:02 | 000,000,000 | ---D | C] -- C:\Downloads
[2016/09/09 17:30:06 | 000,143,472 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
[2016/09/08 07:06:54 | 000,000,000 | ---D | C] -- C:\Users\Dany\.android
[2016/09/07 20:12:01 | 000,095,808 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2016/09/07 18:36:24 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Roaming\JetBrains
[2016/09/07 18:24:13 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Local\Android
[2016/09/07 18:18:03 | 000,269,888 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2016/09/07 15:44:33 | 000,000,000 | ---D | C] -- C:\ProgramData\AdFender
[2016/09/07 11:59:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2016/09/05 19:23:46 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2016/09/05 19:23:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
[2016/09/05 13:42:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
[2016/09/05 13:42:30 | 000,000,000 | ---D | C] -- C:\Program Files\IrfanView
[2016/09/05 12:03:28 | 001,121,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
[2016/09/05 12:03:28 | 000,589,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WinUSBCoInstaller.dll
[2016/09/05 08:48:05 | 000,355,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapi.dll
[2016/09/05 08:48:05 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fveapibase.dll
[2016/09/05 08:48:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tbs.dll
[2016/09/05 08:47:39 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msorcl32.dll
[2016/09/05 08:47:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2016/09/05 08:47:25 | 000,316,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2016/09/05 08:47:24 | 001,288,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\appraiser.dll
[2016/09/05 08:47:24 | 001,004,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aeinv.dll
[2016/09/05 08:47:24 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\generaltel.dll
[2016/09/05 08:47:24 | 000,461,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\devinv.dll
[2016/09/05 08:47:24 | 000,251,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\invagent.dll
[2016/09/05 08:47:24 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\centel.dll
[2016/09/05 08:47:24 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aepic.dll
[2016/09/05 08:47:24 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\acmigration.dll
[2016/09/05 08:47:24 | 000,037,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CompatTelRunner.exe
[2016/09/05 08:47:23 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\InkEd.dll
[2016/09/05 08:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2016/09/05 05:47:38 | 000,147,072 | ---- | C] (Samsung Electronics Co., Ltd.) -- C:\Windows\System32\drivers\ssudmdm.sys
[2016/09/05 05:47:32 | 000,109,184 | ---- | C] (Samsung Electronics Co., Ltd.) -- C:\Windows\System32\drivers\ssudbus.sys
[2016/09/04 21:09:13 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Local\Macromedia
[2016/09/04 19:29:12 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Roaming\Wise Euask
[2016/09/04 19:25:57 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Roaming\WiseUpdate
[2016/09/04 19:00:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2016/09/04 17:12:52 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Roaming\Mozilla
[2016/09/04 17:12:52 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Local\Mozilla
[2016/09/04 17:11:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Foxit Software
[2016/09/04 17:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Foxit ContentPlatform
[2016/09/04 17:11:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2016/09/04 15:23:52 | 000,000,000 | ---D | C] -- C:\Users\Dany\Documents\SelfMV
[2016/09/04 14:58:16 | 000,000,000 | ---D | C] -- C:\Users\Dany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
[2016/08/24 08:27:02 | 000,319,760 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2016/08/24 08:26:38 | 000,053,208 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr

========== Files - Modified Within 30 Days ==========

[2016/09/19 06:53:07 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2016/09/19 06:43:51 | 000,010,208 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/09/19 06:43:51 | 000,010,208 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/09/19 06:43:39 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2016/09/19 06:42:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dany\Desktop\OTL.exe
[2016/09/19 06:35:24 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2016/09/19 06:35:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2016/09/18 18:04:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2016/09/18 11:18:28 | 000,001,676 | ---- | M] () -- C:\Users\Dany\Desktop\chrome.lnk
[2016/09/18 10:40:44 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2016/09/18 08:02:00 | 168,750,586 | ---- | M] () -- C:\Users\Dany\Documents\chrome__18092016.gcb
[2016/09/18 07:22:30 | 000,687,537 | ---- | M] () -- C:\Users\Dany\speedyfox.zip
[2016/09/18 06:40:00 | 010,396,084 | ---- | M] () -- C:\Windows\REGBK00.ZIP
[2016/09/18 06:37:52 | 000,000,056 | ---- | M] () -- C:\Windows\Lic.xxx
[2016/09/17 17:34:08 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2016/09/17 06:38:58 | 003,861,056 | ---- | M] () -- C:\Users\Dany\AdwCleaner.exe
[2016/09/16 07:56:31 | 000,642,448 | ---- | M] () -- C:\Windows\System32\perfh005.dat
[2016/09/16 07:56:31 | 000,635,790 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2016/09/16 07:56:31 | 000,133,738 | ---- | M] () -- C:\Windows\System32\perfc005.dat
[2016/09/16 07:56:31 | 000,115,592 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2016/09/16 07:56:31 | 000,012,384 | ---- | M] () -- C:\Windows\System32\perfh01B.dat
[2016/09/16 07:56:31 | 000,004,188 | ---- | M] () -- C:\Windows\System32\perfc01B.dat
[2016/09/15 10:46:30 | 000,408,976 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2016/09/14 12:04:10 | 000,796,352 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2016/09/14 12:04:10 | 000,142,528 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2016/09/13 13:24:33 | 000,735,488 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsnx.sys
[2016/09/08 14:53:36 | 000,000,000 | ---- | M] () -- C:\Windows\System32\last.dump
[2016/09/07 11:59:23 | 000,269,888 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2016/09/07 11:59:23 | 000,095,808 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2016/09/05 05:47:38 | 000,147,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Windows\System32\drivers\ssudmdm.sys
[2016/09/05 05:47:32 | 000,109,184 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Windows\System32\drivers\ssudbus.sys
[2016/09/04 17:19:39 | 000,000,926 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 11.lnk
[2016/09/02 17:21:25 | 004,000,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2016/09/02 17:21:25 | 003,944,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2016/09/02 17:16:44 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2016/09/02 17:16:42 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setbcdlocale.dll
[2016/09/02 17:16:40 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rpchttp.dll
[2016/09/02 17:16:35 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2016/09/02 17:16:35 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msobjs.dll
[2016/09/02 17:16:34 | 000,146,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msaudite.dll
[2016/09/02 17:16:26 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2016/09/02 17:16:23 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\adtschema.dll
[2016/09/02 17:16:23 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appidapi.dll
[2016/09/02 17:16:23 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\apisetschema.dll
[2016/09/02 16:53:43 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appidpolicyconverter.exe
[2016/09/02 16:53:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\appidcertstorecheck.exe
[2016/09/02 16:53:18 | 000,050,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\auditpol.exe
[2016/09/02 16:51:23 | 000,262,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\rstrui.exe
[2016/09/02 16:49:03 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2016/09/01 20:41:05 | 000,346,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2016/09/01 05:18:32 | 002,724,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2016/09/01 05:17:37 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollectorres.dll
[2016/09/01 04:48:10 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2016/09/01 04:46:36 | 000,047,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwproxystub.dll
[2016/09/01 04:46:11 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2016/09/01 04:44:20 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MshtmlDac.dll
[2016/09/01 04:31:53 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2016/09/01 04:31:05 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2016/09/01 04:26:33 | 000,476,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2016/09/01 04:24:38 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieetwcollector.exe
[2016/09/01 04:24:16 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2016/09/01 04:23:43 | 000,620,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9diag.dll
[2016/09/01 04:14:50 | 000,667,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MsSpellCheckingFacility.exe
[2016/09/01 04:08:16 | 000,416,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2016/09/01 03:59:47 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\JavaScriptCollectionAgent.dll
[2016/09/01 03:57:39 | 000,091,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2016/09/01 03:53:30 | 000,168,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2016/09/01 03:48:26 | 000,279,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2016/09/01 03:31:30 | 000,689,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2016/09/01 03:30:29 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2016/09/01 03:29:35 | 001,155,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmlmedia.dll
[2016/09/01 03:29:30 | 002,055,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2016/09/01 03:24:36 | 004,607,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2016/09/01 02:42:43 | 000,710,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2016/08/31 17:46:31 | 014,905,338 | ---- | M] () -- C:\Users\Dany\Desktop\slovakia_sierpien_2016.pdf
[2016/08/24 08:26:59 | 000,224,616 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswVmm.sys
[2016/08/24 08:26:59 | 000,118,664 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2016/08/24 08:26:58 | 000,434,144 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2016/08/24 08:26:58 | 000,092,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2016/08/24 08:26:58 | 000,091,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2016/08/24 08:26:58 | 000,060,424 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRvrt.sys
[2016/08/24 08:26:58 | 000,034,008 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswHwid.sys
[2016/08/24 08:26:38 | 000,319,760 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2016/08/24 08:26:38 | 000,053,208 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2016/08/24 08:26:26 | 000,035,096 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswKbd.sys

========== Files Created - No Company Name ==========

[2016/09/18 15:23:31 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2016/09/18 11:18:28 | 000,001,676 | ---- | C] () -- C:\Users\Dany\Desktop\chrome.lnk
[2016/09/18 10:30:34 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2016/09/18 10:30:34 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2016/09/18 10:30:34 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2016/09/18 10:30:34 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2016/09/18 10:30:34 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2016/09/18 08:00:19 | 168,750,586 | ---- | C] () -- C:\Users\Dany\Documents\chrome__18092016.gcb
[2016/09/18 07:22:24 | 000,687,537 | ---- | C] () -- C:\Users\Dany\speedyfox.zip
[2016/09/18 06:38:47 | 010,396,084 | ---- | C] () -- C:\Windows\REGBK00.ZIP
[2016/09/17 06:38:56 | 003,861,056 | ---- | C] () -- C:\Users\Dany\AdwCleaner.exe
[2016/09/15 11:29:59 | 000,000,232 | ---- | C] () -- C:\Windows\System32\dllhost.exe.config
[2016/09/15 11:29:45 | 000,214,528 | ---- | C] () -- C:\Windows\System32\WSCM32.dll
[2016/09/14 16:33:34 | 000,012,384 | ---- | C] () -- C:\Windows\System32\perfh01B.dat
[2016/09/14 16:33:34 | 000,004,188 | ---- | C] () -- C:\Windows\System32\perfc01B.dat
[2016/09/14 14:23:10 | 000,000,094 | ---- | C] () -- C:\Users\Dany\Desktop\erase_cache.bat
[2016/09/13 08:03:49 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
[2016/09/12 17:33:21 | 1004,940,885 | ---- | C] () -- C:\Users\Dany\J100HXXU0AOJ1_J100HOXX0AOJ1_J100HXXU0AOJ1_Home.tar.md5
[2016/09/09 20:27:17 | 000,408,976 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2016/08/31 17:44:05 | 014,905,338 | ---- | C] () -- C:\Users\Dany\Desktop\slovakia_sierpien_2016.pdf
[2015/12/25 14:36:32 | 000,000,572 | ---- | C] () -- C:\Users\Dany\AppData\Roaming\AutoGK.ini
[2015/12/25 11:32:46 | 000,000,043 | -HS- | C] () -- C:\ProgramData\.zreglib
[2015/12/20 20:20:26 | 005,805,753 | ---- | C] () -- C:\Users\Dany\SM-J100H.zip
[2015/12/20 20:20:20 | 559,579,668 | ---- | C] () -- C:\Users\Dany\J100H_XXU0AOB4_OXE0AOB4_Repair_Firmwares_Tsar3000.com.zip
[2015/08/30 09:56:26 | 000,153,732 | ---- | C] () -- C:\Users\Dany\synček.jpg
[2015/08/30 09:55:52 | 000,112,957 | ---- | C] () -- C:\Users\Dany\Dany.jpg
[2015/07/11 09:31:50 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2015/07/11 09:29:35 | 005,804,772 | ---- | C] () -- C:\Windows\System32\drivers\rtvienna.dat
[2015/07/11 09:29:31 | 002,862,488 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2015/07/11 09:28:17 | 000,087,864 | ---- | C] () -- C:\Windows\System32\audioLibVc.dll
[2015/07/11 09:28:16 | 000,188,696 | ---- | C] () -- C:\Windows\System32\AcpiServiceVnA.dll
[2015/06/03 08:37:54 | 000,001,434 | ---- | C] () -- C:\Users\Dany\katzen-d1d9f8f00f0f84ad - odkaz.lnk
[2015/05/23 09:26:30 | 000,003,732 | ---- | C] () -- C:\Windows\wtran32.INI
[2015/05/23 09:26:21 | 000,002,685 | ---- | C] () -- C:\Windows\wdict32.INI
[2015/05/22 12:43:23 | 000,365,568 | ---- | C] () -- C:\Windows\System32\ZSHP1020.EXE
[2015/05/22 12:43:22 | 000,169,472 | ---- | C] () -- C:\Windows\System32\ZLhp1020.DLL
[2015/05/22 12:43:13 | 000,245,248 | ---- | C] () -- C:\Windows\System32\zshp1020s.dll
[2015/05/22 08:25:11 | 000,000,161 | ---- | C] () -- C:\Windows\AutoKMS.ini
[2015/05/19 12:11:26 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2015/05/19 12:10:36 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

========== ZeroAccess Check ==========

[2009/07/14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2016/01/22 08:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2015/12/26 11:59:15 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\15956
[2015/12/29 22:17:52 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\AVAST Software
[2016/01/02 10:55:54 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Canneverbe Limited
[2016/09/18 07:23:19 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\CrystalIdea Software
[2016/09/15 20:00:02 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\DMCache
[2016/01/02 11:10:52 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\EAC
[2016/09/07 11:54:03 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Foxit Software
[2016/09/18 10:13:21 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\IDM
[2016/09/07 18:36:24 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\JetBrains
[2015/12/25 16:16:19 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Jihosoft Video Converter
[2016/09/17 10:25:08 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Leapdroid
[2015/12/21 08:58:50 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Samsung
[2015/12/17 13:53:39 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\TeamViewer
[2016/09/18 11:40:05 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\uTorrent
[2016/09/13 13:44:43 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Wise Disk Cleaner
[2016/09/04 19:29:12 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Wise Euask
[2015/12/19 09:39:58 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Wise Registry Cleaner
[2016/09/13 13:44:02 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\WiseUpdate
[2015/12/27 10:02:06 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\XviD4PSP
[2015/06/06 18:40:41 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\YcanPDF
[2015/12/25 16:09:28 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}

========== Purity Check ==========



========== Custom Scans ==========

< >
[2009/07/14 06:53:46 | 000,032,512 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009/07/14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2015/05/19 11:52:05 | 000,000,920 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2015/05/19 11:52:06 | 000,000,924 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2015/12/14 13:41:21 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2016/09/13 08:03:49 | 000,000,892 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job

< >

< MD5 for: ATAPI.SYS >
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\erdnt\cache\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_a5025d31bee4647c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_df26d4d57fdef5b0\atapi.sys
[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_dfc9143c98e9a6c4\atapi.sys

< MD5 for: AUTOCHK.EXE >
[2009/07/14 03:14:12 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=41E4C8EBA464E7D6A5BA5E8827732AEB -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7600.16385_none_e1ca436d2314b860\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\System32\autochk.exe
[2010/11/20 14:16:54 | 000,668,160 | ---- | M] (Microsoft Corporation) MD5=F88A52EB62019D6A62FDD9E08034DBD8 -- C:\Windows\winsxs\x86_microsoft-windows-autochk_31bf3856ad364e35_6.1.7601.17514_none_e3fb573520033bfa\autochk.exe

< MD5 for: CDROM.SYS >
[2009/07/14 01:11:26 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BA6E70AA0E6091BC39DE29477D866A77 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7600.16385_none_5f7fb206051affbb\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\drivers\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\System32\DriverStore\FileRepository\cdrom.inf_x86_neutral_6381e09675524225\cdrom.sys
[2010/11/20 10:38:10 | 000,108,544 | ---- | M] (Microsoft Corporation) MD5=BE167ED0FDB9C1FA1133953C18D5A6C9 -- C:\Windows\winsxs\x86_cdrom.inf_31bf3856ad364e35_6.1.7601.17514_none_61b0c5ce02098355\cdrom.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2016/01/22 07:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\erdnt\cache\explorer.exe
[2016/01/22 07:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\explorer.exe
[2016/01/22 07:12:59 | 002,973,184 | ---- | M] (Microsoft Corporation) MD5=2A156D5EBF221EF2A6AE7CE452324DAC -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.19135_none_53a73c47d80e17a9\explorer.exe
[2011/02/26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2016/01/22 08:07:00 | 002,973,696 | ---- | M] (Microsoft Corporation) MD5=CEA6C2000AEC6CAF3CD6F3F73848E40A -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.23338_none_5433dbd6f129009f\explorer.exe

< MD5 for: HAL.DLL >
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\System32\hal.dll
[2010/11/20 14:29:53 | 000,194,432 | ---- | M] (Microsoft Corporation) MD5=1BF0D4727FDB437D513CFF8A9359C050 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7601.17514_none_ad305c8fb7ec5060\hal.dll
[2009/07/14 03:20:28 | 000,194,640 | ---- | M] (Microsoft Corporation) MD5=9A557EAE64ABAB3BA67A9BB035D24CB9 -- C:\Windows\winsxs\x86_microsoft-windows-hal_31bf3856ad364e35_6.1.7600.16385_none_aaff48c7bafdccc6\hal.dll

< MD5 for: SCECLI.DLL >
[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\erdnt\cache\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

< MD5 for: SERVICES.EXE >
[2015/04/13 05:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\erdnt\cache\services.exe
[2015/04/13 05:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\System32\services.exe
[2015/04/13 05:19:24 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=0780A42DBD7D9969F9BF4A19AA4285B5 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.18829_none_d1614ac32b8ec5cf\services.exe
[2009/07/14 03:14:36 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=5F1B6A9C35D3D5CA72D6D6FDEF9747D6 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_cf36168b2e9c967b\services.exe
[2015/04/11 05:53:55 | 000,259,072 | ---- | M] (Microsoft Corporation) MD5=97981140500E86E5BBAD7B76BA890146 -- C:\Windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7601.23033_none_d1d9ee0844ba1cc2\services.exe

< MD5 for: SVCHOST.EXE >
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\erdnt\cache\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/14 03:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe

< MD5 for: TCPIP.SYS >
[2009/07/14 03:19:10 | 001,285,712 | ---- | M] (Microsoft Corporation) MD5=2CC3D75488ABD3EC628BBB9A4FC84EFC -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7600.16385_none_b2f46875c7b9d667\tcpip.sys
[2010/11/20 14:30:12 | 001,290,112 | ---- | M] (Microsoft Corporation) MD5=37E8FA3779668837CA9E2C36D2415949 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_b5257c3dc4a85a01\tcpip.sys
[2014/04/05 04:25:01 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=5579DD18546999F5D0EC39D018726C6B -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18438_none_b513c4dfc4b513b9\tcpip.sys
[2015/05/19 13:52:52 | 001,309,120 | ---- | M] (Microsoft Corporation) MD5=6C4F3D92764FFA22D28061A4D9235446 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22444_none_b58e8eb0ddde6cf1\tcpip.sys
[2016/07/07 17:20:44 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C7E41209132B9CF084CCEA8593F61328 -- C:\Windows\erdnt\cache\tcpip.sys
[2016/07/07 17:20:44 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C7E41209132B9CF084CCEA8593F61328 -- C:\Windows\System32\drivers\tcpip.sys
[2016/07/07 17:20:44 | 001,309,928 | ---- | M] (Microsoft Corporation) MD5=C7E41209132B9CF084CCEA8593F61328 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.23496_none_b55a68e0de0544f5\tcpip.sys
[2015/05/19 13:52:52 | 001,294,272 | ---- | M] (Microsoft Corporation) MD5=CA59F7C570AF70BC174F477CFE2D9EE3 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.18254_none_b4fa2013c4c8ebf1\tcpip.sys
[2012/10/03 18:44:01 | 001,308,040 | ---- | M] (Microsoft Corporation) MD5=D490DD0A91B4EAC3B4EE08D11EE37C31 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22124_none_b5a428d6ddce3d9a\tcpip.sys
[2012/10/03 18:58:30 | 001,293,680 | ---- | M] (Microsoft Corporation) MD5=E23A56F843E2AEBBB209D0ACCA73C640 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17964_none_b4ef7439c4d0da52\tcpip.sys
[2014/04/05 04:16:21 | 001,310,144 | ---- | M] (Microsoft Corporation) MD5=EA47AB18E289333AB94397D77CA6E3A1 -- C:\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.22648_none_b59293a4dddacc9b\tcpip.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\erdnt\cache\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2014/07/16 04:56:14 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=4F37B93C14AEE313BEC52A23AFB15C2E -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22750_none_7224b2134c7555fa\winlogon.exe
[2014/07/17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\erdnt\cache\winlogon.exe
[2014/07/17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\System32\winlogon.exe
[2014/07/17 03:39:27 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=52449FD429D6053B78AE564DEF303870 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18540_none_71a5e34e334f9d18\winlogon.exe
[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2014/03/04 11:17:02 | 000,304,128 | ---- | M] (Microsoft Corporation) MD5=998507B046BA314CE8245364C686FA67 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_71da23b23327143c\winlogon.exe
[2014/03/04 12:39:02 | 000,304,640 | ---- | M] (Microsoft Corporation) MD5=D53972F87D850CD2EB4B29B60CAFDD77 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_7255f1994c4f8119\winlogon.exe

< >

< %systemroot%*.* /U /s >
[11 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[14 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[1 C:\Windows\SoftwareDistribution\Download\03d9e86c65a3e545e1c4b5fdbfefa3b9\*.tmp files -> C:\Windows\SoftwareDistribution\Download\03d9e86c65a3e545e1c4b5fdbfefa3b9\*.tmp -> ]

< %SYSTEMDRIVE%\*.exe >

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2015/12/26 11:59:15 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\15956
[2016/01/02 11:10:52 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\AccurateRip
[2016/09/18 06:49:57 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Adobe
[2015/12/29 22:17:52 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\AVAST Software
[2016/01/02 10:55:54 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Canneverbe Limited
[2016/09/18 07:23:19 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\CrystalIdea Software
[2016/01/06 19:29:00 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\DivX
[2016/09/15 20:00:02 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\DMCache
[2016/01/03 15:50:18 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\dvdcss
[2016/01/02 11:10:52 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\EAC
[2016/09/07 11:54:03 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Foxit Software
[2016/09/18 07:58:41 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Google Chrome Backup
[2015/05/19 11:45:06 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Identities
[2016/09/18 10:13:21 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\IDM
[2015/12/19 14:11:22 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\InstallShield
[2016/09/07 18:36:24 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\JetBrains
[2015/12/25 16:16:19 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Jihosoft Video Converter
[2016/09/17 10:25:08 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Leapdroid
[2015/12/14 07:42:52 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Macromedia
[2009/07/14 09:48:45 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Media Center Programs
[2016/09/13 18:08:04 | 000,000,000 | --SD | M] -- C:\Users\Dany\AppData\Roaming\Microsoft
[2016/09/04 17:12:57 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Mozilla
[2015/12/21 08:58:50 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Samsung
[2016/09/16 20:02:29 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Skype
[2015/12/27 16:51:27 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Sun
[2015/12/17 13:53:39 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\TeamViewer
[2016/09/18 11:40:05 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\uTorrent
[2016/09/18 19:39:37 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\vlc
[2015/06/02 17:55:19 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\WinRAR
[2016/09/13 13:44:43 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Wise Disk Cleaner
[2016/09/04 19:29:12 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Wise Euask
[2015/12/19 09:39:58 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\Wise Registry Cleaner
[2016/09/13 13:44:02 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\WiseUpdate
[2015/12/27 10:02:06 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\XviD4PSP
[2015/06/06 18:40:41 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\YcanPDF
[2015/12/25 16:09:28 | 000,000,000 | ---D | M] -- C:\Users\Dany\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}

< %APPDATA%\*.exe /s >
[2016/08/05 11:51:26 | 005,570,760 | ---- | M] (Foxit Corporation) -- C:\Users\Dany\AppData\Roaming\Foxit Software\Addon\Foxit Reader\FoxitReaderUpdater.exe
[2015/12/29 20:28:24 | 006,757,560 | ---- | M] (Tonec Inc.) -- C:\Users\Dany\AppData\Roaming\IDM\idmupdt.exe
[2016/09/15 09:57:06 | 000,158,000 | ---- | M] () -- C:\Users\Dany\AppData\Roaming\Mozilla\Firefox\Profiles\srgx2enq.default\FlashGot.exe
[2015/04/25 20:30:00 | 000,294,312 | ---- | M] (emc) -- C:\Users\Dany\AppData\Roaming\uTorrent\uninstall.exe
[2015/02/22 21:30:00 | 000,416,168 | ---- | M] (BitTorrent, Inc.) -- C:\Users\Dany\AppData\Roaming\uTorrent\utorrent.exe
[2016/08/24 15:33:54 | 001,381,624 | ---- | M] (WiseCleaner.com) -- C:\Users\Dany\AppData\Roaming\WiseUpdate\LiveUpdate.exe

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\Tasks\*.job >
[2016/09/17 17:34:08 | 000,000,892 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
[2016/09/19 07:04:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2016/09/19 06:35:24 | 000,000,920 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2016/09/19 06:43:39 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\system32\*.dll /lockedfiles >

< %systemroot%\system32\drivers\*.sys /3 >

< %systemroot%\system32\*.* /3 >
[2016/09/19 06:43:51 | 000,010,208 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2016/09/19 06:43:51 | 000,010,208 | -H-- | M] () -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2016/09/16 07:56:31 | 000,133,738 | ---- | M] () -- C:\Windows\system32\perfc005.dat
[2016/09/16 07:56:31 | 000,115,592 | ---- | M] () -- C:\Windows\system32\perfc009.dat
[2016/09/16 07:56:31 | 000,004,188 | ---- | M] () -- C:\Windows\system32\perfc01B.dat
[2016/09/16 07:56:31 | 000,642,448 | ---- | M] () -- C:\Windows\system32\perfh005.dat
[2016/09/16 07:56:31 | 000,635,790 | ---- | M] () -- C:\Windows\system32\perfh009.dat
[2016/09/16 07:56:31 | 000,012,384 | ---- | M] () -- C:\Windows\system32\perfh01B.dat
[2016/09/16 07:56:31 | 001,532,226 | ---- | M] () -- C:\Windows\system32\PerfStringBackup.INI

< %SYSTEMDRIVE%\*.exe >

< >

< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
"Kies3PDLR.exe" = C:\Program Files\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe Run Kies3 -- [2016/03/25 14:30:46 | 001,023,664 | ---- | M] (Samsung)

< >

< %PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5 >
[2016/09/04 19:00:39 | 000,392,136 | ---- | M] (Mozilla Corporation) MD5=728935A0F1E0D2C2B5EEC2F3A1280B9D -- C:\Program Files\Mozilla Firefox\firefox.exe

< %PROGRAMFILES%\Internet Explorer\iexplore.exe /md5 >
[2016/09/01 20:41:05 | 000,815,304 | ---- | M] (Microsoft Corporation) MD5=4CAF56618E7FA3EAEC06672C6810DBA7 -- C:\Program Files\Internet Explorer\iexplore.exe

< %PROGRAMFILES%\Opera\opera.exe /md5 >

< %PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5 >
[2016/09/14 02:38:40 | 000,967,496 | ---- | M] (Google Inc.) MD5=51EE1B50E5ABFB8A62374591AF251EB8 -- C:\Program Files\Google\Chrome\Application\chrome.exe

< >

< %SystemDrive%\PhysicalMBR.bin /md5 >
[2016/09/19 06:53:07 | 000,000,512 | ---- | M] () MD5=789F4283011F70A06D2F9C82B1B7D697 -- C:\PhysicalMBR.bin

< >

< *crack* /s >
[2016/09/14 19:27:37 | 000,000,110 | ---- | M] () -- \ProgramData\AVAST Software\Avast\SWCUData\Cache\InstallLocation\IDM Crack 6.25 build 15
[2016/09/14 19:27:37 | 000,000,110 | ---- | M] () -- \ProgramData\AVAST Software\Avast\SWCUData\Cache\InstallLocation\IDM Crack 6.26 build 1
[2016/09/14 19:27:37 | 000,000,110 | ---- | M] () -- \Users\All Users\AVAST Software\Avast\SWCUData\Cache\InstallLocation\IDM Crack 6.25 build 15
[2016/09/14 19:27:37 | 000,000,110 | ---- | M] () -- \Users\All Users\AVAST Software\Avast\SWCUData\Cache\InstallLocation\IDM Crack 6.26 build 1

< *keygen* /s >
[2015/08/26 14:57:38 | 000,057,829 | ---- | M] () -- \Users\Dany\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod\3.1.10_0\mega\keygen.js

< *loader* /s >
[2016/08/24 08:26:39 | 000,019,136 | ---- | M] () -- \Program Files\AVAST Software\Avast\setup\CRT\data\avast.vc140.crt\x86\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/07/25 14:34:11 | 001,400,496 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\1.51.2220.47\resources\bundled_extensions\video-downloader.crx
[2016/08/09 12:20:09 | 001,406,200 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\1.51.2220.53\resources\bundled_extensions\video-downloader.crx
[2016/08/09 12:20:09 | 001,406,200 | ---- | M] () -- \Program Files\AVAST Software\SZBrowser\resources\bundled_extensions\video-downloader.crx
[2014/09/03 00:27:24 | 000,268,432 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\VSTOLoader.dll
[2014/09/03 00:27:24 | 000,019,096 | ---- | M] () -- \Program Files\Common Files\microsoft shared\VSTO\10.0\1033\VSTOLoaderUI.dll
[2016/08/05 11:50:58 | 003,360,968 | ---- | M] () -- \Program Files\Foxit Software\Foxit Reader\plugins\PlgDynLoader.fpi
[2015/06/11 12:08:50 | 000,454,976 | ---- | M] () -- \Program Files\Samsung\Kies3\FirmwareUpdate\SM-J100H\BinaryLoaderMgr.exe
[2015/06/11 12:09:06 | 000,333,632 | ---- | M] () -- \Program Files\Samsung\Kies3\FirmwareUpdate\SM-J100H\DeviceDownloader.dll
[2015/08/26 14:57:38 | 000,018,950 | ---- | M] () -- \Users\Dany\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod\3.1.10_0\mega\js\downloader.js
[2015/07/14 16:15:32 | 000,003,208 | ---- | M] () -- \Users\Dany\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\skin\ajax-loader.gif
[2015/06/08 15:52:46 | 000,009,418 | ---- | M] () -- \Users\Dany\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.38_0\img\gifloader.gif
[2016/09/16 09:22:14 | 000,003,605 | ---- | M] () -- \Users\Dany\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.2.0_0\icons\loader.gif
[2016/09/16 09:22:14 | 000,003,208 | ---- | M] () -- \Users\Dany\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom\3.2.0_0\skin\ajax-loader.gif
[2016/03/04 14:07:40 | 000,000,000 | ---- | M] () -- \Users\Dany\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_osdownloader.org_0.localstorage-journal
[2016/03/18 00:24:26 | 000,003,584 | -H-- | M] () -- \Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\System32\dmloader.dll
[2009/07/14 06:54:01 | 000,003,532 | ---- | M] () -- \Windows\System32\Tasks\Microsoft\Windows\WindowsColorSystem\Calibration Loader
[2016/09/15 10:41:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_cs-cz_35c2a78474751f9a.manifest
[2016/09/15 10:41:50 | 000,034,536 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_cs-cz_35c2a78474751f9a_winload.exe.mui_3bc5b827
[2016/09/15 10:41:50 | 000,030,440 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_cs-cz_35c2a78474751f9a_winresume.exe.mui_ff8b5358
[2016/09/15 10:41:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_en-us_7918f2e05b6f7bf8.manifest
[2016/09/15 10:41:51 | 000,033,000 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_en-us_7918f2e05b6f7bf8_winload.exe.mui_3bc5b827
[2016/09/15 10:41:51 | 000,029,928 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_en-us_7918f2e05b6f7bf8_winresume.exe.mui_ff8b5358
[2016/09/15 10:41:57 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_5da6f30ce41285cd.manifest
[2016/09/15 10:41:57 | 000,534,816 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_5da6f30ce41285cd_winload.exe_75835076
[2016/09/15 10:41:57 | 000,470,704 | ---- | M] () -- \Windows\winsxs\Backup\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_5da6f30ce41285cd_winresume.exe_85cd1215
[2015/05/21 22:19:22 | 000,000,612 | ---- | M] () -- \Windows\winsxs\FileMaps\programdata_microsoft_diagnosis_asimovuploader_0413bca0c3dfdda4.cdf-ms
[2009/07/26 19:50:45 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_cs-cz_3318c4cd5e5d0f86.manifest
[2009/07/14 04:29:12 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7600.16385_en-us_766f102945576be4.manifest
[2015/02/03 05:54:10 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_cs-cz_352654f75b66aedd.manifest
[2015/02/03 05:16:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.18741_en-us_787ca05342610b3b.manifest
[2015/10/01 20:23:11 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_cs-cz_353bd0bd5b56a48b.manifest
[2015/10/01 19:55:39 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.19021_en-us_78921c19425100e9.manifest
[2015/01/13 00:09:15 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_cs-cz_35c59380747413ec.manifest
[2015/01/13 00:09:31 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22921_en-us_791bdedc5b6e704a.manifest
[2015/01/16 08:24:33 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_cs-cz_35c794147472469a.manifest
[2015/01/16 08:23:55 | 000,002,777 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22923_en-us_791ddf705b6ca2f8.manifest
[2015/02/03 06:04:47 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_cs-cz_35b6f5ae747dfd2f.manifest
[2015/02/03 05:36:49 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.22948_en-us_790d410a5b78598d.manifest
[2015/04/27 21:41:46 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_cs-cz_35aecb80748565b9.manifest
[2015/04/27 21:04:39 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23040_en-us_790516dc5b7fc217.manifest
[2015/05/25 20:50:50 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_cs-cz_35905c50749bec3a.manifest
[2015/05/25 20:11:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23072_en-us_78e6a7ac5b964898.manifest
[2015/07/15 05:32:43 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_cs-cz_35ca6efa746fc308.manifest
[2015/07/15 05:04:54 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23126_en-us_7920ba565b6a1f66.manifest
[2015/07/15 20:44:27 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_cs-cz_35bf9f0e7477def9.manifest
[2015/07/15 19:54:31 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23136_en-us_7915ea6a5b723b57.manifest
[2015/07/23 03:24:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_cs-cz_35b0cdfa7483958e.manifest
[2015/07/23 02:02:46 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23142_en-us_790719565b7df1ec.manifest
[2015/10/01 20:14:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23226_cs-cz_35ca70e0746fc02f.manifest
[2015/10/01 19:48:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23226_en-us_7920bc3c5b6a1c8d.manifest
[2015/10/20 03:19:05 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23250_cs-cz_35a3ff60748d7bf8.manifest
[2015/10/20 02:51:59 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23250_en-us_78fa4abc5b87d856.manifest
[2015/12/30 21:30:42 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_cs-cz_35d241d4746a5560.manifest
[2015/12/30 21:00:24 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23313_en-us_79288d305b64b1be.manifest
[2016/01/17 02:54:34 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23334_cs-cz_35bda2467479a699.manifest
[2016/01/17 02:22:02 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23334_en-us_7913eda25b7402f7.manifest
[2016/01/22 08:42:13 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_cs-cz_35c1a36e74760bf5.manifest
[2016/01/22 08:11:44 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23338_en-us_7917eeca5b706853.manifest
[2016/02/10 21:03:27 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23349_cs-cz_35b7d3cc747d413d.manifest
[2016/02/10 20:34:25 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23349_en-us_790e1f285b779d9b.manifest
[2016/03/16 21:09:18 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23391_cs-cz_3579c1e074ad023a.manifest
[2016/03/16 20:35:36 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23391_en-us_78d00d3c5ba75e98.manifest
[2016/03/18 01:01:03 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23392_cs-cz_357ac22a74ac1b91.manifest
[2016/03/18 00:34:51 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23392_en-us_78d10d865ba677ef.manifest
[2016/04/09 09:21:02 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_cs-cz_35d7452c7465d13a.manifest
[2016/04/09 09:00:21 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23418_en-us_792d90885b602d98.manifest
[2016/05/17 01:43:38 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23455_cs-cz_35a9049e7488f4f9.manifest
[2016/05/17 01:19:58 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23455_en-us_78ff4ffa5b835157.manifest
[2016/09/02 17:44:19 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_cs-cz_35c2a78474751f9a.manifest
[2016/09/02 17:23:56 | 000,002,883 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..os-loader.resources_31bf3856ad364e35_6.1.7601.23539_en-us_7918f2e05b6f7bf8.manifest
[2009/07/14 03:47:46 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7600.16385_none_5afd1055cdfa75b9.manifest
[2010/11/20 05:02:40 | 000,004,225 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.17514_none_5d2e241dcae8f953.manifest
[2015/02/03 05:32:58 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.18741_none_5d0aa07fcb041510.manifest
[2015/10/01 20:21:33 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.19021_none_5d201c45caf40abe.manifest
[2015/01/12 05:35:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22921_none_5da9df08e4117a1f.manifest
[2015/01/14 08:45:13 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22923_none_5dabdf9ce40faccd.manifest
[2015/02/03 05:54:42 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.22948_none_5d9b4136e41b6362.manifest
[2015/04/27 21:17:27 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23040_none_5d931708e422cbec.manifest
[2015/05/25 20:35:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23072_none_5d74a7d8e439526d.manifest
[2015/07/15 05:25:32 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23126_none_5daeba82e40d293b.manifest
[2015/07/15 20:16:39 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23136_none_5da3ea96e415452c.manifest
[2015/07/23 02:23:37 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23142_none_5d951982e420fbc1.manifest
[2015/10/01 20:05:19 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23226_none_5daebc68e40d2662.manifest
[2015/10/20 03:15:07 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23250_none_5d884ae8e42ae22b.manifest
[2015/12/30 21:23:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23313_none_5db68d5ce407bb93.manifest
[2016/01/17 02:43:34 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23334_none_5da1edcee4170ccc.manifest
[2016/01/22 08:39:54 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23338_none_5da5eef6e4137228.manifest
[2016/02/10 21:17:55 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23349_none_5d9c1f54e41aa770.manifest
[2016/03/16 21:02:45 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23391_none_5d5e0d68e44a686d.manifest
[2016/03/18 00:51:44 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23392_none_5d5f0db2e44981c4.manifest
[2016/04/09 09:16:41 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23418_none_5dbb90b4e403376d.manifest
[2016/05/17 01:45:20 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23455_none_5d8d5026e4265b2c.manifest
[2016/09/02 17:45:24 | 000,004,224 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_6.1.7601.23539_none_5da6f30ce41285cd.manifest
[2009/07/14 03:52:31 | 000,002,894 | ---- | M] () -- \Windows\winsxs\Manifests\x86_microsoft-windows-s..ive-blackbox-loader_31bf3856ad364e35_6.1.7600.16385_none_6b097e5cb26f7a23.manifest
[2016/06/07 20:06:17 | 000,019,136 | ---- | M] () -- \Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/08/01 16:12:00 | 000,019,136 | ---- | M] () -- \Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.24210.0_none_9e58d6f8311e6fc8\api-ms-win-core-libraryloader-l1-1-0.dll
[2009/07/14 03:15:12 | 000,038,400 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-audio-dmusic_31bf3856ad364e35_6.1.7600.16385_none_45ca7214f0f664cb\dmloader.dll
[2009/07/14 03:03:49 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.16385_none_0a884619dd2388ad\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:56:23 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.17179_none_0a96fc99dd17f16b\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:44:10 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7600.21386_none_0b12ca80f6405e48\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:45:15 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18015_none_0cba39e5da114d7c\api-ms-win-core-libraryloader-l1-1-0.dll
[2013/08/02 03:48:15 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18229_none_0cb36eedda15c917\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 05:08:08 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.18847_none_0c9bd9e5da27bd35\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/01/16 20:34:24 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19131_none_0ca08403da2536ca\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/01/22 07:59:07 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.19135_none_0ca4852bda219c26\api-ms-win-core-libraryloader-l1-1-0.dll
[2012/11/30 06:46:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22177_none_0d04f7bcf35dc79a\api-ms-win-core-libraryloader-l1-1-0.dll
[2014/04/12 04:03:37 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.22653_none_0d169feaf3511c1f\api-ms-win-core-libraryloader-l1-1-0.dll
[2015/05/09 07:34:47 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23049_none_0d274f66f343c2ef\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/01/17 02:09:50 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23334_none_0d2d2392f3401fc0\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/01/22 07:58:11 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23338_none_0d3124baf33c851c\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/03/16 20:23:40 | 000,003,584 | ---- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23391_none_0ce9432cf3737b61\api-ms-win-core-libraryloader-l1-1-0.dll
[2016/03/18 00:24:26 | 000,003,584 | -H-- | M] () -- \Windows\winsxs\x86_microsoft-windows-minkernelapinamespace_31bf3856ad364e35_6.1.7601.23392_none_0cea4376f37294b8\api-ms-win-core-libraryloader-l1-1-0.dll

< End of report >

Re: goodle.su co to je ???

Napsal: 19 zář 2016 09:29
od dany007119966
je to uz ok teraz ?

Re: goodle.su co to je ???

Napsal: 19 zář 2016 17:33
od Rudy
Musíme to vyčistit.

Spusťte znovu OTL jako správce.
Do spodniho okna vlozte nasledujici text:
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1310275976-3446344238-1033526978-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTer ... ORM=IESR02
FF - user.js - File not found
[2016/09/04 17:12:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\Extensions
[2016/09/15 10:51:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\Firefox\Profiles\srgx2enq.default\extensions
[2016/09/08 19:28:13 | 000,023,373 | ---- | M] () (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\firefox\profiles\srgx2enq.default\extensions\firefox-hotfix@mozilla.org.xpi
[2016/09/04 21:04:24 | 000,047,575 | ---- | M] () (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\firefox\profiles\srgx2enq.default\extensions\jid1-6MGm94JnyY2VkA@jetpack.xpi
[2016/09/04 20:55:18 | 001,036,367 | ---- | M] () (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\firefox\profiles\srgx2enq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2016/09/05 19:18:15 | 000,006,321 | ---- | M] () (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\firefox\profiles\srgx2enq.default\features\{8e13b3a9-f87f-4c4c-85cd-8eb406b05ebd}\e10srollout@mozilla.org.xpi
[2016/09/05 19:18:15 | 000,781,661 | ---- | M] () (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\firefox\profiles\srgx2enq.default\features\{8e13b3a9-f87f-4c4c-85cd-8eb406b05ebd}\firefox@getpocket.com.xpi
[2016/09/05 19:18:16 | 002,034,437 | ---- | M] () (No name found) -- C:\Users\Dany\AppData\Roaming\mozilla\firefox\profiles\srgx2enq.default\features\{8e13b3a9-f87f-4c4c-85cd-8eb406b05ebd}\loop@mozilla.org.xpi
[2016/09/04 19:00:41 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
O18 - Protocol\Handler\WSAllMyTubechrome - No CLSID value found
O18 - Protocol\Handler\WSWSVCUchrome - No CLSID value found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:files
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\ProgramData\DP45977C.lfl
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[RESETHOSTS]
[Purity]
[CreateRestorePoint]
Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

Příště nespouštějte bez pokynu rádce ComboFix. laik si jím snadno může poškodit systém.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz