Prosim o kontrolu logu,

[Rudy]

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Vše v pořádku?

[peter1207]

PC sa javi ok, avsak na chrome odvsadial vyskakuje reklama, po kliknuti na nejaky odkaz sa otvaraju nove karty s reklamou a po zapnuti chrome sa namiesto googlu otvori stranka www tecka v9 tecka com.
Na zaciatku to ale bolo cele pomalsie teraz uz je rychlost vcelku v poho...len tie reklami...skusal som aj cez nastavenia odstranit v9 ale stale sa to prehodi naspat. Skusim este raz.

[Rudy]

Zkuste ještě spustit Zoek:

Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

[peter1207]

Pc bol par hodin bez dozoru takze neviem co sa dialo.
Zatial ziadna zmena.
Ale toto je to co sme chceli?:

Zoek.exe v5.0.0.0 Updated 08-September-2015
Tool run by Uzivatel on so 12. 09. 2015 at 20:23:55,24.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Uzivatel\Desktop\zoek.exe [Scan all users] [Script inserted]

===== Runcheck 20:24:32,69 =====

--- Create Environment Variables 20:24:34,89
--- Create System Restore Point 20:24:44,53
--- Checking Input 20:25:05,67
--- Reset Hosts File 20:25:30,71
--- AU AppData Check 20:25:31,61
--- Remove From Windows Installer 20:25:37,39
--- Empty Folders Check 20:28:25,48
--- Registry HKLM Software Check 20:28:25,56
--- Quick Launch Shortcut Check 20:28:47,95
--- IE Startpage Check 20:28:56,56
--- Program Files DB Check 20:30:09,55
--- C:\Users\Default\AppData\Roaming DB Check 20:31:11,28
--- C:\Users\Default User\AppData\Roaming DB Check 20:31:11,28
--- C:\Users\Uzivatel\AppData\Roaming DB Check 20:31:11,28
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 20:31:11,28
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 20:31:11,28
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 20:31:11,28
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 20:31:11,28
--- C:\Users\Uzivatel DB Check 20:34:08,00
--- C:\PROGRA~3 DB Check 20:34:32,11
--- C:\Users\Default\AppData\Local DB Check 20:34:38,07
--- C:\Users\Default User\AppData\Local DB Check 20:34:38,07
--- C:\Users\Uzivatel\AppData\Local DB Check 20:34:38,07
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 20:34:38,07
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 20:34:38,07
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 20:34:38,07
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 20:34:38,07
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 20:36:40,11
--- C:\Users\Uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 20:36:53,44
--- Tasks DB Check 20:37:01,69
--- Downloads DB Check 20:37:06,99
--- C:\Users\Uzivatel\AppData\LocalLow DB Check 20:37:12,59
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 20:37:12,59
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 20:37:12,59
--- Tasks2 DB Check 20:37:52,43
--- Documents DB Check 20:38:30,84
--- C:\Users\Uzivatel\AppData\Roaming\Mozilla\Firefox\Profiles\j5dnmk9w.default DB Check 20:38:40,86
--- C:\Users\Public\Desktop DB Check 20:38:43,84
--- C:\Users\Uzivatel\Desktop DB Check 20:38:50,67
--- Services DB Check 20:39:04,35
--- FF prefs.js DB Check 20:39:54,26
--- Emptyclsid 20:40:55,37
--- Del by CLSID 20:40:59,95
--- Delete Services 20:42:00,19
--- Firefox Fix 20:42:23,78

[Rudy]

Nestalo se nic. Chrome zazálohujte pomocí ChromeBackup: http://www.stahuj.centrum.cz/internet_a ... me-backup/ . Pak chrome odinstalujte vč. jeho profilu. Znovu nainstalujte a zpět ze zálohy nakopírujte pouze záložky a hesla.

[peter1207]

Ok chrome odinstalovany a naistalovany, zaloha nebola potrebna, vidno mensiu zmenu-k lepsiemu.

[Rudy]

Jaký je ještě problém?

[peter1207]

obcas sa stranka prehodi na reklamu konkretne naskoci aliexpress, alibaba a ine reklamy ako sa stat milionarom a podobne blbosti, cele prostredie chromu je dost spomalene.
No a na mojom NTB zacalo robit to iste co tu.

[Rudy]

Nenatáhl jste si ze zálohy něco víc, než záložky a hesla? Toto byl kompletní reinstal Chrome a po něm by se to, co se před tím samo spouštělo, už spouštět nemělo.

[peter1207]

No skusim to este raz.

[Rudy]

OK.

[peter1207]

Opat sa ospravedlnujem z nedostatku casu som to opat zanedbal.
Avsak aj z toho dovodu ze nakoniec pomohol McAfee ktory problemy vyriesil.
Avsak moj NTB to vzal na seba a neviem sa toho zbavit.
Prosim teda o kontrolu logu:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Peto at 2015-11-13 15:33:52
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 426 GB (61%) free of 695 GB
Total RAM: 5996 MB (52% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:34:11, on 13. 11. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18098)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\common files\installshield\updateservice\isuspm.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\7\plugin.exe
C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\3\plugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\12\plugin.exe
C:\Program Files\trend micro\Peto.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchinterneat-a.akamaihd.net/h ... gdZ1xNJA==
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - (no file)
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [CorelDRAW Graphics Suite 11b] C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe /title="CorelDRAW Graphics Suite 12" /date=062515 serial=DR12CNC-8301292-WBN lang=CZ
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-2052928200-2571111480-1205333812-1000\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-2052928200-2571111480-1205333812-1000\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe
O8 - Extra context menu item: &Block This Image (ABP) - C:\Program Files (x86)\Adblock Pro\blockimg.html
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O8 - Extra context menu item: Odoslať obrázok do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odoslať stránku do &Zariadenia s rozhraním Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do rozhrania Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Odoslať do &Zariadenie s rozhraním Bluetooth... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Active File Monitor V9 (AdobeActiveFileMonitor9.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

--
End of file - 7080 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 27216320
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
\??\C:\Windows\system32\conhost.exe "-860626543-874630120928586721375651909-79924644717361609041963486943894244561
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
"C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe"
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe"
"C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe"
"C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\nvvsvc.exe -session -first
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe"
"C:\Windows\system32\GWX\GWX.exe"
taskeng.exe {85A8BA76-3E1B-4783-BEE4-3359C5EED65E}
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Nero\Update\NASvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"c:\program files (x86)\common files\installshield\updateservice\isuspm.exe" /scheduler
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding

"C:\Program Files (x86)\Common Files\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\updater.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugincontainer.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\5\plugin.exe" u
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\6\plugin.exe" u
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\7\plugin.exe" u
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\3\plugin.exe" u
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\8\plugin.exe" u
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugincontainer.exe"
u
"C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe" --comment Ng_ed7763cf-8d02-405c-84b2-b35f0846da61 --startvm d9b91db2-a01d-499d-b513-19f546d8d4dd
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\8\plugin.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\3\plugin.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\8\plugin.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\6\plugin.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\7\plugin.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\5\plugin.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\2\plugin.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\10\plugin.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\7\plugin.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\3\plugin.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=6196 --on-initialized-event-handle=560 --parent-handle=556
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5916.0.1239026016\1882935375" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,20,45 --disable-accelerated-video-decode --gpu-vendor-id=0x8086 --gpu-device-id=0x0116 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=8.15.10.2418 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="5916.4.1013307183\1373356756" --font-cache-shared-handle=3592 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="5916.6.2278042\1386659381" --font-cache-shared-handle=2340 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="5916.7.467469310\669386370" --font-cache-shared-handle=5348 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="5916.8.1839710318\82255568" --ppapi-flash-args=enable_hw_video_decode=1 --lang=sk --ignored=" --type=renderer " /prefetch:-632637702
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\8\plugin.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\12\plugin.exe"
"C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugins\12\plugin.exe"
taskeng.exe {FBC8D0DE-219F-4B95-AF47-525DAABB2CFF}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe67_ Global\UsGthrCtrlFltPipeMssGthrPipe67 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528
wmiadap.exe /R /T
"C:\Users\Peto\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="5916.15.260466880\631378787" --font-cache-shared-handle=6552 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials="*AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group6 pct:10f stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Postperiod_AnswersInSuggest_A5/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --disable-accelerated-video-decode --channel="5916.16.821000773\1559705490" --font-cache-shared-handle=3312 /prefetch:673131151

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-08 655480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-08 559624]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-06-21 167704]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-06-21 392472]
"Persistence"=C:\Windows\system32\igfxpers.exe [2011-06-21 416024]
"IntelTBRunOnce"=wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs []
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2011-04-05 2589992]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-03-10 11785832]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05 508240]
"Power Management"=C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2011-05-10 1831528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"=C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-06-16 221184]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"AdobeBridge"= []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"CorelDRAW Graphics Suite 11b"=C:\Program Files (x86)\Corel\Corel Graphics 12\Languages\CZ\Programs\Registration.exe [2004-06-22 729088]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-07 6133520]
"AdobeCS6ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2013-04-25 1075296]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.226\SSScheduler.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-06-10 389632]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-11-13 15:33:52 ----D---- C:\rsit
2015-11-13 15:33:52 ----D---- C:\Program Files\trend micro
2015-11-10 22:59:07 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-11-10 22:59:07 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-11-10 22:59:07 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-11-10 22:59:07 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-11-10 22:59:07 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-11-10 22:59:07 ----A---- C:\Windows\system32\wuwebv.dll
2015-11-10 22:59:07 ----A---- C:\Windows\system32\wups2.dll
2015-11-10 22:59:07 ----A---- C:\Windows\system32\wups.dll
2015-11-10 22:59:07 ----A---- C:\Windows\system32\wudriver.dll
2015-11-10 22:59:07 ----A---- C:\Windows\system32\wucltux.dll
2015-11-10 22:59:07 ----A---- C:\Windows\system32\wuaueng.dll
2015-11-10 22:59:07 ----A---- C:\Windows\system32\wuauclt.exe
2015-11-10 22:59:07 ----A---- C:\Windows\system32\wuapp.exe
2015-11-10 22:59:07 ----A---- C:\Windows\system32\wuapi.dll
2015-11-10 22:59:07 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-11-10 22:59:07 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-11-10 22:58:55 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-11-10 22:58:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-11-10 22:58:55 ----A---- C:\Windows\SYSWOW64\occache.dll
2015-11-10 22:58:55 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-11-10 22:58:55 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-11-10 22:58:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-11-10 22:58:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-11-10 22:58:55 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-11-10 22:58:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-11-10 22:58:55 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-11-10 22:58:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-10 22:58:55 ----A---- C:\Windows\system32\iernonce.dll
2015-11-10 22:58:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-11-10 22:58:55 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-11-10 22:58:55 ----A---- C:\Windows\system32\ie4uinit.exe
2015-11-10 22:58:54 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-11-10 22:58:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-11-10 22:58:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-11-10 22:58:53 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-11-10 22:58:53 ----A---- C:\Windows\system32\urlmon.dll
2015-11-10 22:58:53 ----A---- C:\Windows\system32\occache.dll
2015-11-10 22:58:53 ----A---- C:\Windows\system32\iedkcs32.dll
2015-11-10 22:58:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-11-10 22:58:52 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-11-10 22:58:52 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-11-10 22:58:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-11-10 22:58:52 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-11-10 22:58:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-11-10 22:58:52 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-11-10 22:58:52 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-10 22:58:52 ----A---- C:\Windows\system32\msfeeds.dll
2015-11-10 22:58:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-11-10 22:58:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-11-10 22:58:51 ----A---- C:\Windows\system32\iesetup.dll
2015-11-10 22:58:51 ----A---- C:\Windows\system32\iertutil.dll
2015-11-10 22:58:51 ----A---- C:\Windows\system32\ieapfltr.dll
2015-11-10 22:58:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-11-10 22:58:50 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2015-11-10 22:58:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-11-10 22:58:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-11-10 22:58:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-11-10 22:58:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-11-10 22:58:50 ----A---- C:\Windows\system32\vbscript.dll
2015-11-10 22:58:50 ----A---- C:\Windows\system32\jsproxy.dll
2015-11-10 22:58:49 ----A---- C:\Windows\system32\mshtmled.dll
2015-11-10 22:58:49 ----A---- C:\Windows\system32\ieui.dll
2015-11-10 22:58:49 ----A---- C:\Windows\system32\ieframe.dll
2015-11-10 22:58:49 ----A---- C:\Windows\system32\dxtmsft.dll
2015-11-10 22:58:48 ----A---- C:\Windows\system32\wininet.dll
2015-11-10 22:58:48 ----A---- C:\Windows\system32\webcheck.dll
2015-11-10 22:58:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-11-10 22:58:48 ----A---- C:\Windows\system32\jscript9diag.dll
2015-11-10 22:58:48 ----A---- C:\Windows\system32\jscript9.dll
2015-11-10 22:58:48 ----A---- C:\Windows\system32\jscript.dll
2015-11-10 22:58:48 ----A---- C:\Windows\system32\ieUnatt.exe
2015-11-10 22:58:47 ----A---- C:\Windows\system32\msrating.dll
2015-11-10 22:58:47 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-11-10 22:58:46 ----A---- C:\Windows\system32\mshtml.dll
2015-11-10 22:55:46 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-11-10 22:55:45 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-11-10 22:55:45 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-11-10 22:55:45 ----A---- C:\Windows\system32\schannel.dll
2015-11-10 22:55:45 ----A---- C:\Windows\system32\ncrypt.dll
2015-11-10 22:55:45 ----A---- C:\Windows\system32\kerberos.dll
2015-11-10 22:55:45 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-11-10 22:55:45 ----A---- C:\Windows\system32\drivers\cng.sys
2015-11-10 22:55:44 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2015-11-10 22:55:44 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2015-11-10 22:55:44 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-11-10 22:55:43 ----A---- C:\Windows\SYSWOW64\bcryptprimitives.dll
2015-11-10 22:55:42 ----A---- C:\Windows\system32\bcryptprimitives.dll
2015-11-10 22:55:41 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2015-11-10 22:55:41 ----A---- C:\Windows\system32\ntdll.dll
2015-11-10 22:55:41 ----A---- C:\Windows\system32\lsasrv.dll
2015-11-10 22:55:41 ----A---- C:\Windows\system32\kernel32.dll
2015-11-10 22:55:39 ----A---- C:\Windows\system32\wow64.dll
2015-11-10 22:55:39 ----A---- C:\Windows\system32\winsrv.dll
2015-11-10 22:55:39 ----A---- C:\Windows\system32\srcore.dll
2015-11-10 22:55:39 ----A---- C:\Windows\system32\rstrui.exe
2015-11-10 22:55:39 ----A---- C:\Windows\system32\rpcrt4.dll
2015-11-10 22:55:39 ----A---- C:\Windows\system32\KernelBase.dll
2015-11-10 22:55:39 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-11-10 22:55:39 ----A---- C:\Windows\system32\conhost.exe
2015-11-10 22:55:38 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-11-10 22:55:38 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-11-10 22:55:38 ----A---- C:\Windows\system32\wdigest.dll
2015-11-10 22:55:38 ----A---- C:\Windows\system32\TSpkg.dll
2015-11-10 22:55:38 ----A---- C:\Windows\system32\sspicli.dll
2015-11-10 22:55:38 ----A---- C:\Windows\system32\msv1_0.dll
2015-11-10 22:55:37 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-11-10 22:55:37 ----A---- C:\Windows\SYSWOW64\srclient.dll
2015-11-10 22:55:37 ----A---- C:\Windows\SYSWOW64\setup16.exe
2015-11-10 22:55:37 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-11-10 22:55:37 ----A---- C:\Windows\system32\srclient.dll
2015-11-10 22:55:37 ----A---- C:\Windows\system32\smss.exe
2015-11-10 22:55:37 ----A---- C:\Windows\system32\lsass.exe
2015-11-10 22:55:37 ----A---- C:\Windows\system32\auditpol.exe
2015-11-10 22:55:36 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-11-10 22:55:36 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-11-10 22:55:36 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-11-10 22:55:36 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2015-11-10 22:55:36 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2015-11-10 22:55:36 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-11-10 22:55:36 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-11-10 22:55:36 ----A---- C:\Windows\system32\wow64win.dll
2015-11-10 22:55:36 ----A---- C:\Windows\system32\wow64cpu.dll
2015-11-10 22:55:36 ----A---- C:\Windows\system32\sspisrv.dll
2015-11-10 22:55:36 ----A---- C:\Windows\system32\secur32.dll
2015-11-10 22:55:36 ----A---- C:\Windows\system32\ntvdm64.dll
2015-11-10 22:55:36 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-11-10 22:55:36 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-11-10 22:55:36 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-11-10 22:55:36 ----A---- C:\Windows\system32\csrsrv.dll
2015-11-10 22:55:36 ----A---- C:\Windows\system32\cryptbase.dll
2015-11-10 22:55:36 ----A---- C:\Windows\system32\credssp.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 22:55:35 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 22:55:35 ----A---- C:\Windows\SYSWOW64\wow32.dll
2015-11-10 22:55:35 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 22:55:34 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 22:55:34 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2015-11-10 22:55:34 ----A---- C:\Windows\system32\apisetschema.dll
2015-11-10 22:55:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 22:55:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-10 22:55:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 22:55:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-10 22:55:31 ----A---- C:\Windows\SYSWOW64\user.exe
2015-11-10 22:55:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-11-10 22:55:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-11-10 22:55:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2015-11-10 22:55:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-11-10 22:55:31 ----A---- C:\Windows\system32\msobjs.dll
2015-11-10 22:55:31 ----A---- C:\Windows\system32\msaudite.dll
2015-11-10 22:55:31 ----A---- C:\Windows\system32\adtschema.dll
2015-11-10 22:55:04 ----A---- C:\Windows\system32\drivers\tdx.sys
2015-11-10 22:55:03 ----A---- C:\Windows\system32\drivers\afd.sys
2015-11-10 22:55:01 ----A---- C:\Windows\SYSWOW64\shimeng.dll
2015-11-10 22:55:01 ----A---- C:\Windows\SYSWOW64\sdbinst.exe
2015-11-10 22:55:01 ----A---- C:\Windows\SYSWOW64\apphelp.dll
2015-11-10 22:55:01 ----A---- C:\Windows\system32\shimeng.dll
2015-11-10 22:55:01 ----A---- C:\Windows\system32\sdbinst.exe
2015-11-10 22:55:01 ----A---- C:\Windows\system32\apphelp.dll
2015-11-10 22:55:01 ----A---- C:\Windows\system32\aelupsvc.dll
2015-11-10 22:54:55 ----A---- C:\Windows\system32\win32k.sys
2015-11-10 22:54:53 ----A---- C:\Windows\system32\drivers\ndis.sys
2015-11-10 22:54:47 ----A---- C:\Windows\SYSWOW64\InkEd.dll
2015-11-10 22:54:47 ----A---- C:\Windows\system32\jnwmon.dll
2015-11-10 22:54:47 ----A---- C:\Windows\system32\InkEd.dll
2015-11-03 20:57:24 ----D---- C:\Users\Peto\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2015-11-03 20:53:11 ----D---- C:\ProgramData\ALM
2015-11-02 11:28:48 ----A---- C:\ftconfig.ini
2015-10-28 20:20:12 ----D---- C:\Program Files\Neat Video v4 for Premiere
2015-10-26 19:22:20 ----D---- C:\Program Files\Common Files\McAfee
2015-10-20 21:32:50 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-10-18 18:01:12 ----A---- C:\Windows\system32\shell32.dll
2015-10-18 18:01:11 ----A---- C:\Windows\system32\ExplorerFrame.dll
2015-10-18 18:01:09 ----A---- C:\Windows\SYSWOW64\shell32.dll
2015-10-18 18:01:09 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2015-10-18 17:58:06 ----A---- C:\Windows\system32\invagent.dll
2015-10-18 17:58:06 ----A---- C:\Windows\system32\generaltel.dll
2015-10-18 17:58:06 ----A---- C:\Windows\system32\devinv.dll
2015-10-18 17:58:06 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-10-18 17:58:06 ----A---- C:\Windows\system32\appraiser.dll
2015-10-18 17:58:06 ----A---- C:\Windows\system32\aeinv.dll
2015-10-18 17:58:06 ----A---- C:\Windows\system32\acmigration.dll
2015-10-18 17:57:58 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2015-10-18 17:57:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-10-18 17:57:58 ----A---- C:\Windows\system32\appidsvc.dll
2015-10-18 17:57:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-10-18 17:57:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-10-18 17:57:58 ----A---- C:\Windows\system32\appidapi.dll
2015-10-18 17:57:57 ----A---- C:\Windows\system32\drivers\appid.sys
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\ucrtbase.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-18 17:57:19 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll

======List of files/folders modified in the last 1 month======

2015-11-13 15:33:56 ----D---- C:\Windows\Temp
2015-11-13 15:33:52 ----RD---- C:\Program Files
2015-11-13 15:25:11 ----D---- C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1
2015-11-12 23:40:11 ----RSD---- C:\Windows\assembly
2015-11-12 23:40:11 ----D---- C:\Windows\Microsoft.NET
2015-11-11 22:00:53 ----D---- C:\Windows\System32
2015-11-11 22:00:53 ----D---- C:\Windows\inf
2015-11-11 22:00:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-11 21:57:14 ----A---- C:\Windows\SYSWOW64\log.txt
2015-11-11 21:55:29 ----D---- C:\Windows\winsxs
2015-11-11 21:54:57 ----D---- C:\Windows\SysWOW64
2015-11-11 21:54:52 ----D---- C:\Windows\system32\config
2015-11-11 21:51:59 ----D---- C:\Windows\SYSWOW64\sk-SK
2015-11-11 21:51:59 ----D---- C:\Windows\system32\sk-SK
2015-11-11 21:51:59 ----D---- C:\Program Files\Internet Explorer
2015-11-11 21:51:58 ----D---- C:\Windows\SYSWOW64\en-US
2015-11-11 21:51:57 ----D---- C:\Windows\system32\en-US
2015-11-11 21:51:56 ----D---- C:\Program Files (x86)\Internet Explorer
2015-11-11 21:51:44 ----D---- C:\Windows\system32\drivers
2015-11-11 21:51:44 ----D---- C:\Windows\AppPatch
2015-11-11 21:51:38 ----D---- C:\Windows\system32\migration
2015-11-11 21:26:33 ----D---- C:\Windows\system32\MRT
2015-11-11 21:26:29 ----A---- C:\Windows\system32\MRT.exe
2015-11-11 21:20:29 ----SHD---- C:\System Volume Information
2015-11-11 21:19:48 ----SHD---- C:\Windows\Installer
2015-11-11 21:19:48 ----SHD---- C:\Config.Msi
2015-11-11 21:15:46 ----D---- C:\Program Files\Windows Journal
2015-11-11 21:07:57 ----D---- C:\Program Files\McAfee Security Scan
2015-11-11 21:07:48 ----D---- C:\Windows\system32\drivers\etc
2015-11-10 23:32:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-11-10 22:54:15 ----D---- C:\Windows\system32\catroot2
2015-11-05 16:16:27 ----D---- C:\Program Files (x86)\Adobe
2015-11-05 16:06:29 ----D---- C:\Program Files\Common Files\Adobe
2015-11-03 20:57:25 ----D---- C:\Users\Peto\AppData\Roaming\Adobe
2015-11-03 20:57:25 ----D---- C:\ProgramData\Adobe
2015-11-03 20:54:47 ----D---- C:\ProgramData\regid.1986-12.com.adobe
2015-11-03 20:53:11 ----HD---- C:\ProgramData
2015-11-03 20:52:17 ----D---- C:\Program Files\Adobe
2015-11-03 20:50:49 ----RSD---- C:\Windows\Fonts
2015-11-03 20:48:08 ----D---- C:\Windows\Prefetch
2015-10-30 22:57:55 ----D---- C:\Windows\system32\Tasks
2015-10-28 16:03:01 ----RD---- C:\Program Files (x86)
2015-10-28 16:03:01 ----D---- C:\Program Files (x86)\Common Files
2015-10-28 16:00:53 ----D---- C:\Program Files (x86)\Google
2015-10-28 15:58:51 ----D---- C:\Windows\Tasks
2015-10-27 21:01:07 ----D---- C:\ProgramData\Skype
2015-10-27 20:52:30 ----D---- C:\Windows\system32\wdi
2015-10-26 19:40:07 ----D---- C:\ProgramData\McAfee
2015-10-26 19:22:20 ----D---- C:\Program Files\Common Files
2015-10-26 12:23:32 ----D---- C:\Windows\rescache
2015-10-20 22:39:57 ----D---- C:\Program Files (x86)\Magical Find
2015-10-20 20:10:05 ----D---- C:\Users\Peto\AppData\Roaming\Skype
2015-10-19 21:18:59 ----SD---- C:\Windows\system32\CompatTel
2015-10-19 21:18:59 ----D---- C:\Windows\system32\appraiser
2015-10-19 21:18:58 ----D---- C:\Windows\system32\CodeIntegrity
2015-10-19 21:18:58 ----D---- C:\Windows\system32\Boot
2015-10-18 17:45:57 ----SD---- C:\Windows\system32\GWX
2015-10-15 08:23:44 ----SD---- C:\Windows\SYSWOW64\GWX

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdisFlt;Avast! Firewall Driver; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [2015-09-23 454528]
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-09-23 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-09-23 274808]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-04-26 557848]
R0 ngvss;ngvss; C:\Windows\system32\drivers\ngvss.sys [2015-09-23 132656]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2011-03-30 25960]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2015-09-23 28144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-09-23 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-07 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-07 449992]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-09-23 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-09-23 90968]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-09-23 153744]
R2 Sentinel64;Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [2009-09-17 145448]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-09-23 274336]
R3 b57xdbd;Broadcom xD Picture Bus Driver Service; C:\Windows\system32\DRIVERS\b57xdbd.sys [2011-01-21 67624]
R3 b57xdmp;Broadcom xD Picture vstorp client drv; C:\Windows\system32\DRIVERS\b57xdmp.sys [2011-01-21 19496]
R3 BCM43XX;Broadcom 802.11 - ovládač sieťového adaptéru; C:\Windows\system32\DRIVERS\bcmwl664.sys [2011-06-08 4729408]
R3 bScsiMSa;bScsiMSa; C:\Windows\system32\DRIVERS\bScsiMSa.sys [2011-05-16 51240]
R3 bScsiSDa;bScsiSDa; C:\Windows\system32\DRIVERS\bScsiSDa.sys [2011-05-06 86056]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-09-13 30264]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2011-04-05 142632]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-06-10 12230912]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-03-15 2814952]
R3 IntcDAud;Intel(R) Zvuk pre obrazovky; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2011-05-10 425000]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2009-12-02 721768]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2009-12-02 269672]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2009-12-02 25960]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2009-12-02 22376]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 BTWAMPFL;btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [2011-01-10 349736]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2011-01-24 107560]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2010-09-14 138280]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2011-02-15 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-09-14 21416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 silabenm;Silicon Labs CP210x USB to UART Bridge Serial Port Enumerator Driver; C:\Windows\system32\DRIVERS\silabenm.sys [2014-04-11 23552]
S3 silabser;Silicon Labs CP210x USB to UART Bridge Driver; C:\Windows\system32\DRIVERS\silabser.sys [2014-04-11 79360]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9; C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [2010-09-30 169408]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 AGSService;Adobe Genuine Software Integrity Service; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015-09-29 2015936]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-09-23 146600]
R2 avast! Firewall;Avast Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2015-09-23 109008]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2011-05-10 956192]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-02-28 821664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2011-05-10 872552]
R2 GREGService;GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [2011-01-18 39528]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-04-30 13592]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2011-04-22 244624]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-12-22 325656]
R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-03-29 598312]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-03-31 993896]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-03-30 2009704]
R2 SentinelKeysServer;Sentinel Keys Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [2013-01-09 376832]
R2 SentinelProtectionServer;Sentinel Protection Server; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [2013-01-09 1259872]
R2 SentinelSecurityRuntime;Sentinel Security Runtime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [2013-01-09 293216]
R2 Service Mgr MagicalFind;Service Mgr MagicalFind; C:\ProgramData\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\plugincontainer.exe [2015-11-13 638688]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2009-12-02 483688]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
R2 Update Mgr MagicalFind;Update Mgr MagicalFind; C:\Program Files (x86)\Common Files\1c1e4ef3-a4fe-42a4-a546-08f69e47d2d1\updater.exe [2015-11-13 544992]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-09-23 4048280]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2009-12-02 209768]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-28 144200]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10 269000]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-10-31 114688]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.226\McCHSvc.exe [2015-10-30 289256]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2009-11-19 4925184]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0; C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-06-03 1255736]
S3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

-----------------EOF-----------------

[Rudy]

Musíte mi připomenout o co jde. Při tak dlouhých prodlévách si to jednoiduše nemohu pamatovat a pročítat to znovu nehodlám.

[peter1207]

Zacalo to tym, ze mi zacali vyskakovat rozne reklami v prehliadaci, ci uz v chrome, ci v exploreri alebo v mozile vsade to iste. Nasledne spomaleny cely pc, teraz uz sa mi stranky same prehadzuju, vsade reklamy, pri kliknuti hockam ma prepina na ine stranky ci otvara nove karty alebo okna...
PC samotny sa hreje a je pomaly.
Mam plateneho avasta obcas nieco zablokuje a pri kontrole tiez iba obcas nieco najde.
A nefunguje mi tlacitko Del...

[Rudy]

Zkuste následující skeny:

1. Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.