VIRY.CZ

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2015-05-27 15:20:47
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 40 GB (17%) free of 235 GB
Total RAM: 3326 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:21:38, on 27. 5. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\uRage Illuminated Driver\Monitor.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\explorer.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Admin\Downloads\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hppp&ts ... J1NQC00173
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=dsp ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=dsp ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hppp&ts ... J1NQC00173
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hppp&ts ... J1NQC00173
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hppp&ts ... J1NQC00173
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: LuckyTab Class - {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} - C:\Program Files\XTab\SupTab.dll (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Dare-U mouse] "C:\Program Files\uRage Illuminated Driver\Monitor.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: „¨%
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files\Common Files\BattlEye\BEService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IHProtect Service - Unknown owner - C:\Program Files\XTab\ProtectService.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - DTools LIMITED - C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe

--
End of file - 10577 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Windows\tasks\cob2iP2q124O1p9MMbjB.job - C:\Users\Admin\AppData\Roaming\cob2iP2q124O1p9MMbjB.exe --c=v/kRWhr3PXK7Mvx6/RNMveJ/2JGw2u6kvkKc6WoZZINpFh5LgfVc8WE5pFJsJT80zLuNnCdYZcjxSjnd+4KQiSlP1NURX9IXbX9XhgcU+er7qf6s4z3AqQCgnvF+z+oV7POZgLzjW+JKI0czgT43KI3P9Z7LTHMDqffdudknE2pQVzDdvzyBEKW43KfoFSmsLYAjA/lO/1GZj3YnUryBkAZuRCJEX0jPllOP7Wn1myq3DFK6JF2Bhd/QPjJYz4rNa5w6VWGcTpPB4s3HYLXiNUTwt/mdB2QwDcCWQhL5U/E63+wsprPCdsAs/CwHVX48SELyoENbr2NdPBlSFUB+BA==
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d09875440a7ab5.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d09876e1336bf7.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\Wise Care 365.job - C:\Program Files\Wise\Wise Care 365\WiseTray.exe -StartTray
C:\Windows\tasks\Wise Turbo Checker.job - C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
LuckyTab Class - C:\Program Files\XTab\SupTab.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-11 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-11 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{98889811-442D-49dd-99D7-DC866BE87DBC}

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2013-05-20 450560]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-02-13 1263952]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"Dare-U mouse"=C:\Program Files\uRage Illuminated Driver\Monitor.exe [2013-01-17 491520]
"ShadowPlay"=C:\Windows\system32\nvspcap.dll [2015-05-08 1316000]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-08 2685072]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-12 5515496]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1425208]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-10-15 157480]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-04-23 6278424]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="„¨%"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.FPS1"=frapsvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 3 months======

2015-05-27 15:20:47 ----D---- C:\rsit
2015-05-27 15:20:47 ----D---- C:\Program Files\trend micro
2015-05-27 13:13:29 ----D---- C:\Program Files\Opera
2015-05-27 13:11:39 ----D---- C:\Program Files\globalUpdate
2015-05-27 13:10:03 ----D---- C:\ProgramData\IHProtectUpDate
2015-05-27 13:09:53 ----D---- C:\ProgramData\WindowsMangerProtect
2015-05-27 09:06:29 ----D---- C:\Program Files\Grand Theft Auto V
2015-05-27 00:32:54 ----D---- C:\ProgramData\Package Cache
2015-05-26 23:22:30 ----D---- C:\Program Files\Rockstar Games
2015-05-22 17:50:54 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-05-22 17:04:22 ----D---- C:\Program Files\CCleaner
2015-05-19 22:01:52 ----D---- C:\Program Files\CPUID
2015-05-16 19:08:04 ----D---- C:\Windows\system32\vbox
2015-05-16 17:25:08 ----A---- C:\Windows\WiseHDInfo32.dll
2015-05-16 17:24:59 ----D---- C:\Users\Admin\AppData\Roaming\Wise Care 365
2015-05-16 17:24:47 ----D---- C:\Program Files\Wise
2015-05-13 20:21:03 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 20:21:02 ----A---- C:\Windows\system32\win32k.sys
2015-05-13 20:21:02 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 01:53:28 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 19:50:57 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 19:50:57 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-05-12 19:50:56 ----A---- C:\Windows\system32\urlmon.dll
2015-05-12 19:50:56 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-12 19:50:56 ----A---- C:\Windows\system32\iernonce.dll
2015-05-12 19:50:56 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-05-12 19:50:56 ----A---- C:\Windows\system32\iedkcs32.dll
2015-05-12 19:50:56 ----A---- C:\Windows\system32\ie4uinit.exe
2015-05-12 19:50:55 ----A---- C:\Windows\system32\jsproxy.dll
2015-05-12 19:50:55 ----A---- C:\Windows\system32\jscript9diag.dll
2015-05-12 19:50:55 ----A---- C:\Windows\system32\ieUnatt.exe
2015-05-12 19:50:55 ----A---- C:\Windows\system32\ieapfltr.dll
2015-05-12 19:50:55 ----A---- C:\Windows\system32\dxtmsft.dll
2015-05-12 19:50:54 ----A---- C:\Windows\system32\msfeeds.dll
2015-05-12 19:50:53 ----A---- C:\Windows\system32\wininet.dll
2015-05-12 19:50:53 ----A---- C:\Windows\system32\msrating.dll
2015-05-12 19:50:53 ----A---- C:\Windows\system32\iesetup.dll
2015-05-12 19:50:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-05-12 19:50:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-05-12 19:50:51 ----A---- C:\Windows\system32\ieui.dll
2015-05-12 19:50:51 ----A---- C:\Windows\system32\ieframe.dll
2015-05-12 19:50:49 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-05-12 19:50:49 ----A---- C:\Windows\system32\mshtmled.dll
2015-05-12 19:50:49 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-05-12 19:50:48 ----A---- C:\Windows\system32\iertutil.dll
2015-05-12 19:50:47 ----A---- C:\Windows\system32\mshtml.dll
2015-05-12 19:50:46 ----A---- C:\Windows\system32\jscript9.dll
2015-05-12 19:50:45 ----A---- C:\Windows\system32\vbscript.dll
2015-05-12 19:50:45 ----A---- C:\Windows\system32\jscript.dll
2015-05-12 19:50:29 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-12 19:50:10 ----A---- C:\Windows\system32\UtcResources.dll
2015-05-12 19:50:10 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-05-12 19:50:10 ----A---- C:\Windows\system32\diagtrack.dll
2015-05-12 19:50:09 ----A---- C:\Windows\system32\tracerpt.exe
2015-05-12 19:50:09 ----A---- C:\Windows\system32\tdh.dll
2015-05-12 19:50:09 ----A---- C:\Windows\system32\srcore.dll
2015-05-12 19:50:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-05-12 19:50:09 ----A---- C:\Windows\system32\ntdll.dll
2015-05-12 19:50:09 ----A---- C:\Windows\system32\lsasrv.dll
2015-05-12 19:50:09 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-05-12 19:50:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-05-12 19:50:09 ----A---- C:\Windows\system32\advapi32.dll
2015-05-12 19:50:08 ----A---- C:\Windows\system32\wdigest.dll
2015-05-12 19:50:08 ----A---- C:\Windows\system32\typeperf.exe
2015-05-12 19:50:08 ----A---- C:\Windows\system32\TSpkg.dll
2015-05-12 19:50:08 ----A---- C:\Windows\system32\smss.exe
2015-05-12 19:50:08 ----A---- C:\Windows\system32\sechost.dll
2015-05-12 19:50:08 ----A---- C:\Windows\system32\rstrui.exe
2015-05-12 19:50:08 ----A---- C:\Windows\system32\relog.exe
2015-05-12 19:50:08 ----A---- C:\Windows\system32\ncrypt.dll
2015-05-12 19:50:08 ----A---- C:\Windows\system32\msv1_0.dll
2015-05-12 19:50:08 ----A---- C:\Windows\system32\logman.exe
2015-05-12 19:50:08 ----A---- C:\Windows\system32\kerberos.dll
2015-05-12 19:50:07 ----A---- C:\Windows\system32\sspicli.dll
2015-05-12 19:50:07 ----A---- C:\Windows\system32\lsass.exe
2015-05-12 19:50:07 ----A---- C:\Windows\system32\diskperf.exe
2015-05-12 19:50:07 ----A---- C:\Windows\system32\csrsrv.dll
2015-05-12 19:50:07 ----A---- C:\Windows\system32\auditpol.exe
2015-05-12 19:50:06 ----A---- C:\Windows\system32\sspisrv.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\srclient.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\secur32.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\msobjs.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\msaudite.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\credssp.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\apisetschema.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\adtschema.dll
2015-05-12 19:49:43 ----A---- C:\Windows\system32\schannel.dll
2015-05-12 19:49:43 ----A---- C:\Windows\system32\certcli.dll
2015-05-12 19:49:34 ----A---- C:\Windows\system32\services.exe
2015-05-12 19:45:00 ----A---- C:\Windows\system32\shimeng.dll
2015-05-12 19:45:00 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-12 19:45:00 ----A---- C:\Windows\system32\apphelp.dll
2015-05-12 19:45:00 ----A---- C:\Windows\system32\aelupsvc.dll
2015-05-12 19:44:54 ----A---- C:\Windows\system32\InkEd.dll
2015-05-12 19:44:53 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-12 19:44:48 ----A---- C:\Windows\system32\poqexec.exe
2015-04-22 12:56:48 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-22 12:56:41 ----A---- C:\Windows\avastSS.scr
2015-04-20 16:05:14 ----A---- C:\Users\Admin\AppData\Roaming\cob2iP2q124O1p9MMbjB.exe
2015-04-15 00:49:43 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 00:49:43 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 00:49:43 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 00:49:43 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 00:49:43 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 00:49:42 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 00:49:41 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 00:49:41 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 00:49:35 ----A---- C:\Windows\system32\clfs.sys
2015-04-15 00:49:34 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 00:48:58 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 00:47:20 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 00:47:19 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 00:47:19 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 00:47:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 00:47:18 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 00:47:18 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 00:47:18 ----A---- C:\Windows\system32\wups.dll
2015-04-15 00:47:18 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 00:47:17 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 00:47:16 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 00:47:16 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 00:46:55 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 00:46:53 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 00:46:52 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-05 01:22:48 ----SD---- C:\Windows\system32\GWX
2015-03-11 02:51:40 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 02:51:38 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 02:51:38 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 02:51:38 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 02:51:37 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 02:51:36 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 02:50:33 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 02:50:24 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 02:50:24 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 02:50:24 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 02:50:24 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 02:50:24 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 02:50:23 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 02:50:00 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 02:50:00 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 02:49:59 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 02:49:58 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 02:49:58 ----A---- C:\Windows\system32\mf.dll
2015-03-11 02:49:57 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 02:49:56 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 02:49:56 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 02:49:55 ----A---- C:\Windows\system32\evr.dll
2015-03-11 02:49:54 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 02:49:54 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 02:49:54 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 02:49:54 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 02:49:54 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 02:49:53 ----A---- C:\Windows\system32\winresume.exe
2015-03-11 02:49:53 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 02:49:53 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 02:49:52 ----A---- C:\Windows\system32\ci.dll
2015-03-11 02:49:51 ----A---- C:\Windows\system32\winload.exe
2015-03-11 02:49:48 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 02:49:47 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 02:49:47 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 02:49:47 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 02:49:46 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 02:49:46 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 02:49:45 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 02:49:42 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 02:49:42 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 02:49:40 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 02:49:40 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 02:49:39 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 02:49:38 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 02:49:38 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 02:49:37 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 02:49:36 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 02:49:36 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 02:49:34 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 02:49:34 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 02:49:34 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 02:49:33 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 02:49:32 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 02:49:32 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 02:49:32 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 02:49:30 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 02:49:28 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 02:49:28 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 02:49:24 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 02:49:21 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 02:49:19 ----A---- C:\Windows\system32\mferror.dll
2015-03-03 21:22:59 ----A---- C:\Windows\system32\wdi.dll
2015-03-03 21:22:59 ----A---- C:\Windows\system32\powertracker.dll
2015-03-03 21:22:59 ----A---- C:\Windows\system32\perftrack.dll

======List of files/folders modified in the last 3 months======

2015-05-27 15:21:38 ----D---- C:\Windows\Temp
2015-05-27 15:20:47 ----D---- C:\Program Files
2015-05-27 14:41:07 ----D---- C:\Windows\system32\config
2015-05-27 14:37:31 ----D---- C:\Windows
2015-05-27 14:37:31 ----D---- C:\ProgramData\NVIDIA
2015-05-27 14:15:56 ----SHD---- C:\Windows\Installer
2015-05-27 14:15:56 ----HD---- C:\Config.Msi
2015-05-27 14:15:54 ----D---- C:\Windows\Tasks
2015-05-27 14:05:40 ----D---- C:\Program Files\Google
2015-05-27 13:27:20 ----D---- C:\Users\Admin\AppData\Roaming\uTorrent
2015-05-27 13:27:20 ----D---- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2015-05-27 13:27:20 ----D---- C:\Program Files\Steam
2015-05-27 13:27:16 ----D---- C:\Windows\Logs
2015-05-27 13:27:16 ----D---- C:\Windows\inf
2015-05-27 13:22:38 ----D---- C:\Program Files\AGEIA Technologies
2015-05-27 13:10:03 ----HD---- C:\ProgramData
2015-05-27 10:38:36 ----SHD---- C:\System Volume Information
2015-05-27 00:33:13 ----D---- C:\Windows\System32
2015-05-26 23:24:01 ----RSD---- C:\Windows\assembly
2015-05-24 21:03:23 ----D---- C:\Program Files\Common Files\Steam
2015-05-22 17:53:22 ----D---- C:\Windows\Prefetch
2015-05-22 17:51:05 ----D---- C:\Windows\debug
2015-05-22 17:15:32 ----D---- C:\Windows\system32\DriverStore
2015-05-22 17:15:32 ----D---- C:\Windows\system32\catroot2
2015-05-22 10:26:54 ----D---- C:\Windows\winsxs
2015-05-19 13:53:53 ----HD---- C:\Program Files\InstallShield Installation Information
2015-05-16 23:29:14 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2015-05-16 19:04:22 ----D---- C:\Program Files\Bonjour
2015-05-16 18:20:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-16 17:45:07 ----D---- C:\Users\Admin\AppData\Roaming\PhotoScape
2015-05-16 17:28:52 ----RHD---- C:\MSOCache
2015-05-16 17:28:44 ----D---- C:\Windows\Panther
2015-05-16 17:28:43 ----D---- C:\Windows\Downloaded Program Files
2015-05-15 13:59:36 ----D---- C:\Windows\Microsoft.NET
2015-05-13 23:59:14 ----D---- C:\Program Files\Windows Journal
2015-05-13 20:21:17 ----D---- C:\Windows\system32\MRT
2015-05-13 19:56:02 ----A---- C:\Windows\system32\MRT.exe
2015-05-13 19:47:55 ----D---- C:\Windows\system32\en-US
2015-05-13 19:47:50 ----D---- C:\Windows\system32\drivers
2015-05-13 19:47:46 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-13 19:47:15 ----D---- C:\Program Files\Internet Explorer
2015-05-13 19:47:10 ----D---- C:\Windows\AppPatch
2015-05-13 19:47:00 ----D---- C:\Windows\system32\drivers\UMDF
2015-05-13 19:46:11 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-13 01:53:23 ----D---- C:\ProgramData\Microsoft Help
2015-05-08 02:35:20 ----A---- C:\Windows\system32\nvspcap.dll
2015-05-08 02:35:20 ----A---- C:\Windows\system32\nvspbridge.dll
2015-04-15 03:49:24 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 03:49:23 ----D---- C:\Windows\system32\appraiser
2015-04-15 03:49:19 ----D---- C:\Windows\system32\sk-SK
2015-04-15 03:05:27 ----D---- C:\ProgramData\Skype
2015-04-15 03:05:15 ----RD---- C:\Program Files\Skype
2015-03-26 04:17:06 ----D---- C:\Windows\system32\wbem
2015-03-11 04:37:40 ----D---- C:\Windows\system32\Dism
2015-03-11 04:37:40 ----D---- C:\Program Files\Windows Media Player
2015-03-11 04:37:34 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-11 04:37:34 ----D---- C:\Windows\system32\Boot
2015-03-04 04:16:39 ----D---- C:\Windows\tracing

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-22 49904]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-22 209048]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2011-02-01 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-22 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-22 787760]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-22 427992]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2011-02-01 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-24 239168]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-22 24144]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-22 74976]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-22 106912]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-04-22 220752]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-08 18576]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2014-11-22 32912]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\DRIVERS\dmvsc.sys [2011-02-01 62464]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 14848]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 17408]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2013-08-06 18944]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2011-02-01 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-03-17 14848]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2011-02-01 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2011-02-01 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2011-02-01 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2013-03-17 24064]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-03-17 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-03-17 27136]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2011-02-01 112640]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2014-08-16 45056]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [2011-02-01 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2011-02-01 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2011-02-01 35968]
S3 WiseHDInfo;WiseHDInfo; \??\C:\Windows\WiseHDInfo32.dll [2015-05-16 11816]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-22 343336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-08 919184]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 100232]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-08 1884304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-08 20698768]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 670552]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-04-22 3207800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 540968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-27 107848]
S2 IHProtect Service;IHProtect Service; C:\Program Files\XTab\ProtectService.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 WindowsMangerProtect;WindowsMangerProtect Service; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [2015-05-27 697000]
S2 WiseBootAssistant;Wise Boot Assistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [2014-10-28 580232]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-16 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BEService;BattlEye Service; C:\Program Files\Common Files\BattlEye\BEService.exe [2014-03-20 49152]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-01-07 1045256]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-27 107848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 102912]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-07-12 542912]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-17 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------
info.txt logfile of random's system information tool 1.10 2015-05-27 15:21:41

======MBR======

0x33C08ED0BC007C8EC08ED8BE007CBF0006B90002FCF3A450681C06CBFBB90400BDBE07807E00007C0B0F850E0183C510E2F1CD1888560055C6461105C6461000B441BBAA55CD135D720F81FB55AA7509F7C101007403FE46106660807E1000742666680000000066FF760868000068007C680100681000B4428A56008BF4CD139F83C4109EEB14B80102BB007C8A56008A76018A4E028A6E03CD136661731CFE4E11750C807E00800F848A00B280EB845532E48A5600CD135DEB9E813EFE7D55AA756EFF7600E88D007517FAB0D1E664E88300B0DFE660E87C00B0FFE664E87500FBB800BBCD1A6623C0753B6681FB54435041753281F90201722C666807BB00006668000200006668080000006653665366556668000000006668007C0000666168000007CD1A5A32F6EA007C0000CD18A0B707EB08A0B607EB03A0B50732E40500078BF0AC3C007409BB0700B40ECD10EBF2F4EBFD2BC9E464EB002402E0F82402C3496E76616C696420706172746974696F6E207461626C65004572726F72206C6F6164696E67206F7065726174696E672073797374656D004D697373696E67206F7065726174696E672073797374656D000000637B9A8EC81E5800008020210007DF130C000800000020030000DF140C07FEFFFF0028030000A0AC1C00FEFFFF07FEFFFF00C8AF1C0080881D0000000000000000000000000000000055AA

======Uninstall list======

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
-->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\Windows\UNNeroBackItUp.exe /UNINSTALL
-->C:\Windows\UNNeroMediaHome.exe /UNINSTALL
-->C:\Windows\UNNeroShowTime.exe /UNINSTALL
-->C:\Windows\UNNeroVision.exe /UNINSTALL
-->C:\Windows\UNRecode.exe /UNINSTALL
-->MsiExec /X{80407BA7-7763-4395-AB98-5233F1B34E65}
µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A0087DDE-69D0-11E2-AD57-43CA6188709B}
Adobe Flash Player 11 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -maintain activex
Adobe Flash Player 11 Plugin-->C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_Plugin.exe -maintain plugin
Adobe Reader 8 - Slovak-->MsiExec.exe /I{AC76BA86-7AD7-1051-7B44-A80000000000}
Age of Empires III - The Asian Dynasties-->C:\Program Files\InstallShield Installation Information\{C43C1415-3DFC-4089-9A32-0BECF28A6046}\setup.exe -runfromtemp -l0x0405
Age of Empires III - The WarChiefs-->C:\Program Files\InstallShield Installation Information\{1C08A24C-B168-407E-A826-68FAF5F20710}\setup.exe -runfromtemp -l0x0405
Age of Empires III-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}
Aktualizácia Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-041B-0000-0000000FF1CE} /uninstall {9A8C39B0-D27F-4F81-BE74-2FECF164707E}
Aktualizácia Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-041B-0000-0000000FF1CE} /uninstall {CE23B3DC-18CC-46FC-A309-81D6670F8D3D}
Aktualizácia Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-041B-0000-0000000FF1CE} /uninstall {D6DBF512-87C0-4F6A-8FB9-AC3A389D9DE5}
Apple Application Support-->MsiExec.exe /I{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}
Apple Mobile Device Support-->MsiExec.exe /I{235EBB33-3DA1-46DF-AADE-9955123409CB}
Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
Assassin's Creed (R) III-->"C:\Program Files\InstallShield Installation Information\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}\setup.exe" -runfromtemp -l0x0005 -removeonly
Assassins Creed 4 Black Flag-->"C:\Program Files\Assassins Creed 4 Black Flag\unins000.exe"
AutoCAD 2011 - česky-->C:\Program Files\Autodesk\AutoCAD 2011\Setup\Setup.exe /P {5783F2D7-9001-0405-0002-0060B0CE6BBA} /M ACAD /language cs-CZ
AutoCAD 2011 - česky-->C:\Program Files\Autodesk\AutoCAD 2011\Setup\Setup.exe /P {5783F2D7-9001-0405-0002-0060B0CE6BBA} /M ACAD /language cs-CZ
Autodesk Material Library 2011-->MsiExec.exe /I{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}
Avast Free Antivirus-->C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel /instop:uninstall
Battle.net-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang= --uid=battle.net --displayname="Battle.net"
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
Counter-Strike 1.6 Non-Steam 1.0-->C:\Program Files\Counter-Strike 1.6 Non-Steam\Uninstall.exe
Coupon Printer for Windows-->"C:\Program Files\Coupons\uninstall.exe" "/U:C:\Program Files\Coupons\Uninstall\uninstall.xml"
CPUID CPU-Z 1.72-->"C:\Program Files\CPUID\CPU-Z\unins000.exe"
DAEMON Tools Lite-->C:\Program Files\DAEMON Tools Lite\uninst.exe
Darksiders II-->"C:\Program Files\THQ\Darksiders II\unins000.exe"
DayZ-->"C:\Program Files\Steam\steam.exe" steam://uninstall/221100
DivX Setup-->C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
Google Chrome-->"C:\Program Files\Google\Chrome\Application\43.0.2357.81\Installer\setup.exe" --uninstall --multi-install --chrome --system-level --verbose-logging
Google Update Helper-->MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
Grand Theft Auto V-->"C:\Program Files\Grand Theft Auto V\unins000.exe"
Hearthstone-->"C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=enGB --uid=hs_beta --displayname="Hearthstone"
HP Deskjet 2050 J510 series Basic Device Software-->MsiExec.exe /I{E654D1E3-B18B-4953-BFBC-F16227323E05}
HP Deskjet 2050 J510 series Help-->MsiExec.exe /I{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}
HP Deskjet 2050 J510 series Product Improvement Study-->MsiExec.exe /I{29498512-A137-4478-8691-922829F108DC}
HP LaserJet Professional M1130-M1210 MFP Series-->C:\Program Files\HP\HP LaserJet M1210 MFP Series\Uninstall.exe
HP Photo Creations-->C:\Program Files\HP Photo Creations\uninst.exe
HP Update-->MsiExec.exe /X{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}
iTunes-->MsiExec.exe /I{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}
Java 7 Update 25-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217025FF}
JavaFX 2.1.1-->MsiExec.exe /X{1111706F-666A-4037-7777-211328764D10}
Microsoft .NET Framework 4.5.1-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\\Setup.exe /repair /x86
Microsoft .NET Framework 4.5.1-->MsiExec.exe /X{4903D172-DCCB-392F-93A3-34CA9D47FE3D}
Microsoft ASP.NET MVC 4 Runtime-->MsiExec.exe /X{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-041B-0000-0000000FF1CE} /uninstall {4754EB3B-ED3D-4095-A2FD-684A3058A4FF}
Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-041B-0000-0000000FF1CE} /uninstall {8382BA92-20E3-47B6-971B-F673F0492D4E}
Microsoft Office Access MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0015-041B-0000-0000000FF1CE}
Microsoft Office Excel MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0016-041B-0000-0000000FF1CE}
Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0044-041B-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001A-041B-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0018-041B-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Czech) 2007-->MsiExec.exe /X{90120000-001F-0405-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proof (Hungarian) 2007-->MsiExec.exe /X{90120000-001F-040E-0000-0000000FF1CE}
Microsoft Office Proof (Slovak) 2007-->MsiExec.exe /X{90120000-001F-041B-0000-0000000FF1CE}
Microsoft Office Proofing (Slovak) 2007-->MsiExec.exe /X{90120000-002C-041B-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0405-0000-0000000FF1CE} /uninstall {0B7A4B67-2A38-42B1-9857-662FAB361E08}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {928D7B99-2BEA-49F9-83B8-20FA57860643}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040E-0000-0000000FF1CE} /uninstall {0AD4BB83-13B4-4C9D-9BAC-7F64E0B2D5D7}
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-041B-0000-0000000FF1CE} /uninstall {FDF9A959-241A-4662-A8DE-7DED9C22D160}
Microsoft Office Publisher MUI (Slovak) 2007-->MsiExec.exe /X{90120000-0019-041B-0000-0000000FF1CE}
Microsoft Office Shared MUI (Slovak) 2007-->MsiExec.exe /X{90120000-006E-041B-0000-0000000FF1CE}
Microsoft Office Word MUI (Slovak) 2007-->MsiExec.exe /X{90120000-001B-041B-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219-->MsiExec.exe /X{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030-->"C:\ProgramData\Package Cache\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}\vcredist_x86.exe" /uninstall
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030-->MsiExec.exe /X{B175520C-86A2-35A7-8619-86DC379688B9}
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030-->MsiExec.exe /X{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
Nero 8-->MsiExec.exe /X{76308844-456A-4D76-99CA-511F0DED1051}
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA 3D Vision radič ovládača 340.50-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{E6AF81F1-937A-4EBB-8752-1CE55D1B5EAB}\NVI2.DLL",UninstallPackage Display.NVIRUSB
NVIDIA GeForce Experience 2.4.3.31-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
NVIDIA Grafický ovládač 340.52-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{E6AF81F1-937A-4EBB-8752-1CE55D1B5EAB}\NVI2.DLL",UninstallPackage Display.Driver
NVIDIA Ovládač 3D Vision 340.52-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{E6AF81F1-937A-4EBB-8752-1CE55D1B5EAB}\NVI2.DLL",UninstallPackage Display.3DVision
NVIDIA PhysX-->MsiExec.exe /I{80407BA7-7763-4395-AB98-5233F1B34E65}
NVIDIA Softvér systému s podporou technológie PhysX 9.13.1220-->"C:\Windows\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{E6AF81F1-937A-4EBB-8752-1CE55D1B5EAB}\NVI2.DLL",UninstallPackage Display.PhysX
NVIDIA Stereoscopic 3D Driver-->"C:\Program Files\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
PhotoScape-->"C:\Program Files\PhotoScape\uninstall.exe"
Rockstar Games Social Club-->C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {1531A92E-2552-384F-B942-06A5D18DFA13}
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {8086EDC0-3409-3560-B108-44FC46882443}
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {FED9B2BC-E6D7-3409-B4C9-99AF8AC65725}
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {054F96E9-E89B-3DDB-AA70-A65194B921B4}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {CBD8D84A-257A-3A60-9819-5DF166F9CD25}
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {4DC3F78D-5CCF-37B9-9A05-EDDC456F4F20}
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {00BE0B8D-C610-34AA-ABD1-EE023DA39E5D}
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {1863F765-CBE8-3EB3-B434-CA6B6DF2561E}
Security Update for Microsoft .NET Framework 4.5.1 (KB3023224)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {3DDE5FB2-7F31-38AB-9407-F5698AD72FE8}
Security Update for Microsoft .NET Framework 4.5.1 (KB3035490)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {3DFE50DE-BA81-369E-B149-CC3B8AB09405}
Security Update for Microsoft .NET Framework 4.5.1 (KB3037581)-->C:\Windows\Microsoft.NET\Framework\v4.0.30319\SetupCache\v4.5.50938\setup.exe /uninstallpatch {C7D8B9A9-9C79-3278-A33E-C621DA724830}
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {B7727B4D-5EA3-4C11-9D30-15E47616DCAF}
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {EA575F57-C5D1-4B5A-B9F9-F16EEBC6B58C}
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {3579CE34-B225-4B19-A3AF-DE5F562A212F}
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition -->msiexec /package {90120000-006E-041B-0000-0000000FF1CE} /uninstall {EB2C7999-DC02-4428-A0CC-761D987E5DF5}
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8907F32C-DF89-4C2F-AEDE-0DB4B65451C0}
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {319FC809-3841-4739-A25F-FDBADF073697}
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {32DA925D-8B7D-4298-B893-6291D28CE809}
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6B4A3804-666A-4DD8-84A7-B97701416784}
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {36842896-D83B-4C92-8261-6312B7DEB562}
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4C1BE82B-9AC0-4AB9-B76D-5467131955E1}
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {FC572B0C-6356-46CC-A01E-CCCEC4340BF5}
Security Update for Microsoft Office 2007 suites (KB2883029) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {D08B187F-0D9B-42AC-956E-F46AEC899742}
Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {56BB0BAB-7C3C-40C1-8F70-1AAE6A5FE45F}
Security Update for Microsoft Office 2007 suites (KB2965282) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {950FA8CA-FA83-4082-A79B-BCE05762A9EE}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {6C1A25BE-E3D5-4A5A-B677-8833E5996C20}
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BBB81235-8EE6-411F-903E-F83DB17B7B34}
Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A1AB4C88-5F23-43DF-B461-32E5CBA84F7B}
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {732E7378-7132-4C0F-B30E-C00A0F8AC1EB}
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F88656FB-92A1-484E-911E-D259B15CF420}
Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition -->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {39D5B9E5-1C4E-4FBD-9B42-98E89B04AF38}
Skype™ 7.0-->MsiExec.exe /X{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
Steam-->C:\Program Files\Steam\uninstall.exe
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A024FC7B-77DE-45DE-A058-1C049A17BFB3}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition-->msiexec /package {90120000-006E-041B-0000-0000000FF1CE} /uninstall {02206DCC-0CAF-46BB-8EDC-6C281AA21EFA}
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {CB68A5B0-3508-4193-AEB9-AF636DAECE0F}
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BB006B39-9FD7-4DD5-942E-CDF1BBD718DB}
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition-->msiexec /package {90120000-001A-041B-0000-0000000FF1CE} /uninstall {40D0CA9C-D9BB-4CA7-B174-D2316D692336}
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {53DEC068-4690-4F6B-9946-7D21EF02236B}
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2986252) 32-Bit Edition-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F0A8801D-7FA6-459C-969A-D580360708CF}
uRage Illuminated Driver-->C:\Program Files\InstallShield Installation Information\{F1A273BD-6A9E-41D8-A111-5E56ACD286F8}\setup.exe -runfromtemp -l0x0009 -removeonly
VC80CRTRedist - 8.0.50727.6195-->MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
VLC media player 2.0.8-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}
WinRAR 4.00 beta 2 (32-bit)-->C:\Program Files\WinRAR\uninstall.exe
Wise Care 365 3.59-->"C:\Program Files\Wise\Wise Care 365\unins000.exe"
World of Warcraft-->C:\Program Files\Common Files\Blizzard Entertainment\World of Warcraft (2)\Uninstall.exe

======System event log======

Computer Name: Admin-PC
Event Code: 11
Message: Načítavajú sa vlastné knižnice dynamických prepojení pre všetky aplikácie. Správca systému by mal skontrolovať zoznam knižníc a zistiť, či patria dôveryhodným aplikáciám.
Record Number: 197601
Source Name: Microsoft-Windows-Wininit
Time Written: 20140514113316.432040-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Admin-PC
Event Code: 219
Message: The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC&PROD_STORAGE_DEVICE-A&REV_9727#000000009727&0#.
Record Number: 197387
Source Name: Microsoft-Windows-Kernel-PnP
Time Written: 20140511143113.370666-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Admin-PC
Event Code: 11
Message: Načítavajú sa vlastné knižnice dynamických prepojení pre všetky aplikácie. Správca systému by mal skontrolovať zoznam knižníc a zistiť, či patria dôveryhodným aplikáciám.
Record Number: 197333
Source Name: Microsoft-Windows-Wininit
Time Written: 20140511143017.496038-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Admin-PC
Event Code: 219
Message: The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC&PROD_STORAGE_DEVICE-A&REV_9727#000000009727&0#.
Record Number: 197228
Source Name: Microsoft-Windows-Kernel-PnP
Time Written: 20140510100542.190031-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Admin-PC
Event Code: 11
Message: Načítavajú sa vlastné knižnice dynamických prepojení pre všetky aplikácie. Správca systému by mal skontrolovať zoznam knižníc a zistiť, či patria dôveryhodným aplikáciám.
Record Number: 197200
Source Name: Microsoft-Windows-Wininit
Time Written: 20140510100520.932839-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Admin-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
2 user registry handles leaked from \Registry\User\S-1-5-21-1720640708-111994719-1160353310-1000:
Process 3136 (\Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe) has opened key \REGISTRY\USER\S-1-5-21-1720640708-111994719-1160353310-1000
Process 3136 (\Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe) has opened key \REGISTRY\USER\S-1-5-21-1720640708-111994719-1160353310-1000\Software\Microsoft\Windows\CurrentVersion\Explorer

Record Number: 381960
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20140828200255.510074-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Admin-PC
Event Code: 3036
Message: The content source <csc://{S-1-5-21-1720640708-111994719-1160353310-1000}/> cannot be accessed.

Context: Application, SystemIndex Catalog

Details:
The object was not found. (HRESULT : 0x80041201) (0x80041201)

Record Number: 381056
Source Name: Microsoft-Windows-Search
Time Written: 20140828071631.000000-000
Event Type: Warning
User:

Computer Name: Admin-PC
Event Code: 1
Message:
Record Number: 381046
Source Name: NvStreamSvc
Time Written: 20140828071342.000000-000
Event Type: Error
User:

Computer Name: Admin-PC
Event Code: 1
Message:
Record Number: 381045
Source Name: NvStreamSvc
Time Written: 20140828071342.000000-000
Event Type: Error
User:

Computer Name: Admin-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
2 user registry handles leaked from \Registry\User\S-1-5-21-1720640708-111994719-1160353310-1000:
Process 2412 (\Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe) has opened key \REGISTRY\USER\S-1-5-21-1720640708-111994719-1160353310-1000
Process 2412 (\Device\HarddiskVolume2\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe) has opened key \REGISTRY\USER\S-1-5-21-1720640708-111994719-1160353310-1000\Software\Microsoft\Windows\CurrentVersion\Explorer

Record Number: 381024
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20140827210736.371259-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: Admin-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: ADMIN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x210
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 35785
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130422051310.202834-000
Event Type: Audit Success
User:

Computer Name: Admin-PC
Event Code: 5033
Message: The Windows Firewall Driver started successfully.
Record Number: 35784
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130422051309.594433-000
Event Type: Audit Success
User:

Computer Name: Admin-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 35783
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130422051308.159231-000
Event Type: Audit Success
User:

Computer Name: Admin-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: ADMIN-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x210
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 35782
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130422051308.159231-000
Event Type: Audit Success
User:

Computer Name: Admin-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-21-1720640708-111994719-1160353310-1000
Account Name: Admin
Account Domain: Admin-PC
Logon ID: 0x17099

Privileges: SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 35781
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20130422051304.524424-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\
"NUMBER_OF_PROCESSORS"=2
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_REVISION"=170a
"asl.log"=Destination=file

-----------------EOF-----------------

# AdwCleaner v4.205 - Log vytvorený 27/05/2015 at 15:56:24
# Aktualizované 21/05/2015 by Xplode
# Databáza : 2015-05-25.3 [Server]
# Operačný systém : Windows 7 Ultimate Service Pack 1 (x86)
# Uživateľské meno : Admin - ADMIN-PC
# Spustené z : C:\Users\Admin\Downloads\adwcleaner_4.205.exe
# Nastavenia : Čistenie

***** [ Služby ] *****

[#] Služba Zmazané : IHProtect Service
[#] Služba Zmazané : WindowsMangerProtect

***** [ Súbory / Priečinky ] *****

Priečinok Zmazané : C:\ProgramData\apn
Priečinok Zmazané : C:\ProgramData\Babylon
Priečinok Zmazané : C:\ProgramData\BabylonUpdater
Priečinok Zmazané : C:\ProgramData\bProtectorForWindows
Priečinok Zmazané : C:\ProgramData\Conduit
Priečinok Zmazané : C:\ProgramData\IBUpdaterService
Priečinok Zmazané : C:\ProgramData\speedypc software
Priečinok Zmazané : C:\ProgramData\Tarma Installer
Priečinok Zmazané : C:\ProgramData\WindowsMangerProtect
Priečinok Zmazané : C:\ProgramData\IHProtectUpDate
Priečinok Zmazané : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
Priečinok Zmazané : C:\Program Files\Conduit
Priečinok Zmazané : C:\Program Files\globalUpdate
Priečinok Zmazané : C:\Program Files\Windows iLivid Toolbar
Priečinok Zmazané : C:\Program Files\Coupons
Priečinok Zmazané : C:\Users\Admin\SupTab
Priečinok Zmazané : C:\Users\Admin\AppData\Local\Babylon
Priečinok Zmazané : C:\Users\Admin\AppData\Local\Conduit
Priečinok Zmazané : C:\Users\Admin\AppData\Local\globalUpdate
Priečinok Zmazané : C:\Users\Admin\AppData\Local\Ilivid Player
Priečinok Zmazané : C:\Users\Admin\AppData\Local\PackageAware
Priečinok Zmazané : C:\Users\Admin\AppData\LocalLow\AskToolbar
Priečinok Zmazané : C:\Users\Admin\AppData\LocalLow\BabylonToolbar
Priečinok Zmazané : C:\Users\Admin\AppData\LocalLow\Conduit
Priečinok Zmazané : C:\Users\Admin\AppData\LocalLow\searchquband
Priečinok Zmazané : C:\Users\Admin\AppData\LocalLow\searchresultstb
Priečinok Zmazané : C:\Users\Admin\AppData\Roaming\Babylon
Priečinok Zmazané : C:\Users\Admin\AppData\Roaming\DriverCure
Priečinok Zmazané : C:\Users\Admin\AppData\Roaming\dvdvideosoftiehelpers
Priečinok Zmazané : C:\Users\Admin\AppData\Roaming\OpenCandy
Priečinok Zmazané : C:\Users\Admin\AppData\Roaming\speedypc software
Priečinok Zmazané : C:\Users\Admin\AppData\Roaming\Systweak
Priečinok Zmazané : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Súbor Zmazané : C:\END
Súbor Zmazané : C:\Windows\system32\roboot.exe
Súbor Zmazané : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ksu4bohw.default\bprotector_extensions.sqlite
Súbor Zmazané : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ksu4bohw.default\searchplugins\Askcom.xml
Súbor Zmazané : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ksu4bohw.default\searchplugins\ask-search.xml
Súbor Zmazané : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ksu4bohw.default\searchplugins\Conduit.xml
Súbor Zmazané : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ksu4bohw.default\searchplugins\SweetIM Search.xml
Súbor Zmazané : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ksu4bohw.default\searchplugins\SweetIm.xml
Súbor Zmazané : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\ksu4bohw.default\user.js

***** [ Naplánované úlohy ] *****


***** [ Zástupcovia ] *****


***** [ Registre ] *****

Kľúč registra Zmazané : HKLM\SOFTWARE\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj
Kľúč registra Zmazané : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Kľúč registra Zmazané : HKLM\SOFTWARE\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Kľúč registra Zmazané : HKCU\Software\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Kľúč registra Zmazané : HKLM\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Conduit.Engine
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Prod.cap
Kľúč registra Zmazané : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Toolbar.CT3288691
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Kľúč registra Zmazané : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CB073F3-BE3C-4E8F-942D-8A747B54486F}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5AE8924-4036-420F-B7F6-A47E4B8F692E}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CB073F3-BE3C-4E8F-942D-8A747B54486F}
Hodnota Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Hodnota Zmazané : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Hodnota Zmazané : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A5AE8924-4036-420F-B7F6-A47E4B8F692E}]
Dáta Obnovené : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Kľúč registra Zmazané : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Kľúč registra Zmazané : HKCU\Software\APN PIP
Kľúč registra Zmazané : HKCU\Software\Conduit
Kľúč registra Zmazané : HKCU\Software\DataMngr
Kľúč registra Zmazané : HKCU\Software\GlobalUpdate
Kľúč registra Zmazané : HKCU\Software\HomeTab
Kľúč registra Zmazané : HKCU\Software\IM
Kľúč registra Zmazané : HKCU\Software\ImInstaller
Kľúč registra Zmazané : HKCU\Software\InstallCore
Kľúč registra Zmazané : HKCU\Software\SearchCore for Browsers
Kľúč registra Zmazané : HKCU\Software\simplytech
Kľúč registra Zmazané : HKCU\Software\Softonic
Kľúč registra Zmazané : HKCU\Software\speedypc software
Kľúč registra Zmazané : HKCU\Software\SweetIM
Kľúč registra Zmazané : HKCU\Software\systweak
Kľúč registra Zmazané : HKCU\Software\TNT2
Kľúč registra Zmazané : HKCU\Software\WajIntEnhance
Kľúč registra Zmazané : HKCU\Software\SearchProtectWS
Kľúč registra Zmazané : HKCU\Software\Linkey
Kľúč registra Zmazané : HKCU\Software\YorkNewCin
Kľúč registra Zmazané : HKCU\Software\HighDefAction
Kľúč registra Zmazané : HKCU\Software\ArenaHD
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Toolbar
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\Conduit
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\Crossrider
Kľúč registra Zmazané : HKCU\Software\AppDataLow\Software\searchqutoolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\AskPartnerNetwork
Kľúč registra Zmazané : HKLM\SOFTWARE\Babylon
Kľúč registra Zmazané : HKLM\SOFTWARE\Conduit
Kľúč registra Zmazané : HKLM\SOFTWARE\DataMngr
Kľúč registra Zmazané : HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\GlobalUpdate
Kľúč registra Zmazané : HKLM\SOFTWARE\Iminent
Kľúč registra Zmazané : HKLM\SOFTWARE\SearchProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\speedypc software
Kľúč registra Zmazané : HKLM\SOFTWARE\SupDp
Kľúč registra Zmazané : HKLM\SOFTWARE\SupTab
Kľúč registra Zmazané : HKLM\SOFTWARE\supWindowsMangerProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\SweetIM
Kľúč registra Zmazané : HKLM\SOFTWARE\Tarma Installer
Kľúč registra Zmazané : HKLM\SOFTWARE\Web Assistant
Kľúč registra Zmazané : HKLM\SOFTWARE\IHProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\WajIntEnhance
Kľúč registra Zmazané : HKLM\SOFTWARE\SpeedBit
Kľúč registra Zmazané : HKLM\SOFTWARE\AIM Toolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\YorkNewCin
Kľúč registra Zmazané : HKLM\SOFTWARE\HighDefAction
Kľúč registra Zmazané : HKLM\SOFTWARE\oursurfingSoftware
Kľúč registra Zmazané : HKLM\SOFTWARE\ArenaHD
Kľúč registra Zmazané : HKU\.DEFAULT\Software\AskPartnerNetwork
Kľúč registra Zmazané : HKU\.DEFAULT\Software\bProtector
Kľúč registra Zmazané : HKU\.DEFAULT\Software\IM
Kľúč registra Zmazané : HKU\.DEFAULT\Software\ImInstaller
Kľúč registra Zmazané : HKU\.DEFAULT\Software\WNLT
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Kľúč registra Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WajIntEnhance
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vosteran.com
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.0
Kľúč registra Zmazané : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\globalupdate.exe
Dáta Zmazané : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Webové prehliadače ] *****

-\\ Internet Explorer v11.0.9600.17801

Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch]
Nastavenie Obnovené : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]

-\\ Mozilla Firefox v

[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("CT3288691.smartbar.homepage", "true");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3288691&octid=CT3288691&SearchSource=61&CUI=UN91918528629122144&UM=2&UP=SP47F38D68-318A-42B9-9CCA-33F3276F33E7");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("avg.install.userHPSettings", "^hxxp://.*\\.babylon\\.com/\\?AF=114022.*");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("browser.search.defaultthis.engineName", "DivX Browser Bar Customized Web Search");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&CUI=UN91918528629122144&UM=2&SearchSource=3&q={searchTerms}");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3288691&octid=CT3288691&SearchSource=61&CUI=UN91918528629122144&UM=2&UP=SP47F38D68-318A-42B9-9CCA-33F3276F33E7");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.admin", false);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.aflt", "babsst");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.babExt", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.babTrack", "affID=114022");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.bbDpng", 21);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.cntry", "SK");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.dfltLng", "en");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.dfltSrch", false);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.hdrMd5", "3CDE253DB9C814833716EA91C509AA9B");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.hmpg", false);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.id", "7a229412000000000000001fd06cc2d4");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.instlDay", "15523");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.instlRef", "sst");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.lastActv", "21");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.lastDP", 21);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1721:07:34");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.newTab", false);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.propectorlck", 70929111);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.srcExt", "ss");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.tlbrId", "base");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1721:07:34");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.babExt", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=114022");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.hardId", "7a229412000000000000001fd06cc2d4");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.id", "7a229412000000000000001fd06cc2d4");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.instlDay", "15523");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.newTab", false);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1721:07:34");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossrider.bic", "13c24f71b7730be56def874d9bf970f0");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1357829840);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.active", true);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.addressbar", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.affid", "0");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.changeprevious", false);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1357829840");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.domain", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.emailsig", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.enablesearch", false);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.exposesites", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.fbremoteurl", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.group", 0);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.homepage", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.iframe", false);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.manifesturl", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.newtab", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.opensearch", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxp://app-static.crossrider.com/plugin/apps/5060/plugins/081/ff/plugins.json");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.premium", true);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.publisher", "215 Apps");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.setnewtab", false);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.settingsurl", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.thankyou", "");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.5060.ver", 0);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.adsOldValue", -1);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.bic", "13c24f71b7730be56def874d9bf970f0");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.firstrun", false);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.installationdate", 1357829840);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.lastcheck", 22630497);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.lastcheckitem", 22630497);
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("extensions.crossriderapp5060.modetype", "production");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("smartbar.addressBarOwnerCTID", "CT3288691");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3288691&CUI=UN91918528629122144&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3288691&octid=CT3288691&SearchSource[...]
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN91918528629122144&UM=2&q=");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("smartbar.defaultSearchOwnerCTID", "CT3288691");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("smartbar.homePageOwnerCTID", "CT3288691");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("smartbar.machineId", "D7P85PY7XKLP543LU0WWPM5LUOHSKTAX1JUB6BITBJCYJD1L2A5GWNNNJSF05LJTTEOLKQJQ/LZMG0Q4TR95TW");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3288691&CUI=UN91918528629122144&UM=2&SearchSource=13");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "hxxp://www.searchqu.com/406");
[ksu4bohw.default\prefs.js] - Riadok Zmazané : user_pref("sweetim.toolbar.urls.homepage", "hxxp://home.sweetim.com/?crg=3.1010000.10002&barid={F9D19ADD-C478-11E1-9EAD-001FD06CC2D4}");

-\\ Google Chrome v43.0.2357.81

[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Zmazané [Homepage] :
[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Zmazané [Startup_URLs] : 35EA6FCF44FEFF5F41760E92FEC2FCBA74B6234F8345800B5417E354A55D5DEC"},"software_reporter":{"prompt_reason":"86787043F057698099CA94FD31FEACC45F086B85070AB36B54FD1F02F94F8C32","prompt_seed":"AF851EBFC5146C36268324E771E1A6DE4FA14FA1A3BB0ED780D05AEEFE829AB8","prompt_version":"EF045014D2378CCDDFA82351867B8B0EDC04A79D563756C332CD17D8BC9317B3"},"sync":{"remaining_rollback_tries":"014F9B5A1C98AE33546EF1FC7D30E143987F25787E8ED1293BA142D5C3B7AD24"}},"super_mac":"EE47663D4760CD1447BD08F192997A0D52B9033D48E0E973EF99B9FEF213B018"},"session":{"restore_on_startup":4,"startup_urls":["hxxp://www.oursurfing.com/?type=hppp&ts=143272 ... J1NQC00173

*************************

AdwCleaner[R0].txt - [33177 bajtov] - [27/05/2015 15:53:13]
AdwCleaner[S0].txt - [27512 bajtov] - [27/05/2015 15:56:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [27573 bajtov] ##########

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2015-05-27 16:31:52
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 40 GB (17%) free of 235 GB
Total RAM: 3326 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:32:30, on 27. 5. 2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17801)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\uRage Illuminated Driver\Monitor.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Admin\Downloads\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Podpora odkazu pre aplikáciu Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Dare-U mouse] "C:\Program Files\uRage Illuminated Driver\Monitor.exe"
O4 - HKLM\..\Run: [ShadowPlay] C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {62789780-B744-11D0-986B-00609731A21D} - http://195.28.70.134/kapor2/lib/mgaxctrl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: „¨%
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files\Common Files\BattlEye\BEService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - HP - C:\Windows\system32\HPSIsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files\Wise\Wise Care 365\BootTime.exe

--
End of file - 7647 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\avast! Emergency Update.job - C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d09875440a7ab5.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d09876e1336bf7.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\Wise Care 365.job - C:\Program Files\Wise\Wise Care 365\WiseTray.exe -StartTray
C:\Windows\tasks\Wise Turbo Checker.job - C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Podpora odkazu pre aplikáciu Adobe PDF Reader - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-07-11 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-22 565304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-07-11 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"=C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe [2007-03-01 153136]
"NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2007-09-20 1836328]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2010-06-09 49208]
""= []
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12 253816]
"DivXMediaServer"=C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [2013-05-20 450560]
"DivXUpdate"=C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-02-13 1263952]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-10-11 60712]
"Dare-U mouse"=C:\Program Files\uRage Illuminated Driver\Monitor.exe [2013-01-17 491520]
"ShadowPlay"=C:\Windows\system32\nvspcap.dll [2015-05-08 1316000]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-08 2685072]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-05-12 5515496]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1425208]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2014-10-15 157480]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2015-04-23 6278424]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="„¨%"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.DIVX"=DivX.dll
"vidc.yv12"=DivX.dll
"VIDC.FPS1"=frapsvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 3 months======

2015-05-27 16:09:25 ----A---- C:\Windows\ntbtlog.txt
2015-05-27 15:52:54 ----D---- C:\AdwCleaner
2015-05-27 15:20:47 ----D---- C:\rsit
2015-05-27 15:20:47 ----D---- C:\Program Files\trend micro
2015-05-27 13:13:29 ----D---- C:\Program Files\Opera
2015-05-27 09:06:29 ----D---- C:\Program Files\Grand Theft Auto V
2015-05-27 00:32:54 ----D---- C:\ProgramData\Package Cache
2015-05-26 23:22:30 ----D---- C:\Program Files\Rockstar Games
2015-05-22 17:50:54 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-05-22 17:04:22 ----D---- C:\Program Files\CCleaner
2015-05-19 22:01:52 ----D---- C:\Program Files\CPUID
2015-05-16 19:08:04 ----D---- C:\Windows\system32\vbox
2015-05-16 17:25:08 ----A---- C:\Windows\WiseHDInfo32.dll
2015-05-16 17:24:59 ----D---- C:\Users\Admin\AppData\Roaming\Wise Care 365
2015-05-16 17:24:47 ----D---- C:\Program Files\Wise
2015-05-13 20:21:03 ----A---- C:\Windows\system32\FntCache.dll
2015-05-13 20:21:02 ----A---- C:\Windows\system32\win32k.sys
2015-05-13 20:21:02 ----A---- C:\Windows\system32\DWrite.dll
2015-05-13 01:53:28 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 19:50:57 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 19:50:57 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-05-12 19:50:56 ----A---- C:\Windows\system32\urlmon.dll
2015-05-12 19:50:56 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-12 19:50:56 ----A---- C:\Windows\system32\iernonce.dll
2015-05-12 19:50:56 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-05-12 19:50:56 ----A---- C:\Windows\system32\iedkcs32.dll
2015-05-12 19:50:56 ----A---- C:\Windows\system32\ie4uinit.exe
2015-05-12 19:50:55 ----A---- C:\Windows\system32\jsproxy.dll
2015-05-12 19:50:55 ----A---- C:\Windows\system32\jscript9diag.dll
2015-05-12 19:50:55 ----A---- C:\Windows\system32\ieUnatt.exe
2015-05-12 19:50:55 ----A---- C:\Windows\system32\ieapfltr.dll
2015-05-12 19:50:55 ----A---- C:\Windows\system32\dxtmsft.dll
2015-05-12 19:50:54 ----A---- C:\Windows\system32\msfeeds.dll
2015-05-12 19:50:53 ----A---- C:\Windows\system32\wininet.dll
2015-05-12 19:50:53 ----A---- C:\Windows\system32\msrating.dll
2015-05-12 19:50:53 ----A---- C:\Windows\system32\iesetup.dll
2015-05-12 19:50:53 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-05-12 19:50:52 ----A---- C:\Windows\system32\dxtrans.dll
2015-05-12 19:50:51 ----A---- C:\Windows\system32\ieui.dll
2015-05-12 19:50:51 ----A---- C:\Windows\system32\ieframe.dll
2015-05-12 19:50:49 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-05-12 19:50:49 ----A---- C:\Windows\system32\mshtmled.dll
2015-05-12 19:50:49 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-05-12 19:50:48 ----A---- C:\Windows\system32\iertutil.dll
2015-05-12 19:50:47 ----A---- C:\Windows\system32\mshtml.dll
2015-05-12 19:50:46 ----A---- C:\Windows\system32\jscript9.dll
2015-05-12 19:50:45 ----A---- C:\Windows\system32\vbscript.dll
2015-05-12 19:50:45 ----A---- C:\Windows\system32\jscript.dll
2015-05-12 19:50:29 ----A---- C:\Windows\system32\wpdshext.dll
2015-05-12 19:50:10 ----A---- C:\Windows\system32\UtcResources.dll
2015-05-12 19:50:10 ----A---- C:\Windows\system32\ntkrnlpa.exe
2015-05-12 19:50:10 ----A---- C:\Windows\system32\diagtrack.dll
2015-05-12 19:50:09 ----A---- C:\Windows\system32\tracerpt.exe
2015-05-12 19:50:09 ----A---- C:\Windows\system32\tdh.dll
2015-05-12 19:50:09 ----A---- C:\Windows\system32\srcore.dll
2015-05-12 19:50:09 ----A---- C:\Windows\system32\ntoskrnl.exe
2015-05-12 19:50:09 ----A---- C:\Windows\system32\ntdll.dll
2015-05-12 19:50:09 ----A---- C:\Windows\system32\lsasrv.dll
2015-05-12 19:50:09 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-05-12 19:50:09 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-05-12 19:50:09 ----A---- C:\Windows\system32\advapi32.dll
2015-05-12 19:50:08 ----A---- C:\Windows\system32\wdigest.dll
2015-05-12 19:50:08 ----A---- C:\Windows\system32\typeperf.exe
2015-05-12 19:50:08 ----A---- C:\Windows\system32\TSpkg.dll
2015-05-12 19:50:08 ----A---- C:\Windows\system32\smss.exe
2015-05-12 19:50:08 ----A---- C:\Windows\system32\sechost.dll
2015-05-12 19:50:08 ----A---- C:\Windows\system32\rstrui.exe
2015-05-12 19:50:08 ----A---- C:\Windows\system32\relog.exe
2015-05-12 19:50:08 ----A---- C:\Windows\system32\ncrypt.dll
2015-05-12 19:50:08 ----A---- C:\Windows\system32\msv1_0.dll
2015-05-12 19:50:08 ----A---- C:\Windows\system32\logman.exe
2015-05-12 19:50:08 ----A---- C:\Windows\system32\kerberos.dll
2015-05-12 19:50:07 ----A---- C:\Windows\system32\sspicli.dll
2015-05-12 19:50:07 ----A---- C:\Windows\system32\lsass.exe
2015-05-12 19:50:07 ----A---- C:\Windows\system32\diskperf.exe
2015-05-12 19:50:07 ----A---- C:\Windows\system32\csrsrv.dll
2015-05-12 19:50:07 ----A---- C:\Windows\system32\auditpol.exe
2015-05-12 19:50:06 ----A---- C:\Windows\system32\sspisrv.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\srclient.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\secur32.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\msobjs.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\msaudite.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\credssp.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\apisetschema.dll
2015-05-12 19:50:06 ----A---- C:\Windows\system32\adtschema.dll
2015-05-12 19:49:43 ----A---- C:\Windows\system32\schannel.dll
2015-05-12 19:49:43 ----A---- C:\Windows\system32\certcli.dll
2015-05-12 19:49:34 ----A---- C:\Windows\system32\services.exe
2015-05-12 19:45:00 ----A---- C:\Windows\system32\shimeng.dll
2015-05-12 19:45:00 ----A---- C:\Windows\system32\sdbinst.exe
2015-05-12 19:45:00 ----A---- C:\Windows\system32\apphelp.dll
2015-05-12 19:45:00 ----A---- C:\Windows\system32\aelupsvc.dll
2015-05-12 19:44:54 ----A---- C:\Windows\system32\InkEd.dll
2015-05-12 19:44:53 ----A---- C:\Windows\system32\jnwmon.dll
2015-05-12 19:44:48 ----A---- C:\Windows\system32\poqexec.exe
2015-04-22 12:56:48 ----A---- C:\Windows\system32\aswBoot.exe
2015-04-22 12:56:41 ----A---- C:\Windows\avastSS.scr
2015-04-15 00:49:43 ----A---- C:\Windows\system32\invagent.dll
2015-04-15 00:49:43 ----A---- C:\Windows\system32\generaltel.dll
2015-04-15 00:49:43 ----A---- C:\Windows\system32\appraiser.dll
2015-04-15 00:49:43 ----A---- C:\Windows\system32\aeinv.dll
2015-04-15 00:49:43 ----A---- C:\Windows\system32\acmigration.dll
2015-04-15 00:49:42 ----A---- C:\Windows\system32\devinv.dll
2015-04-15 00:49:41 ----A---- C:\Windows\system32\aepic.dll
2015-04-15 00:49:41 ----A---- C:\Windows\system32\aepdu.dll
2015-04-15 00:49:35 ----A---- C:\Windows\system32\clfs.sys
2015-04-15 00:49:34 ----A---- C:\Windows\system32\clfsw32.dll
2015-04-15 00:48:58 ----A---- C:\Windows\system32\gdi32.dll
2015-04-15 00:47:20 ----A---- C:\Windows\system32\wuapp.exe
2015-04-15 00:47:19 ----A---- C:\Windows\system32\wucltux.dll
2015-04-15 00:47:19 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-15 00:47:19 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 00:47:18 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-15 00:47:18 ----A---- C:\Windows\system32\wups2.dll
2015-04-15 00:47:18 ----A---- C:\Windows\system32\wups.dll
2015-04-15 00:47:18 ----A---- C:\Windows\system32\wudriver.dll
2015-04-15 00:47:17 ----A---- C:\Windows\system32\wuapi.dll
2015-04-15 00:47:16 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-15 00:47:16 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-15 00:46:55 ----A---- C:\Windows\system32\drivers\http.sys
2015-04-15 00:46:53 ----A---- C:\Windows\system32\msxml3.dll
2015-04-15 00:46:52 ----A---- C:\Windows\system32\msxml3r.dll
2015-04-05 01:22:48 ----SD---- C:\Windows\system32\GWX
2015-03-11 02:51:40 ----A---- C:\Windows\system32\WindowsCodecs.dll
2015-03-11 02:51:38 ----A---- C:\Windows\system32\rdpudd.dll
2015-03-11 02:51:38 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-03-11 02:51:38 ----A---- C:\Windows\system32\rdpcorets.dll
2015-03-11 02:51:37 ----A---- C:\Windows\system32\msctf.dll
2015-03-11 02:51:36 ----A---- C:\Windows\system32\shell32.dll
2015-03-11 02:50:33 ----A---- C:\Windows\system32\ubpm.dll
2015-03-11 02:50:24 ----A---- C:\Windows\system32\lpk.dll
2015-03-11 02:50:24 ----A---- C:\Windows\system32\fontsub.dll
2015-03-11 02:50:24 ----A---- C:\Windows\system32\dciman32.dll
2015-03-11 02:50:24 ----A---- C:\Windows\system32\atmlib.dll
2015-03-11 02:50:24 ----A---- C:\Windows\system32\atmfd.dll
2015-03-11 02:50:23 ----A---- C:\Windows\system32\WMPhoto.dll
2015-03-11 02:50:00 ----A---- C:\Windows\system32\drmv2clt.dll
2015-03-11 02:50:00 ----A---- C:\Windows\system32\blackbox.dll
2015-03-11 02:49:59 ----A---- C:\Windows\system32\wmdrmsdk.dll
2015-03-11 02:49:58 ----A---- C:\Windows\system32\wmp.dll
2015-03-11 02:49:58 ----A---- C:\Windows\system32\mf.dll
2015-03-11 02:49:57 ----A---- C:\Windows\system32\drmmgrtn.dll
2015-03-11 02:49:56 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2015-03-11 02:49:56 ----A---- C:\Windows\system32\crypt32.dll
2015-03-11 02:49:55 ----A---- C:\Windows\system32\evr.dll
2015-03-11 02:49:54 ----A---- C:\Windows\system32\quartz.dll
2015-03-11 02:49:54 ----A---- C:\Windows\system32\pcasvc.dll
2015-03-11 02:49:54 ----A---- C:\Windows\system32\mfplat.dll
2015-03-11 02:49:54 ----A---- C:\Windows\system32\drivers\cng.sys
2015-03-11 02:49:54 ----A---- C:\Windows\system32\cryptui.dll
2015-03-11 02:49:53 ----A---- C:\Windows\system32\winresume.exe
2015-03-11 02:49:53 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2015-03-11 02:49:53 ----A---- C:\Windows\system32\cryptsp.dll
2015-03-11 02:49:52 ----A---- C:\Windows\system32\ci.dll
2015-03-11 02:49:51 ----A---- C:\Windows\system32\winload.exe
2015-03-11 02:49:48 ----A---- C:\Windows\system32\qdvd.dll
2015-03-11 02:49:47 ----A---- C:\Windows\system32\wintrust.dll
2015-03-11 02:49:47 ----A---- C:\Windows\system32\msscp.dll
2015-03-11 02:49:47 ----A---- C:\Windows\system32\cryptnet.dll
2015-03-11 02:49:46 ----A---- C:\Windows\system32\cryptsvc.dll
2015-03-11 02:49:46 ----A---- C:\Windows\system32\audiodg.exe
2015-03-11 02:49:45 ----A---- C:\Windows\system32\msnetobj.dll
2015-03-11 02:49:42 ----A---- C:\Windows\system32\audiosrv.dll
2015-03-11 02:49:42 ----A---- C:\Windows\system32\appidsvc.dll
2015-03-11 02:49:40 ----A---- C:\Windows\system32\AudioEng.dll
2015-03-11 02:49:40 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 02:49:39 ----A---- C:\Windows\system32\pcadm.dll
2015-03-11 02:49:38 ----A---- C:\Windows\system32\rrinstaller.exe
2015-03-11 02:49:38 ----A---- C:\Windows\system32\drivers\appid.sys
2015-03-11 02:49:37 ----A---- C:\Windows\system32\AUDIOKSE.dll
2015-03-11 02:49:36 ----A---- C:\Windows\system32\mfps.dll
2015-03-11 02:49:36 ----A---- C:\Windows\system32\appidapi.dll
2015-03-11 02:49:34 ----A---- C:\Windows\system32\pcawrk.exe
2015-03-11 02:49:34 ----A---- C:\Windows\system32\mfpmp.exe
2015-03-11 02:49:34 ----A---- C:\Windows\system32\AudioSes.dll
2015-03-11 02:49:33 ----A---- C:\Windows\system32\setbcdlocale.dll
2015-03-11 02:49:32 ----A---- C:\Windows\system32\pcalua.exe
2015-03-11 02:49:32 ----A---- C:\Windows\system32\msmmsp.dll
2015-03-11 02:49:32 ----A---- C:\Windows\system32\EncDump.dll
2015-03-11 02:49:30 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 02:49:28 ----A---- C:\Windows\system32\spwmp.dll
2015-03-11 02:49:28 ----A---- C:\Windows\system32\dxmasf.dll
2015-03-11 02:49:24 ----A---- C:\Windows\system32\pcaevts.dll
2015-03-11 02:49:21 ----A---- C:\Windows\system32\wmploc.DLL
2015-03-11 02:49:19 ----A---- C:\Windows\system32\mferror.dll
2015-03-03 21:22:59 ----A---- C:\Windows\system32\wdi.dll
2015-03-03 21:22:59 ----A---- C:\Windows\system32\powertracker.dll
2015-03-03 21:22:59 ----A---- C:\Windows\system32\perftrack.dll

======List of files/folders modified in the last 3 months======

2015-05-27 16:32:29 ----D---- C:\Windows\Temp
2015-05-27 16:28:10 ----D---- C:\ProgramData\NVIDIA
2015-05-27 16:10:20 ----D---- C:\Windows\Tasks
2015-05-27 16:09:25 ----D---- C:\Windows
2015-05-27 16:08:15 ----D---- C:\Windows\system32\config
2015-05-27 15:56:34 ----D---- C:\Windows\System32
2015-05-27 15:56:27 ----HD---- C:\ProgramData
2015-05-27 15:56:27 ----D---- C:\Program Files
2015-05-27 14:15:56 ----SHD---- C:\Windows\Installer
2015-05-27 14:15:56 ----HD---- C:\Config.Msi
2015-05-27 14:05:40 ----D---- C:\Program Files\Google
2015-05-27 13:27:20 ----D---- C:\Users\Admin\AppData\Roaming\uTorrent
2015-05-27 13:27:20 ----D---- C:\Users\Admin\AppData\Roaming\DAEMON Tools Lite
2015-05-27 13:27:20 ----D---- C:\Program Files\Steam
2015-05-27 13:27:16 ----D---- C:\Windows\Logs
2015-05-27 13:27:16 ----D---- C:\Windows\inf
2015-05-27 13:22:38 ----D---- C:\Program Files\AGEIA Technologies
2015-05-27 10:38:36 ----SHD---- C:\System Volume Information
2015-05-26 23:24:01 ----RSD---- C:\Windows\assembly
2015-05-24 21:03:23 ----D---- C:\Program Files\Common Files\Steam
2015-05-22 17:53:22 ----D---- C:\Windows\Prefetch
2015-05-22 17:51:05 ----D---- C:\Windows\debug
2015-05-22 17:15:32 ----D---- C:\Windows\system32\DriverStore
2015-05-22 17:15:32 ----D---- C:\Windows\system32\catroot2
2015-05-22 10:26:54 ----D---- C:\Windows\winsxs
2015-05-19 13:53:53 ----HD---- C:\Program Files\InstallShield Installation Information
2015-05-16 23:29:14 ----D---- C:\Users\Admin\AppData\Roaming\Skype
2015-05-16 19:04:22 ----D---- C:\Program Files\Bonjour
2015-05-16 18:20:46 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-16 17:45:07 ----D---- C:\Users\Admin\AppData\Roaming\PhotoScape
2015-05-16 17:28:52 ----RHD---- C:\MSOCache
2015-05-16 17:28:44 ----D---- C:\Windows\Panther
2015-05-16 17:28:43 ----D---- C:\Windows\Downloaded Program Files
2015-05-15 13:59:36 ----D---- C:\Windows\Microsoft.NET
2015-05-13 23:59:14 ----D---- C:\Program Files\Windows Journal
2015-05-13 20:21:17 ----D---- C:\Windows\system32\MRT
2015-05-13 19:56:02 ----A---- C:\Windows\system32\MRT.exe
2015-05-13 19:47:55 ----D---- C:\Windows\system32\en-US
2015-05-13 19:47:50 ----D---- C:\Windows\system32\drivers
2015-05-13 19:47:46 ----D---- C:\Windows\system32\AdvancedInstallers
2015-05-13 19:47:15 ----D---- C:\Program Files\Internet Explorer
2015-05-13 19:47:10 ----D---- C:\Windows\AppPatch
2015-05-13 19:47:00 ----D---- C:\Windows\system32\drivers\UMDF
2015-05-13 19:46:11 ----D---- C:\Program Files\Microsoft Silverlight
2015-05-13 01:53:23 ----D---- C:\ProgramData\Microsoft Help
2015-05-08 02:35:20 ----A---- C:\Windows\system32\nvspcap.dll
2015-05-08 02:35:20 ----A---- C:\Windows\system32\nvspbridge.dll
2015-04-15 03:49:24 ----SD---- C:\Windows\system32\CompatTel
2015-04-15 03:49:23 ----D---- C:\Windows\system32\appraiser
2015-04-15 03:49:19 ----D---- C:\Windows\system32\sk-SK
2015-04-15 03:05:27 ----D---- C:\ProgramData\Skype
2015-04-15 03:05:15 ----RD---- C:\Program Files\Skype
2015-03-26 04:17:06 ----D---- C:\Windows\system32\wbem
2015-03-11 04:37:40 ----D---- C:\Windows\system32\Dism
2015-03-11 04:37:40 ----D---- C:\Program Files\Windows Media Player
2015-03-11 04:37:34 ----D---- C:\Windows\system32\CodeIntegrity
2015-03-11 04:37:34 ----D---- C:\Windows\system32\Boot
2015-03-04 04:16:39 ----D---- C:\Windows\tracing

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-04-22 49904]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-04-22 209048]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2011-02-01 173440]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-04-22 81728]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-04-22 787760]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-04-22 427992]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2011-02-01 388096]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-24 239168]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-04-22 24144]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-04-22 74976]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-04-22 106912]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R2 VBoxAswDrv;VBoxAsw Support Driver; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-04-22 220752]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-08 18576]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad32v.sys [2014-11-22 32912]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 30312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 dmvsc;dmvsc; C:\Windows\system32\DRIVERS\dmvsc.sys [2011-02-01 62464]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 InputFilter_Hid_FlexDef2b;Siliten HID Devices(FlexDef2b) Driver Service; C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys [2010-06-19 14848]
S3 mvusbews;USB EWS Device; C:\Windows\System32\Drivers\mvusbews.sys [2012-12-24 17408]
S3 Netaapl;Apple Mobile Device Ethernet Service; C:\Windows\system32\DRIVERS\netaapl.sys [2013-08-06 18944]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2011-02-01 133632]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-03-17 14848]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2011-02-01 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]
S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\Windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2011-02-01 28032]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys [2011-02-01 77184]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2013-03-17 24064]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-03-17 49664]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-03-17 27136]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys [2011-02-01 112640]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2014-08-16 45056]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;vmbus; C:\Windows\system32\DRIVERS\vmbus.sys [2011-02-01 175360]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2011-02-01 17920]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2011-02-01 35968]
S3 WiseHDInfo;WiseHDInfo; \??\C:\Windows\WiseHDInfo32.dll [2015-05-16 11816]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-10-07 60744]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-04-22 343336]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-08 919184]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 100232]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2007-09-20 853288]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-08 1884304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-08 20698768]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-07-02 670552]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-07-02 413128]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 AvastVBoxSvc;AvastVBox COM Service; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-04-22 3207800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2014-10-15 540968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-27 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S2 WiseBootAssistant;Wise Boot Assistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [2014-10-28 580232]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-16 257416]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 BEService;BattlEye Service; C:\Program Files\Common Files\BattlEye\BEService.exe [2014-03-20 49152]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-01-07 1045256]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2015-05-27 107848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-04-21 102912]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2007-10-23 382248]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2014-07-12 542912]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-17 1343400]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

tak Oursurfing.com už sa nevyskytuje ... podstate chcel som odstranit vsetky zbytočne tieto veci aby to nezatazovalo PC .... teraz sa PC spustil do 60 sekund najlepsie teraz bolo 51 a predtym aj 120, 90 ako kedy no tych 60 som nedosiahol .... Ram od 28 - 40 % pri zapnutí Google chrome ... počítač ide rychlo bez sekania dobre sa na nom robí dakujem ze ste pomohli chcem sa spýtať ako často by som mal vykonávať takúto kontrolu ... a dá sa nahradiť avast free antivirus nejakým iným... pretože keď som dával skenovať prečinok s vírusom tak písal že žiadna hrozba ... čo bolo zaujímavé, pretože to bol vírus

ten register píše ... Cannot import C:\Users\Admin\Desktop\Windows Registry Editor version 5.00.reg: The specified file is not a registry script.
You can only import binary registry files from within the registry editor.

Ďakuejm velmi pekne za rady Isto sa sem ešte ozvem tak zatial moj PC je ako tak zdravy da sa asi povedat ... Cez vikend sem hodím frajerkin notebook lebo isto ho ma zaplneny bordelom ... a taktiež sestrin notebook ďakujem veľmi pekne

# DelFix v1.010 - Logfile created 27/05/2015 at 17:18:54
# Updated 26/04/2015 by Xplode
# Username : Admin - ADMIN-PC
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)

~ Removing disinfection tools ...

Deleted : C:\RSIT
Deleted : C:\AdwCleaner
Deleted : C:\Users\Admin\Downloads\adwcleaner_4.205.exe
Deleted : C:\Users\Admin\Downloads\RSIT.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

########## - EOF - ##########