prosím o kontrolu, sem v kocíích..

Zpráva

karagunis · #1 Příspěvek od **karagunis** » 27 úno 2017 19:32

Logfile of random's system information tool 1.10 (written by random/random)
Run by KOB at 2017-02-27 19:07:39
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 358 GB (75%) free of 477 GB
Total RAM: 4095 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:07:49, on 27.2.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\KOB.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId= ... kid=sp-006
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

--
End of file - 2287 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\Explorer.EXE
ctfmon.exe
C:\Windows\System32\svchost.exe -k NetworkService
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Windows\system32\mmc.exe" "C:\Windows\system32\compmgmt.msc" /s
"C:\Users\KOB\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\KOB\AppData\Roaming\Mozilla\Firefox\Profiles\vegrtw5t.default

"sp@avast.com"=C:\Program Files\AVAST Software\Avast\SafePrice\FF
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
ExplorerWnd Helper - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2016-05-23 2478880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-29 790552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-29 664848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvastUI.exe]
C:\Program Files\AVAST Software\Avast\AvastUI.exe [2016-10-29 9099440]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvUpdater]
C:\Users\KOB\AppData\Roaming\DRPSu\DrvUpdater.exe [2011-04-28 192856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IObit Malware Fighter]
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [2017-01-11 6004512]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvBackend]
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2014-10-04 2462536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2017-01-25 16781312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShadowPlay]
C:\Windows\system32\nvspcap64.dll [2014-10-04 2800296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]
C:\PROGRA~1\MCAFEE~1\311~1.334\SSSCHE~1.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^KOB^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Casino Del Rio notification.lnk]
C:\Users\KOB\AppData\Local\CASINO~1\NOTIFI~1.EXE [2014-11-27 1842176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^KOB^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^William Hill Casino Club notification.lnk]
C:\Users\KOB\AppData\Local\WILLIA~2\NOTIFI~1.EXE []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rpcnet]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rpcnet]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"msacm.vorbis"=vorbis.acm
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-02-27 19:07:40 ----D---- C:\Program Files\trend micro
2017-02-27 19:07:39 ----D---- C:\rsit
2017-02-27 17:23:07 ----A---- C:\Windows\ntbtlog.txt
2017-02-26 23:26:44 ----D---- C:\Users\KOB\AppData\Roaming\Mozilla
2017-02-26 23:26:28 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-26 23:26:24 ----D---- C:\Program Files (x86)\Mozilla Firefox
2017-02-26 22:23:00 ----D---- C:\Windows\LastGood.Tmp
2017-02-24 22:53:01 ----A---- C:\Windows\system32\IObitSmartDefragExtension.dll
2017-02-24 22:52:48 ----A---- C:\Windows\system32\SmartDefragBootTime.exe
2017-02-24 22:52:46 ----D---- C:\Users\KOB\AppData\Roaming\ProductData
2017-02-24 22:52:20 ----D---- C:\ProgramData\SuperBoost
2017-02-24 22:52:11 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2017-02-24 22:51:47 ----A---- C:\Windows\SYSWOW64\EasyHook32.dll
2017-02-24 22:51:46 ----A---- C:\Windows\SYSWOW64\D3DX8Wrapper.dll
2017-02-24 22:51:42 ----D---- C:\Users\KOB\AppData\Roaming\SuperBoost
2017-02-24 22:51:42 ----D---- C:\Program Files (x86)\SuperBoost
2017-02-24 21:04:21 ----D---- C:\ProgramData\Package Cache
2017-02-24 19:45:17 ----A---- C:\Windows\system32\RtNicProp64.dll
2017-02-24 19:45:17 ----A---- C:\Windows\system32\drivers\Rt64win7.sys
2017-02-24 19:00:40 ----D---- C:\temp
2017-02-24 18:54:39 ----A---- C:\Windows\system32\nvdispgenco6434201.dll
2017-02-24 18:54:38 ----A---- C:\Windows\system32\nvdispco6434201.dll
2017-02-24 18:54:19 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2017-02-24 18:54:14 ----A---- C:\Windows\system32\nvwgf2umx.dll
2017-02-24 18:54:11 ----A---- C:\Windows\SYSWOW64\nvwgf2um.dll
2017-02-24 18:54:08 ----A---- C:\Windows\system32\nvopencl.dll
2017-02-24 18:54:06 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2017-02-24 18:54:01 ----A---- C:\Windows\system32\nvoglv64.dll
2017-02-24 18:53:58 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2017-02-24 18:53:58 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2017-02-24 18:53:58 ----A---- C:\Windows\system32\NvIFR64.dll
2017-02-24 18:53:57 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2017-02-24 18:53:57 ----A---- C:\Windows\system32\NvFBC64.dll
2017-02-24 18:53:54 ----A---- C:\Windows\system32\nvd3dumx.dll
2017-02-24 18:53:52 ----A---- C:\Windows\SYSWOW64\nvd3dum.dll
2017-02-24 18:53:52 ----A---- C:\Windows\system32\nvcuvid.dll
2017-02-24 18:53:51 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2017-02-24 18:53:49 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2017-02-24 18:53:49 ----A---- C:\Windows\system32\nvcuda.dll
2017-02-24 18:53:46 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2017-02-24 18:53:44 ----A---- C:\Windows\system32\nvcompiler.dll
2017-02-24 18:53:42 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2017-02-24 18:49:27 ----A---- C:\Windows\SYSWOW64\nvaudcap32v.dll
2017-02-24 18:49:27 ----A---- C:\Windows\system32\drivers\nvvad64v.sys
2017-02-24 15:43:41 ----A---- C:\Windows\system32\NVCOSMU.DLL
2017-02-24 15:43:41 ----A---- C:\Windows\system32\drivers\nvsmu.sys
2017-02-24 15:29:55 ----A---- C:\Windows\system32\nvuninst.exe
2017-02-24 15:27:06 ----A---- C:\Windows\system32\nvusmb.exe
2017-02-24 15:27:06 ----A---- C:\Windows\system32\NVCOSMB.DLL
2017-02-24 15:07:33 ----D---- C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A}
2017-02-24 15:03:43 ----D---- C:\ProgramData\ProductData
2017-02-24 15:03:24 ----D---- C:\Windows\IObit
2017-02-24 15:02:12 ----D---- C:\ProgramData\IObit
2017-02-24 15:02:06 ----A---- C:\Windows\SYSWOW64\drivers\HWiNFO64A.SYS
2017-02-24 15:01:34 ----D---- C:\Program Files (x86)\IObit
2017-02-24 15:00:16 ----D---- C:\Users\KOB\AppData\Roaming\IObit
2017-02-23 16:12:15 ----A---- C:\Windows\system32\FMAPO64.dll
2017-02-23 16:12:13 ----D---- C:\Program Files (x86)\Realtek
2017-02-23 16:12:13 ----A---- C:\Windows\system32\CX64Proxy.dll
2017-02-23 16:12:13 ----A---- C:\Windows\system32\CX64APO.dll
2017-02-23 16:12:13 ----A---- C:\Windows\system32\AERTAR64.dll
2017-02-23 16:12:13 ----A---- C:\Windows\system32\AERTAC64.dll
2017-02-23 16:10:54 ----HD---- C:\Program Files (x86)\Temp
2017-02-23 16:10:52 ----A---- C:\Windows\RtlExUpd.dll
2017-02-20 00:46:53 ----D---- C:\ProgramData\Malwarebytes
2017-02-20 00:46:53 ----D---- C:\Program Files\Malwarebytes
2017-02-20 00:14:01 ----D---- C:\ProgramData\GridinSoft
2017-02-19 23:54:45 ----D---- C:\Program Files (x86)\Solvusoft
2017-02-19 23:54:42 ----D---- C:\Program Files\Solvusoft
2017-02-16 23:14:33 ----D---- C:\MATS
2017-02-13 08:08:21 ----D---- C:\Users\KOB\AppData\Roaming\jvafxgip
2017-02-09 19:38:33 ----D---- C:\Windows\system32\SRSLabs
2017-02-09 19:38:31 ----D---- C:\Windows\SYSWOW64\RTCOM
2017-02-09 19:38:31 ----D---- C:\Program Files\Realtek

======List of files/folders modified in the last 1 month======

2017-02-27 19:07:40 ----RD---- C:\Program Files
2017-02-27 17:42:16 ----D---- C:\Users\KOB\AppData\Roaming\vlc
2017-02-27 17:23:44 ----A---- C:\Windows\system32\rpcnetp.exe
2017-02-27 17:23:40 ----A---- C:\Windows\SYSWOW64\rpcnet.dll
2017-02-27 17:23:07 ----AD---- C:\Windows
2017-02-27 17:06:59 ----D---- C:\Windows\system32\Tasks
2017-02-27 17:03:02 ----D---- C:\Windows\Temp
2017-02-27 16:56:22 ----D---- C:\Windows\System32
2017-02-26 23:26:28 ----RD---- C:\Program Files (x86)
2017-02-26 22:23:03 ----D---- C:\Windows\system32\drivers
2017-02-26 22:22:09 ----D---- C:\Windows\inf
2017-02-26 22:21:18 ----D---- C:\Windows\system32\catroot
2017-02-26 22:21:09 ----D---- C:\Windows\system32\DriverStore
2017-02-26 22:00:20 ----D---- C:\Windows\system32\config
2017-02-25 07:43:26 ----D---- C:\Windows\system32\wdi
2017-02-24 23:30:59 ----SHD---- C:\Windows\Installer
2017-02-24 23:30:53 ----D---- C:\Windows\winsxs
2017-02-24 22:52:20 ----HD---- C:\ProgramData
2017-02-24 22:51:47 ----D---- C:\Windows\SysWOW64
2017-02-24 21:32:22 ----D---- C:\Windows\tracing
2017-02-24 21:25:04 ----SHD---- C:\System Volume Information
2017-02-24 21:23:53 ----A---- C:\Windows\system32\wrap_oal.dll
2017-02-24 21:23:52 ----D---- C:\Program Files (x86)\OpenAL
2017-02-24 21:23:52 ----A---- C:\Windows\SYSWOW64\wrap_oal.dll
2017-02-24 21:23:52 ----A---- C:\Windows\system32\OpenAL32.dll
2017-02-24 21:23:51 ----A---- C:\Windows\SYSWOW64\OpenAL32.dll
2017-02-24 21:23:36 ----D---- C:\Windows\SYSWOW64\Macromed
2017-02-24 20:44:32 ----A---- C:\Windows\SYSWOW64\rpcnetp.exe
2017-02-24 20:28:22 ----A---- C:\Windows\SYSWOW64\rpcnetp.dll
2017-02-24 19:45:17 ----A---- C:\Windows\system32\RTNUninst64.dll
2017-02-24 19:44:29 ----D---- C:\ProgramData\NVIDIA
2017-02-24 19:27:50 ----D---- C:\Program Files\NVIDIA Corporation
2017-02-24 18:53:44 ----A---- C:\Windows\system32\nvapi64.dll
2017-02-24 18:49:27 ----A---- C:\Windows\system32\nvaudcap64v.dll
2017-02-24 18:36:01 ----D---- C:\Windows\SoftwareDistribution
2017-02-24 18:33:13 ----D---- C:\Windows\Prefetch
2017-02-24 18:26:33 ----D---- C:\Windows\debug
2017-02-24 15:50:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-02-24 15:36:57 ----D---- C:\Windows\system32\catroot2
2017-02-24 15:33:54 ----D---- C:\Windows\Panther
2017-02-24 15:06:37 ----D---- C:\Program Files (x86)\Common Files
2017-02-24 15:06:32 ----D---- C:\Windows\Tasks
2017-02-24 15:02:06 ----D---- C:\Windows\SYSWOW64\drivers
2017-02-24 14:53:28 ----D---- C:\Users\KOB\AppData\Roaming\uTorrent
2017-02-24 03:19:23 ----D---- C:\Windows\system32\MRT
2017-02-24 03:11:08 ----AC---- C:\Windows\system32\MRT.exe
2017-02-23 16:12:13 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2017-02-20 15:25:14 ----D---- C:\found.002
2017-02-20 15:25:14 ----D---- C:\found.000
2017-02-20 01:57:13 ----D---- C:\Users\KOB\AppData\Roaming\zxzlxbrq
2017-02-20 01:57:13 ----D---- C:\Program Files (x86)\GRID Autosport
2017-02-20 01:57:13 ----D---- C:\Program Files (x86)\Adobe
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\zutqfknv
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\zjwblfod
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\zdxhvoqh
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\yamhueft
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\xtbytnun
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\wsfjzgnm
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\wrubrbez
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\wkhksznb
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\vznpsybm
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\vvqsmghx
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\vtqikyib
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\vkifssfl
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\uvammyxr
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\urwzmlld
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\ulzkovqi
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\ukkijpom
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\tzplomyg
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\tptmaxuu
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\toywyopa
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\tifbwdqc
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\tejaohro
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\sjhmqluy
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\sgdbpjnk
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\sbtpstzj
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\rzqngqmb
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\rsuwfvmm
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\rhxddczt
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\rdpapyho
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\qtmvfvwc
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\qiwiobon
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\qcyscsuv
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\pufnteqy
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\pineyaht
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\phwobmpl
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\pbzfphmf
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\ozcjzscz
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\ojkuhgpt
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\nyeotvxl
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\nsecvdcg
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\nhsawttp
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\msufzpns
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\misqvfkg
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\mbyohgki
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\kmvjfqzi
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\kceswmga
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\jejjgiar
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\ivwczvnf
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\ioikcjzt
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\ghsixyvr
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\fznmkmad
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\fiwwwzuj
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\etorkumx
2017-02-20 01:57:12 ----D---- C:\Users\KOB\AppData\Roaming\dzelhzta
2017-02-20 01:57:12 ----D---- C:\Program Files (x86)\31a904f5-d124-40a3-b8a4-4c47c584e1c9
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\znalubtf
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\zgbrwxyf
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\zecaminl
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\yjamsgvt
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\xtvybqmr
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\xfdszynj
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\wmuxetfl
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\waxggejo
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\vuxbopkv
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\vkxogqxn
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\uyovufpr
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\uadlzfil
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\tqqbuqng
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\thowjnoj
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\sstvdgkc
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\rvahespv
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\rmi
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\rlkwaqfw
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\rhmnjxqw
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\reloyiyf
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\qzyrkzjz
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\qvqstjkv
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\qofrouvg
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\qiezmjks
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\qexeximo
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\qemzttvt
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\psdrfbmf
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\optwrbrv
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\oflxlblt
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\odbcbpog
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\nmwicyjt
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\nctuilon
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\mwkphopv
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\mqrfrwii
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\mlvqeieg
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\lvlmmtcy
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\ldnzxicv
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\kibwisuf
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\hnvaltsw
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\hauolgit
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\gkufeuwe
2017-02-20 01:57:11 ----D---- C:\Users\KOB\AppData\Roaming\efojytgr
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\zipjplvv
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\yxulbcmo
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\xunoofdn
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\pvflizfr
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\pogxoddw
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\phekymxw
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\paltfoxn
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\olfmlpjo
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\niwnkdrj
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\mivpurvg
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\mbzppppm
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\matztdzv
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\ltvyvzzc
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\licogwia
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\lcssrvfx
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\kpinkbqh
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\kmauenlb
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\jpjokkpm
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\jaelirdj
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\ivercjfh
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\hryjjwml
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\hrkbcxkv
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\hlijgyvm
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\hkbxtnun
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\gxbqniqv
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\gqjnevtl
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\gfjrnulx
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\fmzbaais
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\fawhekzk
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\evsmejcb
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\elkgrzkg
2017-02-20 01:57:10 ----D---- C:\Users\KOB\AppData\Roaming\cehpnplo
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\xghkhbgq
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\wovdttle
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\vepxbeek
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\ujxzzkda
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\tyvfodeq
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\tldscudk
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\thxykdzv
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\suhbfrnf
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\qwummixe
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\qpkhblnq
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\qfyxczdj
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\pyofftgw
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\phhcekvd
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\pazrppcq
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\npqshamt
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\mwpjrxxg
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\mdbdmehe
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\mbfxksfx
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\llitqllf
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\cnmbwvak
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\bebnlwqb
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\bbmvovwl
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\aouikdxu
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\aoboxayw
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\akwqdqjq
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\aknloeam
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\aiffaxhy
2017-02-20 01:57:09 ----D---- C:\Users\KOB\AppData\Roaming\acuucafq
2017-02-20 01:57:08 ----D---- C:\Users\KOB\AppData\Roaming\lcgzahgm
2017-02-20 01:57:08 ----D---- C:\Users\KOB\AppData\Roaming\kmspcrkd
2017-02-20 01:57:08 ----D---- C:\Users\KOB\AppData\Roaming\jxcrpukv
2017-02-20 01:57:08 ----D---- C:\Users\KOB\AppData\Roaming\jcjdyfnd
2017-02-20 01:57:08 ----D---- C:\Users\KOB\AppData\Roaming\ivfrohgc
2017-02-20 01:57:08 ----D---- C:\Users\KOB\AppData\Roaming\ghdemfgf
2017-02-20 01:57:08 ----D---- C:\Users\KOB\AppData\Roaming\ftgbexou
2017-02-20 01:57:08 ----D---- C:\Users\KOB\AppData\Roaming\evyecrxc
2017-02-20 01:57:08 ----D---- C:\Users\KOB\AppData\Roaming\erqhdfve
2017-02-20 01:57:07 ----D---- C:\Users\KOB\AppData\Roaming\digfyyre
2017-02-20 01:57:07 ----D---- C:\Users\KOB\AppData\Roaming\cdufvitc
2017-02-20 01:57:07 ----D---- C:\Users\KOB\AppData\Roaming\bohvtoxi
2017-02-20 01:57:07 ----D---- C:\Users\KOB\AppData\Roaming\avytfodv
2017-02-20 01:57:07 ----D---- C:\Users\KOB\AppData\Roaming\avjxbbjv
2017-02-20 01:57:07 ----D---- C:\Users\KOB\AppData\Roaming\atsaxnmd
2017-02-20 01:57:07 ----D---- C:\Users\KOB\AppData\Roaming\anixknca
2017-02-16 23:33:10 ----D---- C:\Users\KOB\AppData\Roaming\presmar
2017-02-16 23:24:09 ----RSD---- C:\Windows\assembly
2017-02-16 23:06:48 ----D---- C:\Program Files (x86)\PokerStars.EU
2017-02-16 23:02:32 ----D---- C:\Program Files (x86)\PokerStars
2017-02-16 22:51:15 ----D---- C:\Windows\system32\Macromed
2017-02-16 22:25:45 ----D---- C:\Program Files (x86)\GRETECH
2017-02-11 14:14:37 ----D---- C:\Windows\Logs
2017-02-09 20:08:38 ----D---- C:\Program Files\Microsoft Silverlight
2017-02-09 20:08:36 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2017-02-09 20:08:33 ----D---- C:\Program Files\Google
2017-02-09 20:08:33 ----D---- C:\Program Files (x86)\Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-10-21 386680]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2016-10-11 37144]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2016-10-11 103064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2007-08-09 13680]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2017-02-24 29800]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2017-02-24 1044992]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2016-10-11 74544]
S0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2016-10-29 293352]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2016-10-11 969184]
S1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2016-10-11 513632]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2017-02-24 27552]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2016-10-11 108816]
S2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2016-10-11 163416]
S2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2015-11-05 146944]
S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys []
S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys []
S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys []
S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys []
S3 AndNetDiag;LGE AndroidNet USB Serial Port; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys []
S3 AndNetGps;LGE AndroidNet USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandnetgps64.sys []
S3 ANDNetModem;LGE AndroidNet USB Modem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys []
S3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter; C:\Windows\system32\DRIVERS\lgandnetndis64.sys []
S3 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2016-10-11 37656]
S3 athur;Atheros AR9271 Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2017-01-25 5596160]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-04 19272]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2017-02-24 46016]
S3 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [2016-12-16 34848]
S3 RimUsb;zařízení BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [2007-05-14 27520]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\RTL8192su.sys [2010-11-25 694888]
S3 TS_AR5416;[CommView] Atheros AR5008 Wireless Network Adapter Service 7.7; C:\Windows\system32\DRIVERS\ts_athwx.sys [2014-03-31 2157768]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-08-16 159936]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
S4 IMFFilter;IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [2016-12-16 22208]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-12-19 82640]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-10-11 197128]
S4 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816]
S4 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408]
S4 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S4 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S4 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-04 1148744]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01 144200]
S4 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 114688]
S4 IMFservice;IMF Service; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2017-01-10 1740576]
S4 IObitUnSvr;IObit Uninstaller Service; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [2016-10-28 360736]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-12-16 3046688]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-05 146888]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-04 1795912]
S4 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-04 19439944]
S4 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-11-14 932728]
S4 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\SysWOW64\rpcnet.exe [2016-09-19 73232]
S4 RtkAudioService;Realtek Audio Service; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2017-01-11 320512]
S4 sgbupt;SuperBoost Software Updater; C:\Program Files (x86)\SuperBoost\SuperBoost Software Updater\SuperBoostUpdater.exe [2016-10-21 2600256]
S4 Tmobile_Czech Estoril Modem Device Helper;Tmobile_Czech Estoril Modem Device Helper; C:\Program Files (x86)\Internet Manager\L850_T-mobile\BackgroundService\ServiceManager.exe [2014-12-11 76584]
S4 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-10-22 1255736]

-----------------EOF-------

#2 Příspěvek od **Rudy** » 27 úno 2017 19:43

Zdravím!
Jste v koncích s čím? Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

karagunis · #3 Příspěvek od **karagunis** » 01 bře 2017 01:51

# AdwCleaner v6.043 - Log vytvořen 27/02/2017 v 19:55:10
# Aktualizováno dne 27/01/2017 z Malwarebytes
# Databáze : 2017-01-27.1 [Místní]
# Operační systém : Windows 7 Home Premium Service Pack 1 (X64)
# Uživatelské jméno : KOB - KOB-PC
# Spuštěno z : C:\Users\KOB\Desktop\adwcleaner_6.043.exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support

***** [ Služby ] *****

***** [ Složky ] *****

[-] Složka smazána: C:\Users\KOB\AppData\Roaming\RPEng
[-] Složka smazána: C:\Users\KOB\AppData\Roaming\presmar
[-] Složka smazána: C:\Program Files\Solvusoft
[-] Složka smazána: C:\Users\KOB\AppData\Local\VirtualStore\Program Files (x86)\NetMon
[-] Složka smazána: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solvusoft
[-] Složka smazána: C:\Program Files (x86)\NetMon
[-] Složka smazána: C:\Program Files (x86)\Solvusoft

***** [ Soubory ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Zástupci ] *****

***** [ Naplánované úlohy ] *****

[-] Úloha smazána: {971B7BA6-18D3-4B0D-B690-9756D42E502B}

***** [ Registry ] *****

[-] Klíč smazán: HKLM\SOFTWARE\c122813a-c517-4ba9-8886-9d9ec37cdcc4
[-] Klíč smazán: HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Klíč smazán: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Klíč smazán: HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Klíč smazán: HKU\S-1-5-21-4021317962-925587695-3833430073-1000\Software\estdemin
[-] Klíč smazán: HKU\S-1-5-21-4021317962-925587695-3833430073-1000\Software\GlobalUpdate
[-] Klíč smazán: HKU\S-1-5-21-4021317962-925587695-3833430073-1000\Software\InstalledBrowserExtensions
[-] Klíč smazán: HKU\S-1-5-21-4021317962-925587695-3833430073-1000\Software\Solvusoft
[#] Klíč smazán po restartu: HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[#] Klíč smazán po restartu: HKCU\Software\estdemin
[#] Klíč smazán po restartu: HKCU\Software\GlobalUpdate
[#] Klíč smazán po restartu: HKCU\Software\InstalledBrowserExtensions
[#] Klíč smazán po restartu: HKCU\Software\Solvusoft
[-] Klíč smazán: HKLM\SOFTWARE\GlobalUpdate
[-] Klíč smazán: HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Klíč smazán: HKLM\SOFTWARE\SupDp
[#] Klíč smazán po restartu: HKLM\SOFTWARE\SUPDP
[#] Klíč smazán po restartu: [x64] HKCU\Software\estdemin
[#] Klíč smazán po restartu: [x64] HKCU\Software\GlobalUpdate
[#] Klíč smazán po restartu: [x64] HKCU\Software\InstalledBrowserExtensions
[#] Klíč smazán po restartu: [x64] HKCU\Software\Solvusoft
[-] Klíč smazán: [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Installer\Features\61F70108E2BCBA24BAD9C61145D0A5B8
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Installer\Products\61F70108E2BCBA24BAD9C61145D0A5B8
[-] Klíč smazán: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\61F70108E2BCBA24BAD9C61145D0A5B8
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\61F70108E2BCBA24BAD9C61145D0A5B8
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Installer\Features\61F70108E2BCBA24BAD9C61145D0A5B8
[#] Klíč smazán po restartu: [x64] HKLM\SOFTWARE\Classes\Installer\Products\61F70108E2BCBA24BAD9C61145D0A5B8
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\solvusoft.com
[-] Klíč smazán: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.solvusoft.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\solvusoft.com
[#] Klíč smazán po restartu: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.solvusoft.com
[-] Klíč smazán: HKLM\SOFTWARE\Classes\Applications\Setup_WinThruster_2016.exe

***** [ Prohlížeče ] *****

[-] [C:\Users\KOB\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: mystartsearch.com
[-] [C:\Users\KOB\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Smazáno: mystartsearch
[-] [C:\Users\KOB\AppData\Local\Google\Chrome\User Data\Default] [favicon_url] Smazáno: hxxp://www.mystartsearch.com/webfavicon.ico
[-] [C:\Users\KOB\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazáno: bopakagnckmlgajfccecajhnimjiiedh

*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [6940 Bajty] - [27/02/2017 19:55:10]
C:\AdwCleaner\AdwCleaner[S0].txt - [6968 Bajty] - [27/02/2017 19:54:20]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [7086 Bajty] ##########

#4 Příspěvek od **Rudy** » 01 bře 2017 18:01

Vy napíšete jen "Jsem v koncích", aniž byste uvedl, co vás na PC trápí. Takže nevím, kterým směrem se mám vydat. Uveďte (alespoň stručně), jaký máte problém.

VIRY.CZ

prosím o kontrolu, sem v kocíích..

prosím o kontrolu, sem v kocíích..

Re: prosím o kontrolu, sem v kocíích..

Re: prosím o kontrolu, sem v kocíích..

Re: prosím o kontrolu, sem v kocíích..