VIRY.CZ

Ahoj, před týdnem mi začal internet blbnout, stránky se zpomalily a videa (na zpravy.cz atd - youtube v pohodě.) Hlavně ve hře mám zničehonic nejhorší ping a můžu psát v chatu ale nemůžu nic dělat.. Dnes mi navíc nešla ani wifi, psalo to - systém windows nemůže komunikovat se zařízením nebo prostředkem dns. Přes kabel to jde ale stahování je asi 1kb/s a tak ani antiviry nemůžu stáhnout protože se to vždy sekne a nedokončí. Mám Malwarebytes ten našel tři malware to jsem už smazal ale nic se nezlepšilo. Ted sem našel avast ve stahování ale instalace nejde protože je to moc pomalý. Tak nevím jestli je to náký vir nebo něco s internetem, v pondělí už bude mít čas týpek přes net ale jestli by to nešlo vyřešit teď.

Logfile of random's system information tool 1.16 (written by random/random)
Run by Romca at 2017-05-20 14:46:45
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 168 GB (71%) free of 238 GB
Total RAM: 1912 MB (15% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:47:02, on 20.5.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18666)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
?:\Users\Romca\Downloads\avast_free_antivirus_setup_online_a1c.exe
C:\Users\Romca\AppData\Local\Temp\_av_iup.tm~a01188\instup.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
?:\Users\Romca\Downloads\avast_free_antivirus_setup_online_a1c.exe
C:\Users\Romca\AppData\Local\Temp\_av_iup.tm~a03976\instup.exe
?:\Users\Romca\Downloads\avast_free_antivirus_setup_online_a1c.exe
C:\Users\Romca\AppData\Local\Temp\_av_iup.tm~a02600\instup.exe
C:\Users\Romca\AppData\Local\Temp\_av_iup.tm~a01188\New_110408f6\instup.exe
C:\Users\Romca\AppData\Local\Temp\_av_iup.tm~a03976\New_110408f6\instup.exe
C:\Users\Romca\AppData\Local\Temp\_av_iup.tm~a02600\New_110408f6\instup.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Romca\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Romca_RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7585 bytes

=========Google Chrome=========

C:\Users\Romca\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.30
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.10.0
Extension kiodaajmphnkcajieajajinghpejdjai 1 Popup Blocker Pro 1.3.5
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5817.313.0.5
Homepage:
default_search_provider.search_url:
C:\Users\Romca\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]
"SoundMAXPnP"=C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [2009-05-18 1314816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-05-05 9772248]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-05-20 14:46:45 ----D---- C:\rsit
2017-05-20 14:46:45 ----D---- C:\Program Files (x86)\trend micro
2017-05-20 12:16:05 ----HD---- C:\ProgramData\Common Files
2017-05-20 12:16:05 ----D---- C:\ProgramData\Avg
2017-05-20 08:22:53 ----D---- C:\ProgramData\Bitdefender Agent
2017-05-19 23:07:48 ----A---- C:\Windows\SysWOW64\mtxoci.dll
2017-05-19 23:07:48 ----A---- C:\Windows\SysWOW64\msorcl32.dll
2017-05-19 23:06:11 ----A---- C:\Windows\SysWOW64\tracerpt.exe
2017-05-19 23:06:09 ----A---- C:\Windows\SysWOW64\sechost.dll
2017-05-19 23:06:09 ----A---- C:\Windows\SysWOW64\logman.exe
2017-05-19 23:06:07 ----A---- C:\Windows\SysWOW64\typeperf.exe
2017-05-19 23:06:06 ----A---- C:\Windows\SysWOW64\relog.exe
2017-05-19 23:06:05 ----A---- C:\Windows\SysWOW64\diskperf.exe
2017-05-19 23:04:01 ----A---- C:\Windows\SysWOW64\tbs.dll
2017-05-19 23:00:04 ----A---- C:\Windows\SysWOW64\dwmcore.dll
2017-05-19 23:00:04 ----A---- C:\Windows\SysWOW64\dwmapi.dll
2017-05-19 22:53:58 ----A---- C:\Windows\SysWOW64\olepro32.dll
2017-05-19 22:51:04 ----A---- C:\Windows\SysWOW64\apphelp.dll
2017-05-19 22:51:03 ----A---- C:\Windows\SysWOW64\shimeng.dll
2017-05-19 22:51:03 ----A---- C:\Windows\SysWOW64\sdbinst.exe
2017-05-19 22:50:44 ----A---- C:\Windows\SysWOW64\tdh.dll
2017-05-19 22:48:27 ----A---- C:\Windows\SysWOW64\shell32.dll
2017-05-19 22:48:26 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll
2017-05-19 22:48:26 ----A---- C:\Windows\SysWOW64\explorer.exe
2017-05-19 22:48:26 ----A---- C:\Windows\explorer.exe
2017-05-19 22:48:01 ----A---- C:\Windows\SysWOW64\msxml6.dll
2017-05-19 22:48:00 ----A---- C:\Windows\SysWOW64\msxml6r.dll
2017-05-19 22:45:39 ----A---- C:\Windows\SysWOW64\webio.dll
2017-05-19 22:45:35 ----A---- C:\Windows\SysWOW64\InkEd.dll
2017-05-18 17:18:49 ----D---- C:\ProgramData\Malwarebytes
2017-05-12 21:21:50 ----D---- C:\Users\Romca\AppData\Roaming\miner
2017-05-10 21:38:44 ----A---- C:\Windows\SysWOW64\mshtml.dll
2017-05-10 21:38:39 ----A---- C:\Windows\SysWOW64\ieframe.dll
2017-05-10 21:38:38 ----A---- C:\Windows\SysWOW64\jscript9.dll
2017-05-10 21:38:37 ----A---- C:\Windows\SysWOW64\wininet.dll
2017-05-10 21:38:36 ----A---- C:\Windows\SysWOW64\vbscript.dll
2017-05-10 21:38:36 ----A---- C:\Windows\SysWOW64\urlmon.dll
2017-05-10 21:38:36 ----A---- C:\Windows\SysWOW64\iertutil.dll
2017-05-10 21:38:35 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2017-05-10 21:38:34 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\pla.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\ole32.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\gdi32.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\crypt32.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\advapi32.dll
2017-05-10 21:38:32 ----A---- C:\Windows\SysWOW64\pdh.dll
2017-05-10 21:38:32 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2017-05-10 21:38:32 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2017-05-10 21:38:31 ----A---- C:\Windows\SysWOW64\webcheck.dll
2017-05-10 21:38:31 ----A---- C:\Windows\SysWOW64\oleres.dll
2017-05-10 21:38:31 ----A---- C:\Windows\SysWOW64\ntdll.dll
2017-05-10 21:38:31 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\comcat.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\certcli.dll
2017-05-10 21:38:29 ----A---- C:\Windows\SysWOW64\rpcrt4.dll
2017-05-10 21:38:29 ----A---- C:\Windows\SysWOW64\jscript.dll
2017-05-10 21:38:28 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\sspicli.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\occache.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\msrating.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\kerberos.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\ieui.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\wintrust.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\wdigest.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\TSpkg.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\schannel.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\rpchttp.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\inseng.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\cryptnet.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\cdosys.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\wow32.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\srclient.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\secur32.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\kernel32.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\iesetup.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\iernonce.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\cryptbase.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\credssp.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\bcrypt.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\auditpol.exe
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\appidapi.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\user.exe
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\tzres.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\setup16.exe
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\msobjs.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\msaudite.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\instnm.exe
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\apisetschema.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\adtschema.dll

======List of files/folders modified in the last 1 month======

2017-05-20 14:46:49 ----D---- C:\Windows\Temp
2017-05-20 14:46:45 ----RD---- C:\Program Files (x86)
2017-05-20 13:54:50 ----RD---- C:\Program Files
2017-05-20 13:37:19 ----D---- C:\ProgramData\AVAST Software
2017-05-20 13:08:36 ----D---- C:\Windows\System32
2017-05-20 13:08:35 ----D---- C:\Windows\inf
2017-05-20 12:49:02 ----D---- C:\Windows\Prefetch
2017-05-20 12:16:05 ----HD---- C:\ProgramData
2017-05-20 12:07:12 ----D---- C:\Windows
2017-05-20 11:31:12 ----D---- C:\Program Files (x86)\World of Warcraft
2017-05-20 09:30:53 ----D---- C:\Program Files (x86)\Battle.net
2017-05-20 04:14:52 ----D---- C:\Windows\rescache
2017-05-20 03:44:20 ----D---- C:\Windows\winsxs
2017-05-20 03:26:21 ----D---- C:\Windows\Logs
2017-05-20 03:23:52 ----D---- C:\Windows\SysWOW64\wbem
2017-05-20 03:23:52 ----D---- C:\Windows\SysWOW64
2017-05-20 03:23:51 ----D---- C:\Windows\SysWOW64\cs-CZ
2017-05-20 03:23:51 ----D---- C:\Windows\AppPatch
2017-05-20 03:04:53 ----SHD---- C:\Windows\Installer
2017-05-20 03:04:48 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2017-05-18 21:20:30 ----D---- C:\Users\Romca\AppData\Roaming\vlc
2017-05-18 20:45:41 ----SHD---- C:\System Volume Information
2017-05-18 20:04:09 ----D---- C:\Program Files (x86)\Common Files
2017-05-18 17:17:58 ----D---- C:\Windows\Panther
2017-05-18 17:17:58 ----D---- C:\Windows\Minidump
2017-05-18 17:17:58 ----D---- C:\Windows\debug
2017-05-18 17:17:58 ----D---- C:\Users\Romca\AppData\Roaming\BitTorrent
2017-05-12 17:33:54 ----D---- C:\Windows\Microsoft.NET
2017-05-12 17:27:20 ----RSD---- C:\Windows\assembly
2017-05-11 16:21:48 ----D---- C:\Windows\SysWOW64\migration
2017-05-11 16:21:48 ----D---- C:\Windows\SysWOW64\en-US
2017-05-11 16:21:46 ----D---- C:\Windows\PolicyDefinitions
2017-05-11 16:21:43 ----D---- C:\Program Files (x86)\Internet Explorer

File C:\Windows\SysWOW64\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys []
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R); C:\Windows\system32\DRIVERS\e1y60x64.sys []
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys []
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys []
R3 RICOH SmartCard Reader;RICOH SmartCard Reader; C:\Windows\system32\DRIVERS\rismcx64.sys []
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys []
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-29 103560]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-29 124048]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-08 144200]
S2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-08 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-29 50808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-29 139896]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-29 139896]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-29 139896]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Nic nenašlo, furt stejné

# AdwCleaner v6.047 - Log vytvořen 20/05/2017 v 18:39:45
# Aktualizováno dne 19/05/2017 z Malwarebytes
# Databáze : 2017-05-19.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : Romca - ROMCA-PC
# Spuštěno z : C:\Users\Romca\Downloads\adwcleaner_6.047 (2).exe
# Mod: Čištění
# Podpora : https://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Složky ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupci ] *****



***** [ Naplánované úlohy ] *****



***** [ Registry ] *****



***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíče smazány
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [819 Bajty] - [20/05/2017 18:39:45]
C:\AdwCleaner\AdwCleaner[S0].txt - [1390 Bajty] - [20/05/2017 18:38:58]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [964 Bajty] ##########

Toto je OK. Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]/64

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněta antivir a po něm restartujte PC. Dejte nový log RSIT.

Logfile of random's system information tool 1.16 (written by random/random)
Run by Romca at 2017-05-20 19:34:46
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 168 GB (70%) free of 238 GB
Total RAM: 1912 MB (13% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:35:05, on 20.5.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18666)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Romca\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Romca_RSIT.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7347 bytes

=========Google Chrome=========

C:\Users\Romca\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.30
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.10.0
Extension kiodaajmphnkcajieajajinghpejdjai 1 Popup Blocker Pro 1.3.5
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5817.313.0.5
Homepage:
default_search_provider.search_url:
C:\Users\Romca\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-05-20 773920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-05-05 9772248]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-05-20 19:32:51 ----D---- C:\ProgramData\SWCUTemp
2017-05-20 19:28:31 ----D---- C:\_OTM
2017-05-20 18:23:46 ----D---- C:\AdwCleaner
2017-05-20 14:59:47 ----D---- C:\Users\Romca\AppData\Roaming\AVAST Software
2017-05-20 14:58:37 ----D---- C:\Program Files (x86)\Common Files\AV
2017-05-20 14:46:45 ----D---- C:\rsit
2017-05-20 14:46:45 ----D---- C:\Program Files (x86)\trend micro
2017-05-20 12:16:05 ----HD---- C:\ProgramData\Common Files
2017-05-20 12:16:05 ----D---- C:\ProgramData\Avg
2017-05-20 08:22:53 ----D---- C:\ProgramData\Bitdefender Agent
2017-05-19 23:07:48 ----A---- C:\Windows\SysWOW64\mtxoci.dll
2017-05-19 23:07:48 ----A---- C:\Windows\SysWOW64\msorcl32.dll
2017-05-19 23:06:11 ----A---- C:\Windows\SysWOW64\tracerpt.exe
2017-05-19 23:06:09 ----A---- C:\Windows\SysWOW64\sechost.dll
2017-05-19 23:06:09 ----A---- C:\Windows\SysWOW64\logman.exe
2017-05-19 23:06:07 ----A---- C:\Windows\SysWOW64\typeperf.exe
2017-05-19 23:06:06 ----A---- C:\Windows\SysWOW64\relog.exe
2017-05-19 23:06:05 ----A---- C:\Windows\SysWOW64\diskperf.exe
2017-05-19 23:04:01 ----A---- C:\Windows\SysWOW64\tbs.dll
2017-05-19 23:00:04 ----A---- C:\Windows\SysWOW64\dwmcore.dll
2017-05-19 23:00:04 ----A---- C:\Windows\SysWOW64\dwmapi.dll
2017-05-19 22:53:58 ----A---- C:\Windows\SysWOW64\olepro32.dll
2017-05-19 22:51:04 ----A---- C:\Windows\SysWOW64\apphelp.dll
2017-05-19 22:51:03 ----A---- C:\Windows\SysWOW64\shimeng.dll
2017-05-19 22:51:03 ----A---- C:\Windows\SysWOW64\sdbinst.exe
2017-05-19 22:50:44 ----A---- C:\Windows\SysWOW64\tdh.dll
2017-05-19 22:48:27 ----A---- C:\Windows\SysWOW64\shell32.dll
2017-05-19 22:48:26 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll
2017-05-19 22:48:26 ----A---- C:\Windows\SysWOW64\explorer.exe
2017-05-19 22:48:26 ----A---- C:\Windows\explorer.exe
2017-05-19 22:48:01 ----A---- C:\Windows\SysWOW64\msxml6.dll
2017-05-19 22:48:00 ----A---- C:\Windows\SysWOW64\msxml6r.dll
2017-05-19 22:45:39 ----A---- C:\Windows\SysWOW64\webio.dll
2017-05-19 22:45:35 ----A---- C:\Windows\SysWOW64\InkEd.dll
2017-05-18 17:18:49 ----D---- C:\ProgramData\Malwarebytes
2017-05-12 21:21:50 ----D---- C:\Users\Romca\AppData\Roaming\miner
2017-05-10 21:38:44 ----A---- C:\Windows\SysWOW64\mshtml.dll
2017-05-10 21:38:39 ----A---- C:\Windows\SysWOW64\ieframe.dll
2017-05-10 21:38:38 ----A---- C:\Windows\SysWOW64\jscript9.dll
2017-05-10 21:38:37 ----A---- C:\Windows\SysWOW64\wininet.dll
2017-05-10 21:38:36 ----A---- C:\Windows\SysWOW64\vbscript.dll
2017-05-10 21:38:36 ----A---- C:\Windows\SysWOW64\urlmon.dll
2017-05-10 21:38:36 ----A---- C:\Windows\SysWOW64\iertutil.dll
2017-05-10 21:38:35 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2017-05-10 21:38:34 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\pla.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\ole32.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\gdi32.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\crypt32.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\advapi32.dll
2017-05-10 21:38:32 ----A---- C:\Windows\SysWOW64\pdh.dll
2017-05-10 21:38:32 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2017-05-10 21:38:32 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2017-05-10 21:38:31 ----A---- C:\Windows\SysWOW64\webcheck.dll
2017-05-10 21:38:31 ----A---- C:\Windows\SysWOW64\oleres.dll
2017-05-10 21:38:31 ----A---- C:\Windows\SysWOW64\ntdll.dll
2017-05-10 21:38:31 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\comcat.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\certcli.dll
2017-05-10 21:38:29 ----A---- C:\Windows\SysWOW64\rpcrt4.dll
2017-05-10 21:38:29 ----A---- C:\Windows\SysWOW64\jscript.dll
2017-05-10 21:38:28 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\sspicli.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\occache.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\msrating.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\kerberos.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\ieui.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\wintrust.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\wdigest.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\TSpkg.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\schannel.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\rpchttp.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\inseng.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\cryptnet.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\cdosys.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\wow32.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\srclient.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\secur32.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\kernel32.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\iesetup.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\iernonce.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\cryptbase.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\credssp.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\bcrypt.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\auditpol.exe
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\appidapi.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\user.exe
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\tzres.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\setup16.exe
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\msobjs.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\msaudite.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\instnm.exe
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\apisetschema.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\adtschema.dll

======List of files/folders modified in the last 1 month======

2017-05-20 19:34:13 ----D---- C:\Windows\Temp
2017-05-20 19:32:51 ----HD---- C:\ProgramData
2017-05-20 18:41:33 ----D---- C:\Windows
2017-05-20 15:46:13 ----D---- C:\Program Files (x86)\World of Warcraft
2017-05-20 15:32:17 ----D---- C:\Program Files (x86)\Battle.net
2017-05-20 15:05:31 ----D---- C:\ProgramData\AVAST Software
2017-05-20 14:58:37 ----D---- C:\Program Files (x86)\Common Files
2017-05-20 14:58:02 ----D---- C:\Windows\System32
2017-05-20 14:46:45 ----RD---- C:\Program Files (x86)
2017-05-20 13:54:50 ----RD---- C:\Program Files
2017-05-20 13:08:35 ----D---- C:\Windows\inf
2017-05-20 12:49:02 ----D---- C:\Windows\Prefetch
2017-05-20 04:14:52 ----D---- C:\Windows\rescache
2017-05-20 03:44:20 ----D---- C:\Windows\winsxs
2017-05-20 03:26:21 ----D---- C:\Windows\Logs
2017-05-20 03:23:52 ----D---- C:\Windows\SysWOW64\wbem
2017-05-20 03:23:52 ----D---- C:\Windows\SysWOW64
2017-05-20 03:23:51 ----D---- C:\Windows\SysWOW64\cs-CZ
2017-05-20 03:23:51 ----D---- C:\Windows\AppPatch
2017-05-20 03:04:53 ----SHD---- C:\Windows\Installer
2017-05-20 03:04:48 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2017-05-18 21:20:30 ----D---- C:\Users\Romca\AppData\Roaming\vlc
2017-05-18 20:45:41 ----SHD---- C:\System Volume Information
2017-05-18 17:17:58 ----D---- C:\Windows\Panther
2017-05-18 17:17:58 ----D---- C:\Windows\Minidump
2017-05-18 17:17:58 ----D---- C:\Windows\debug
2017-05-18 17:17:58 ----D---- C:\Users\Romca\AppData\Roaming\BitTorrent
2017-05-12 17:33:54 ----D---- C:\Windows\Microsoft.NET
2017-05-12 17:27:20 ----RSD---- C:\Windows\assembly
2017-05-11 16:21:48 ----D---- C:\Windows\SysWOW64\migration
2017-05-11 16:21:48 ----D---- C:\Windows\SysWOW64\en-US
2017-05-11 16:21:46 ----D---- C:\Windows\PolicyDefinitions
2017-05-11 16:21:43 ----D---- C:\Program Files (x86)\Internet Explorer

File C:\Windows\SysWOW64\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys []
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys []
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys []
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys []
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys []
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys []
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys []
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys []
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys []
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys []
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys []
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R); C:\Windows\system32\DRIVERS\e1y60x64.sys []
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys []
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys []
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys []
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys []
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RICOH SmartCard Reader;RICOH SmartCard Reader; C:\Windows\system32\DRIVERS\rismcx64.sys []
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys []
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys []
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys []
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-05-20 263304]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-05-20 7346208]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-29 103560]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-29 124048]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-08 144200]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-08 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-29 50808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-29 139896]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-29 139896]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-29 139896]

-----------------EOF-----------------

OTM nemazal. Zkuste to ještě jednou, ale s vypnutým antivirem.

Logfile of random's system information tool 1.16 (written by random/random)
Run by Romca at 2017-05-21 00:15:34
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 168 GB (70%) free of 238 GB
Total RAM: 1912 MB (41% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:15:38, on 21.5.2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18666)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\AVAST Software\Avast\AvLaunch.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Users\Romca\Downloads\RSIT.exe
C:\Program Files (x86)\trend micro\Romca_RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 6788 bytes

=========Google Chrome=========

C:\Users\Romca\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.30
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.10.0
Extension kiodaajmphnkcajieajajinghpejdjai 1 Popup Blocker Pro 1.3.5
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.46
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.2
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.2
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5817.313.0.5
Homepage:
default_search_provider.search_url:
C:\Users\Romca\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-05-20 773920]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2009-11-11 287800]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-05-05 9772248]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
"StubPath"="C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-05-20 19:28:31 ----D---- C:\_OTM
2017-05-20 18:23:46 ----D---- C:\AdwCleaner
2017-05-20 14:59:47 ----D---- C:\Users\Romca\AppData\Roaming\AVAST Software
2017-05-20 14:58:37 ----D---- C:\Program Files (x86)\Common Files\AV
2017-05-20 14:46:45 ----D---- C:\rsit
2017-05-20 14:46:45 ----D---- C:\Program Files (x86)\trend micro
2017-05-20 12:16:05 ----HD---- C:\ProgramData\Common Files
2017-05-20 12:16:05 ----D---- C:\ProgramData\Avg
2017-05-20 08:22:53 ----D---- C:\ProgramData\Bitdefender Agent
2017-05-19 23:07:48 ----A---- C:\Windows\SysWOW64\mtxoci.dll
2017-05-19 23:07:48 ----A---- C:\Windows\SysWOW64\msorcl32.dll
2017-05-19 23:06:11 ----A---- C:\Windows\SysWOW64\tracerpt.exe
2017-05-19 23:06:09 ----A---- C:\Windows\SysWOW64\sechost.dll
2017-05-19 23:06:09 ----A---- C:\Windows\SysWOW64\logman.exe
2017-05-19 23:06:07 ----A---- C:\Windows\SysWOW64\typeperf.exe
2017-05-19 23:06:06 ----A---- C:\Windows\SysWOW64\relog.exe
2017-05-19 23:06:05 ----A---- C:\Windows\SysWOW64\diskperf.exe
2017-05-19 23:04:01 ----A---- C:\Windows\SysWOW64\tbs.dll
2017-05-19 23:00:04 ----A---- C:\Windows\SysWOW64\dwmcore.dll
2017-05-19 23:00:04 ----A---- C:\Windows\SysWOW64\dwmapi.dll
2017-05-19 22:53:58 ----A---- C:\Windows\SysWOW64\olepro32.dll
2017-05-19 22:51:04 ----A---- C:\Windows\SysWOW64\apphelp.dll
2017-05-19 22:51:03 ----A---- C:\Windows\SysWOW64\shimeng.dll
2017-05-19 22:51:03 ----A---- C:\Windows\SysWOW64\sdbinst.exe
2017-05-19 22:50:44 ----A---- C:\Windows\SysWOW64\tdh.dll
2017-05-19 22:48:27 ----A---- C:\Windows\SysWOW64\shell32.dll
2017-05-19 22:48:26 ----A---- C:\Windows\SysWOW64\ExplorerFrame.dll
2017-05-19 22:48:26 ----A---- C:\Windows\SysWOW64\explorer.exe
2017-05-19 22:48:26 ----A---- C:\Windows\explorer.exe
2017-05-19 22:48:01 ----A---- C:\Windows\SysWOW64\msxml6.dll
2017-05-19 22:48:00 ----A---- C:\Windows\SysWOW64\msxml6r.dll
2017-05-19 22:45:39 ----A---- C:\Windows\SysWOW64\webio.dll
2017-05-19 22:45:35 ----A---- C:\Windows\SysWOW64\InkEd.dll
2017-05-18 17:18:49 ----D---- C:\ProgramData\Malwarebytes
2017-05-12 21:21:50 ----D---- C:\Users\Romca\AppData\Roaming\miner
2017-05-10 21:38:44 ----A---- C:\Windows\SysWOW64\mshtml.dll
2017-05-10 21:38:39 ----A---- C:\Windows\SysWOW64\ieframe.dll
2017-05-10 21:38:38 ----A---- C:\Windows\SysWOW64\jscript9.dll
2017-05-10 21:38:37 ----A---- C:\Windows\SysWOW64\wininet.dll
2017-05-10 21:38:36 ----A---- C:\Windows\SysWOW64\vbscript.dll
2017-05-10 21:38:36 ----A---- C:\Windows\SysWOW64\urlmon.dll
2017-05-10 21:38:36 ----A---- C:\Windows\SysWOW64\iertutil.dll
2017-05-10 21:38:35 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2017-05-10 21:38:34 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\pla.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\oleaut32.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\ole32.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\gdi32.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\crypt32.dll
2017-05-10 21:38:33 ----A---- C:\Windows\SysWOW64\advapi32.dll
2017-05-10 21:38:32 ----A---- C:\Windows\SysWOW64\pdh.dll
2017-05-10 21:38:32 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2017-05-10 21:38:32 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2017-05-10 21:38:31 ----A---- C:\Windows\SysWOW64\webcheck.dll
2017-05-10 21:38:31 ----A---- C:\Windows\SysWOW64\oleres.dll
2017-05-10 21:38:31 ----A---- C:\Windows\SysWOW64\ntdll.dll
2017-05-10 21:38:31 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\comcat.dll
2017-05-10 21:38:30 ----A---- C:\Windows\SysWOW64\certcli.dll
2017-05-10 21:38:29 ----A---- C:\Windows\SysWOW64\rpcrt4.dll
2017-05-10 21:38:29 ----A---- C:\Windows\SysWOW64\jscript.dll
2017-05-10 21:38:28 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\sspicli.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\occache.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\msrating.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\kerberos.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\ieui.dll
2017-05-10 21:38:27 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\wintrust.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\wdigest.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\TSpkg.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\schannel.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\rpchttp.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\inseng.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\cryptsvc.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\cryptnet.dll
2017-05-10 21:38:26 ----A---- C:\Windows\SysWOW64\cdosys.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-05-10 21:38:25 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\wow32.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\srclient.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\secur32.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\kernel32.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\iesetup.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\iernonce.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\cryptbase.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\credssp.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\bcrypt.dll
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\auditpol.exe
2017-05-10 21:38:25 ----A---- C:\Windows\SysWOW64\appidapi.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-05-10 21:38:24 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\user.exe
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\tzres.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\setup16.exe
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\msobjs.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\msaudite.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\instnm.exe
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\apisetschema.dll
2017-05-10 21:38:24 ----A---- C:\Windows\SysWOW64\adtschema.dll

======List of files/folders modified in the last 1 month======

2017-05-21 00:14:38 ----D---- C:\Windows\Temp
2017-05-20 19:32:51 ----HD---- C:\ProgramData
2017-05-20 18:41:33 ----D---- C:\Windows
2017-05-20 15:46:13 ----D---- C:\Program Files (x86)\World of Warcraft
2017-05-20 15:32:17 ----D---- C:\Program Files (x86)\Battle.net
2017-05-20 15:05:31 ----D---- C:\ProgramData\AVAST Software
2017-05-20 14:58:37 ----D---- C:\Program Files (x86)\Common Files
2017-05-20 14:58:02 ----D---- C:\Windows\System32
2017-05-20 14:46:45 ----RD---- C:\Program Files (x86)
2017-05-20 13:54:50 ----RD---- C:\Program Files
2017-05-20 13:08:35 ----D---- C:\Windows\inf
2017-05-20 12:49:02 ----D---- C:\Windows\Prefetch
2017-05-20 04:14:52 ----D---- C:\Windows\rescache
2017-05-20 03:44:20 ----D---- C:\Windows\winsxs
2017-05-20 03:26:21 ----D---- C:\Windows\Logs
2017-05-20 03:23:52 ----D---- C:\Windows\SysWOW64\wbem
2017-05-20 03:23:52 ----D---- C:\Windows\SysWOW64
2017-05-20 03:23:51 ----D---- C:\Windows\SysWOW64\cs-CZ
2017-05-20 03:23:51 ----D---- C:\Windows\AppPatch
2017-05-20 03:04:53 ----SHD---- C:\Windows\Installer
2017-05-20 03:04:48 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2017-05-18 21:20:30 ----D---- C:\Users\Romca\AppData\Roaming\vlc
2017-05-18 20:45:41 ----SHD---- C:\System Volume Information
2017-05-18 17:17:58 ----D---- C:\Windows\Panther
2017-05-18 17:17:58 ----D---- C:\Windows\Minidump
2017-05-18 17:17:58 ----D---- C:\Windows\debug
2017-05-18 17:17:58 ----D---- C:\Users\Romca\AppData\Roaming\BitTorrent
2017-05-12 17:33:54 ----D---- C:\Windows\Microsoft.NET
2017-05-12 17:27:20 ----RSD---- C:\Windows\assembly
2017-05-11 16:21:48 ----D---- C:\Windows\SysWOW64\migration
2017-05-11 16:21:48 ----D---- C:\Windows\SysWOW64\en-US
2017-05-11 16:21:46 ----D---- C:\Windows\PolicyDefinitions
2017-05-11 16:21:43 ----D---- C:\Program Files (x86)\Internet Explorer

File C:\Windows\SysWOW64\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys []
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswbloga.sys []
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys []
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys []
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys []
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys []
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys []
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys []
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys []
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys []
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae64.sys []
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys []
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys []
R2 MBAMChameleon;MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys []
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys []
R3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys []
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys []
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
R3 e1yexpress;Ovladač gigabitových síťových připojení Intel(R); C:\Windows\system32\DRIVERS\e1y60x64.sys []
R3 HBtnKey;HP Hotkey Device; C:\Windows\system32\DRIVERS\cpqbttn.sys []
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys []
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
R3 MBAMFarflt;MBAMFarflt; \??\C:\Windows\system32\drivers\farflt.sys []
R3 MBAMProtection;MBAMProtection; \??\C:\Windows\system32\drivers\mbam.sys []
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
R3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys []
R3 NETw5s64;Ovladač adaptéru Intel(R) Wireless WiFi Link pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETw5s64.sys []
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
R3 RICOH SmartCard Reader;RICOH SmartCard Reader; C:\Windows\system32\DRIVERS\rismcx64.sys []
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys []
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys []
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
R3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys []
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys []
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 64bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v64.sys []
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys []
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys []
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AEADIFilters;Andrea ADI Filters Service; C:\Windows\system32\AEADISRV.EXE []
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-05-20 263304]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe []
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-05-09 4470736]
R3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-01-12 227896]
R3 hpqwmiex;hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2009-04-30 229944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-03-29 103560]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-03-29 124048]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-08 144200]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-05-20 7346208]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-08 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-29 50808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-29 139896]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-29 139896]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-29 139896]

-----------------EOF-----------------

OK. Nastala nějaká zmněna?

Bohužel zatím ne, furt mám vysoký ping ve hře.

OK. Zkuste Start>příkazový řádek>(napsat) cmd>Enter. Do otevřeného okna napište:

ping www.seznam.cz

a odentrujte. Odezvy by neměly překročit 50ms, měly by být zhruba rovnoměrné a bez totálních výpadků.

Tady to je

To je v pořádku. Pak velký ping v hrách není způsoben PC, ale někde na těch herních serverech. Můžete ještě zkusit restartovat modem, případně další síť. prvek v datové cestě. Obávám se ale, že to valný vliv mít nebude.

Tak díky za pomoc, nešlo to ale teď to šlo 2 hodiny. Tak uvidím a přinejhorším to dořeším s týpkem od netu.

S providerem určitě, pouze nemusí mít možnost s tím něco udělat. Ping na seznam je v naprostém pořádku. Nemáte zač!