Kontrola PC po zavirování

Zpráva

Kublacek · #1 Příspěvek od **Kublacek** » 09 dub 2016 15:29

Dobrý den,
Rád bych vás požádal o pomoc. Vypršela mi licence AVG. Díky mé liknavostí s obnovou licence bylo PC delší dobu nechráněno a zavirováno. Licenci jsem obnovil, PC oskenoval a AVG mi nalezl několik rootkitů, které smazal. Přesto bych chtěl mít jistotu, antivir objevil a odstranil vše co bylo potřeba.
Když jsem se snažil provést win update. Zjistil jsem, že služba Windows update je zakázána. Spustil jsem jí, ale update se mi nedaří provést. Protože jsem nevidomý, mám v PC nainstalovány různé podpůrné software jako třeba winbraille a odečítače obrazovky JAwS, infovox. Mám obavu abych nemusel PC znovu instalovat. Reactivace těchto podpůrných SW je pro mne dost složitá. Prosím tedy o kontrolu a případně o pomoc. Přikládám LOG.TXT vytvořeného podle vašeho návodu.
Kuba

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jakub Blažek at 2016-04-09 16:02:45
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 202 GB (79%) free of 257 GB
Total RAM: 3318 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:03:51, on 9.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Users\Jakub Blažek\AppData\Roaming\PC-Gizmos\PC_136528.en_88.exe
C:\Program Files\Freedom Scientific\JAWS\12.0\fsATProxy.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
C:\Program Files\totalcmd\TOTALCMD.EXE
D:\viry.cz\RSIT.exe
C:\Program Files\trend micro\Jakub Blažek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hal3000.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: PCGizmosBHO - {A817C286-3D6B-4ECD-A99C-E44E50DBC523} - C:\Users\Jakub Blažek\AppData\Roaming\PC-Gizmos\PCGizmosBHO.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [JAWS] "C:\Program Files\Freedom Scientific\JAWS\12.0\jfw.exe" /run
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avuirunnerx.exe" C:\Program Files\AVG\AVG2015\avgui.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [PC_GIZMOS] "C:\Users\Jakub Blažek\AppData\Roaming\PC-Gizmos\PC_136528.en_88.exe" --update
O4 - HKCU\..\Run: [I4Launcher] "C:\Program Files\Acapela Group\infovox4\I4Launcher.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Jakub Blažek\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [1071606288] regsvr32.exe "C:\ProgramData\Dovqu\Litweg.dll"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = ?
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: JTVNCProxy_12.0 - Unknown owner - C:\Program Files\Freedom Scientific\JAWS\12.0\JTVNCProxy.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVDA (nvda) - NV Access Limited - C:\Program Files\NVDA\nvda_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\GALOP\TPG\TeamViewer_Service.exe

--
End of file - 7086 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2074116477-2217839043-662659822-1001Core.job - C:\Users\Jakub Blažek\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2074116477-2217839043-662659822-1001UA.job - C:\Users\Jakub Blažek\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG2012\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A817C286-3D6B-4ECD-A99C-E44E50DBC523}]
SoundCloud Downloader - C:\Users\Jakub Bla [2013-09-27 719]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-10 7612960]
"JAWS"=C:\Program Files\Freedom Scientific\JAWS\12.0\jfw.exe [2013-05-19 1332536]
"AVG_UI"=C:\Program Files\AVG\AVG2015\avuirunnerx.exe [2016-02-24 25512]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2016-04-05 5565448]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PC_GIZMOS"=C:\Users\Jakub Bla [2013-09-27 719]
"I4Launcher"=C:\Program Files\Acapela Group\infovox4\I4Launcher.exe [2013-03-20 228208]
"Dropbox Update"=C:\Users\Jakub Bla [2013-09-27 719]
"1071606288"=regsvr32.exe C:\ProgramData\Dovqu\Litweg.dll []

C:\Users\Jakub Blažek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Jakub Blažek\AppData\Roaming\Dropbox\bin\Dropbox.exe
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-06-16 216576]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"msacm.vorbis"=vorbis.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-04-09 16:02:45 ----D---- C:\rsit
2016-04-06 14:51:27 ----D---- C:\Program Files\LogMeIn Hamachi

======List of files/folders modified in the last 1 month======

2016-04-09 16:03:51 ----D---- C:\Program Files\trend micro
2016-04-09 16:03:24 ----D---- C:\Windows\Prefetch
2016-04-09 15:57:29 ----D---- C:\Windows\Temp
2016-04-09 14:48:09 ----D---- C:\Windows\system32\catroot
2016-04-09 14:47:24 ----D---- C:\Windows\system32\catroot2
2016-04-09 14:47:11 ----D---- C:\Windows\winsxs
2016-04-09 14:39:51 ----D---- C:\ProgramData\MFAData
2016-04-09 14:13:30 ----D---- C:\Windows\System32
2016-04-09 14:13:30 ----D---- C:\Windows\inf
2016-04-09 14:13:30 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-09 14:09:19 ----D---- C:\Users\Jakub Blažek\AppData\Roaming\Dropbox
2016-04-09 14:07:47 ----D---- C:\Windows\system32\config
2016-04-07 19:27:12 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-04-07 19:19:19 ----RD---- C:\Program Files
2016-04-07 18:41:46 ----SHD---- C:\Windows\Installer
2016-04-07 18:41:45 ----SHD---- C:\Config.Msi
2016-04-07 18:39:20 ----D---- C:\Program Files\Common Files\AV
2016-04-07 15:49:55 ----D---- C:\ProgramData\Klango 3
2016-04-06 23:54:36 ----SHD---- C:\System Volume Information
2016-04-06 00:32:12 ----D---- C:\Users\Jakub Blažek\AppData\Roaming\Skype
2016-03-30 21:38:00 ----D---- C:\Program Files\sonic invaders

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2016-01-13 223152]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2015-05-07 290272]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2016-01-22 193456]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2015-03-20 35808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2015-03-11 132576]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2015-12-16 252336]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2015-11-25 31664]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2015-12-16 234416]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2015-08-04 230832]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2008-10-07 61424]
R2 Freedom Scientific Kernel Manager;Freedom Scientific Kernel Manager; \??\C:\Windows\system32\fsKMgr.dll [2011-09-06 20000]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35088]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2008-07-11 92712]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-05 6789120]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-01-05 235520]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6232.sys [2009-12-10 214696]
R3 fsvidmir;fsvidmir; C:\Windows\system32\DRIVERS\fsvidmir.sys [2011-09-06 11808]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-10 2660896]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-09 107024]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 FSBRLDSP;Freedom Scientific Braille Display USB driver (fsbrldsp.sys); C:\Windows\system32\DRIVERS\FSBRLDSP.sys [2011-09-06 37144]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-16 4756992]
S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw32.sys [2010-01-12 30880]
S3 PowerBrl;powerBraille System Driver; \??\C:\Windows\system32\Drivers\powerbrl.sys [2011-09-06 14880]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-11 814344]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-01-05 176128]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2016-02-04 3646888]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2016-02-04 335656]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [2013-07-31 9216]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2016-04-05 1897480]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-04-05 411920]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nvda;NVDA; C:\Program Files\NVDA\nvda_service.exe [2015-02-23 40040]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\GALOP\TPG\TeamViewer_Service.exe [2012-10-23 2769832]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-08 108032]
S3 JTVNCProxy_12.0;JTVNCProxy_12.0; C:\Program Files\Freedom Scientific\JAWS\12.0\JTVNCProxy.exe [2011-09-06 16152]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-16 1343400]
S4 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 09 dub 2016 15:48

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

Kublacek · #3 Příspěvek od **Kublacek** » 09 dub 2016 16:03

# AdwCleaner v5.109 - Log soubor vytvořen 09/04/2016 o 16:52:52
# Aktualizováno 04/04/2016 by Xplode
# Databáze : 2016-04-07.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (x86)
# Jméno uživatele : Jakub Blažek - JAKUB
# Spuštěno z : C:\Users\Jakub Blažek\Desktop\adwcleaner_5.109.exe
# Volba : Čištění
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****

***** [ Složky ] *****

[-] Složka smazáno : C:\Users\Jakub Blažek\AppData\Roaming\PC-Gizmos

***** [ Soubory ] *****

***** [ DLLs ] *****

***** [ Zástupci ] *****

***** [ Naplánované úkoly ] *****

[-] Úkol smazáno : AmiUpdXp
[-] Úkol smazáno : BrowserProtect
[-] Úkol smazáno : Funmoods
[-] Úkol smazáno : 0
[-] Úkol smazáno : 4787

***** [ Registr ] *****

[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\myradioaccess.dl.tb.ask.com
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\PCGizmosBHO.PCGizmosObj
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\PCGizmosBHO.PCGizmosObj.1
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\CLSID\{A817C286-3D6B-4ECD-A99C-E44E50DBC523}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\Interface\{052EB349-A9D2-470A-A1CC-8E0AD564D387}
[-] Klávesa smazáno : HKLM\SOFTWARE\Classes\TypeLib\{DB8CB19E-7E4D-41AE-8580-E8106CB5A7BC}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Klávesa smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A817C286-3D6B-4ECD-A99C-E44E50DBC523}
[-] Klávesa smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Klávesa smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A817C286-3D6B-4ECD-A99C-E44E50DBC523}
[-] Klávesa smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[-] Klávesa smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A817C286-3D6B-4ECD-A99C-E44E50DBC523}
[-] Klávesa smazáno : HKCU\Software\PC-Gizmos
[-] Klávesa smazáno : HKU\.DEFAULT\Software\IGearSettings
[-] Klávesa smazáno : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
[-] Hodnota smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PC_GIZMOS]
[#] Hodnota smazáno : HKU\S-1-5-21-2074116477-2217839043-662659822-1001\Software\Microsoft\Windows\CurrentVersion\Run [PC_GIZMOS]

***** [ Webové prohlížeče ] *****

*************************

:: "Tracing" odstraněných kláves
:: Nastavení Winsock odstraněno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2817 bytes] - [09/04/2016 16:52:52]
C:\AdwCleaner\AdwCleaner[S1].txt - [3015 bytes] - [09/04/2016 16:50:33]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2963 bytes] ##########

#4 Příspěvek od **Rudy** » 09 dub 2016 17:32

Dejte nový log RSIT.

Kublacek · #5 Příspěvek od **Kublacek** » 09 dub 2016 17:49

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jakub Blažek at 2016-04-09 18:43:40
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 204 GB (79%) free of 257 GB
Total RAM: 3318 MB (34% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:43:51, on 9.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Common Files\Lingea Shared\luc.exe
C:\Program Files\Freedom Scientific\JAWS\12.0\fsATProxy.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\wuauclt.exe
D:\viry.cz\RSIT.exe
C:\Program Files\trend micro\Jakub Blažek.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hal3000.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [JAWS] "C:\Program Files\Freedom Scientific\JAWS\12.0\jfw.exe" /run
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avuirunnerx.exe" C:\Program Files\AVG\AVG2015\avgui.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [I4Launcher] "C:\Program Files\Acapela Group\infovox4\I4Launcher.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Jakub Blažek\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [1071606288] regsvr32.exe "C:\ProgramData\Dovqu\Litweg.dll"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: JTVNCProxy_12.0 - Unknown owner - C:\Program Files\Freedom Scientific\JAWS\12.0\JTVNCProxy.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVDA (nvda) - NV Access Limited - C:\Program Files\NVDA\nvda_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\GALOP\TPG\TeamViewer_Service.exe

--
End of file - 6555 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2074116477-2217839043-662659822-1001Core.job - C:\Users\Jakub Blažek\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2074116477-2217839043-662659822-1001UA.job - C:\Users\Jakub Blažek\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-10 7612960]
"JAWS"=C:\Program Files\Freedom Scientific\JAWS\12.0\jfw.exe [2013-05-19 1332536]
"AVG_UI"=C:\Program Files\AVG\AVG2015\avuirunnerx.exe [2016-02-24 25512]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2016-04-05 5565448]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"I4Launcher"=C:\Program Files\Acapela Group\infovox4\I4Launcher.exe [2013-03-20 228208]
"Dropbox Update"=C:\Users\Jakub Bla [2013-09-27 719]
"1071606288"=regsvr32.exe C:\ProgramData\Dovqu\Litweg.dll []

C:\Users\Jakub Blažek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-06-16 216576]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"msacm.vorbis"=vorbis.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-04-09 16:50:16 ----D---- C:\AdwCleaner
2016-04-09 16:02:45 ----D---- C:\rsit
2016-04-09 14:27:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-04-09 14:26:38 ----A---- C:\Windows\system32\schedsvc.dll
2016-04-09 14:25:58 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-04-09 14:24:57 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-04-09 14:24:56 ----A---- C:\Windows\system32\schannel.dll
2016-04-09 14:24:56 ----A---- C:\Windows\system32\rpcrt4.dll
2016-04-09 14:24:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-04-09 14:24:56 ----A---- C:\Windows\system32\ntdll.dll
2016-04-09 14:24:56 ----A---- C:\Windows\system32\msv1_0.dll
2016-04-09 14:24:56 ----A---- C:\Windows\system32\lsasrv.dll
2016-04-09 14:24:56 ----A---- C:\Windows\system32\kerberos.dll
2016-04-09 14:24:56 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-04-09 14:24:56 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-04-09 14:24:56 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-04-09 14:24:56 ----A---- C:\Windows\system32\drivers\cng.sys
2016-04-09 14:24:56 ----A---- C:\Windows\system32\adtschema.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\wdigest.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\TSpkg.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\sspisrv.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\sspicli.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\srcore.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\srclient.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\smss.exe
2016-04-09 14:24:55 ----A---- C:\Windows\system32\secur32.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\rstrui.exe
2016-04-09 14:24:55 ----A---- C:\Windows\system32\ncrypt.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\msobjs.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\msaudite.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\lsass.exe
2016-04-09 14:24:55 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-04-09 14:24:55 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-04-09 14:24:55 ----A---- C:\Windows\system32\csrsrv.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\cryptbase.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\credssp.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\basesrv.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\auditpol.exe
2016-04-09 14:24:55 ----A---- C:\Windows\system32\apisetschema.dll
2016-04-09 14:23:53 ----A---- C:\Windows\system32\clfsw32.dll
2016-04-09 14:23:53 ----A---- C:\Windows\system32\clfs.sys
2016-04-09 14:23:42 ----A---- C:\Windows\system32\qedit.dll
2016-04-09 14:23:40 ----A---- C:\Windows\system32\cewmdm.dll
2016-04-09 14:23:18 ----A---- C:\Windows\system32\oleaut32.dll
2016-04-09 14:23:17 ----A---- C:\Windows\system32\services.exe
2016-04-06 14:51:27 ----D---- C:\Program Files\LogMeIn Hamachi

======List of files/folders modified in the last 1 month======

2016-04-09 18:43:48 ----D---- C:\Program Files\trend micro
2016-04-09 18:42:42 ----D---- C:\Windows\Temp
2016-04-09 18:41:54 ----D---- C:\Windows\Microsoft.NET
2016-04-09 18:32:03 ----D---- C:\Windows\system32\catroot
2016-04-09 18:32:01 ----D---- C:\Windows\winsxs
2016-04-09 18:31:50 ----D---- C:\Windows\System32
2016-04-09 18:31:50 ----D---- C:\Windows\inf
2016-04-09 18:31:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-09 18:28:08 ----D---- C:\Windows\system32\config
2016-04-09 18:25:07 ----D---- C:\Windows\ehome
2016-04-09 18:25:06 ----D---- C:\Windows\system32\AdvancedInstallers
2016-04-09 18:25:04 ----D---- C:\Windows\system32\cs-CZ
2016-04-09 18:25:03 ----D---- C:\Windows\system32\drivers
2016-04-09 18:16:24 ----SHD---- C:\System Volume Information
2016-04-09 18:15:26 ----SHD---- C:\Windows\Installer
2016-04-09 18:15:26 ----SHD---- C:\Config.Msi
2016-04-09 17:53:33 ----D---- C:\Users\Jakub Blažek\AppData\Roaming\Dropbox
2016-04-09 17:49:26 ----D---- C:\Windows\system32\DriverStore
2016-04-09 17:48:25 ----D---- C:\Windows\system32\Dism
2016-04-09 17:24:35 ----D---- C:\ProgramData\MFAData
2016-04-09 16:56:24 ----D---- C:\Windows\system32\catroot2
2016-04-09 16:52:55 ----D---- C:\Windows\system32\Tasks
2016-04-09 16:03:24 ----D---- C:\Windows\Prefetch
2016-04-07 19:27:12 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-04-07 19:19:19 ----RD---- C:\Program Files
2016-04-07 18:39:20 ----D---- C:\Program Files\Common Files\AV
2016-04-07 15:49:55 ----D---- C:\ProgramData\Klango 3
2016-04-06 00:32:12 ----D---- C:\Users\Jakub Blažek\AppData\Roaming\Skype
2016-03-30 21:38:00 ----D---- C:\Program Files\sonic invaders

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2016-01-13 223152]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2015-05-07 290272]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2016-01-22 193456]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2015-03-20 35808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2015-03-11 132576]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2015-12-16 252336]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2015-11-25 31664]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2015-12-16 234416]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2015-08-04 230832]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2008-10-07 61424]
R2 Freedom Scientific Kernel Manager;Freedom Scientific Kernel Manager; \??\C:\Windows\system32\fsKMgr.dll [2011-09-06 20000]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35088]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2008-07-11 92712]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-05 6789120]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-01-05 235520]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6232.sys [2009-12-10 214696]
R3 fsvidmir;fsvidmir; C:\Windows\system32\DRIVERS\fsvidmir.sys [2011-09-06 11808]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-10 2660896]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-09 107024]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 FSBRLDSP;Freedom Scientific Braille Display USB driver (fsbrldsp.sys); C:\Windows\system32\DRIVERS\FSBRLDSP.sys [2011-09-06 37144]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-16 4756992]
S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw32.sys [2010-01-12 30880]
S3 PowerBrl;powerBraille System Driver; \??\C:\Windows\system32\Drivers\powerbrl.sys [2011-09-06 14880]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-11 814344]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-01-05 176128]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2016-02-04 3646888]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2016-02-04 335656]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [2013-07-31 9216]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2016-04-05 1897480]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-04-05 411920]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nvda;NVDA; C:\Program Files\NVDA\nvda_service.exe [2015-02-23 40040]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\GALOP\TPG\TeamViewer_Service.exe [2012-10-23 2769832]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-08 108032]
S3 JTVNCProxy_12.0;JTVNCProxy_12.0; C:\Program Files\Freedom Scientific\JAWS\12.0\JTVNCProxy.exe [2011-09-06 16152]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-16 1343400]
S4 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#6 Příspěvek od **Rudy** » 09 dub 2016 18:50

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\ProgramData\Dovqu\Litweg.dll

:reg
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"1071606288"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Před skenem vypněte antivir a po něm restartujte PC. Dejte nový log RSIT.

Kublacek · #7 Příspěvek od **Kublacek** » 09 dub 2016 19:09

Logfile of random's system information tool 1.10 (written by random/random)
Run by Jakub Blažek at 2016-04-09 20:05:20
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 205 GB (80%) free of 257 GB
Total RAM: 3318 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:05:52, on 9.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVG\AVG2015\avgui.exe
C:\Program Files\Common Files\Lingea Shared\luc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Freedom Scientific\JAWS\12.0\fsATProxy.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\totalcmd\TOTALCMD.EXE
D:\viry.cz\RSIT.exe
C:\Program Files\trend micro\Jakub Blažek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hal3000.cz
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [JAWS] "C:\Program Files\Freedom Scientific\JAWS\12.0\jfw.exe" /run
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2015\avuirunnerx.exe" C:\Program Files\AVG\AVG2015\avgui.exe
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKCU\..\Run: [I4Launcher] "C:\Program Files\Acapela Group\infovox4\I4Launcher.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Jakub Blažek\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Lingea Update Center.lnk = C:\Program Files\Common Files\Lingea Shared\luc.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (file missing)
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs:
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2015\avgwdsvc.exe
O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: JTVNCProxy_12.0 - Unknown owner - C:\Program Files\Freedom Scientific\JAWS\12.0\JTVNCProxy.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVDA (nvda) - NV Access Limited - C:\Program Files\NVDA\nvda_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files\GALOP\TPG\TeamViewer_Service.exe

--
End of file - 6450 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2074116477-2217839043-662659822-1001Core.job - C:\Users\Jakub Blažek\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2074116477-2217839043-662659822-1001UA.job - C:\Users\Jakub Blažek\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-01-30 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll [2007-07-12 501136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-10 7612960]
"JAWS"=C:\Program Files\Freedom Scientific\JAWS\12.0\jfw.exe [2013-05-19 1332536]
"AVG_UI"=C:\Program Files\AVG\AVG2015\avuirunnerx.exe [2016-02-24 25512]
"LogMeIn Hamachi Ui"=C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2016-04-05 5565448]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"I4Launcher"=C:\Program Files\Acapela Group\infovox4\I4Launcher.exe [2013-03-20 228208]
"Dropbox Update"=C:\Users\Jakub Bla [2013-09-27 719]

C:\Users\Jakub Blažek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Lingea Update Center.lnk - C:\Program Files\Common Files\Lingea Shared\luc.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-06-16 216576]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"msacm.siren"=sirenacm.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"msacm.vorbis"=vorbis.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-04-09 20:01:30 ----D---- C:\_OTM
2016-04-09 16:50:16 ----D---- C:\AdwCleaner
2016-04-09 16:02:45 ----D---- C:\rsit
2016-04-09 14:27:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2016-04-09 14:26:38 ----A---- C:\Windows\system32\schedsvc.dll
2016-04-09 14:25:58 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-04-09 14:24:57 ----A---- C:\Windows\system32\ntkrnlpa.exe
2016-04-09 14:24:56 ----A---- C:\Windows\system32\schannel.dll
2016-04-09 14:24:56 ----A---- C:\Windows\system32\rpcrt4.dll
2016-04-09 14:24:56 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-04-09 14:24:56 ----A---- C:\Windows\system32\ntdll.dll
2016-04-09 14:24:56 ----A---- C:\Windows\system32\msv1_0.dll
2016-04-09 14:24:56 ----A---- C:\Windows\system32\lsasrv.dll
2016-04-09 14:24:56 ----A---- C:\Windows\system32\kerberos.dll
2016-04-09 14:24:56 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-04-09 14:24:56 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-04-09 14:24:56 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-04-09 14:24:56 ----A---- C:\Windows\system32\drivers\cng.sys
2016-04-09 14:24:56 ----A---- C:\Windows\system32\adtschema.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\wdigest.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\TSpkg.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\sspisrv.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\sspicli.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\srcore.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\srclient.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\smss.exe
2016-04-09 14:24:55 ----A---- C:\Windows\system32\secur32.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\rstrui.exe
2016-04-09 14:24:55 ----A---- C:\Windows\system32\ncrypt.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\msobjs.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\msaudite.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\lsass.exe
2016-04-09 14:24:55 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-04-09 14:24:55 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-04-09 14:24:55 ----A---- C:\Windows\system32\csrsrv.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\cryptbase.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\credssp.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\basesrv.dll
2016-04-09 14:24:55 ----A---- C:\Windows\system32\auditpol.exe
2016-04-09 14:24:55 ----A---- C:\Windows\system32\apisetschema.dll
2016-04-09 14:23:53 ----A---- C:\Windows\system32\clfsw32.dll
2016-04-09 14:23:53 ----A---- C:\Windows\system32\clfs.sys
2016-04-09 14:23:42 ----A---- C:\Windows\system32\qedit.dll
2016-04-09 14:23:40 ----A---- C:\Windows\system32\cewmdm.dll
2016-04-09 14:23:18 ----A---- C:\Windows\system32\oleaut32.dll
2016-04-09 14:23:17 ----A---- C:\Windows\system32\services.exe
2016-04-06 14:51:27 ----D---- C:\Program Files\LogMeIn Hamachi

======List of files/folders modified in the last 1 month======

2016-04-09 20:05:23 ----D---- C:\Program Files\trend micro
2016-04-09 20:04:50 ----D---- C:\Windows\System32
2016-04-09 20:04:49 ----D---- C:\Windows\Temp
2016-04-09 20:04:36 ----D---- C:\Windows\system32\config
2016-04-09 18:41:54 ----D---- C:\Windows\Microsoft.NET
2016-04-09 18:32:03 ----D---- C:\Windows\system32\catroot
2016-04-09 18:32:01 ----D---- C:\Windows\winsxs
2016-04-09 18:31:50 ----D---- C:\Windows\inf
2016-04-09 18:31:50 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-04-09 18:25:07 ----D---- C:\Windows\ehome
2016-04-09 18:25:06 ----D---- C:\Windows\system32\AdvancedInstallers
2016-04-09 18:25:04 ----D---- C:\Windows\system32\cs-CZ
2016-04-09 18:25:03 ----D---- C:\Windows\system32\drivers
2016-04-09 18:16:24 ----SHD---- C:\System Volume Information
2016-04-09 18:15:26 ----SHD---- C:\Windows\Installer
2016-04-09 18:15:26 ----SHD---- C:\Config.Msi
2016-04-09 17:53:33 ----D---- C:\Users\Jakub Blažek\AppData\Roaming\Dropbox
2016-04-09 17:49:26 ----D---- C:\Windows\system32\DriverStore
2016-04-09 17:48:25 ----D---- C:\Windows\system32\Dism
2016-04-09 17:24:35 ----D---- C:\ProgramData\MFAData
2016-04-09 16:56:24 ----D---- C:\Windows\system32\catroot2
2016-04-09 16:52:55 ----D---- C:\Windows\system32\Tasks
2016-04-09 16:03:24 ----D---- C:\Windows\Prefetch
2016-04-07 19:27:12 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2016-04-07 19:19:19 ----RD---- C:\Program Files
2016-04-07 18:49:34 ----D---- C:\ProgramData\Dovqu
2016-04-07 18:39:20 ----D---- C:\Program Files\Common Files\AV
2016-04-07 15:49:55 ----D---- C:\ProgramData\Klango 3
2016-04-06 00:32:12 ----D---- C:\Users\Jakub Blažek\AppData\Roaming\Skype
2016-03-30 21:38:00 ----D---- C:\Program Files\sonic invaders

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2016-01-13 223152]
R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2015-05-07 290272]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2016-01-22 193456]
R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2015-03-20 35808]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2015-03-11 132576]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2015-12-16 252336]
R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2015-11-25 31664]
R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2015-12-16 234416]
R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2015-08-04 230832]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2008-10-07 61424]
R2 Freedom Scientific Kernel Manager;Freedom Scientific Kernel Manager; \??\C:\Windows\system32\fsKMgr.dll [2011-09-06 20000]
R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35088]
R2 Sentinel;Sentinel; C:\Windows\System32\Drivers\SENTINEL.SYS [2008-07-11 92712]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-01-05 6789120]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-01-05 235520]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW73.sys [2010-11-17 101392]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K; C:\Windows\system32\DRIVERS\e1k6232.sys [2009-12-10 214696]
R3 fsvidmir;fsvidmir; C:\Windows\system32\DRIVERS\fsvidmir.sys [2011-09-06 11808]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-07-10 2660896]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-03-09 107024]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 FSBRLDSP;Freedom Scientific Braille Display USB driver (fsbrldsp.sys); C:\Windows\system32\DRIVERS\FSBRLDSP.sys [2011-09-06 37144]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2009-06-16 4756992]
S3 NAL;Nal Service ; \??\C:\Windows\system32\Drivers\iqvw32.sys [2010-01-12 30880]
S3 PowerBrl;powerBraille System Driver; \??\C:\Windows\system32\Drivers\powerbrl.sys [2011-09-06 14880]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-03-01 139776]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.10.0;ABBYY FineReader 10 PE Licensing Service; C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe [2009-12-11 814344]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-01-05 176128]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [2016-02-04 3646888]
R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [2016-02-04 335656]
R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [2013-07-31 9216]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2016-04-05 1897480]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2016-04-05 411920]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-20 322120]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208]
R2 nvda;NVDA; C:\Program Files\NVDA\nvda_service.exe [2015-02-23 40040]
R2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 TeamViewer7;TeamViewer 7; C:\Program Files\GALOP\TPG\TeamViewer_Service.exe [2012-10-23 2769832]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-05-08 108032]
S3 JTVNCProxy_12.0;JTVNCProxy_12.0; C:\Program Files\Freedom Scientific\JAWS\12.0\JTVNCProxy.exe [2011-09-06 16152]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-02-16 1343400]
S4 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#8 Příspěvek od **Rudy** » 09 dub 2016 20:22

Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Log je již OK. Byl odstraněn 1 troják.

Kublacek · #9 Příspěvek od **Kublacek** » 09 dub 2016 20:28

Moc díky. Mohl bych Vás zítra požádal o to samé s mým NB?. Byl ve s tejné síti s PC a rád bych to měl vše v pořádku.

#10 Příspěvek od **Rudy** » 09 dub 2016 21:23

Nemáte zač. Určitě ano.

VIRY.CZ

Kontrola PC po zavirování

Kontrola PC po zavirování

Re: Kontrola PC po zavirování

Re: Kontrola PC po zavirování

Re: Kontrola PC po zavirování

Re: Kontrola PC po zavirování

Re: Kontrola PC po zavirování

Re: Kontrola PC po zavirování

Re: Kontrola PC po zavirování

Re: Kontrola PC po zavirování

Re: Kontrola PC po zavirování