Vir + log

Zpráva

whisky · #1 Příspěvek od **whisky** » 17 kvě 2015 17:59

Zdravím,

hraji CS:GO a já si p oroce řekl, že bych mohl zkusit aspon ten wallhack, třeba jen s boty.
Stáhnu, spustím ikonu z plochy ale nic se nestalo. Tak jsem to smazal a koš vysypal. Jenže si beztak byl vir, spustil se já jsem ted v hajzlu.
Prvně mi nešel steam, error 130, který jsem vyřešil dle návodu (nastavení LAN a nemělo tam být nic zaškrtnuté), steam jsem rozběhl, ale nejdou spustit hry.
K tomu všemu nejde spustit Správce úloh, vždy se ukáže na sekundu a zmizí.
Projel jsem to antivirem (Norton), sice našel vir a podle všeho potom úspěšně smazal, jenže problém přetrvává.

Vkládám log z RSIT (stáhl jsem prvně FRST ale to je podle antiviru škodlivý obsah, i ten web)
/otevřeli se mi dva texty, log a info, tak doufá, že jsem vložil správně ten log/

iLogfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2015-05-17 18:47:16
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 144 GB (30%) free of 477 GB
Total RAM: 3582 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:48:01, on 17.5.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\764403\svchost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Protected Search\ProtectedSearch.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\NAV.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\conime.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Admin\Desktop\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com?si= ... bs=true&q=
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.certified-toolbar.com?si= ... ue&tid=592
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com?si= ... bs=true&q=
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:7411;https=127.0.0.1:7411
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files\SimilarSites\similarsites.dll
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: 65.112.87.186 armedass.available.gamespy.com #armed assault check
O1 - Hosts: 65.112.87.186 armedass.ms12.gamespy.com #armed assault server list
O1 - Hosts: 65.112.87.186 armedass.master.gamespy.com #armed assault heartbeats
O1 - Hosts: 65.112.87.186 battlefield2.available.gamespy.com #battlefield 2 check
O1 - Hosts: 65.112.87.186 battlefield2.ms14.gamespy.com #battlefield 2 server list
O1 - Hosts: 65.112.87.186 battlefield2.master.gamespy.com #battlefield 2 heartbeats
O1 - Hosts: 63.239.170.53 bf2web.gamespy.com #login locks up without this
O1 - Hosts: 65.112.87.186 bfvietnam.available.gamespy.com #battlefield vietnam check
O1 - Hosts: 65.112.87.186 bfvietnam.ms0.gamespy.com #battlefield vietnam
O1 - Hosts: 65.112.87.186 bfvietnam.master.gamespy.com #battlefield vietnam
O1 - Hosts: 65.112.87.186 bderlandspc.available.gamespy.com #borderlands check
O1 - Hosts: 65.112.87.186 bderlandspc.master.gamespy.com #borderlands heartbeats
O1 - Hosts: 65.112.87.186 bderlandspc.ms18.gamespy.com #borderlands server list
O1 - Hosts: 65.112.87.186 crysis.available.gamespy.com #crysis check
O1 - Hosts: 65.112.87.186 crysis.master.gamespy.com #crysis heartbeats
O1 - Hosts: 65.112.87.186 crysis.ms5.gamespy.com #crysis server list
O1 - Hosts: 65.112.87.186 crysiswars.available.gamespy.com #crysis wars check
O1 - Hosts: 65.112.87.186 crysiswars.master.gamespy.com #crysis wars heartbeats
O1 - Hosts: 65.112.87.186 crysiswars.ms2.gamespy.com #crysis wars server list
O1 - Hosts: 65.112.87.188 gamestats.gamespy.com #statistics, required by some games
O1 - Hosts: 63.239.170.53 motd.gamespy.com #message of the day placeholder
O1 - Hosts: 65.112.87.187 peerchat.gamespy.com #chat/lobby, required by some games
O1 - Hosts: 65.112.87.186 gpcm.gamespy.com #gamespy login session tracking
O1 - Hosts: 65.112.87.186 gpsp.gamespy.com #gamespy account validation
O1 - Hosts: 65.112.87.186 hd2.available.gamespy.com #hidden and dangerous 2 check
O1 - Hosts: 65.112.87.186 hd2.master.gamespy.com #hidden and dangerous 2 heartbeats
O1 - Hosts: 65.112.87.186 hd2.ms14.gamespy.com #hidden and dangerous 2 server list
O1 - Hosts: 213.165.90.5 hd2.ms14.gamespy.com
O1 - Hosts: 65.112.87.186 master.gamespy.com #older games server list
O1 - Hosts: 65.112.87.186 master0.gamespy.com #older games server list
O1 - Hosts: 65.112.87.186 nwn.available.gamespy.com #neverwinter nights check
O1 - Hosts: 65.112.87.186 nwn.master.gamespy.com #neverwinter nights heartbeats
O1 - Hosts: 65.112.87.186 painkiller.available.gamespy.com #painkiller check
O1 - Hosts: 65.112.87.186 painkiller.ms15.gamespy.com #painkiller server list
O1 - Hosts: 65.112.87.186 painkiller.master.gamespy.com #painkiller heartbeats
O1 - Hosts: 65.112.87.186 swbfront2pc.available.gamespy.com #star wars battlefront 2 check
O1 - Hosts: 65.112.87.186 swbfront2pc.ms6.gamespy.com #star wars battlefront 2 server list
O1 - Hosts: 65.112.87.186 swbfront2pc.master.gamespy.com #star wars battlefront 2 heartbeats
O1 - Hosts: 65.112.87.186 tribesv.available.gamespy.com #tribes vengeance check
O1 - Hosts: 65.112.87.186 tribesv.master.gamespy.com #tribes vengeance heartbeats
O1 - Hosts: 65.112.87.186 tribesv.ms15.gamespy.com #tribes vengeance server list
O1 - Hosts: 65.112.87.186 tron20.master.gamespy.com #tron heartbeats
O1 - Hosts: 65.112.87.186 tron20.ms9.gamespy.com #tron server list
O1 - Hosts: 65.112.87.186 vietcong2.available.gamespy.com #vietcong 2 check
O1 - Hosts: 65.112.87.186 vietcong2.master.gamespy.com #vietcong 2 heartbeats
O1 - Hosts: 65.112.87.186 vietcong2.ms1.gamespy.com #vietcong 2 server list
O1 - Hosts: 65.112.87.186 wolfmaster.idsoftware.com #rtcw
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: SimilarSites - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Program Files\SimilarSites\similarsites.dll
O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [MSStp] C:\Windows\inf\msstp.vbe
O4 - HKLM\..\Run: [mnclfsjSrv] C:\Windows\system32\mnclfsj.vbe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Microsoft] "C:\ProgramData\764403\svchost.exe"
O4 - HKCU\..\RunOnce: [Computer Helper] "C:\ProgramData\764403\svchost.exe"
O4 - HKUS\S-1-5-21-1375144938-2607987595-3985304306-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1375144938-2607987595-3985304306-1002\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SolidWorks 2013 Rychlé spuštění.lnk = ?
O4 - Global Startup: SolidWorks Nástroj pro stahování na pozadí.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: SimilarSites - {807DF5E0-4EF7-48a8-A405-239F3E29FFA9} - C:\Program Files\SimilarSites\similarsites.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static ... .145.0.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.96.0.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab.co ... .5.1.0.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\NAV.exe
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 14240 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\i8wrn1iz.default

prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "http://www.msn.com/en-us/?pc=UP97&ocid=UP97DHP"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{F04D2D30-776C-4d02-8627-8E4385ECA58D}"=C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.104.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.104.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.116.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.138.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.138.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=2.1.7]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.1.7\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.6.2\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npEModelPlugin.dll
nsEModelPlugin.xpt
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\i8wrn1iz.default\extensions\
{E71B541F-5E72-5555-A47C-E47863195841}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\i8wrn1iz.default\searchplugins\
bingp.xml
Web Search.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05 392344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-30 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]
Norton Identity Protection - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05 664376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-30 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{FE69C007-C452-4d3e-86D2-1730DF8BC871} - SimilarSites - C:\Program Files\SimilarSites\similarsites.dll [2012-02-01 316928]
{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05 664376]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-10-17 11430504]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"NtVdmSrv"=C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-14 1028384]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe []
"MSStp"=C:\Windows\inf\msstp.vbe [2014-03-05 1584]
"mnclfsjSrv"=C:\Windows\system32\mnclfsj.vbe []
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft"=C:\ProgramData\764403\svchost.exe [2015-05-17 818328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Computer Helper"=C:\ProgramData\764403\svchost.exe [2015-05-17 818328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-11-03 3835728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Nástroj pro stahování na pozadí.lnk]
C:\PROGRA~1\COMMON~1\MANAER~1\BACKGR~1\SLDBGD~1.EXE [2013-03-28 2738728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
SolidWorks 2013 Rychlé spuštění.lnk - C:\Windows\Installer\{B85DDD77-4A6A-4811-B241-EDADBF996BD0}\NewShortcut2_F1630D75496847DD999177A077E0CA0F.exe
SolidWorks Nástroj pro stahování na pozadí.lnk - C:\Program Files\Common Files\Manažer instalací SolidWorks\BackgroundDownloading\sldBgDwld.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"VIDC.FPS1"=frapsvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XFR1"=xfcodec.dll
"vidc.tscc"=C:\Windows\system32\tsccvid.dll
"vidc.tsc2"=C:\Windows\system32\tsc2_codec32.dll
"MSVideo8"=VfWWDM32.dll
"msacm.vorbis"=vorbis.acm
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-05-17 18:47:16 ----D---- C:\rsit
2015-05-17 18:47:16 ----D---- C:\Program Files\trend micro
2015-05-17 12:55:56 ----SHD---- C:\ProgramData\764503
2015-05-17 12:55:56 ----SHD---- C:\ProgramData\764403

======List of files/folders modified in the last 1 month======

2015-05-17 18:47:29 ----D---- C:\Windows\Prefetch
2015-05-17 18:47:16 ----RD---- C:\Program Files
2015-05-17 18:47:04 ----D---- C:\Windows\temp
2015-05-17 18:40:02 ----D---- C:\Program Files\Steam
2015-05-17 12:55:56 ----D---- C:\ProgramData
2015-05-17 12:08:29 ----D---- C:\Users\Admin\AppData\Roaming\.minecraft
2015-05-17 11:14:16 ----D---- C:\Users\Admin\AppData\Roaming\Seznam.cz
2015-05-17 11:11:44 ----D---- C:\Users\Admin\AppData\Roaming\Spotify
2015-05-17 11:08:52 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-05-17 11:08:50 ----SHD---- C:\System Volume Information
2015-05-16 17:20:39 ----D---- C:\Program Files\Mozilla Firefox
2015-05-16 17:00:05 ----SHD---- C:\Windows\Installer
2015-05-16 17:00:04 ----D---- C:\Config.Msi
2015-05-16 16:55:26 ----D---- C:\Windows\Tasks
2015-05-16 15:23:47 ----D---- C:\Program Files\Common Files\Steam
2015-05-16 12:23:15 ----D---- C:\Users\Admin\AppData\Roaming\SolidWorks
2015-05-14 20:41:54 ----D---- C:\Windows\System32
2015-05-14 20:41:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-14 20:41:53 ----D---- C:\Windows\inf
2015-05-14 09:08:03 ----D---- C:\Users\Admin\AppData\Roaming\Xfire
2015-05-07 10:53:36 ----D---- C:\Program Files\Internet Explorer
2015-05-06 11:30:50 ----D---- C:\Windows\system32\catroot2
2015-04-28 15:03:17 ----D---- C:\Program Files\Opera
2015-04-28 15:03:16 ----D---- C:\Windows\system32\Tasks
2015-04-25 10:12:59 ----D---- C:\Users\Admin\AppData\Roaming\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAV\1507000.00B\SYMDS.SYS [2013-09-10 367704]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAV\1507000.00B\SYMEFA.SYS [2014-03-04 936152]
R1 BHDrvx86;BHDrvx86; \??\C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20150506.001\BHDrvx86.sys [2015-05-01 1172184]
R1 ccSet_NAV;NAV Settings Manager; C:\Windows\system32\drivers\NAV\1507000.00B\ccSetx86.sys [2013-09-26 127064]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [2013-09-27 127064]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-28 242240]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2014-12-11 378672]
R1 IDSVix86;IDSVix86; \??\C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20150515.001\IDSvix86.sys [2015-03-27 505048]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NAV\1507000.00B\SRTSP.SYS [2014-08-26 664792]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NAV\1507000.00B\SRTSPX.SYS [2014-08-26 32984]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAV\1507000.00B\Ironx86.SYS [2014-08-06 209624]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NAV\1507000.00B\SYMTDIV.SYS [2014-02-18 384728]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-11 111408]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-10-18 3546664]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 NAVENG;NAVENG; \??\C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20150517.001\NAVENG.SYS [2015-05-01 95704]
R3 NAVEX15;NAVEX15; \??\C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20150517.001\NAVEX15.SYS [2015-05-01 1636696]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-02-08 10180896]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-10-03 133120]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2014-01-22 142936]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S0 okbyju;okbyju; C:\Windows\System32\drivers\lcrk.sys []
S2 NEWDRIVER;NEWDRIVER; \??\C:\Windows\system32\WinVDEdrv6.sys []
S3 catchme;catchme; \??\C:\Users\Admin\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2011-07-29 8456]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-03-31 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-03-31 25200]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 XFDriver;XFDriver; \??\C:\Program Files\Xfire2\XFDriver.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 411920]
R2 NAV;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\NAV.exe [2015-03-07 262928]
R2 NCO;Norton Identity Safe; C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [2015-03-05 131144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 664864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-11-14 1914656]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2015-02-14 76152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2013-03-28 77352]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-12-24 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-23 194032]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2015-02-01 1910128]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2014-12-24 79360]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-05-15 837824]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-13 268464]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S4 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-07-07 78336]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-11-03 1894224]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2014-05-04 2152736]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-16 148080]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 17 kvě 2015 18:10

Zdravím!
PC vám můžeme vyčistit, ale s hrou neporadíme, od toho jsou jiná fóra. Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

whisky · #3 Příspěvek od **whisky** » 17 kvě 2015 18:19

O hru nejde, jen jsem chtěl nastínit situaci

Vyčistil a po res jsem zkusil zapnout Správce, funguje + jsem v procesech vypl "wallhack"

a CSko funguje

# AdwCleaner v4.204 - Log vytvořen 17/05/2015 v 19:13:22
# Aktualizováno 12/05/2015 by Xplode
# Databáze : 2015-05-12.2 [Server]
# Operační system : Windows Vista (TM) Home Premium Service Pack 2 (x86)
# Uživatelské jméno : Admin - ADMIN-PC
# Spuštěno z : C:\Users\Admin\Desktop\adwcleaner_4.204.exe
# Nastavení : Čištění

***** [ Služby ] *****

***** [ Soubory / Složky ] *****

Složka Smazáno : C:\ProgramData\Babylon
Složka Smazáno : C:\ProgramData\ICQ\ICQToolbar
Složka Smazáno : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search
Složka Smazáno : C:\Program Files\iLivid
Složka Smazáno : C:\Program Files\Protected Search
Složka Smazáno : C:\Program Files\Red Sky
Složka Smazáno : C:\Program Files\SimilarSites
Složka Smazáno : C:\Users\Admin\AppData\Local\Babylon
Složka Smazáno : C:\Users\Admin\AppData\Local\DownTango
Složka Smazáno : C:\Users\Admin\AppData\Local\Ilivid Player
Složka Smazáno : C:\Users\Admin\AppData\Local\iLivid
Složka Smazáno : C:\Users\Admin\AppData\LocalLow\Conduit
Složka Smazáno : C:\Users\Admin\AppData\LocalLow\DownTangoLauncherToolbar
Složka Smazáno : C:\Users\Admin\AppData\LocalLow\SimplyTech
Složka Smazáno : C:\Users\Admin\AppData\Roaming\Babylon
Složka Smazáno : C:\Users\Admin\AppData\Roaming\OpenCandy
Složka Smazáno : C:\Users\Admin\AppData\Roaming\SimilarSites
Složka Smazáno : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\i8wrn1iz.default\Extensions\{E71B541F-5E72-5555-A47C-E47863195841}
Složka Smazáno : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\i8wrn1iz.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
Složka Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi
Složka Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
Složka Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd
Složka Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob
Soubor Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgpdioedihjhncjafcpgbbjdpbbkikmi_0.localstorage
Soubor Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dgpdioedihjhncjafcpgbbjdpbbkikmi_0.localstorage-journal
Soubor Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage
Soubor Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage-journal
Soubor Smazáno : C:\Users\Admin\AppData\Local\Temp\Uninstall.exe
Soubor Smazáno : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\i8wrn1iz.default\searchplugins\bingp.xml
Soubor Smazáno : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\i8wrn1iz.default\searchplugins\Web Search.xml
Soubor Smazáno : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\i8wrn1iz.default\user.js
Soubor Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
Soubor Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
Soubor Smazáno : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_wlogin.icq.com_0.localstorage
Soubor Smazáno : C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_wlogin.icq.com_0.localstorage-journal

***** [ Naplánované úlohy ] *****

***** [ Zástupci ] *****

***** [ Registry ] *****

Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\hidjnkeodmholilgafgdlgmgggbhnigl
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Klíč Smazáno : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Klíč Smazáno : HKLM\SOFTWARE\Google\Chrome\Extensions\nppllibpnmahfaklnpggkibhkapjkeob
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Klíč Smazáno : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Klíč Smazáno : HKLM\SOFTWARE\Classes\ilivid
Klíč Smazáno : HKLM\SOFTWARE\Classes\Prod.cap
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Klíč Smazáno : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Klíč Smazáno : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E49F0B41-3322-11D4-AEFE-00C04F61025C}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Klíč Smazáno : HKLM\SOFTWARE\Classes\CLSID\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Klíč Smazáno : HKLM\SOFTWARE\Classes\Interface\{A36BCB13-778D-4A40-99C1-D686086D268F}
Klíč Smazáno : HKLM\SOFTWARE\Classes\TypeLib\{CCA8F2AB-BE4E-41F0-A289-4D960CEA58EA}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{807DF5E0-4EF7-48A8-A405-239F3E29FFA9}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{FE69C007-C452-4D3E-86D2-1730DF8BC871}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{807DF5E0-4EF7-48A8-A405-239F3E29FFA9}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Hodnota Smazáno : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Hodnota Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7A1D825-11FF-4CAE-81FF-187A0B2C5DE6}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Klíč Smazáno : HKCU\Software\APN PIP
Klíč Smazáno : HKCU\Software\Conduit
Klíč Smazáno : HKCU\Software\DataMngr
Klíč Smazáno : HKCU\Software\eSupport.com
Klíč Smazáno : HKCU\Software\ilivid
Klíč Smazáno : HKCU\Software\PIP
Klíč Smazáno : HKCU\Software\ProtectedSearch
Klíč Smazáno : HKCU\Software\Softonic
Klíč Smazáno : HKCU\Software\UpdateStar
Klíč Smazáno : HKCU\Software\AppDataLow\Software\Conduit
Klíč Smazáno : HKCU\Software\AppDataLow\Software\simplytech
Klíč Smazáno : HKLM\SOFTWARE\Babylon
Klíč Smazáno : HKLM\SOFTWARE\DataMngr
Klíč Smazáno : HKLM\SOFTWARE\DownTango
Klíč Smazáno : HKLM\SOFTWARE\ICQ\ICQToolbar
Klíč Smazáno : HKLM\SOFTWARE\ilivid
Klíč Smazáno : HKLM\SOFTWARE\PIP
Klíč Smazáno : HKLM\SOFTWARE\SimilarSites
Klíč Smazáno : HKLM\SOFTWARE\dll-files.com
Klíč Smazáno : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1
Klíč Smazáno : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SimilarSites
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Protected Search_is1
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SimilarSites
Klíč Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
Klíč Smazáno : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:7411;hxxps=127.0.0.1:7411
Data Smazáno : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Prohlížeče ] *****

-\\ Internet Explorer v9.0.8112.16421

Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Search [Start Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Page]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Start Default_Page_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
Nastavení Obnoveno : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [(Default)]
Nastavení Obnoveno : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [(Default)]

-\\ Mozilla Firefox v37.0.1 (x86 cs)

[i8wrn1iz.default\prefs.js] - Řádek Smazáno : user_pref("browser.newtab.url", "hxxp://newtab.certified-toolbar.com/nff?si=41460&tid=592&new=true");
[i8wrn1iz.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.defaultengine", "Web Search");
[i8wrn1iz.default\prefs.js] - Řádek Smazáno : user_pref("browser.search.order.1", "Web Search");

-\\ Google Chrome v42.0.2311.152

[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Extension] : nppllibpnmahfaklnpggkibhkapjkeob

-\\ Chromium v

-\\ Opera v29.0.1795.47

[C:\Users\Admin\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Smazáno [Search Provider] : hxxp://home.speedbit.com/search.aspx?q={searchTerms}

*************************

AdwCleaner[R0].txt - [15518 bytů] - [17/05/2015 19:11:49]
AdwCleaner[S0].txt - [13609 bytů] - [17/05/2015 19:13:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13668 bytů] ##########

#4 Příspěvek od **Rudy** » 17 kvě 2015 19:23

Dejte nový log RSIT.

whisky · #5 Příspěvek od **whisky** » 18 kvě 2015 09:07

Dnes jsem zapl pc a vše je při starém

Udělal jsem opět sken a čištění,
následně log z RSIT (níže)

A problém dělá taky svchost, při zapnutí pc hlásí nějakou chybu a poté naskočil i během chodu pc (obr. níže) a i když nelze zapnout Správce, na chvíli jsem ho viděl v procesech (aktualizace jsou vypnuté, mám je zapnout?)

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2015-05-18 10:05:54
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 144 GB (30%) free of 477 GB
Total RAM: 3582 MB (68% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:06:37, on 18.5.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\NAV.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\Admin\Desktop\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: 65.112.87.186 armedass.available.gamespy.com #armed assault check
O1 - Hosts: 65.112.87.186 armedass.ms12.gamespy.com #armed assault server list
O1 - Hosts: 65.112.87.186 armedass.master.gamespy.com #armed assault heartbeats
O1 - Hosts: 65.112.87.186 battlefield2.available.gamespy.com #battlefield 2 check
O1 - Hosts: 65.112.87.186 battlefield2.ms14.gamespy.com #battlefield 2 server list
O1 - Hosts: 65.112.87.186 battlefield2.master.gamespy.com #battlefield 2 heartbeats
O1 - Hosts: 63.239.170.53 bf2web.gamespy.com #login locks up without this
O1 - Hosts: 65.112.87.186 bfvietnam.available.gamespy.com #battlefield vietnam check
O1 - Hosts: 65.112.87.186 bfvietnam.ms0.gamespy.com #battlefield vietnam
O1 - Hosts: 65.112.87.186 bfvietnam.master.gamespy.com #battlefield vietnam
O1 - Hosts: 65.112.87.186 bderlandspc.available.gamespy.com #borderlands check
O1 - Hosts: 65.112.87.186 bderlandspc.master.gamespy.com #borderlands heartbeats
O1 - Hosts: 65.112.87.186 bderlandspc.ms18.gamespy.com #borderlands server list
O1 - Hosts: 65.112.87.186 crysis.available.gamespy.com #crysis check
O1 - Hosts: 65.112.87.186 crysis.master.gamespy.com #crysis heartbeats
O1 - Hosts: 65.112.87.186 crysis.ms5.gamespy.com #crysis server list
O1 - Hosts: 65.112.87.186 crysiswars.available.gamespy.com #crysis wars check
O1 - Hosts: 65.112.87.186 crysiswars.master.gamespy.com #crysis wars heartbeats
O1 - Hosts: 65.112.87.186 crysiswars.ms2.gamespy.com #crysis wars server list
O1 - Hosts: 65.112.87.188 gamestats.gamespy.com #statistics, required by some games
O1 - Hosts: 63.239.170.53 motd.gamespy.com #message of the day placeholder
O1 - Hosts: 65.112.87.187 peerchat.gamespy.com #chat/lobby, required by some games
O1 - Hosts: 65.112.87.186 gpcm.gamespy.com #gamespy login session tracking
O1 - Hosts: 65.112.87.186 gpsp.gamespy.com #gamespy account validation
O1 - Hosts: 65.112.87.186 hd2.available.gamespy.com #hidden and dangerous 2 check
O1 - Hosts: 65.112.87.186 hd2.master.gamespy.com #hidden and dangerous 2 heartbeats
O1 - Hosts: 65.112.87.186 hd2.ms14.gamespy.com #hidden and dangerous 2 server list
O1 - Hosts: 213.165.90.5 hd2.ms14.gamespy.com
O1 - Hosts: 65.112.87.186 master.gamespy.com #older games server list
O1 - Hosts: 65.112.87.186 master0.gamespy.com #older games server list
O1 - Hosts: 65.112.87.186 nwn.available.gamespy.com #neverwinter nights check
O1 - Hosts: 65.112.87.186 nwn.master.gamespy.com #neverwinter nights heartbeats
O1 - Hosts: 65.112.87.186 painkiller.available.gamespy.com #painkiller check
O1 - Hosts: 65.112.87.186 painkiller.ms15.gamespy.com #painkiller server list
O1 - Hosts: 65.112.87.186 painkiller.master.gamespy.com #painkiller heartbeats
O1 - Hosts: 65.112.87.186 swbfront2pc.available.gamespy.com #star wars battlefront 2 check
O1 - Hosts: 65.112.87.186 swbfront2pc.ms6.gamespy.com #star wars battlefront 2 server list
O1 - Hosts: 65.112.87.186 swbfront2pc.master.gamespy.com #star wars battlefront 2 heartbeats
O1 - Hosts: 65.112.87.186 tribesv.available.gamespy.com #tribes vengeance check
O1 - Hosts: 65.112.87.186 tribesv.master.gamespy.com #tribes vengeance heartbeats
O1 - Hosts: 65.112.87.186 tribesv.ms15.gamespy.com #tribes vengeance server list
O1 - Hosts: 65.112.87.186 tron20.master.gamespy.com #tron heartbeats
O1 - Hosts: 65.112.87.186 tron20.ms9.gamespy.com #tron server list
O1 - Hosts: 65.112.87.186 vietcong2.available.gamespy.com #vietcong 2 check
O1 - Hosts: 65.112.87.186 vietcong2.master.gamespy.com #vietcong 2 heartbeats
O1 - Hosts: 65.112.87.186 vietcong2.ms1.gamespy.com #vietcong 2 server list
O1 - Hosts: 65.112.87.186 wolfmaster.idsoftware.com #rtcw
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [NtVdmSrv] C:\Windows\inf\ntvdm.vbe
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [MSStp] C:\Windows\inf\msstp.vbe
O4 - HKLM\..\Run: [mnclfsjSrv] C:\Windows\system32\mnclfsj.vbe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Microsoft] "C:\ProgramData\764403\svchost.exe"
O4 - HKCU\..\RunOnce: [Computer Helper] "C:\ProgramData\764403\svchost.exe"
O4 - HKUS\S-1-5-21-1375144938-2607987595-3985304306-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1375144938-2607987595-3985304306-1002\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SolidWorks 2013 Rychlé spuštění.lnk = ?
O4 - Global Startup: SolidWorks Nástroj pro stahování na pozadí.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static ... .145.0.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.96.0.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab.co ... .5.1.0.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\NAV.exe
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 11958 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\i8wrn1iz.default

prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "http://www.msn.com/en-us/?pc=UP97&ocid=UP97DHP"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{F04D2D30-776C-4d02-8627-8E4385ECA58D}"=C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.104.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.104.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.116.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.138.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.138.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=2.1.7]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.1.7\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.6.2\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npEModelPlugin.dll
nsEModelPlugin.xpt
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05 392344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-30 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]
Norton Identity Protection - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05 664376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-30 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05 664376]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-10-17 11430504]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"NtVdmSrv"=C:\Windows\inf\ntvdm.vbe [2013-06-20 1219]
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-14 1028384]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe []
"MSStp"=C:\Windows\inf\msstp.vbe [2014-03-05 1584]
"mnclfsjSrv"=C:\Windows\system32\mnclfsj.vbe []
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft"=C:\ProgramData\764403\svchost.exe [2015-05-17 818328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Computer Helper"=C:\ProgramData\764403\svchost.exe [2015-05-17 818328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-11-03 3835728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-18 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Nástroj pro stahování na pozadí.lnk]
C:\PROGRA~1\COMMON~1\MANAER~1\BACKGR~1\SLDBGD~1.EXE [2013-03-28 2738728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
SolidWorks 2013 Rychlé spuštění.lnk - C:\Windows\Installer\{B85DDD77-4A6A-4811-B241-EDADBF996BD0}\NewShortcut2_F1630D75496847DD999177A077E0CA0F.exe
SolidWorks Nástroj pro stahování na pozadí.lnk - C:\Program Files\Common Files\Manažer instalací SolidWorks\BackgroundDownloading\sldBgDwld.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"VIDC.FPS1"=frapsvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XFR1"=xfcodec.dll
"vidc.tscc"=C:\Windows\system32\tsccvid.dll
"vidc.tsc2"=C:\Windows\system32\tsc2_codec32.dll
"MSVideo8"=VfWWDM32.dll
"msacm.vorbis"=vorbis.acm
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-05-17 19:11:46 ----D---- C:\AdwCleaner
2015-05-17 18:47:16 ----D---- C:\rsit
2015-05-17 18:47:16 ----D---- C:\Program Files\trend micro
2015-05-17 12:55:56 ----SHD---- C:\ProgramData\764503
2015-05-17 12:55:56 ----SHD---- C:\ProgramData\764403

======List of files/folders modified in the last 1 month======

2015-05-18 10:05:53 ----D---- C:\Windows\temp
2015-05-18 10:05:16 ----D---- C:\Program Files\Steam
2015-05-18 10:01:35 ----SHD---- C:\System Volume Information
2015-05-17 19:13:37 ----D---- C:\Windows\Prefetch
2015-05-17 19:13:30 ----RD---- C:\Program Files
2015-05-17 19:13:30 ----D---- C:\ProgramData\ICQ
2015-05-17 19:13:22 ----D---- C:\ProgramData
2015-05-17 12:08:29 ----D---- C:\Users\Admin\AppData\Roaming\.minecraft
2015-05-17 11:14:16 ----D---- C:\Users\Admin\AppData\Roaming\Seznam.cz
2015-05-17 11:11:44 ----D---- C:\Users\Admin\AppData\Roaming\Spotify
2015-05-17 11:08:52 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-05-16 17:20:39 ----D---- C:\Program Files\Mozilla Firefox
2015-05-16 17:00:05 ----SHD---- C:\Windows\Installer
2015-05-16 17:00:04 ----D---- C:\Config.Msi
2015-05-16 16:55:26 ----D---- C:\Windows\Tasks
2015-05-16 15:23:47 ----D---- C:\Program Files\Common Files\Steam
2015-05-16 12:23:15 ----D---- C:\Users\Admin\AppData\Roaming\SolidWorks
2015-05-14 20:41:54 ----D---- C:\Windows\System32
2015-05-14 20:41:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-14 20:41:53 ----D---- C:\Windows\inf
2015-05-14 09:08:03 ----D---- C:\Users\Admin\AppData\Roaming\Xfire
2015-05-07 10:53:36 ----D---- C:\Program Files\Internet Explorer
2015-05-06 11:30:50 ----D---- C:\Windows\system32\catroot2
2015-04-28 15:03:17 ----D---- C:\Program Files\Opera
2015-04-28 15:03:16 ----D---- C:\Windows\system32\Tasks
2015-04-25 10:12:59 ----D---- C:\Users\Admin\AppData\Roaming\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAV\1507000.00B\SYMDS.SYS [2013-09-10 367704]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAV\1507000.00B\SYMEFA.SYS [2014-03-04 936152]
R1 BHDrvx86;BHDrvx86; \??\C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20150506.001\BHDrvx86.sys [2015-05-01 1172184]
R1 ccSet_NAV;NAV Settings Manager; C:\Windows\system32\drivers\NAV\1507000.00B\ccSetx86.sys [2013-09-26 127064]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [2013-09-27 127064]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-28 242240]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2014-12-11 378672]
R1 IDSVix86;IDSVix86; \??\C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20150515.001\IDSvix86.sys [2015-03-27 505048]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NAV\1507000.00B\SRTSP.SYS [2014-08-26 664792]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NAV\1507000.00B\SRTSPX.SYS [2014-08-26 32984]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAV\1507000.00B\Ironx86.SYS [2014-08-06 209624]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NAV\1507000.00B\SYMTDIV.SYS [2014-02-18 384728]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-11 111408]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-10-18 3546664]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 NAVENG;NAVENG; \??\C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20150517.001\NAVENG.SYS [2015-05-01 95704]
R3 NAVEX15;NAVEX15; \??\C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20150517.001\NAVEX15.SYS [2015-05-01 1636696]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-02-08 10180896]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-10-03 133120]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2014-01-22 142936]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S0 okbyju;okbyju; C:\Windows\System32\drivers\lcrk.sys []
S2 NEWDRIVER;NEWDRIVER; \??\C:\Windows\system32\WinVDEdrv6.sys []
S3 catchme;catchme; \??\C:\Users\Admin\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2011-07-29 8456]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-03-31 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-03-31 25200]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 XFDriver;XFDriver; \??\C:\Program Files\Xfire2\XFDriver.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 411920]
R2 NAV;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\NAV.exe [2015-03-07 262928]
R2 NCO;Norton Identity Safe; C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [2015-03-05 131144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 664864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-11-14 1914656]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2015-02-14 76152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2013-03-28 77352]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-12-24 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-23 194032]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2015-02-01 1910128]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2014-12-24 79360]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-05-15 837824]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-13 268464]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S4 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-07-07 78336]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-11-03 1894224]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2014-05-04 2152736]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-16 148080]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040]

-----------------EOF-----------------

whisky · #6 Příspěvek od **whisky** » 18 kvě 2015 15:42

Zkusil jsem pc odpojit od netu, sken a vyčistit, res pc
Správce úloh jde, vypnul jsem tam procesy od "svchost", které měli v popisu "wallhack"
Uvidíme, co se stane dál

#7 Příspěvek od **Rudy** » 18 kvě 2015 16:49

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
c:\Program Files\Google\Google Toolbar
C:\Windows\system32\mnclfsj.vbe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\inf\ntvdm.vbe
C:\Windows\inf\msstp.vbe
C:\ProgramData\764403

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NtVdmSrv"=-
"MSStp"=-
"mnclfsjSrv"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Computer Helper"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

:services
okbyju

:commands
[Purity]
[Emptytemp]
[Emptyflash]
[Resethosts]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

whisky · #8 Příspěvek od **whisky** » 18 kvě 2015 17:10

Tak jsem to udělal.
Ale program začal neodpovídat, ale dle mého vše dokončil. Bohůžel nějak všechno přestalo reagovat > res pc. Sice to byl celkem dlouhý res, ale povedlo se

Jo a na ploše se mi tvořili nějaký jpgčka (AlbumArt blabla) to je součástí nebo to můžu smazat?
log RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Admin at 2015-05-18 18:09:19
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 140 GB (29%) free of 477 GB
Total RAM: 3582 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:09:57, on 18.5.2015
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\SolidWorks Corp\SolidWorks\sldworks_fs.exe
C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\NAV.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Admin\Desktop\RSIT.exe
C:\Program Files\trend micro\Admin.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
O1 - Hosts: 65.112.87.186 armedass.available.gamespy.com #armed assault check
O1 - Hosts: 65.112.87.186 armedass.ms12.gamespy.com #armed assault server list
O1 - Hosts: 65.112.87.186 armedass.master.gamespy.com #armed assault heartbeats
O1 - Hosts: 65.112.87.186 battlefield2.available.gamespy.com #battlefield 2 check
O1 - Hosts: 65.112.87.186 battlefield2.ms14.gamespy.com #battlefield 2 server list
O1 - Hosts: 65.112.87.186 battlefield2.master.gamespy.com #battlefield 2 heartbeats
O1 - Hosts: 63.239.170.53 bf2web.gamespy.com #login locks up without this
O1 - Hosts: 65.112.87.186 bfvietnam.available.gamespy.com #battlefield vietnam check
O1 - Hosts: 65.112.87.186 bfvietnam.ms0.gamespy.com #battlefield vietnam
O1 - Hosts: 65.112.87.186 bfvietnam.master.gamespy.com #battlefield vietnam
O1 - Hosts: 65.112.87.186 bderlandspc.available.gamespy.com #borderlands check
O1 - Hosts: 65.112.87.186 bderlandspc.master.gamespy.com #borderlands heartbeats
O1 - Hosts: 65.112.87.186 bderlandspc.ms18.gamespy.com #borderlands server list
O1 - Hosts: 65.112.87.186 crysis.available.gamespy.com #crysis check
O1 - Hosts: 65.112.87.186 crysis.master.gamespy.com #crysis heartbeats
O1 - Hosts: 65.112.87.186 crysis.ms5.gamespy.com #crysis server list
O1 - Hosts: 65.112.87.186 crysiswars.available.gamespy.com #crysis wars check
O1 - Hosts: 65.112.87.186 crysiswars.master.gamespy.com #crysis wars heartbeats
O1 - Hosts: 65.112.87.186 crysiswars.ms2.gamespy.com #crysis wars server list
O1 - Hosts: 65.112.87.188 gamestats.gamespy.com #statistics, required by some games
O1 - Hosts: 63.239.170.53 motd.gamespy.com #message of the day placeholder
O1 - Hosts: 65.112.87.187 peerchat.gamespy.com #chat/lobby, required by some games
O1 - Hosts: 65.112.87.186 gpcm.gamespy.com #gamespy login session tracking
O1 - Hosts: 65.112.87.186 gpsp.gamespy.com #gamespy account validation
O1 - Hosts: 65.112.87.186 hd2.available.gamespy.com #hidden and dangerous 2 check
O1 - Hosts: 65.112.87.186 hd2.master.gamespy.com #hidden and dangerous 2 heartbeats
O1 - Hosts: 65.112.87.186 hd2.ms14.gamespy.com #hidden and dangerous 2 server list
O1 - Hosts: 213.165.90.5 hd2.ms14.gamespy.com
O1 - Hosts: 65.112.87.186 master.gamespy.com #older games server list
O1 - Hosts: 65.112.87.186 master0.gamespy.com #older games server list
O1 - Hosts: 65.112.87.186 nwn.available.gamespy.com #neverwinter nights check
O1 - Hosts: 65.112.87.186 nwn.master.gamespy.com #neverwinter nights heartbeats
O1 - Hosts: 65.112.87.186 painkiller.available.gamespy.com #painkiller check
O1 - Hosts: 65.112.87.186 painkiller.ms15.gamespy.com #painkiller server list
O1 - Hosts: 65.112.87.186 painkiller.master.gamespy.com #painkiller heartbeats
O1 - Hosts: 65.112.87.186 swbfront2pc.available.gamespy.com #star wars battlefront 2 check
O1 - Hosts: 65.112.87.186 swbfront2pc.ms6.gamespy.com #star wars battlefront 2 server list
O1 - Hosts: 65.112.87.186 swbfront2pc.master.gamespy.com #star wars battlefront 2 heartbeats
O1 - Hosts: 65.112.87.186 tribesv.available.gamespy.com #tribes vengeance check
O1 - Hosts: 65.112.87.186 tribesv.master.gamespy.com #tribes vengeance heartbeats
O1 - Hosts: 65.112.87.186 tribesv.ms15.gamespy.com #tribes vengeance server list
O1 - Hosts: 65.112.87.186 tron20.master.gamespy.com #tron heartbeats
O1 - Hosts: 65.112.87.186 tron20.ms9.gamespy.com #tron server list
O1 - Hosts: 65.112.87.186 vietcong2.available.gamespy.com #vietcong 2 check
O1 - Hosts: 65.112.87.186 vietcong2.master.gamespy.com #vietcong 2 heartbeats
O1 - Hosts: 65.112.87.186 vietcong2.ms1.gamespy.com #vietcong 2 server list
O1 - Hosts: 65.112.87.186 wolfmaster.idsoftware.com #rtcw
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Nvtmru] "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKUS\S-1-5-21-1375144938-2607987595-3985304306-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1375144938-2607987595-3985304306-1002\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'UpdatusUser')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: SolidWorks 2013 Rychlé spuštění.lnk = ?
O4 - Global Startup: SolidWorks Nástroj pro stahování na pozadí.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (file missing)
O9 - Extra button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files\ICQ7.6\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: HP Chytrý výběr - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - http://www.battlefieldheroes.com/static ... .145.0.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.96.0.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - http://content.systemrequirementslab.co ... .5.1.0.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\NAV.exe
O23 - Service: Norton Identity Safe (NCO) - Symantec Corporation - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 11698 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\i8wrn1iz.default

prefs.js - "browser.search.useDBForOrder" - false
prefs.js - "browser.startup.homepage" - "http://www.msn.com/en-us/?pc=UP97&ocid=UP97DHP"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"{F04D2D30-776C-4d02-8627-8E4385ECA58D}"=C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.152 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1213153.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.104.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.104.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.116.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.116.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.122.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=1.138.0]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\1.138.0\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/esnlaunch,version=2.1.7]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.1.7\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@esn/npbattlelog,version=2.6.2]
"Description"=
"Path"=C:\Program Files\Battlelog Web Plugins\2.6.2\npbattlelog.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
"Description"=This plugin detects and launches Pando Media Booster
"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npEModelPlugin.dll
nsEModelPlugin.xpt
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Norton Vulnerability Protection - C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05 392344]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-03-30 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB4C7833-A6EC-433f-B9FE-6B14B1A2F836}]
Norton Identity Protection - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05 664376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-30 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A13C2648-91D4-4bf3-BC6D-0079707C4389} - Norton Identity Safe Toolbar - C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\coIEPlg.dll [2015-03-05 664376]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2011-10-17 11430504]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-10-14 49152]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2007-08-22 80896]
"Nvtmru"=C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-11-14 1028384]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe []
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe [2014-11-03 3835728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [2014-06-05 248176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Nástroj pro stahování na pozadí.lnk]
C:\PROGRA~1\COMMON~1\MANAER~1\BACKGR~1\SLDBGD~1.EXE [2013-03-28 2738728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk]
C:\PROGRA~1\MICROS~2\Office12\ONENOTEM.EXE [2009-02-26 97680]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
SolidWorks 2013 Rychlé spuštění.lnk - C:\Windows\Installer\{B85DDD77-4A6A-4811-B241-EDADBF996BD0}\NewShortcut2_F1630D75496847DD999177A077E0CA0F.exe
SolidWorks Nástroj pro stahování na pozadí.lnk - C:\Program Files\Common Files\Manažer instalací SolidWorks\BackgroundDownloading\sldBgDwld.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FMVC"=fmcodec.dll
"VIDC.FPS1"=frapsvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.XFR1"=xfcodec.dll
"vidc.tscc"=C:\Windows\system32\tsccvid.dll
"vidc.tsc2"=C:\Windows\system32\tsc2_codec32.dll
"MSVideo8"=VfWWDM32.dll
"msacm.vorbis"=vorbis.acm
"vidc.mjpg"=bdmjpeg.dll
"vidc.mpeg"=bdmpegv.dll
"msacm.bdmpeg"=bdmpega.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2015-05-18 17:50:58 ----D---- C:\_OTM
2015-05-17 19:11:46 ----D---- C:\AdwCleaner
2015-05-17 18:47:16 ----D---- C:\rsit
2015-05-17 18:47:16 ----D---- C:\Program Files\trend micro
2015-05-17 12:55:56 ----SHD---- C:\ProgramData\764503

======List of files/folders modified in the last 1 month======

2015-05-18 18:09:33 ----D---- C:\Windows\Prefetch
2015-05-18 18:09:16 ----D---- C:\Windows\temp
2015-05-18 17:50:59 ----D---- C:\Windows\Tasks
2015-05-18 17:50:59 ----D---- C:\Windows\inf
2015-05-18 17:50:59 ----D---- C:\ProgramData
2015-05-18 17:50:59 ----D---- C:\Program Files\Google
2015-05-18 16:33:33 ----SHD---- C:\System Volume Information
2015-05-18 14:17:44 ----D---- C:\Program Files\Steam
2015-05-18 14:13:07 ----D---- C:\Windows\Logs
2015-05-18 14:00:25 ----D---- C:\Users\Admin\AppData\Roaming\Xfire
2015-05-18 13:08:34 ----D---- C:\Windows
2015-05-17 19:13:30 ----RD---- C:\Program Files
2015-05-17 19:13:30 ----D---- C:\ProgramData\ICQ
2015-05-17 12:08:29 ----D---- C:\Users\Admin\AppData\Roaming\.minecraft
2015-05-17 11:14:16 ----D---- C:\Users\Admin\AppData\Roaming\Seznam.cz
2015-05-17 11:11:44 ----D---- C:\Users\Admin\AppData\Roaming\Spotify
2015-05-17 11:08:52 ----D---- C:\Program Files\Mozilla Maintenance Service
2015-05-16 17:20:39 ----D---- C:\Program Files\Mozilla Firefox
2015-05-16 17:00:05 ----SHD---- C:\Windows\Installer
2015-05-16 17:00:04 ----D---- C:\Config.Msi
2015-05-16 15:23:47 ----D---- C:\Program Files\Common Files\Steam
2015-05-16 12:23:15 ----D---- C:\Users\Admin\AppData\Roaming\SolidWorks
2015-05-14 20:41:54 ----D---- C:\Windows\System32
2015-05-14 20:41:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-05-07 10:53:36 ----D---- C:\Program Files\Internet Explorer
2015-05-06 11:30:50 ----D---- C:\Windows\system32\catroot2
2015-04-28 15:03:17 ----D---- C:\Program Files\Opera
2015-04-28 15:03:16 ----D---- C:\Windows\system32\Tasks
2015-04-25 10:12:59 ----D---- C:\Users\Admin\AppData\Roaming\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 SmartDefragDriver;SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAV\1507000.00B\SYMDS.SYS [2013-09-10 367704]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAV\1507000.00B\SYMEFA.SYS [2014-03-04 936152]
R1 BHDrvx86;BHDrvx86; \??\C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20150506.001\BHDrvx86.sys [2015-05-01 1172184]
R1 ccSet_NAV;NAV Settings Manager; C:\Windows\system32\drivers\NAV\1507000.00B\ccSetx86.sys [2013-09-26 127064]
R1 ccSet_NST;Norton Identity Safe Settings Manager; C:\Windows\system32\drivers\NST\7DE070B0.02A\ccSetx86.sys [2013-09-27 127064]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-28 242240]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2014-12-11 378672]
R1 IDSVix86;IDSVix86; \??\C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20150515.001\IDSvix86.sys [2015-03-27 505048]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NAV\1507000.00B\SRTSP.SYS [2014-08-26 664792]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NAV\1507000.00B\SRTSPX.SYS [2014-08-26 32984]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAV\1507000.00B\Ironx86.SYS [2014-08-06 209624]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NAV\1507000.00B\SYMTDIV.SYS [2014-02-18 384728]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-12-11 111408]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2011-10-18 3546664]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2006-10-18 7680]
R3 NAVENG;NAVENG; \??\C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20150517.021\NAVENG.SYS [2015-05-01 95704]
R3 NAVEX15;NAVEX15; \??\C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20150517.021\NAVEX15.SYS [2015-05-01 1636696]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-02-08 10180896]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-10-03 133120]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2014-01-22 142936]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S2 NEWDRIVER;NEWDRIVER; \??\C:\Windows\system32\WinVDEdrv6.sys []
S3 catchme;catchme; \??\C:\Users\Admin\AppData\Local\Temp\catchme.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2011-07-29 14216]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2011-07-29 8456]
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2013-03-31 12400]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2013-03-31 25200]
S3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 26176]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usbaudio;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 usbvideo;Zobrazovací zařízení USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]
S3 XFDriver;XFDriver; \??\C:\Program Files\Xfire2\XFDriver.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LMIGuardianSvc;LMIGuardianSvc; C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-10-21 411920]
R2 NAV;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\21.7.0.11\NAV.exe [2015-03-07 262928]
R2 NCO;Norton Identity Safe; C:\Program Files\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [2015-03-05 131144]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-02-08 664864]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-11-14 1914656]
R2 PnkBstrA;PnkBstrA; C:\Windows\system32\PnkBstrA.exe [2015-02-14 76152]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service; C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2013-03-28 77352]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-12-24 1044816]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-06-23 194032]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 Origin Client Service;Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2015-02-01 1910128]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SolidWorks Licensing Service;SolidWorks Licensing Service; C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [2014-12-24 79360]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2015-05-15 837824]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-03-13 268464]
S4 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]
S4 DraftSight API Service;DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [2012-07-07 78336]
S4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files\LogMeIn Hamachi\hamachi-2.exe [2014-11-03 1894224]
S4 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S4 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2014-05-04 2152736]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2015-05-16 148080]
S4 msvsmon80;Visual Studio 2005 Remote Debugger; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2005-09-23 2799808]
S4 NetMsmqActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@c:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 TomTomHOMEService;TomTomHOMEService; C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [2014-06-05 93040]

-----------------EOF-----------------

#9 Příspěvek od **Rudy** » 18 kvě 2015 18:25

Až na to, že nezrušil položky "Hosts", což měl. Zkuste to znovu, třeba v nouz. režimu. Jinak je vše smazáno

VIRY.CZ

Vir + log

Vir + log

Re: Vir + log

Re: Vir + log

Re: Vir + log

Re: Vir + log

Re: Vir + log

Re: Vir + log

Re: Vir + log

Re: Vir + log