Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Zpráva

#46 Příspěvek od **motji** » 08 lis 2014 07:03

Omlouvám se Altrokovi za vstup.

Potomac - nevstupujte prosím do topicu, začíná to tu být nepřehledné. Kolega Altrok si to tu vyřeší sám

#47 Příspěvek od **altrok** » 08 lis 2014 12:47

v patek vecer dojedu domu, skocim si na fotbalek, travim vecer s rodinou, poradne vyspim a vy uz jste zase nedockavej, ze se Vam nikdo nebude venovat... urgovanim a upozornovanim na sebe v patek v noci k vyreseni Vaseho problemu opravdu neprispejete

Znovu spustte OTL
do okenka v OTL zkopirujte obsah bileho pole nize (vcetne pocatecni dvojtecky pred commands)
pak kliknete na Opravit
po restartu na Vas vyskoci log, jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

:commands
[Purity]
[EmptyTemp]
[EmptyFlash]
[EmptyJava]
[ResetHosts]
[CreateRestorePoint]

:services
globalUpdate
globalUpdatem
gupdate
gupdatem
Skype C2C Service

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Users\Startrek Galaxy\AppData\Roaming\SNYCHJ.exe
C:\Users\Startrek Galaxy\AppData\Roaming\AOZWMIG.exe
C:\Users\Startrek Galaxy\AppData\Local\globalUpdate
C:\Program Files (x86)\globalUpdate
C:\Windows\tasks\SNYCHJ.job
C:\Windows\tasks\AOZWMIG.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Startrek Galaxy\AppData\Roaming\SNYCHJ
C:\Users\Startrek Galaxy\AppData\Roaming\AOZWMIG
C:\ProgramData\Skype\Toolbars

:otl
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2835552249-4098613126-1455153776-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0E 70 CD 90 10 66 CA 01 [binary data]
IE - HKU\S-1-5-21-2835552249-4098613126-1455153776-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2835552249-4098613126-1455153776-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKU\S-1-5-21-2835552249-4098613126-1455153776-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[11 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[20 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[9 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:E7260698

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:7282ca85fea33c5ea870f58a7885de58]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]

navajo · #48 Příspěvek od **navajo** » 09 lis 2014 17:12

Promiň!!!! Altrok znejistěl jsem trošičku

Tady jen ten opravený OTL:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Startrek Galaxy
->Temp folder emptied: 457579 bytes
->Temporary Internet Files folder emptied: 5317412 bytes
->Java cache emptied: 263860 bytes
->FireFox cache emptied: 417306170 bytes
->Flash cache emptied: 6540 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 15312 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95336 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 404,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Startrek Galaxy
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Startrek Galaxy
->Java cache emptied: 0 bytes

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Error: No service named globalUpdate was found to stop!
Service\Driver key globalUpdate not found.
Error: No service named globalUpdatem was found to stop!
Service\Driver key globalUpdatem not found.
Error: No service named gupdate was found to stop!
Service\Driver key gupdate not found.
Error: No service named gupdatem was found to stop!
Service\Driver key gupdatem not found.
Error: No service named Skype C2C Service was found to stop!
Service\Driver key Skype C2C Service not found.
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1729.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1C17.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2AE6.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP6E21.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP72C0.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP7D69.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9387.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPB579.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF5C6.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAPF873.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP231E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2912.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2CE9.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP57C.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP5F9D.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP624B.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP6CD7.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7243.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP74B3.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7D2A.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP7D79.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8814.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8C47.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9221.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9EEF.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPBBDF.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPC264.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder moved successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE61A.tmp folder moved successfully.
C:\Windows\Installer\MSI5385.tmp moved successfully.
File\Folder C:\Users\Startrek Galaxy\AppData\Roaming\SNYCHJ.exe not found.
File\Folder C:\Users\Startrek Galaxy\AppData\Roaming\AOZWMIG.exe not found.
File\Folder C:\Users\Startrek Galaxy\AppData\Local\globalUpdate not found.
File\Folder C:\Program Files (x86)\globalUpdate not found.
C:\Windows\tasks\SNYCHJ.job moved successfully.
C:\Windows\tasks\AOZWMIG.job moved successfully.
File\Folder C:\Windows\tasks\GoogleUpdateTaskMachineUA.job not found.
File\Folder C:\Windows\tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Users\Startrek Galaxy\AppData\Roaming\SNYCHJ moved successfully.
C:\Users\Startrek Galaxy\AppData\Roaming\AOZWMIG moved successfully.
File\Folder C:\ProgramData\Skype\Toolbars not found.
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-2835552249-4098613126-1455153776-1001\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache_TIMESTAMP| /E : value set successfully!
HKEY_USERS\S-1-5-21-2835552249-4098613126-1455153776-1001\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2835552249-4098613126-1455153776-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_USERS\S-1-5-21-2835552249-4098613126-1455153776-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=\ not found.
File/Folder C:\Windows\*.tmp not found.
File/Folder C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp not found.
File/Folder C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp not found.
File/Folder C:\Windows\Installer\*.tmp not found.
File/Folder C:\Windows\Temp\*.tmp not found.
ADS C:\ProgramData\TEMP:E7260698 deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:7282ca85fea33c5ea870f58a7885de58\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ not found.
Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe\ not found.

OTL by OldTimer - Version 3.2.69.0 log created on 11092014_170613

Files\Folders moved on Reboot...
File\Folder C:\Users\Startrek Galaxy\AppData\Local\Temp\etilqs_2TAjfktzLbYoyVp not found!
File\Folder C:\Users\Startrek Galaxy\AppData\Local\Temp\etilqs_gXT4BbnDbvlQGKb not found!
C:\Users\Startrek Galaxy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

#49 Příspěvek od **altrok** » 09 lis 2014 19:14

Vyborne

Prozkousejte, jak se pocitac chova ted... Melo by se mu ulevit

Dejte jeste novy log RSIT.

navajo · #50 Příspěvek od **navajo** » 09 lis 2014 19:37

Je to blesk

Tady je ten RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Startrek Galaxy at 2014-11-09 19:34:58
Microsoft Windows 7 Ultimate Service Pack 1
System drive C: has 168 GB (35%) free of 477 GB
Total RAM: 4094 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:35:09, on 9.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Startrek Galaxy.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 5126 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"

"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
"C:\Users\Startrek Galaxy\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

=========Mozilla firefox=========

ProfilePath - C:\Users\Startrek Galaxy\AppData\Roaming\Mozilla\Firefox\Profiles\z1pfgwdy.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.15, {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0]
"Description"=DivX® Player Plugin for VOD Content
"Path"=C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4]
"Description"=ESN Sonar browser plugin
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=2.1.7]
"Description"=
"Path"=C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00]
"Description"=Plug-in to check PlayStation(R)Network Downloader.
"Path"=C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\Sony\Media Go\npmediago.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
npDivxPlayerPlugin.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
nsIDivxPlayerPlugin.xpt
QuickTimePlugin.class

C:\Users\Startrek Galaxy\AppData\Roaming\Mozilla\Firefox\Profiles\z1pfgwdy.default\searchplugins\
mapycz.xml
multisharecz.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-10-18 42272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]
C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe [2010-08-20 33120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate]
C:\Users\Startrek Galaxy\AppData\Roaming\Seznam.cz\szninstall.exe -c []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop]
C:\Users\Startrek Galaxy\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe -q []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]
C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EADM]
C:\Program Files (x86)\Origin\Origin.exe [2014-02-22 3598680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nvtmru]
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [2013-05-16 1012000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp]
C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2009-09-05 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce]
C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:7282ca85fea33c5ea870f58a7885de58]
C:\Users\STARTR~1\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe -c C:\Users\Startrek Galaxy\AppData\Roaming\Seznam.cz []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27 22041192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion]
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2014-09-01 468192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe -osboot []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.ac3filter"=ac3filter64.acm
"vidc.XVID"=xvidvfw.dll
"vidc.ffds"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-11-09 17:06:13 ----D---- C:\_OTL
2014-11-07 15:27:48 ----D---- C:\AdwCleaner
2014-11-07 13:35:19 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-11-07 13:35:00 ----D---- C:\ProgramData\Malwarebytes
2014-11-07 13:35:00 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-07 13:35:00 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-11-07 13:35:00 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-11-07 13:35:00 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-11-07 01:34:00 ----D---- C:\rsit
2014-11-07 01:34:00 ----D---- C:\Program Files\trend micro
2014-11-06 15:07:24 ----D---- C:\Program Files (x86)\Seznam.cz
2014-11-06 15:07:16 ----D---- C:\Users\Startrek Galaxy\AppData\Roaming\Seznam.cz
2014-10-21 09:39:26 ----D---- C:\Program Files (x86)\Google
2014-10-15 15:16:09 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 15:16:06 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 15:16:06 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 15:16:06 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 15:16:06 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 15:16:05 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 15:16:05 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 15:15:46 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 15:15:46 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 15:15:45 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 15:15:44 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 15:15:42 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 15:15:40 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 15:15:40 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 15:15:40 ----A---- C:\Windows\system32\mf.dll
2014-10-15 15:15:39 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 15:15:39 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 15:15:36 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 15:15:36 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 15:15:36 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 15:15:36 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 15:15:36 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 15:15:36 ----A---- C:\Windows\system32\ci.dll
2014-10-15 15:15:35 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 15:15:35 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 15:15:35 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 15:15:35 ----A---- C:\Windows\system32\winload.exe
2014-10-15 15:15:35 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 15:15:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 15:15:35 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 15:15:35 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 15:15:34 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 15:15:34 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 15:15:34 ----A---- C:\Windows\system32\evr.dll
2014-10-15 15:15:34 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 15:15:34 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 15:15:34 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 15:15:33 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 15:15:33 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 15:15:33 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 15:15:33 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 15:15:33 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 15:15:33 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 15:15:33 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 15:15:33 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 15:15:33 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 15:15:33 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 15:15:33 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 15:15:33 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 15:15:32 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 15:15:32 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 15:15:32 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 15:15:32 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 15:15:31 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 15:15:31 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 15:15:31 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 15:15:31 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 15:15:31 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 15:15:31 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 15:15:31 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 15:15:31 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 15:15:31 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 15:15:31 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 15:15:31 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 15:15:31 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 15:15:31 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 15:15:30 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 15:15:30 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 15:15:30 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 15:15:30 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 15:15:30 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 15:15:30 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 15:15:30 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 15:15:30 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 15:15:29 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 15:15:29 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 15:15:29 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 15:15:29 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 15:15:29 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 15:15:29 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 15:15:29 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 15:15:19 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 15:15:19 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 15:15:18 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 15:15:17 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 15:15:17 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 15:15:17 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 15:15:17 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 15:15:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 15:15:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 15:15:16 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 15:15:16 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 15:15:16 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 15:15:16 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 15:15:16 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 15:15:16 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 15:15:16 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 15:15:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 15:15:14 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 15:15:14 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 15:15:14 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 15:15:14 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 15:15:14 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 15:15:14 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 15:15:14 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 15:15:13 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 15:15:13 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 15:15:13 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 15:15:13 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 15:15:13 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 15:15:13 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 15:15:12 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 15:15:12 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 15:15:12 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 15:15:12 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 15:15:11 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 15:15:11 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 15:15:11 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 15:15:11 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 15:15:11 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 15:15:11 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 15:15:11 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 15:15:10 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 15:15:10 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 15:15:10 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 15:15:10 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 15:15:10 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 15:15:09 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 15:15:09 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 15:15:09 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 15:15:09 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 15:15:09 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 15:15:08 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 15:15:08 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 15:15:07 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 15:15:01 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 15:14:44 ----A---- C:\Windows\system32\msi.dll
2014-10-15 15:14:43 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 15:14:40 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 15:14:39 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 15:14:32 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 15:14:32 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 15:14:31 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 15:14:31 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 15:14:31 ----A---- C:\Windows\system32\mstsc.exe
2014-10-15 15:14:30 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 15:14:30 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2014-10-15 15:14:30 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 15:14:30 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 15:14:30 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 15:14:30 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 15:14:29 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 15:14:29 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 15:14:29 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2014-10-15 15:14:29 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 15:14:29 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 15:14:29 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 15:14:23 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 15:14:23 ----A---- C:\Windows\system32\packager.dll

======List of files/folders modified in the last 1 month======

2014-11-09 19:32:37 ----D---- C:\Downloads
2014-11-09 19:32:16 ----AD---- C:\ProgramData\TEMP
2014-11-09 17:31:39 ----D---- C:\Windows\system32\config
2014-11-09 17:21:55 ----D---- C:\Windows\Temp
2014-11-09 17:20:47 ----SHD---- C:\System Volume Information
2014-11-09 17:13:28 ----D---- C:\Windows\System32
2014-11-09 17:13:28 ----D---- C:\Windows\inf
2014-11-09 17:13:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-09 17:07:54 ----D---- C:\Windows\Tasks
2014-11-09 17:07:13 ----SHD---- C:\Windows\Installer
2014-11-09 17:06:38 ----D---- C:\Windows\system32\drivers\etc
2014-11-09 17:06:37 ----D---- C:\Windows
2014-11-08 01:45:14 ----D---- C:\Movie Prosinec
2014-11-07 15:23:57 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-07 15:23:54 ----D---- C:\Windows\system32\drivers
2014-11-07 15:22:05 ----D---- C:\Windows\debug
2014-11-07 15:07:39 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-07 13:35:00 ----RD---- C:\Program Files (x86)
2014-11-07 13:35:00 ----HD---- C:\ProgramData
2014-11-07 09:57:01 ----RSD---- C:\Windows\assembly
2014-11-07 09:57:00 ----D---- C:\Program Files (x86)\Sony
2014-11-07 09:55:11 ----D---- C:\Windows\SysWOW64
2014-11-07 09:55:07 ----D---- C:\Program Files (x86)\Common Files
2014-11-07 09:55:06 ----D---- C:\Users\Startrek Galaxy\AppData\Roaming\Real
2014-11-07 09:53:21 ----D---- C:\ProgramData\Sony Ericsson
2014-11-07 09:53:20 ----D---- C:\Program Files (x86)\Sony Ericsson
2014-11-07 09:52:32 ----D---- C:\Windows\system32\Tasks
2014-11-07 02:26:53 ----RD---- C:\Program Files (x86)\Skype
2014-11-07 02:26:22 ----D---- C:\Windows\system32\appmgmt
2014-11-07 01:34:00 ----RD---- C:\Program Files
2014-11-06 15:23:43 ----D---- C:\Program Files (x86)\7-Zip
2014-11-06 15:10:22 ----SD---- C:\Users\Startrek Galaxy\AppData\Roaming\Microsoft
2014-11-06 15:09:27 ----D---- C:\Windows\Prefetch
2014-10-30 12:25:26 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-26 17:02:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-10-26 16:51:07 ----D---- C:\Windows\system32\DriverStore
2014-10-25 14:53:45 ----D---- C:\Movie Listopad
2014-10-21 08:58:21 ----D---- C:\ProgramData\NVIDIA
2014-10-20 15:02:10 ----D---- C:\Windows\system32\catroot2
2014-10-17 14:03:36 ----D---- C:\Fotografie
2014-10-17 11:01:43 ----D---- C:\Windows\rescache
2014-10-16 16:46:44 ----D---- C:\Windows\Microsoft.NET
2014-10-15 17:02:12 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-15 16:53:59 ----D---- C:\Windows\winsxs
2014-10-15 16:51:25 ----SD---- C:\Windows\system32\CompatTel
2014-10-15 16:51:25 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 16:51:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 16:51:25 ----D---- C:\Windows\system32\en-US
2014-10-15 16:51:25 ----D---- C:\Windows\system32\Dism
2014-10-15 16:51:25 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 16:51:25 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 16:51:25 ----D---- C:\Windows\system32\Boot
2014-10-15 16:51:25 ----D---- C:\Program Files\Windows Media Player
2014-10-15 16:51:25 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 16:51:24 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 16:51:24 ----D---- C:\Program Files\Internet Explorer
2014-10-15 16:51:24 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 16:09:41 ----D---- C:\Windows\system32\MRT
2014-10-15 16:06:49 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 15:14:20 ----D---- C:\Windows\system32\catroot
2014-10-10 01:16:15 ----D---- C:\Knihy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-12-11 503352]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
S3 ae9nti6k;ae9nti6k; C:\Windows\system32\drivers\ae9nti6k.sys []
S3 ahbf0cet;ahbf0cet; C:\Windows\system32\drivers\ahbf0cet.sys []
S3 ggflt;SEMC USB Flash Driver Filter; C:\Windows\system32\DRIVERS\ggflt.sys [2012-10-24 14448]
S3 ggsemc;SEMC USB Flash Driver; C:\Windows\system32\DRIVERS\ggsemc.sys [2012-10-24 27760]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 Synth3dVsc;Synth3dVsc; C:\Windows\System32\drivers\synth3dvsc.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 tsusbhub;@%SystemRoot%\system32\drivers\tsusbhub.sys,-1; C:\Windows\system32\drivers\tsusbhub.sys []
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys []
S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys []
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2012-03-08 76888]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-12 1255736]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-04 64704]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-15 267440]
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-07 114288]
S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-05-15 935208]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-03-15 877856]
S4 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-05-16 1826592]
S4 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S4 StarWindServiceAE;StarWind AE Service; C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [2009-12-23 370688]
S4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-03-14 383264]

-----------------EOF-----------------

#51 Příspěvek od **altrok** » 09 lis 2014 21:44

Vyborne, takze jeste drobne kosmeticke upravy a blizime se do finise!

Ulozte na plochu OTM - http://oldtimer.geekstogo.com/OTM.exe
ukoncete vsechny programy
kliknete pravym na ikonu OTM.exe a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
obsah bileho pole zkopirujte do leveho okna OTM a kliknete na MoveIt!
po restartu vlozte log, ktery bude v C:\_OTM\MovedFiles\mmddyyyy_hhmmss.log

Kód: Vybrat vše

:commands
[Purity]
[EmptyTemp]
[EmptyFlash]
[EmptyJava]
[ResetHosts]
[ClearAllRestorePoints]
[CreateRestorePoint]

:services
AdobeARMservice
AdobeFlashPlayerUpdateSvc

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\Program Files (x86)\Zrychleni Pocitace
C:\Program Files\trend micro

:reg
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:7282ca85fea33c5ea870f58a7885de58] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] /64

navajo · #52 Příspěvek od **navajo** » 09 lis 2014 22:54

Tady je to OTM:

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

User: Startrek Galaxy
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 128 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 373296013 bytes
->Flash cache emptied: 1749 bytes

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12510 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 40232 bytes
%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 753 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 356,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Public

User: Startrek Galaxy
->Flash cache emptied: 0 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Startrek Galaxy
->Java cache emptied: 0 bytes

User: UpdatusUser

Total Java Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

Restore point Set: OTM Restore Point
Restore point Set: OTM Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
File/Folder C:\Program Files (x86)\Zrychleni Pocitace not found.
C:\Program Files\trend micro folder moved successfully.
========== REGISTRY ==========
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:7282ca85fea33c5ea870f58a7885de58\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched\ deleted successfully.

OTM by OldTimer - Version 3.1.21.0 log created on 11092014_224705

Files moved on Reboot...
C:\Users\Startrek Galaxy\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

#53 Příspěvek od **altrok** » 09 lis 2014 22:55

Takze jeste uklidime.

Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
Oznacte jen moznost "Remove disinfection tools"
kliknete na Run

A pokud nejsou dotazy ci jine problemy, je to ode mne vse.

navajo · #54 Příspěvek od **navajo** » 09 lis 2014 23:02

Děkuji nastokrát a pošlu poděkování.Děkuji všem a zvlášť Altrokovi za ochotu a trpělivost

#55 Příspěvek od **altrok** » 09 lis 2014 23:06

Nemate zac, rad jsem pomohl

Za podporu fora jmenem celeho tymu dekuji

Pro priste prosim Vas na pomoc vyckejte bez zbytecneho pripominani. Pomahame tu s resenim vasich problemu ve svem volnem case (nekteri nekolik hodin kazdy den) a takovym chovanim si pozornost opravdu neziskate

Mejte se a treba zase nekdy

navajo · #56 Příspěvek od **navajo** » 09 lis 2014 23:13

Čauky a díky.Poděkování již odesláno.Stydím se,že jsem byl nedočkavý.

P.S. můžeš to tu uzavřít. Zatím a hezký zbytek noci

#57 Příspěvek od **altrok** » 09 lis 2014 23:16

Tema jen uzamkneme a ponechame pro studjini ucely.

VIRY.CZ

Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Re: Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Re: Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Re: Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Re: Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Re: Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Re: Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Re: Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Re: Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Re: Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Re: Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Re: Prosím o kontrolu logu.(stáhnutý nějaký hack exe)

Re: Prosím o kontrolu logu.(stáhnutý nějaký hack exe)