Prosím o kontrolu

[krnac]

RogueKiller V8.8.0 [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Podpora : http://www.adlice.com/forum/
Webové stránky : http://www.adlice.com/softwares/roguekiller/
: http://www.adlice.com

Operační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno v : Normální režim
Uživatel : Michaela [Práva správce]
Mód : Oprava HOSTS -- Datum : 01/05/2014 14:35:50
| ARK || FAK || MBR |

¤¤¤ Škodlivé procesy: : 2 ¤¤¤
[SUSP PATH] cloud.exe -- C:\Users\Michaela\AppData\Local\CloudStation\bin\cloud.exe [7] -> SMAZÁNO [TermProc]
[SUSP PATH] client-win.exe -- C:\Users\Michaela\AppData\Local\CloudStation\bin\client-win.exe [7] -> SMAZÁNO [TermProc]

¤¤¤ ¤¤¤ Záznamy Registrů: : 0 ¤¤¤

¤¤¤ Ovladač : [NENAHRÁNO 0x0] ¤¤¤

¤¤¤ Externí včelstvo: ¤¤¤

¤¤¤ Nákaza : ¤¤¤

¤¤¤ Soubor HOSTS: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Resetovaný HOSTS: ¤¤¤


Dokončeno : << RKreport[0]_H_01052014_143550.txt >>
RKreport[0]_D_01052014_143506.txt;RKreport[0]_S_01052014_125120.txt;RKreport[0]_S_01052014_143452.txt

[Márty84]

Dejte novy log z RSIT

[krnac]

Logfile of random's system information tool 1.09 (written by random/random)
Run by Michaela at 2014-01-05 14:44:28
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 8 GB (3%) free of 290 GB
Total RAM: 4056 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:44:32, on 5.1.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe
C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\trend micro\Michaela.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/defau ... l=cs&s=bsd
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O4 - HKLM\..\Run: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Data Replicator 3] "C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe" /MIN
O4 - HKCU\..\Run: [Copernic Desktop Search - Home] "C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: CloudStation.lnk = AppData\Local\CloudStation\bin\cloud.exe
O4 - Global Startup: O&O Defrag Tray.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Přidat do součásti Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ie_banner_deny.htm
O8 - Extra context menu item: Připojit cíl vazby k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Připojit k existujícímu PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: Virtuální klávesnice - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Kontrola adres URL - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Služba Kaspersky Anti-Virus (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: lxeaCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe
O23 - Service: lxea_device - - C:\Windows\system32\lxeacoms.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12384 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe
"C:\Program Files\Tablet\Pen\Pen_TouchService.exe"
/QuitInfo:000000000000024C;0000000000000268; /AddRef;
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE" "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe"
C:\Windows\system32\WLANExt.exe 4259024
\??\C:\Windows\system32\conhost.exe "-487929111-4466831611296342845-1552540757-1416577320415353471-935510515-1732902970
C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe" -r
C:\Windows\system32\lxeacoms.exe -service
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
"C:\Program Files\OO Software\Defrag\oodag.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe"
WLIDSvcM.exe 2248
C:\Windows\System32\alg.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avpui.exe" -hidden /prefetch:1
/QuitInfo:0000000000000924;0000000000000928; /AddRef;
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-dcc6b840-68f0-43d6-a70a-762e0898750a -SystemEventPortName:HostProcess-9c9b9c9d-e521-4aef-ba02-cc6b2ed67124 -IoCancelEventPortName:HostProcess-27d76a29-1e8b-42d5-88be-515bf4b4463b -NonStateChangingEventPortName:HostProcess-4fa2672e-d4af-490b-ae9b-b26fd969b069 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7ef325c3-e9f0-42ee-a2dd-2338ae202ff9 -DeviceGroupId:WpdFsGroup
/QuitInfo:00000000000008E8;00000000000008AC;
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe"
"C:\Program Files\Tablet\Pen\Pen_TouchUser.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
"C:\Program Files\Tablet\Pen\Pen_TabletUser.exe"
/loadhooks /Parent:0000000000000C30
"C:\Program Files\Tablet\Pen\Pen_Tablet.exe" au
"C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\Version9\TeamViewer9_Logfile.log
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\DellTPad\Apoint.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE"
C:\Windows\system32\igfxsrvc.exe -Embedding
"C:\Program Files\Dell\QuickSet\quickset.exe"
"C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe"
"C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe"
"C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe"
"C:\Program Files\OO Software\Defrag\oodtray.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\DellTPad\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files\DellTPad\HidFind.exe"
"C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe" /MIN
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "-1297775897-13349434492096514818-3360865401763387293-2145270492-1197387500-469574031
"C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe" /tray
"C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
"C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe" --IPCport 5939
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\Michaela\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2944712088-2880661808-2668827523-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2944712088-2880661808-2668827523-1000UA.job
C:\Windows\tasks\Synology Data Replicator 3-Michaela-PC-Michaela.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\3ce7c1ns.default

prefs.js - "browser.startup.homepage" - "http://www.centrum.cz"
prefs.js - "extensions.enabledItems" - "linkfilter@kaspersky.ru:11.0.0.232, {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, KavAntiBanner@Kaspersky.ru:11.0.0.232, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.10"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=1.1.11]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4]
"Description"=WebTablet Plugin API
"Path"=C:\Program Files (x86)\TabletPlugins\npwacom.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
NPOFF12.DLL
NPOFFICE.DLL
nppdf32.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-27 800448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-12-27 1452224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-08 551840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-27 550080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-08 209824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-27 988864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F}]
Content Blocker Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2013-12-27 655040]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73455575-E40C-433C-9784-C78DC7761455}]
Virtual Keyboard Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2013-12-27 1194176]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E6D0D23-3D72-4A94-AE1F-2D167624E3D9}]
Safe Money Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2013-12-27 455360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2011-05-13 393600]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-09 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
URL Advisor Plugin - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2013-12-27 793280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2009-01-23 305664]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2009-06-29 444416]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2009-06-30 165912]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2009-06-30 385560]
"Persistence"=C:\Windows\system32\igfxpers.exe [2009-06-30 365080]
"Broadcom Wireless Manager UI"=C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [2009-07-17 4968960]
"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2009-07-02 3180624]
"IAAnotif"=C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-06-05 186904]
"lxeamon.exe"=C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe [2011-01-23 770728]
"EzPrint"=C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe [2009-10-01 139944]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2013-04-19 7074096]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2011-05-13 4283256]
"Data Replicator 3"=C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe [2013-04-24 11590528]
"Copernic Desktop Search - Home"=C:\Program Files (x86)\Copernic Desktop Search - Home\DesktopSearchService.exe [2013-01-28 1692200]
"Facebook Update"=C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-07-30 138096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe -launchedbylogin []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO]
C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~2\Server\bin\VERSIO~2.EXE []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bamboo Dock]
C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe [2010-12-23 178176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore]
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [2010-12-23 629336]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2010-04-01 357696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Data Replicator 3]
C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe [2013-04-24 11590528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-06-25 140520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\\Phone\Skype.exe /nosplash /minimized []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Dell Webcam Central"=C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [2009-06-24 409744]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-02-22 406992]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
O&O Defrag Tray.lnk - C:\Windows\Installer\{72C47E50-F95D-415C-8EA5-AE6899B151F3}\DefragIcon.exe

C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
CloudStation.lnk - C:\Users\Michaela\AppData\Local\CloudStation\bin\cloud.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-06-03 257536]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit -
.js - open -
.txt - open -

======List of files/folders created in the last 1 month======

2014-01-05 12:51:13 ----A---- C:\Windows\system32\drivers\yk62x64.sys.bak
2014-01-05 12:51:13 ----A---- C:\Windows\system32\drivers\WUDFRd.sys.bak
2014-01-05 12:51:13 ----A---- C:\Windows\system32\drivers\WUDFPf.sys.bak
2014-01-05 12:51:13 ----A---- C:\Windows\system32\drivers\WSDPrint.sys.bak
2014-01-05 12:51:12 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys.bak
2014-01-05 12:51:12 ----A---- C:\Windows\system32\drivers\wmilib.sys.bak
2014-01-05 12:51:12 ----A---- C:\Windows\system32\drivers\wmiacpi.sys.bak
2014-01-05 12:51:12 ----A---- C:\Windows\system32\drivers\wimmount.sys.bak
2014-01-05 12:51:12 ----A---- C:\Windows\system32\drivers\wfplwf.sys.bak
2014-01-05 12:51:11 ----A---- C:\Windows\system32\drivers\WdfLdr.sys.bak
2014-01-05 12:51:11 ----A---- C:\Windows\system32\drivers\Wdf01000.sys.bak
2014-01-05 12:51:11 ----A---- C:\Windows\system32\drivers\wd.sys.bak
2014-01-05 12:51:11 ----A---- C:\Windows\system32\drivers\watchdog.sys.bak
2014-01-05 12:51:10 ----A---- C:\Windows\system32\drivers\wanarp.sys.bak
2014-01-05 12:51:10 ----A---- C:\Windows\system32\drivers\wacomvhid.sys.bak
2014-01-05 12:51:10 ----A---- C:\Windows\system32\drivers\wacompen.sys.bak
2014-01-05 12:51:10 ----A---- C:\Windows\system32\drivers\wacommousefilter.sys.bak
2014-01-05 12:51:09 ----A---- C:\Windows\system32\drivers\vwifimp.sys.bak
2014-01-05 12:51:09 ----A---- C:\Windows\system32\drivers\vwififlt.sys.bak
2014-01-05 12:51:09 ----A---- C:\Windows\system32\drivers\vwifibus.sys.bak
2014-01-05 12:51:09 ----A---- C:\Windows\system32\drivers\vsmraid.sys.bak
2014-01-05 12:51:09 ----A---- C:\Windows\system32\drivers\volsnap.sys.bak
2014-01-05 12:51:08 ----A---- C:\Windows\system32\drivers\volmgrx.sys.bak
2014-01-05 12:51:08 ----A---- C:\Windows\system32\drivers\volmgr.sys.bak
2014-01-05 12:51:08 ----A---- C:\Windows\system32\drivers\videoprt.sys.bak
2014-01-05 12:51:08 ----A---- C:\Windows\system32\drivers\viaide.sys.bak
2014-01-05 12:51:08 ----A---- C:\Windows\system32\drivers\vhdmp.sys.bak
2014-01-05 12:51:07 ----A---- C:\Windows\system32\drivers\vgapnp.sys.bak
2014-01-05 12:51:07 ----A---- C:\Windows\system32\drivers\vga.sys.bak
2014-01-05 12:51:07 ----A---- C:\Windows\system32\drivers\vdrvroot.sys.bak
2014-01-05 12:51:07 ----A---- C:\Windows\system32\drivers\usbvideo.sys.bak
2014-01-05 12:51:07 ----A---- C:\Windows\system32\drivers\usbuhci.sys.bak
2014-01-05 12:51:06 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS.bak
2014-01-05 12:51:06 ----A---- C:\Windows\system32\drivers\usbscan.sys.bak
2014-01-05 12:51:06 ----A---- C:\Windows\system32\drivers\usbrpm.sys.bak
2014-01-05 12:51:06 ----A---- C:\Windows\system32\drivers\usbprint.sys.bak
2014-01-05 12:51:05 ----A---- C:\Windows\system32\drivers\usbport.sys.bak
2014-01-05 12:51:05 ----A---- C:\Windows\system32\drivers\usbohci.sys.bak
2014-01-05 12:51:05 ----A---- C:\Windows\system32\drivers\usbhub.sys.bak
2014-01-05 12:51:05 ----A---- C:\Windows\system32\drivers\usbehci.sys.bak
2014-01-05 12:51:05 ----A---- C:\Windows\system32\drivers\usbd.sys.bak
2014-01-05 12:51:04 ----A---- C:\Windows\system32\drivers\usbcir.sys.bak
2014-01-05 12:51:04 ----A---- C:\Windows\system32\drivers\usbccgp.sys.bak
2014-01-05 12:51:04 ----A---- C:\Windows\system32\drivers\USBCAMD2.sys.bak
2014-01-05 12:51:04 ----A---- C:\Windows\system32\drivers\usb8023.sys.bak
2014-01-05 12:51:04 ----A---- C:\Windows\system32\drivers\umpass.sys.bak
2014-01-05 12:51:03 ----A---- C:\Windows\system32\drivers\umbus.sys.bak
2014-01-05 12:51:03 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS.bak
2014-01-05 12:51:03 ----A---- C:\Windows\system32\drivers\udfs.sys.bak
2014-01-05 12:51:03 ----A---- C:\Windows\system32\drivers\UAGP35.SYS.bak
2014-01-05 12:51:02 ----A---- C:\Windows\system32\drivers\tunnel.sys.bak
2014-01-05 12:51:02 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys.bak
2014-01-05 12:51:02 ----A---- C:\Windows\system32\drivers\tssecsrv.sys.bak
2014-01-05 12:51:02 ----A---- C:\Windows\system32\drivers\termdd.sys.bak
2014-01-05 12:51:02 ----A---- C:\Windows\system32\drivers\tdx.sys.bak
2014-01-05 12:51:01 ----A---- C:\Windows\system32\drivers\tdtcp.sys.bak
2014-01-05 12:51:01 ----A---- C:\Windows\system32\drivers\tdpipe.sys.bak
2014-01-05 12:51:01 ----A---- C:\Windows\system32\drivers\tdi.sys.bak
2014-01-05 12:51:01 ----A---- C:\Windows\system32\drivers\tcpipreg.sys.bak
2014-01-05 12:51:00 ----A---- C:\Windows\system32\drivers\tcpip.sys.bak
2014-01-05 12:51:00 ----A---- C:\Windows\system32\drivers\tape.sys.bak
2014-01-05 12:51:00 ----A---- C:\Windows\system32\drivers\swenum.sys.bak
2014-01-05 12:50:59 ----A---- C:\Windows\system32\drivers\stwrt64.sys.bak
2014-01-05 12:50:59 ----A---- C:\Windows\system32\drivers\stream.sys.bak
2014-01-05 12:50:59 ----A---- C:\Windows\system32\drivers\storport.sys.bak
2014-01-05 12:50:59 ----A---- C:\Windows\system32\drivers\stexstor.sys.bak
2014-01-05 12:50:59 ----A---- C:\Windows\system32\drivers\srvnet.sys.bak
2014-01-05 12:50:58 ----A---- C:\Windows\system32\drivers\srv2.sys.bak
2014-01-05 12:50:58 ----A---- C:\Windows\system32\drivers\srv.sys.bak
2014-01-05 12:50:58 ----A---- C:\Windows\system32\drivers\sptd.sys.bak
2014-01-05 12:50:58 ----A---- C:\Windows\system32\drivers\spsys.sys.bak
2014-01-05 12:50:57 ----A---- C:\Windows\system32\drivers\spldr.sys.bak
2014-01-05 12:50:57 ----A---- C:\Windows\system32\drivers\smclib.sys.bak
2014-01-05 12:50:57 ----A---- C:\Windows\system32\drivers\smb.sys.bak
2014-01-05 12:50:57 ----A---- C:\Windows\system32\drivers\sisraid4.sys.bak
2014-01-05 12:50:56 ----A---- C:\Windows\system32\drivers\sisraid2.sys.bak
2014-01-05 12:50:56 ----A---- C:\Windows\system32\drivers\sfloppy.sys.bak
2014-01-05 12:50:56 ----A---- C:\Windows\system32\drivers\sffp_sd.sys.bak
2014-01-05 12:50:56 ----A---- C:\Windows\system32\drivers\sffp_mmc.sys.bak
2014-01-05 12:50:56 ----A---- C:\Windows\system32\drivers\sffdisk.sys.bak
2014-01-05 12:50:55 ----A---- C:\Windows\system32\drivers\sermouse.sys.bak
2014-01-05 12:50:55 ----A---- C:\Windows\system32\drivers\serial.sys.bak
2014-01-05 12:50:55 ----A---- C:\Windows\system32\drivers\serenum.sys.bak
2014-01-05 12:50:55 ----A---- C:\Windows\system32\drivers\secdrv.sys.bak
2014-01-05 12:50:55 ----A---- C:\Windows\system32\drivers\scsiport.sys.bak
2014-01-05 12:50:54 ----A---- C:\Windows\system32\drivers\scfilter.sys.bak
2014-01-05 12:50:54 ----A---- C:\Windows\system32\drivers\sbp2port.sys.bak
2014-01-05 12:50:54 ----A---- C:\Windows\system32\drivers\RtsUStor.sys.bak
2014-01-05 12:50:54 ----A---- C:\Windows\system32\drivers\rspndr.sys.bak
2014-01-05 12:50:54 ----A---- C:\Windows\system32\drivers\rootmdm.sys.bak
2014-01-05 12:50:53 ----A---- C:\Windows\system32\drivers\RNDISMP.sys.bak
2014-01-05 12:50:53 ----A---- C:\Windows\system32\drivers\rmcast.sys.bak
2014-01-05 12:50:53 ----A---- C:\Windows\system32\drivers\rdyboost.sys.bak
2014-01-05 12:50:53 ----A---- C:\Windows\system32\drivers\rdpwd.sys.bak
2014-01-05 12:50:52 ----A---- C:\Windows\system32\drivers\RDPREFMP.sys.bak
2014-01-05 12:50:52 ----A---- C:\Windows\system32\drivers\RDPENCDD.sys.bak
2014-01-05 12:50:52 ----A---- C:\Windows\system32\drivers\RDPCDD.sys.bak
2014-01-05 12:50:52 ----A---- C:\Windows\system32\drivers\rdpbus.sys.bak
2014-01-05 12:50:52 ----A---- C:\Windows\system32\drivers\rdbss.sys.bak
2014-01-05 12:50:51 ----A---- C:\Windows\system32\drivers\rassstp.sys.bak
2014-01-05 12:50:51 ----A---- C:\Windows\system32\drivers\raspptp.sys.bak
2014-01-05 12:50:51 ----A---- C:\Windows\system32\drivers\raspppoe.sys.bak
2014-01-05 12:50:51 ----A---- C:\Windows\system32\drivers\rasl2tp.sys.bak
2014-01-05 12:50:51 ----A---- C:\Windows\system32\drivers\rasacd.sys.bak
2014-01-05 12:50:50 ----A---- C:\Windows\system32\drivers\qwavedrv.sys.bak
2014-01-05 12:50:49 ----A---- C:\Windows\system32\drivers\ql40xx.sys.bak
2014-01-05 12:50:49 ----A---- C:\Windows\system32\drivers\ql2300.sys.bak
2014-01-05 12:50:49 ----A---- C:\Windows\system32\drivers\processr.sys.bak
2014-01-05 12:50:48 ----A---- C:\Windows\system32\drivers\portcls.sys.bak
2014-01-05 12:50:48 ----A---- C:\Windows\system32\drivers\PEAuth.sys.bak
2014-01-05 12:50:47 ----A---- C:\Windows\system32\drivers\pcw.sys.bak
2014-01-05 12:50:47 ----A---- C:\Windows\system32\drivers\pcmcia.sys.bak
2014-01-05 12:50:47 ----A---- C:\Windows\system32\drivers\pciidex.sys.bak
2014-01-05 12:50:47 ----A---- C:\Windows\system32\drivers\pciide.sys.bak
2014-01-05 12:50:47 ----A---- C:\Windows\system32\drivers\pci.sys.bak
2014-01-05 12:50:46 ----A---- C:\Windows\system32\drivers\partmgr.sys.bak
2014-01-05 12:50:46 ----A---- C:\Windows\system32\drivers\parport.sys.bak
2014-01-05 12:50:46 ----A---- C:\Windows\system32\drivers\pacer.sys.bak
2014-01-05 12:50:46 ----A---- C:\Windows\system32\drivers\ohci1394.sys.bak
2014-01-05 12:50:45 ----A---- C:\Windows\system32\drivers\nwifi.sys.bak
2014-01-05 12:50:45 ----A---- C:\Windows\system32\drivers\nvstor.sys.bak
2014-01-05 12:50:45 ----A---- C:\Windows\system32\drivers\nvraid.sys.bak
2014-01-05 12:50:45 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS.bak
2014-01-05 12:50:44 ----A---- C:\Windows\system32\drivers\null.sys.bak
2014-01-05 12:50:44 ----A---- C:\Windows\system32\drivers\ntfs.sys.bak
2014-01-05 12:50:44 ----A---- C:\Windows\system32\drivers\nsiproxy.sys.bak
2014-01-05 12:50:43 ----A---- C:\Windows\system32\drivers\npfs.sys.bak
2014-01-05 12:50:43 ----A---- C:\Windows\system32\drivers\nfrd960.sys.bak
2014-01-05 12:50:43 ----A---- C:\Windows\system32\drivers\netio.sys.bak
2014-01-05 12:50:43 ----A---- C:\Windows\system32\drivers\netbt.sys.bak
2014-01-05 12:50:42 ----A---- C:\Windows\system32\drivers\netbios.sys.bak
2014-01-05 12:50:42 ----A---- C:\Windows\system32\drivers\ndproxy.sys.bak
2014-01-05 12:50:42 ----A---- C:\Windows\system32\drivers\ndiswan.sys.bak
2014-01-05 12:50:42 ----A---- C:\Windows\system32\drivers\ndisuio.sys.bak
2014-01-05 12:50:42 ----A---- C:\Windows\system32\drivers\ndistapi.sys.bak
2014-01-05 12:50:41 ----A---- C:\Windows\system32\drivers\ndiscap.sys.bak
2014-01-05 12:50:41 ----A---- C:\Windows\system32\drivers\ndis.sys.bak
2014-01-05 12:50:41 ----A---- C:\Windows\system32\drivers\mup.sys.bak
2014-01-05 12:50:40 ----A---- C:\Windows\system32\drivers\MTConfig.sys.bak
2014-01-05 12:50:40 ----A---- C:\Windows\system32\drivers\mstee.sys.bak
2014-01-05 12:50:40 ----A---- C:\Windows\system32\drivers\mssmbios.sys.bak
2014-01-05 12:50:40 ----A---- C:\Windows\system32\drivers\msrpc.sys.bak
2014-01-05 12:50:40 ----A---- C:\Windows\system32\drivers\mspqm.sys.bak
2014-01-05 12:50:39 ----A---- C:\Windows\system32\drivers\mspclock.sys.bak
2014-01-05 12:50:39 ----A---- C:\Windows\system32\drivers\mskssrv.sys.bak
2014-01-05 12:50:39 ----A---- C:\Windows\system32\drivers\msiscsi.sys.bak
2014-01-05 12:50:39 ----A---- C:\Windows\system32\drivers\msisadrv.sys.bak
2014-01-05 12:50:39 ----A---- C:\Windows\system32\drivers\mshidkmdf.sys.bak
2014-01-05 12:50:38 ----A---- C:\Windows\system32\drivers\msfs.sys.bak
2014-01-05 12:50:38 ----A---- C:\Windows\system32\drivers\msdsm.sys.bak
2014-01-05 12:50:38 ----A---- C:\Windows\system32\drivers\msahci.sys.bak
2014-01-05 12:50:38 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys.bak
2014-01-05 12:50:37 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys.bak
2014-01-05 12:50:37 ----A---- C:\Windows\system32\drivers\mrxsmb.sys.bak
2014-01-05 12:50:37 ----A---- C:\Windows\system32\drivers\mrxdav.sys.bak
2014-01-05 12:50:37 ----A---- C:\Windows\system32\drivers\mpsdrv.sys.bak
2014-01-05 12:50:36 ----A---- C:\Windows\system32\drivers\mpio.sys.bak
2014-01-05 12:50:36 ----A---- C:\Windows\system32\drivers\mountmgr.sys.bak
2014-01-05 12:50:36 ----A---- C:\Windows\system32\drivers\mouhid.sys.bak
2014-01-05 12:50:36 ----A---- C:\Windows\system32\drivers\mouclass.sys.bak
2014-01-05 12:50:35 ----A---- C:\Windows\system32\drivers\monitor.sys.bak
2014-01-05 12:50:35 ----A---- C:\Windows\system32\drivers\modem.sys.bak
2014-01-05 12:50:35 ----A---- C:\Windows\system32\drivers\MegaSR.sys.bak
2014-01-05 12:50:35 ----A---- C:\Windows\system32\drivers\megasas.sys.bak
2014-01-05 12:50:35 ----A---- C:\Windows\system32\drivers\mcd.sys.bak
2014-01-05 12:50:34 ----A---- C:\Windows\system32\drivers\mbam.sys.bak
2014-01-05 12:50:34 ----A---- C:\Windows\system32\drivers\luafv.sys.bak
2014-01-05 12:50:34 ----A---- C:\Windows\system32\drivers\lsi_scsi.sys.bak
2014-01-05 12:50:34 ----A---- C:\Windows\system32\drivers\lsi_sas2.sys.bak
2014-01-05 12:50:34 ----A---- C:\Windows\system32\drivers\lsi_sas.sys.bak
2014-01-05 12:50:33 ----A---- C:\Windows\system32\drivers\lsi_fc.sys.bak
2014-01-05 12:50:33 ----A---- C:\Windows\system32\drivers\lltdio.sys.bak
2014-01-05 12:50:33 ----A---- C:\Windows\system32\drivers\ksthunk.sys.bak
2014-01-05 12:50:33 ----A---- C:\Windows\system32\drivers\ksecpkg.sys.bak
2014-01-05 12:50:32 ----A---- C:\Windows\system32\drivers\ksecdd.sys.bak
2014-01-05 12:50:32 ----A---- C:\Windows\system32\drivers\ks.sys.bak
2014-01-05 12:50:32 ----A---- C:\Windows\system32\drivers\KMWDFILTER.sys.bak
2014-01-05 12:50:31 ----A---- C:\Windows\system32\drivers\kbdhid.sys.bak
2014-01-05 12:50:31 ----A---- C:\Windows\system32\drivers\kbdclass.sys.bak
2014-01-05 12:50:31 ----A---- C:\Windows\system32\drivers\isapnp.sys.bak
2014-01-05 12:50:31 ----A---- C:\Windows\system32\drivers\irenum.sys.bak
2014-01-05 12:50:31 ----A---- C:\Windows\system32\drivers\irda.sys.bak
2014-01-05 12:50:30 ----A---- C:\Windows\system32\drivers\ipnat.sys.bak
2014-01-05 12:50:30 ----A---- C:\Windows\system32\drivers\IPMIDrv.sys.bak
2014-01-05 12:50:30 ----A---- C:\Windows\system32\drivers\ipfltdrv.sys.bak
2014-01-05 12:50:30 ----A---- C:\Windows\system32\drivers\intelppm.sys.bak
2014-01-05 12:50:30 ----A---- C:\Windows\system32\drivers\intelide.sys.bak
2014-01-05 12:50:28 ----A---- C:\Windows\system32\drivers\iirsp.sys.bak
2014-01-05 12:50:27 ----A---- C:\Windows\system32\drivers\igdkmd64.sys.bak
2014-01-05 12:50:27 ----A---- C:\Windows\system32\drivers\iaStorV.sys.bak
2014-01-05 12:50:27 ----A---- C:\Windows\system32\drivers\iaStor.sys.bak
2014-01-05 12:50:27 ----A---- C:\Windows\system32\drivers\i8042prt.sys.bak
2014-01-05 12:50:26 ----A---- C:\Windows\system32\drivers\hwpolicy.sys.bak
2014-01-05 12:50:26 ----A---- C:\Windows\system32\drivers\http.sys.bak
2014-01-05 12:50:26 ----A---- C:\Windows\system32\drivers\HpSAMD.sys.bak
2014-01-05 12:50:26 ----A---- C:\Windows\system32\drivers\hidusb.sys.bak
2014-01-05 12:50:25 ----A---- C:\Windows\system32\drivers\hidparse.sys.bak
2014-01-05 12:50:25 ----A---- C:\Windows\system32\drivers\hidir.sys.bak
2014-01-05 12:50:25 ----A---- C:\Windows\system32\drivers\hidclass.sys.bak
2014-01-05 12:50:25 ----A---- C:\Windows\system32\drivers\hidbth.sys.bak
2014-01-05 12:50:25 ----A---- C:\Windows\system32\drivers\hidbatt.sys.bak
2014-01-05 12:50:25 ----A---- C:\Windows\system32\drivers\hdaudbus.sys.bak
2014-01-05 12:50:24 ----A---- C:\Windows\system32\drivers\hcw85cir.sys.bak
2014-01-05 12:50:24 ----A---- C:\Windows\system32\drivers\GAGP30KX.SYS.bak
2014-01-05 12:50:24 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS.bak
2014-01-05 12:50:24 ----A---- C:\Windows\system32\drivers\fvevol.sys.bak
2014-01-05 12:50:23 ----A---- C:\Windows\system32\drivers\fsdepends.sys.bak
2014-01-05 12:50:23 ----A---- C:\Windows\system32\drivers\fs_rec.sys.bak
2014-01-05 12:50:23 ----A---- C:\Windows\system32\drivers\fltMgr.sys.bak
2014-01-05 12:50:23 ----A---- C:\Windows\system32\drivers\flpydisk.sys.bak
2014-01-05 12:50:23 ----A---- C:\Windows\system32\drivers\filetrace.sys.bak
2014-01-05 12:50:22 ----A---- C:\Windows\system32\drivers\fileinfo.sys.bak
2014-01-05 12:50:22 ----A---- C:\Windows\system32\drivers\fdc.sys.bak
2014-01-05 12:50:22 ----A---- C:\Windows\system32\drivers\fastfat.sys.bak
2014-01-05 12:50:21 ----A---- C:\Windows\system32\drivers\exfat.sys.bak
2014-01-05 12:50:20 ----A---- C:\Windows\system32\drivers\evbda.sys.bak
2014-01-05 12:50:20 ----A---- C:\Windows\system32\drivers\errdev.sys.bak
2014-01-05 12:50:20 ----A---- C:\Windows\system32\drivers\elxstor.sys.bak
2014-01-05 12:50:19 ----A---- C:\Windows\system32\drivers\dxgmms1.sys.bak
2014-01-05 12:50:19 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys.bak
2014-01-05 12:50:19 ----A---- C:\Windows\system32\drivers\dxg.sys.bak
2014-01-05 12:50:19 ----A---- C:\Windows\system32\drivers\dxapi.sys.bak
2014-01-05 12:50:18 ----A---- C:\Windows\system32\drivers\dumpfve.sys.bak
2014-01-05 12:50:18 ----A---- C:\Windows\system32\drivers\Dumpata.sys.bak
2014-01-05 12:50:18 ----A---- C:\Windows\system32\drivers\drmkaud.sys.bak
2014-01-05 12:50:18 ----A---- C:\Windows\system32\drivers\drmk.sys.bak
2014-01-05 12:50:18 ----A---- C:\Windows\system32\drivers\Diskdump.sys.bak
2014-01-05 12:50:17 ----A---- C:\Windows\system32\drivers\disk.sys.bak
2014-01-05 12:50:17 ----A---- C:\Windows\system32\drivers\discache.sys.bak
2014-01-05 12:50:17 ----A---- C:\Windows\system32\drivers\dfsc.sys.bak
2014-01-05 12:50:17 ----A---- C:\Windows\system32\drivers\CtClsFlt.sys.bak
2014-01-05 12:50:16 ----A---- C:\Windows\system32\drivers\CtAudDrv.sys.bak
2014-01-05 12:50:16 ----A---- C:\Windows\system32\drivers\crcdisk.sys.bak
2014-01-05 12:50:16 ----A---- C:\Windows\system32\drivers\crashdmp.sys.bak
2014-01-05 12:50:16 ----A---- C:\Windows\system32\drivers\CompositeBus.sys.bak
2014-01-05 12:50:16 ----A---- C:\Windows\system32\drivers\compbatt.sys.bak
2014-01-05 12:50:15 ----A---- C:\Windows\system32\drivers\cng.sys.bak
2014-01-05 12:50:15 ----A---- C:\Windows\system32\drivers\cmdide.sys.bak
2014-01-05 12:50:15 ----A---- C:\Windows\system32\drivers\CmBatt.sys.bak
2014-01-05 12:50:15 ----A---- C:\Windows\system32\drivers\Classpnp.sys.bak
2014-01-05 12:50:14 ----A---- C:\Windows\system32\drivers\circlass.sys.bak
2014-01-05 12:50:14 ----A---- C:\Windows\system32\drivers\cdrom.sys.bak
2014-01-05 12:50:14 ----A---- C:\Windows\system32\drivers\cdfs.sys.bak
2014-01-05 12:50:14 ----A---- C:\Windows\system32\drivers\bxvbda.sys.bak
2014-01-05 12:50:13 ----A---- C:\Windows\system32\drivers\bthmodem.sys.bak
2014-01-05 12:50:13 ----A---- C:\Windows\system32\drivers\BrUsbSer.sys.bak
2014-01-05 12:50:13 ----A---- C:\Windows\system32\drivers\BrUsbMdm.sys.bak
2014-01-05 12:50:13 ----A---- C:\Windows\system32\drivers\BrSerWdm.sys.bak
2014-01-05 12:50:13 ----A---- C:\Windows\system32\drivers\BrSerId.sys.bak
2014-01-05 12:50:12 ----A---- C:\Windows\system32\drivers\bridge.sys.bak
2014-01-05 12:50:12 ----A---- C:\Windows\system32\drivers\BrFiltUp.sys.bak
2014-01-05 12:50:12 ----A---- C:\Windows\system32\drivers\BrFiltLo.sys.bak
2014-01-05 12:50:12 ----A---- C:\Windows\system32\drivers\bowser.sys.bak
2014-01-05 12:50:12 ----A---- C:\Windows\system32\drivers\blbdrive.sys.bak
2014-01-05 12:50:11 ----A---- C:\Windows\system32\drivers\beep.sys.bak
2014-01-05 12:50:11 ----A---- C:\Windows\system32\drivers\BCMWL664.SYS.bak
2014-01-05 12:50:11 ----A---- C:\Windows\system32\drivers\bcm42rly.sys.bak
2014-01-05 12:50:10 ----A---- C:\Windows\system32\drivers\battc.sys.bak
2014-01-05 12:50:10 ----A---- C:\Windows\system32\drivers\b57nd60a.sys.bak
2014-01-05 12:50:10 ----A---- C:\Windows\system32\drivers\ataport.sys.bak
2014-01-05 12:50:10 ----A---- C:\Windows\system32\drivers\atapi.sys.bak
2014-01-05 12:50:09 ----A---- C:\Windows\system32\drivers\asyncmac.sys.bak
2014-01-05 12:50:09 ----A---- C:\Windows\system32\drivers\arcsas.sys.bak
2014-01-05 12:50:09 ----A---- C:\Windows\system32\drivers\arc.sys.bak
2014-01-05 12:50:09 ----A---- C:\Windows\system32\drivers\appid.sys.bak
2014-01-05 12:50:09 ----A---- C:\Windows\system32\drivers\Apfiltr.sys.bak
2014-01-05 12:50:08 ----A---- C:\Windows\system32\drivers\amdxata.sys.bak
2014-01-05 12:50:08 ----A---- C:\Windows\system32\drivers\amdsbs.sys.bak
2014-01-05 12:50:08 ----A---- C:\Windows\system32\drivers\amdsata.sys.bak
2014-01-05 12:50:08 ----A---- C:\Windows\system32\drivers\amdppm.sys.bak
2014-01-05 12:50:08 ----A---- C:\Windows\system32\drivers\amdk8.sys.bak
2014-01-05 12:50:08 ----A---- C:\Windows\system32\drivers\amdide.sys.bak
2014-01-05 12:50:07 ----A---- C:\Windows\system32\drivers\aliide.sys.bak
2014-01-05 12:50:07 ----A---- C:\Windows\system32\drivers\AGP440.sys.bak
2014-01-05 12:50:07 ----A---- C:\Windows\system32\drivers\agilevpn.sys.bak
2014-01-05 12:50:07 ----A---- C:\Windows\system32\drivers\afd.sys.bak
2014-01-05 12:50:06 ----A---- C:\Windows\system32\drivers\adpu320.sys.bak
2014-01-05 12:50:06 ----A---- C:\Windows\system32\drivers\adpahci.sys.bak
2014-01-05 12:50:06 ----A---- C:\Windows\system32\drivers\adp94xx.sys.bak
2014-01-05 12:50:06 ----A---- C:\Windows\system32\drivers\adfs.sys.bak
2014-01-05 12:50:06 ----A---- C:\Windows\system32\drivers\acpipmi.sys.bak
2014-01-05 12:50:05 ----A---- C:\Windows\system32\drivers\acpi.sys.bak
2014-01-05 12:50:05 ----A---- C:\Windows\system32\drivers\1394ohci.sys.bak
2014-01-05 12:50:05 ----A---- C:\Windows\system32\drivers\1394bus.sys.bak
2014-01-04 22:26:32 ----D---- C:\Users\Michaela\AppData\Roaming\Malwarebytes
2014-01-04 22:25:41 ----D---- C:\ProgramData\Malwarebytes
2014-01-04 21:50:52 ----D---- C:\AdwCleaner
2014-01-04 12:25:01 ----D---- C:\rsit
2014-01-04 12:25:01 ----D---- C:\Program Files\trend micro
2013-12-27 13:54:34 ----A---- C:\Windows\ntbtlog.txt
2013-12-27 13:42:48 ----A---- C:\Windows\WININIT.INI
2013-12-27 13:42:10 ----D---- C:\Users\Michaela\AppData\Roaming\Roxio Log Files
2013-12-27 12:27:01 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-12-27 12:24:03 ----D---- C:\Windows\Migration
2013-12-27 12:02:11 ----A---- C:\Windows\system32\klfphc.dll
2013-12-27 12:01:14 ----D---- C:\Windows\ELAMBKUP
2013-12-27 12:01:10 ----D---- C:\ProgramData\Kaspersky Lab
2013-12-27 12:01:10 ----D---- C:\Program Files (x86)\Kaspersky Lab
2013-12-27 12:01:04 ----A---- C:\Windows\system32\drivers\klif.sys
2013-12-27 12:01:04 ----A---- C:\Windows\system32\drivers\klflt.sys
2013-12-27 11:41:25 ----A---- C:\ProgramData\ntuser.dat
2013-12-20 13:08:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-12-19 23:56:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2013-12-19 23:56:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-19 23:56:02 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-19 23:56:02 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-19 23:56:02 ----A---- C:\Windows\system32\ieui.dll
2013-12-19 23:56:01 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-19 23:56:01 ----A---- C:\Windows\system32\iesetup.dll
2013-12-19 23:56:01 ----A---- C:\Windows\system32\iernonce.dll
2013-12-19 23:56:01 ----A---- C:\Windows\system32\ieetwproxystub.dll
2013-12-19 23:56:01 ----A---- C:\Windows\system32\ieetwcollector.exe
2013-12-19 23:56:01 ----A---- C:\Windows\system32\ie4uinit.exe
2013-12-19 23:56:00 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2013-12-19 23:56:00 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2013-12-19 23:56:00 ----A---- C:\Windows\system32\mshtml.dll
2013-12-19 23:56:00 ----A---- C:\Windows\system32\jscript9diag.dll
2013-12-19 23:56:00 ----A---- C:\Windows\system32\ieapfltr.dll
2013-12-19 23:55:59 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-19 23:55:59 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-19 23:55:59 ----A---- C:\Windows\system32\wininet.dll
2013-12-19 23:55:59 ----A---- C:\Windows\system32\iertutil.dll
2013-12-19 23:55:58 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-19 23:55:58 ----A---- C:\Windows\system32\urlmon.dll
2013-12-19 23:55:58 ----A---- C:\Windows\system32\ieframe.dll
2013-12-19 23:55:57 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-19 23:55:56 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-19 23:55:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-19 23:55:55 ----A---- C:\Windows\system32\jscript9.dll
2013-12-18 22:43:11 ----A---- C:\Windows\system32\IEUDINIT.EXE
2013-12-18 22:38:35 ----A---- C:\Windows\SYSWOW64\elshyph.dll
2013-12-18 22:38:35 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\wextract.exe
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\msrating.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\msls31.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\jsIntl.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\inseng.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\iexpress.exe
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\ieapfltr.dat
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\icardie.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2013-12-18 22:38:31 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2013-12-18 22:38:31 ----A---- C:\Windows\system32\elshyph.dll
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\SetIEInstalledDate.exe
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\pngfilt.dll
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\occache.dll
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\mshtmler.dll
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\mshta.exe
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\imgutil.dll
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\iesysprep.dll
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2013-12-18 22:38:30 ----A---- C:\Windows\SYSWOW64\IEAdvpack.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\wextract.exe
2013-12-18 22:38:30 ----A---- C:\Windows\system32\webcheck.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\vbscript.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\url.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2013-12-18 22:38:30 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-18 22:38:30 ----A---- C:\Windows\system32\pngfilt.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\occache.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\msrating.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\msls31.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\mshtmlmedia.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\mshtmler.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\MshtmlDac.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\mshta.exe
2013-12-18 22:38:30 ----A---- C:\Windows\system32\msfeedssync.exe
2013-12-18 22:38:30 ----A---- C:\Windows\system32\msfeedsbs.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\licmgr10.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\jsIntl.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\jscript.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\inseng.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\imgutil.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\iexpress.exe
2013-12-18 22:38:30 ----A---- C:\Windows\system32\iesysprep.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\iepeers.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\iedkcs32.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\ieapfltr.dat
2013-12-18 22:38:30 ----A---- C:\Windows\system32\IEAdvpack.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\icardie.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\dxtrans.dll
2013-12-18 22:38:30 ----A---- C:\Windows\system32\dxtmsft.dll
2013-12-13 07:08:17 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2013-12-11 23:13:49 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2013-12-11 23:13:49 ----A---- C:\Windows\system32\wmploc.DLL
2013-12-11 23:13:48 ----A---- C:\Windows\SYSWOW64\wmp.dll
2013-12-11 23:13:47 ----A---- C:\Windows\system32\wmp.dll
2013-12-11 07:29:13 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-11 07:29:13 ----A---- C:\Windows\system32\drivers\drmk.sys
2013-12-11 07:29:11 ----A---- C:\Windows\SYSWOW64\msieftp.dll
2013-12-11 07:29:11 ----A---- C:\Windows\system32\win32k.sys
2013-12-11 07:29:11 ----A---- C:\Windows\system32\msieftp.dll
2013-12-11 07:29:10 ----A---- C:\Windows\SYSWOW64\WMPhoto.dll
2013-12-11 07:29:10 ----A---- C:\Windows\system32\WMPhoto.dll
2013-12-11 07:29:09 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-11 07:29:09 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-11 07:28:57 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-12-11 07:28:57 ----A---- C:\Windows\system32\tzres.dll
2013-12-11 07:27:10 ----A---- C:\Windows\system32\scrrun.dll
2013-12-11 07:27:10 ----A---- C:\Windows\system32\cscript.exe
2013-12-11 07:27:09 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-11 07:27:09 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-11 07:27:09 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-11 07:27:09 ----A---- C:\Windows\system32\wscript.exe
2013-12-07 13:19:30 ----D---- C:\Users\Michaela\AppData\Roaming\24FotoPrint
2013-12-07 11:46:51 ----D---- C:\Program Files (x86)\24FotoPrint

======List of files/folders modified in the last 1 month======

2014-01-05 14:44:32 ----D---- C:\Windows\Prefetch
2014-01-05 14:44:25 ----D---- C:\Windows\Temp
2014-01-05 14:34:45 ----D---- C:\Windows\system32\drivers
2014-01-05 14:32:45 ----D---- C:\Windows\system32\config
2014-01-05 14:15:41 ----SHD---- C:\System Volume Information
2014-01-05 14:14:53 ----RD---- C:\Program Files (x86)
2014-01-05 12:05:07 ----SHD---- C:\Windows\Installer
2014-01-05 12:05:06 ----SHD---- C:\Config.Msi
2014-01-05 12:05:05 ----D---- C:\ProgramData\Microsoft Help
2014-01-04 22:25:41 ----HD---- C:\ProgramData
2014-01-04 22:17:50 ----D---- C:\Windows\system32\catroot2
2014-01-04 22:15:03 ----D---- C:\ProgramData\ICQ
2014-01-04 12:25:01 ----RD---- C:\Program Files
2013-12-29 19:41:31 ----D---- C:\Users\Michaela\AppData\Roaming\.dsgui
2013-12-28 13:59:35 ----D---- C:\Windows\Microsoft.NET
2013-12-28 12:36:32 ----RSD---- C:\Windows\assembly
2013-12-27 13:54:45 ----D---- C:\Windows
2013-12-27 13:54:30 ----D---- C:\Windows\System32
2013-12-27 13:50:20 ----D---- C:\Windows\Minidump
2013-12-27 13:50:20 ----D---- C:\Windows\debug
2013-12-27 13:42:41 ----D---- C:\Program Files (x86)\Common Files
2013-12-27 13:42:33 ----D---- C:\Windows\system32\catroot
2013-12-27 13:42:32 ----D---- C:\Windows\inf
2013-12-27 13:41:55 ----D---- C:\ProgramData\Skype
2013-12-27 13:41:53 ----D---- C:\Users\Michaela\AppData\Roaming\Skype
2013-12-27 13:38:13 ----D---- C:\Windows\system32\Tasks
2013-12-27 13:38:08 ----D---- C:\Windows\SysWOW64
2013-12-27 12:27:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-12-27 12:24:27 ----D---- C:\Windows\SYSWOW64\en-US
2013-12-27 12:24:27 ----D---- C:\Windows\system32\en-US
2013-12-27 12:24:03 ----SD---- C:\ProgramData\Microsoft
2013-12-27 12:02:08 ----D---- C:\Windows\system32\DriverStore
2013-12-22 09:09:32 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 07:27:30 ----D---- C:\Windows\winsxs
2013-12-20 07:26:48 ----D---- C:\Program Files\Internet Explorer
2013-12-20 07:26:48 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-19 15:58:14 ----D---- C:\Windows\rescache
2013-12-19 06:02:47 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-12-19 06:02:46 ----D---- C:\Windows\system32\cs-CZ
2013-12-19 06:02:44 ----D---- C:\Windows\SYSWOW64\migration
2013-12-19 06:02:40 ----D---- C:\Windows\system32\migration
2013-12-19 06:02:40 ----D---- C:\Windows\PolicyDefinitions
2013-12-18 22:43:11 ----D---- C:\Windows\Logs
2013-12-16 00:20:12 ----D---- C:\Windows\system32\MRT
2013-12-16 00:17:50 ----A---- C:\Windows\system32\MRT.exe
2013-12-12 05:58:03 ----D---- C:\Program Files\Windows Media Player
2013-12-12 05:58:03 ----D---- C:\Program Files (x86)\Windows Media Player
2013-12-11 18:26:12 ----D---- C:\Krechlerová
2013-12-11 17:27:51 ----D---- C:\ProgramData\Lx_cats
2013-12-11 14:58:17 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2009-06-04 408600]
R0 kl1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-12-27 458336]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-06-07 834544]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-12-27 620640]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2013-10-20 29792]
R1 klpd;klpd; C:\Windows\system32\DRIVERS\klpd.sys [2013-04-12 15456]
R1 kltdi;kltdi; C:\Windows\system32\DRIVERS\kltdi.sys [2013-05-14 55904]
R1 kneps;kneps; C:\Windows\system32\DRIVERS\kneps.sys [2013-12-27 178272]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 adfs;adfs; C:\Windows\system32\drivers\adfs.sys [2008-06-27 88632]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows XP/Vista x64; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-02-05 225328]
R3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys [2009-07-17 22520]
R3 BCM43XX;Ovladač bezdrátové karty Dell WLAN; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-07-17 2769400]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver; C:\Windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-03 7333472]
R3 klkbdflt;Kaspersky Lab KLKBDFLT; C:\Windows\system32\DRIVERS\klkbdflt.sys [2013-10-20 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2013-10-20 29280]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2009-05-08 215552]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2009-06-29 487424]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 wacommousefilter;Wacom Mouse Filter Driver; C:\Windows\system32\DRIVERS\wacommousefilter.sys [2007-02-16 12848]
R3 wacomvhid;Wacom Virtual Hid Driver; C:\Windows\system32\DRIVERS\wacomvhid.sys [2009-09-22 16168]
S3 aiqhk0al;aiqhk0al; C:\Windows\system32\drivers\aiqhk0al.sys []
S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2009-04-29 30208]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S3 WSDPrintDevice;Podpora tisku WSD prostřednictvím funkce UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S4 klflt;klflt; C:\Windows\system32\DRIVERS\klflt.sys [2013-06-08 112224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]
R2 AVP;Služba Kaspersky Anti-Virus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\avp.exe [2013-10-20 214512]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-06-05 354840]
R2 lxea_device;lxea_device; C:\Windows\system32\lxeacoms.exe [2010-04-14 1052328]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2013-04-19 2570544]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe [2009-06-29 240128]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-04-24 381312]
R2 TabletServicePen;TabletServicePen; C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2010-07-13 7329648]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 TouchServicePen;Wacom Consumer Touch Service; C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2010-07-13 719216]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE [2009-07-17 33280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 lxeaCATSCustConnectService;lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [2009-07-29 33960]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2013-11-26 111616]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-20 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-20 1255736]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[Márty84]

Stahnete OTL http://oldtimer.geekstogo.com/OTL.exe a ulozte na plochu.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce
Oznacte polozky (dejte tam zatrzitka) Pro všechny uživatele, Kontrola na havěť "LOP" a Kontrola na havěť "Purity"
Do spodniho okna vlozte nasledujici text

Kód: Vybrat vše

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
adp3132.sys
AGP440.sys
ahcix86.sys
ahcix86s.sys
atapi.sys
autochk.exe
cdrom.sys
cngaudit.dll
cryptsvc.dll
eNetHook.dll
eventlog.dll
explorer.exe
hal.dll
Changer.sys
iaStor.sys
iastorv.sys
IdeChnDr.sys
isapnp.sys
JakNDis.sys
KR10N.sys
logevent.dll
lsass.exe
mv61xx.sys
ndis.sys
netlogon.dll
ntelogon.dll
nvata.sys
nvatabus.sys
nvgts.sys
nvraid.sys
nvrd32.sys
nvstor.sys
nvstor32.sys
scecli.dll
sceclt.dll
smss.exe
svchost.exe
symmpi.sys
tcpip.sys
userinit.exe
vaxscsi.sys
viamraid.sys
viasraid.sys
ViPrt.sys
winlogon.exe
ws2_32.dll
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s
reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c
reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c

type c:\boot.ini >> test.txt /c
%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*AntiWPA* /s
*loader* /s
*minodlogin* /s
*tnod* /s
*AutoKMS* /s
*activator* /s
*serial* /s
*w7lxe* /s

Kliknete na Prohledat
Po skenu se vytvori dva logy (OTL.Txt a Extras.txt), oba sem vlozte (kdyz budou dlouhe, rozdelte je do vice prispevku).

[krnac]

příkladam

[krnac]

a druhý

[Márty84]

Vypnete antivir, at nebrani programu v praci
Znovu spustte OTL jako spravce
Do spodniho okna vlozte nasledujici text (vcetne te dvojtecky pred slovem commands)

Kód: Vybrat vše

:commands
[EMPTYTEMP]
[EMPTYFLASH]
[Purity]
[CreateRestorePoint]

:services
AdobeARMservice
OODefragAgent
AdobeFlashPlayerUpdateSvc
SwitchBoard

:files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2944712088-2880661808-2668827523-1000Core.job
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2944712088-2880661808-2668827523-1000UA.job
C:\Windows\tasks\Synology Data Replicator 3-Michaela-PC-Michaela.job
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk
C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CloudStation.lnk

:otl
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-2944712088-2880661808-2668827523-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=cz&l=cs&s=bsd
IE - HKU\S-1-5-21-2944712088-2880661808-2668827523-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
FF - prefs.js..browser.search.defaultenginename: "DAEMON Search"
FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-2944712088-2880661808-2668827523-1000\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Value error.)
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[9 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\Users\Michaela\Desktop\*.tmp files -> C:\Users\Michaela\Desktop\*.tmp -> ]
[2 C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[10 C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp files -> C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\*.tmp -> ]
[1 C:\Windows\Installer\*.tmp files -> C:\Windows\Installer\*.tmp -> ]
[2 C:\Windows\Temp\*.tmp files -> C:\Windows\Temp\*.tmp -> ]

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"=-
"OODefragTray"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=-
"Data Replicator 3"=-
"Copernic Desktop Search - Home"=-
"Facebook Update"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bamboo Dock] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Data Replicator 3] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv] /64
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] /64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=-
"SwitchBoard"=-
"AdobeCS5ServiceManager"=-
"Adobe ARM"=-

Kliknete na Opravit a nechte program pracovat. Pri otazce na restart souhlaste.
Po restartu se objevi novy log, ten sem dejte.

[krnac]

Dobrý den,

nějak přestal fungovat OO defrag, vůbec nejde spustit, stále píše že ho cílový počítač odmítl a odkazuje mě na spuštění služby, ale já to ve službách nemohu nikde najít. Dále se nespouští Bambo Dock - soft. na grafický tablet, dále nefunguje Data Replicátor - automatické zálohováni na server.

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Michaela
->Temp folder emptied: 24818183 bytes
->Temporary Internet Files folder emptied: 3685077 bytes
->Java cache emptied: 46661249 bytes
->FireFox cache emptied: 476452361 bytes
->Flash cache emptied: 62964 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14507291 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 95470 bytes
RecycleBin emptied: 2118590 bytes

Total Files Cleaned = 542,00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Michaela
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTL Restore Point
========== SERVICES/DRIVERS ==========
Service AdobeARMservice stopped successfully!
Service AdobeARMservice deleted successfully!
Service OODefragAgent stopped successfully!
Service OODefragAgent deleted successfully!
Service AdobeFlashPlayerUpdateSvc stopped successfully!
Service AdobeFlashPlayerUpdateSvc deleted successfully!
Service SwitchBoard stopped successfully!
Service SwitchBoard deleted successfully!
========== FILES ==========
File/Folder C:\Windows\system32\*.tmp.dll not found.
File/Folder C:\Windows\system32\SET*.tmp not found.
File/Folder C:\Windows\*.tmp not found.
C:\Windows\tasks\Adobe Flash Player Updater.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2944712088-2880661808-2668827523-1000Core.job moved successfully.
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2944712088-2880661808-2668827523-1000UA.job moved successfully.
C:\Windows\tasks\Synology Data Replicator 3-Michaela-PC-Michaela.job moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk moved successfully.
C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CloudStation.lnk moved successfully.
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKU\S-1-5-21-2944712088-2880661808-2668827523-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-2944712088-2880661808-2668827523-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Prefs.js: "DAEMON Search" removed from browser.search.defaultenginename
Prefs.js: "DAEMON Search" removed from browser.search.selectedEngine
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2944712088-2880661808-2668827523-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\ProgramData\SPL257A.tmp deleted successfully.
C:\ProgramData\SPL365B.tmp deleted successfully.
C:\ProgramData\SPL9660.tmp deleted successfully.
C:\ProgramData\SPLB2B3.tmp deleted successfully.
C:\ProgramData\SPLB96E.tmp deleted successfully.
C:\ProgramData\SPLCDA0.tmp deleted successfully.
C:\ProgramData\SPLCE89.tmp deleted successfully.
C:\ProgramData\SPLD3CA.tmp deleted successfully.
C:\ProgramData\SPLFB15.tmp deleted successfully.
C:\Users\Michaela\Desktop\~WRL0538.tmp deleted successfully.
C:\Users\Michaela\Desktop\~WRL2462.tmp deleted successfully.
C:\Users\Michaela\Desktop\~WRL2852.tmp deleted successfully.
C:\Users\Michaela\Desktop\~WRL4043.tmp deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP188E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP9E41.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP1555.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP2655.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP3B1C.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP8660.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP932A.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAP9DC4.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPCF6E.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPDDEF.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE291.tmp folder deleted successfully.
C:\Windows\assembly\NativeImages_v2.0.50727_64\Temp\ZAPE56E.tmp folder deleted successfully.
C:\Windows\Installer\MSI1D57.tmp deleted successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\OODefragTray not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\msnmsgr deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Data Replicator 3 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Copernic Desktop Search - Home deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Facebook Update deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS4ServiceManager\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0ENQBO\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bamboo Dock\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BambooCore\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Data Replicator 3\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\GrooveMonitor deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run\\SwitchBoard deleted successfully.

[Márty84]

Vsechno by to fungovat melo, jen jsem vypnul jejich automaticke spousteni po startu, at se pocitaci ulevi. Pokud to chcete opet zapnout, nastavte si to znovu, nebo dejte bod obnovy, ktery OTL pred mazanim vytvoril.

Dejte vedet, co z toho jste udelal a podle toho pojedem dal

[krnac]

tak už to zase funguje, uf.

[Márty84]

Jasne ze to funguje, takove veci nemazu, jen vypinam jejich chod, aby se pc odlehcilo a zrychlil se Vetsina veci bezi uplne zbytecne, staci si to zapnout az v pripade potreby...

No a jakym zpusobem jste to teda rozjel? V nastaveni, nebo bodem obnovy?

[krnac]

stačilo když jsem to přímo v nich nastavil, aby se zapínaly při spouštění, Bambo - spustit při startu systému, OO defrag přes msconfig, replicator také přímo v programu

[Márty84]

OK


Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

T-Cleaner http://tharifas.sweb.cz/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry mohou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

Stahnete OTC http://oldtimer.geekstogo.com/OTC.exe , ulozte a spustte.
Kliknete na napis CleanUp a pote OK - Po uklidu dojde k restartu pc.

Stahnete TFC http://oldtimer.geekstogo.com/TFC.exe , ulozte a spustte
Kliknete na START a pote OK - Po uklidu dojde k restartu pc.
Po pouziti muzete programek smazat

Stahnete Ccleaner http://www.stahuj.centrum.cz/utility_a_ ... /ccleaner/ a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!

Defragmentujte disk(y)
Stahnete program Defraggler http://www.stahuj.centrum.cz/utility_a_ ... efraggler/
Pri instalaci opet pozor na toolbar
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.




8.2. pro neaktivitu http://forum.viry.cz/viewtopic.php?f=12&t=123975