Zdravím. Několik dnů zpátky jsem zaregistroval zvláštní problém s tiskárnou EPSON Stylus SX415. Nelze tisknout ani skenovat,avšak občas se objeví "známka" funkčnosti a podařilo se mi ještě něco vytisknout - teď už to ale není možné. Vyzkoušel jsem přeinstalovat ovladače,neúspešně. Pokaždé hlasí nějakou chybu. Připadá mi sice absurdní,aby tuto komplikaci měla na svědomí nějaká hávěť,ale chtěl bych tuto možnost vyloučit - pro jistotu. Předem děkuji!
TLogfile of random's system information tool 1.09 (written by random/random)
Run by marian at 2014-05-20 21:43:12
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 32 GB (28%) free of 114 GB
Total RAM: 15306 MB (85% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:44:14, on 20.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Users\marian\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files\trend micro\marian.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN11459&g ... 21-346&t=4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: BS Player B2 Toolbar - {68bd5917-377a-4c9d-b4d3-01dcbcb1e299} - C:\Program Files (x86)\BS_Player_B2\prxtbBS_P.dll (file missing)
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O2 - BHO: BS Player B2 - {68bd5917-377a-4c9d-b4d3-01dcbcb1e299} - C:\Program Files (x86)\BS_Player_B2\prxtbBS_P.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: BS Player B2 Toolbar - {68bd5917-377a-4c9d-b4d3-01dcbcb1e299} - C:\Program Files (x86)\BS_Player_B2\prxtbBS_P.dll (file missing)
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O3 - Toolbar: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [QuickTime Plugin Install] C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\marian\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1B69F6DA-685C-4CD4-AE0F-A8C8D0423BD4}: NameServer = 10.10.11.1
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: SafetyNut Manager (SafetyNutManager) - SafetyNut Inc - C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files (x86)\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11721 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\Sandboxie\SbieSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
"C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe"
"C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe" -monitor 756
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"
"C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
"C:\Users\marian\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007c8
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
"C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\safetynut.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Opera x64\opera.exe"
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\marian\AppData\Local\Opera\Opera x64\temporary_downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6c6595fd785e.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Synology Data Replicator 3-marian-PC-marian.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-31 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-31 210856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2014-02-13 12240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68bd5917-377a-4c9d-b4d3-01dcbcb1e299}]
BS Player B2 Toolbar - C:\Program Files (x86)\BS_Player_B2\prxtbBS_P.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2012-11-06 183112]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{68bd5917-377a-4c9d-b4d3-01dcbcb1e299} - BS Player B2 Toolbar - C:\Program Files (x86)\BS_Player_B2\prxtbBS_P.dll []
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2012-11-06 183112]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2014-02-13 12240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-07-18 518424]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-01-24 1451728]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files (x86)\Sandboxie\SbieCtrl.exe [2012-12-16 765200]
"uTorrent"=C:\Users\marian\AppData\Roaming\uTorrent\uTorrent.exe [2014-05-13 1272400]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-10-24 7805824]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102192]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-03-11 689744]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-02-13 1758160]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"QuickTime Plugin Install"=C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [2014-01-24 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi8"=wdmaud.drv
"aux8"=wdmaud.drv
"midi9"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-05-20 21:43:12 ----D---- C:\rsit
2014-05-20 21:43:12 ----D---- C:\Program Files\trend micro
2014-05-20 21:41:38 ----A---- C:\Windows\system32\E_IBCBFCE.DLL
2014-05-20 21:41:38 ----A---- C:\Windows\system32\E_GCINST.DLL
2014-05-14 22:13:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-14 22:13:30 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 22:13:30 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 22:13:29 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-14 22:13:27 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-14 21:14:22 ----A---- C:\Windows\system32\shell32.dll
2014-05-14 21:14:21 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-14 21:14:21 ----A---- C:\Windows\system32\aepdu.dll
2014-05-14 21:14:21 ----A---- C:\Windows\system32\aeinv.dll
2014-05-14 21:14:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-14 21:14:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-14 21:14:15 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-14 21:14:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-14 21:14:15 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 21:14:15 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 21:14:15 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-14 21:14:15 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-14 21:14:15 ----A---- C:\Windows\system32\kerberos.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\wdigest.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\schannel.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\secur32.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 21:14:14 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 21:14:14 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 21:14:14 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 21:14:14 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\credssp.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\adprovider.dll
2014-05-13 20:40:41 ----D---- C:\ProgramData\SafetyNut
2014-05-13 20:40:41 ----D---- C:\Program Files (x86)\Browser Tab Search by Ask
2014-05-07 11:34:56 ----D---- C:\Users\marian\AppData\Roaming\Waldorf
2014-05-06 12:47:44 ----A---- C:\Windows\SYSWOW64\msvcsv60.dll
2014-05-06 12:47:44 ----A---- C:\Windows\msocreg32.dat
2014-04-30 19:56:24 ----SD---- C:\Windows\system32\CompatTel
======List of files/folders modified in the last 1 month======
2014-05-20 21:43:30 ----D---- C:\Windows\Temp
2014-05-20 21:43:12 ----RD---- C:\Program Files
2014-05-20 21:42:46 ----D---- C:\Users\marian\AppData\Roaming\uTorrent
2014-05-20 21:41:52 ----D---- C:\Windows\system32\DriverStore
2014-05-20 21:41:52 ----D---- C:\Windows\inf
2014-05-20 21:41:51 ----D---- C:\Windows\System32
2014-05-20 21:41:48 ----SHD---- C:\System Volume Information
2014-05-20 21:41:37 ----D---- C:\Windows\system32\catroot
2014-05-20 21:41:36 ----D---- C:\Windows\system32\catroot2
2014-05-20 21:41:27 ----HD---- C:\ProgramData
2014-05-20 21:39:50 ----D---- C:\Windows\system32\config
2014-05-20 21:31:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-20 21:28:59 ----D---- C:\Windows\Microsoft.NET
2014-05-20 21:26:00 ----RD---- C:\Program Files (x86)
2014-05-20 21:22:18 ----D---- C:\Users\marian\AppData\Roaming\EPSON
2014-05-20 21:13:55 ----D---- C:\Windows\system32\FxsTmp
2014-05-20 21:11:07 ----D---- C:\ProgramData\UDL
2014-05-20 21:10:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-20 21:10:39 ----SHD---- C:\Windows\Installer
2014-05-20 21:10:11 ----D---- C:\Program Files (x86)\epson
2014-05-20 21:09:36 ----D---- C:\Windows\SysWOW64
2014-05-20 21:09:07 ----D---- C:\Windows\twain_32
2014-05-20 21:02:58 ----D---- C:\ProgramData\EPSON
2014-05-20 20:59:41 ----D---- C:\Users\marian\AppData\Roaming\foobar2000
2014-05-17 12:26:06 ----D---- C:\Users\marian\AppData\Roaming\vlc
2014-05-16 19:32:01 ----D---- C:\ProgramData\DVD Shrink
2014-05-16 19:12:27 ----D---- C:\Users\marian\AppData\Roaming\dvdcss
2014-05-15 20:29:45 ----D---- C:\Program Files (x86)\Internet Explorer
2014-05-15 09:44:16 ----D---- C:\Windows\winsxs
2014-05-15 09:43:36 ----D---- C:\Windows\system32\drivers
2014-05-15 09:43:36 ----D---- C:\Windows\system32\cs-CZ
2014-05-15 09:43:36 ----D---- C:\Windows\PolicyDefinitions
2014-05-14 22:14:14 ----D---- C:\ProgramData\Microsoft Help
2014-05-14 22:13:27 ----D---- C:\Program Files\Common Files
2014-05-14 22:13:03 ----D---- C:\Windows\system32\MRT
2014-05-14 22:12:20 ----A---- C:\Windows\system32\MRT.exe
2014-05-10 17:36:18 ----D---- C:\Windows\Tasks
2014-05-07 11:36:32 ----D---- C:\Users\marian\AppData\Roaming\Audacity
2014-05-07 09:57:30 ----D---- C:\Program Files (x86)\Common Files
2014-05-07 09:39:18 ----D---- C:\ProgramData\Ableton
2014-05-06 12:47:44 ----D---- C:\Windows
2014-04-27 20:38:53 ----A---- C:\Windows\SYSWOW64\certsentry.dll
2014-04-27 20:38:53 ----A---- C:\Windows\system32\certsentry.dll
2014-04-27 20:38:48 ----D---- C:\Program Files (x86)\Comodo
2014-04-27 19:53:21 ----D---- C:\Program Files\Opera x64
2014-04-27 19:53:21 ----D---- C:\Program Files (x86)\Opera x64
2014-04-23 19:11:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-12-01 116000]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-08-04 458584]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-12-01 269600]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2013-12-01 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2013-12-01 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2013-12-01 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2013-12-01 117024]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-01-05 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-01-05 28600]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-01-16 23176]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-01-16 699880]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-01-16 48360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\x64\configmgrc1.cfg [2014-04-27 36224]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-01-16 95752]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-08-04 613720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-01-05 108440]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2013-12-01 367200]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2012-08-03 55776]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
R3 SbieDrv;SbieDrv; \??\C:\Program Files (x86)\Sandboxie\SbieDrv.sys [2012-12-16 202632]
S3 AlesisFirewire;Alesis Firewire; C:\Windows\System32\Drivers\AlesisFirewire.sys [2010-05-03 211680]
S3 AlesisFirewireAudio;Alesis Firewire Audio; C:\Windows\system32\drivers\AlesisFirewireAudio.sys [2010-05-03 39008]
S3 AlesisFirewireMidi;Alesis Firewire MIDI; C:\Windows\system32\drivers\AlesisFirewireMidi.sys [2010-05-03 41440]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2013-12-01 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-07-18 1142584]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-12-01 3873784]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-03-11 440400]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-03-11 440400]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2014-03-11 1017424]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-02-13 166352]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-01-24 3724472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-04-24 2135232]
R2 SafetyNutManager;SafetyNut Manager; C:\Program Files (x86)\Browser Tab Search by Ask\SafetyNut\SafetyNutManager.exe [2014-04-27 3544072]
R2 SbieSvc;Sandboxie Service; C:\Program Files (x86)\Sandboxie\SbieSvc.exe [2012-12-16 123664]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142320]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2013-04-30 248704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-23 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-01-24 158928]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Nelze navázat komunikaci s tiskárnou-podivné chování(RSIT)
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nelze navázat komunikaci s tiskárnou-podivné chování(RSI
Zdravím!
PC by určitě vyčistit potřeboval, nicméně to nejspíše není problém, kvůli němuž se tiskárna nechová korektně. Zkontrolujte datový kabel k tiskárně, příp. ho vyměňte.
PC by určitě vyčistit potřeboval, nicméně to nejspíše není problém, kvůli němuž se tiskárna nechová korektně. Zkontrolujte datový kabel k tiskárně, příp. ho vyměňte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nelze navázat komunikaci s tiskárnou-podivné chování(RSI
Dobře. Děkuji. Mohu teda požádat o instrukce pro vyčištění? Děkuji!
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nelze navázat komunikaci s tiskárnou-podivné chování(RSI
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nelze navázat komunikaci s tiskárnou-podivné chování(RSI
# AdwCleaner v3.210 - Report created 23/05/2014 at 11:32:35
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : marian - MARIAN-PC
# Running from : C:\Users\marian\Desktop\adwcleaner_3.210.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
[#] Service Deleted : SafetyNutManager
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
[!] Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\ProgramData\greoatssavuer
Folder Deleted : C:\ProgramData\groeaetsavEr
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\greoatssavuer
Folder Deleted : C:\Program Files (x86)\groeaetsavEr
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v2
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\egreat\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\marian\AppData\Local\Babylon
Folder Deleted : C:\Users\marian\AppData\Local\Conduit
Folder Deleted : C:\Users\marian\AppData\Local\torch
Folder Deleted : C:\Users\marian\AppData\Local\Temp\mt_ffx
Folder Deleted : C:\Users\marian\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\marian\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\marian\AppData\LocalLow\BS_Player_B2
Folder Deleted : C:\Users\marian\AppData\LocalLow\uTorrentControl_v2
Folder Deleted : C:\Users\marian\AppData\Roaming\Babylon
Folder Deleted : C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajnelcfchhanmhffogalhikaiconboo
Folder Deleted : C:\Users\egreat\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajnelcfchhanmhffogalhikaiconboo
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajnelcfchhanmhffogalhikaiconboo
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajnelcfchhanmhffogalhikaiconboo
Folder Deleted : C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajnelcfchhanmhffogalhikaiconboo
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\makhaabbfjfihmcifegnkcgfjpmmmdnk
Folder Deleted : C:\Users\egreat\AppData\Local\Google\Chrome\User Data\Default\Extensions\makhaabbfjfihmcifegnkcgfjpmmmdnk
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\makhaabbfjfihmcifegnkcgfjpmmmdnk
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\makhaabbfjfihmcifegnkcgfjpmmmdnk
Folder Deleted : C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\makhaabbfjfihmcifegnkcgfjpmmmdnk
[!] Folder Deleted : C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
File Deleted : C:\END
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3283142
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F952BC62-9D9C-4551-8AD9-3E4C072B748F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F952BC62-9D9C-4551-8AD9-3E4C072B748F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D05DAC4-CF4F-4E72-84F3-BC1A1F097083}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD536003-B35C-4528-B406-80C2CA55D3D0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D46619ED-773D-4C22-9A0A-BC7C79C38FD4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0A6E7BB1-844A-43D1-8CE9-5D2C8FDE9F96}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_B2
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKLM\Software\BS_Player_B2
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player_B2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v
-\\ Google Chrome v34.0.1847.137
[ File : C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : ejpbbhjlbipncjklfjjaedaieimbmdda
Deleted [Extension] : iajnelcfchhanmhffogalhikaiconboo
Deleted [Extension] : makhaabbfjfihmcifegnkcgfjpmmmdnk
*************************
AdwCleaner[R0].txt - [16031 octets] - [23/05/2014 11:32:14]
AdwCleaner[S0].txt - [14184 octets] - [23/05/2014 11:32:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14245 octets] ##########
# Updated 19/05/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : marian - MARIAN-PC
# Running from : C:\Users\marian\Desktop\adwcleaner_3.210.exe
# Option : Clean
***** [ Services ] *****
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A91196222
[#] Service Deleted : SafetyNutManager
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
[!] Folder Deleted : C:\ProgramData\SafetyNut
Folder Deleted : C:\ProgramData\greoatssavuer
Folder Deleted : C:\ProgramData\groeaetsavEr
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\greoatssavuer
Folder Deleted : C:\Program Files (x86)\groeaetsavEr
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v2
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\egreat\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\marian\AppData\Local\Babylon
Folder Deleted : C:\Users\marian\AppData\Local\Conduit
Folder Deleted : C:\Users\marian\AppData\Local\torch
Folder Deleted : C:\Users\marian\AppData\Local\Temp\mt_ffx
Folder Deleted : C:\Users\marian\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\marian\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\marian\AppData\LocalLow\BS_Player_B2
Folder Deleted : C:\Users\marian\AppData\LocalLow\uTorrentControl_v2
Folder Deleted : C:\Users\marian\AppData\Roaming\Babylon
Folder Deleted : C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajnelcfchhanmhffogalhikaiconboo
Folder Deleted : C:\Users\egreat\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajnelcfchhanmhffogalhikaiconboo
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajnelcfchhanmhffogalhikaiconboo
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajnelcfchhanmhffogalhikaiconboo
Folder Deleted : C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajnelcfchhanmhffogalhikaiconboo
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\makhaabbfjfihmcifegnkcgfjpmmmdnk
Folder Deleted : C:\Users\egreat\AppData\Local\Google\Chrome\User Data\Default\Extensions\makhaabbfjfihmcifegnkcgfjpmmmdnk
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\makhaabbfjfihmcifegnkcgfjpmmmdnk
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\makhaabbfjfihmcifegnkcgfjpmmmdnk
Folder Deleted : C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\makhaabbfjfihmcifegnkcgfjpmmmdnk
[!] Folder Deleted : C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
File Deleted : C:\END
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3283142
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F952BC62-9D9C-4551-8AD9-3E4C072B748F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F952BC62-9D9C-4551-8AD9-3E4C072B748F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D05DAC4-CF4F-4E72-84F3-BC1A1F097083}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD536003-B35C-4528-B406-80C2CA55D3D0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D46619ED-773D-4C22-9A0A-BC7C79C38FD4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0A6E7BB1-844A-43D1-8CE9-5D2C8FDE9F96}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{68BD5917-377A-4C9D-B4D3-01DCBCB1E299}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\SafetyNut
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\BS_Player_B2
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKLM\Software\BS_Player_B2
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CA41BB14-E67B-1653-C57B-5CA99418A866}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player_B2 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v
-\\ Google Chrome v34.0.1847.137
[ File : C:\Users\marian\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Extension] : ejpbbhjlbipncjklfjjaedaieimbmdda
Deleted [Extension] : iajnelcfchhanmhffogalhikaiconboo
Deleted [Extension] : makhaabbfjfihmcifegnkcgfjpmmmdnk
*************************
AdwCleaner[R0].txt - [16031 octets] - [23/05/2014 11:32:14]
AdwCleaner[S0].txt - [14184 octets] - [23/05/2014 11:32:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [14245 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nelze navázat komunikaci s tiskárnou-podivné chování(RSI
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nelze navázat komunikaci s tiskárnou-podivné chování(RSI
Logfile of random's system information tool 1.10 (written by random/random)
Run by marian at 2014-05-26 21:22:47
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 31 GB (27%) free of 114 GB
Total RAM: 15306 MB (91% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:22:50, on 26.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Users\marian\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\foobar2000\foobar2000.exe
C:\Program Files\trend micro\marian.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN11459&g ... 27-346&t=4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [QuickTime Plugin Install] C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\marian\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1B69F6DA-685C-4CD4-AE0F-A8C8D0423BD4}: NameServer = 10.10.11.1
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files (x86)\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10777 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\Sandboxie\SbieSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007e0
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"
"C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
"C:\Users\marian\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
foobar2000.exe /noresume /shellop:2,FAAAAAAAAAAAAAAAAAAAAAEAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAMAAxAC4AIABIAG8AcAAgAEgAbwBwACAASABvAHAALgBmAGwAYQBjAAAAXABcAEQASQBTAEsAUwBUAEEAVABJAE8ATgBcAG0AdQBzAGkAYwBcAE0AdQBzAGkAYwBcAEYATABBAEMAXABHAG8AcgBhAG4AIABCAHIAZQBnAG8AdgBpAAcBXABUAGEAbABlAHMAIABBAG4AZAAgAFMAbwBuAGcAcwAgAEYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABBAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwBcADAAMgAuACAAVABhAGwAZQAgAEkAIAAoAEcAcgBhAHYAZQAgAEQAaQBzAHAAZQByAGEAdABvACkALgBmAGwAYQBjAAAAXABcAEQASQBTAEsAUwBUAEEAVABJAE8ATgBcAG0AdQBzAGkAYwBcAE0AdQBzAGkAYwBcAEYATABBAEMAXABHAG8AcgBhAG4AIABCAHIAZQBnAG8AdgBpAAcBXABUAGEAbABlAHMAIABBAG4AZAAgAFMAbwBuAGcAcwAgAEYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABBAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwBcADAAMwAuACAAQQB2AGUAbgAgAEkAdgBlAG4AZABhAC4AZgBsAGEAYwAAAFwAXABEAEkAUwBLAFMAVABBAFQASQBPAE4AXABtAHUAcwBpAGMAXABNAHUAcwBpAGMAXABGAEwAQQBDAFwARwBvAHIAYQBuACAAQgByAGUAZwBvAHYAaQAHAVwAVABhAGwAZQBzACAAQQBuAGQAIABTAG8AbgBnAHMAIABGAHIAbwBtACAAVwBlAGQAZABpAG4AZwBzACAAQQBuAGQAIABGAHUAbgBlAHIAYQBsAHMAXAAwADQALgAgAFMAZQB4AC4AZgBsAGEAYwAAAFwAXABEAEkAUwBLAFMAVABBAFQASQBPAE4AXABtAHUAcwBpAGMAXABNAHUAcwBpAGMAXABGAEwAQQBDAFwARwBvAHIAYQBuACAAQgByAGUAZwBvAHYAaQAHAVwAVABhAGwAZQBzACAAQQBuAGQAIABTAG8AbgBnAHMAIABGAHIAbwBtACAAVwBlAGQAZABpAG4AZwBzACAAQQBuAGQAIABGAHUAbgBlAHIAYQBsAHMAXAAwADUALgAgAFQAYQBsAGUAIABJAEkAIAAoAEEAZABhAGcAaQBvACAAUABvAGMAbwAgAEYAZQBiAHIAaQBsAGUAKQAuAGYAbABhAGMAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAMAA2AC4AIABNAGEAawBpACAATQBhAGsAaQAuAGYAbABhAGMAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAMAA3AC4AIABUAGEAbABlACAASQBJAEkAIAAoAEwAZQBuAHQAbwAgAEEAcgBhAGIAZQBzAGMAbwApAC4AZgBsAGEAYwAAAFwAXABEAEkAUwBLAFMAVABBAFQASQBPAE4AXABtAHUAcwBpAGMAXABNAHUAcwBpAGMAXABGAEwAQQBDAFwARwBvAHIAYQBuACAAQgByAGUAZwBvAHYAaQAHAVwAVABhAGwAZQBzACAAQQBuAGQAIABTAG8AbgBnAHMAIABGAHIAbwBtACAAVwBlAGQAZABpAG4AZwBzACAAQQBuAGQAIABGAHUAbgBlAHIAYQBsAHMAXAAwADgALgAgAFMAbwAgAE4AZQB2AG8AIABTAGkALgBmAGwAYQBjAAAAXABcAEQASQBTAEsAUwBUAEEAVABJAE8ATgBcAG0AdQBzAGkAYwBcAE0AdQBzAGkAYwBcAEYATABBAEMAXABHAG8AcgBhAG4AIABCAHIAZQBnAG8AdgBpAAcBXABUAGEAbABlAHMAIABBAG4AZAAgAFMAbwBuAGcAcwAgAEYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABBAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwBcADAAOQAuACAAVABhAGwAZQAgAEkAVgAgACgATQBvAGQAZQByAGEAdABvACAATQBlAGwAYQBuAGMAbwBsAGkAYwBvACkALgBmAGwAYQBjAAAAXABcAEQASQBTAEsAUwBUAEEAVABJAE8ATgBcAG0AdQBzAGkAYwBcAE0AdQBzAGkAYwBcAEYATABBAEMAXABHAG8AcgBhAG4AIABCAHIAZQBnAG8AdgBpAAcBXABUAGEAbABlAHMAIABBAG4AZAAgAFMAbwBuAGcAcwAgAEYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABBAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwBcADEAMAAuACAAQwBvAGMAawB0AGEAaQBsACAATQBvAGwAbwB0AG8AdgAuAGYAbABhAGMAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAMQAxAC4AIABUAGEAbABlACAAVgAgACgAQQBuAGQAYQBuAHQAZQAgAEEAbQBvAHIAbwBzAG8AKQAuAGYAbABhAGMAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAMQAyAC4AIABQAG8AbABpAHoAaQBhACAATQBvAGwAdABvACAAQQByAGEAYgBiAGkAYQB0AGEALgBmAGwAYQBjAAAAXABcAEQASQBTAEsAUwBUAEEAVABJAE8ATgBcAG0AdQBzAGkAYwBcAE0AdQBzAGkAYwBcAEYATABBAEMAXABHAG8AcgBhAG4AIABCAHIAZQBnAG8AdgBpAAcBXABUAGEAbABlAHMAIABBAG4AZAAgAFMAbwBuAGcAcwAgAEYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABBAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwBcADEAMwAuACAAVABhAGwAZQAgAFYASQAgACgAQQBkAGEAZwBpAG8AIABEAGUAbABpAGMAYQB0AG8AKQAuAGYAbABhAGMAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAMQA0AC4AIABUAGUAIABLAHUAcgBhAHYAbABlAC4AZgBsAGEAYwAAAFwAXABEAEkAUwBLAFMAVABBAFQASQBPAE4AXABtAHUAcwBpAGMAXABNAHUAcwBpAGMAXABGAEwAQQBDAFwARwBvAHIAYQBuACAAQgByAGUAZwBvAHYAaQAHAVwAVABhAGwAZQBzACAAQQBuAGQAIABTAG8AbgBnAHMAIABGAHIAbwBtACAAVwBlAGQAZABpAG4AZwBzACAAQQBuAGQAIABGAHUAbgBlAHIAYQBsAHMAXAAxADUALgAgAFQAYQBsAGUAIABWAEkASQAgACgAVgBpAHYAbwAgAEMAbwBuACAARgB1AG8AYwBvACkALgBmAGwAYQBjAAAAXABcAEQASQBTAEsAUwBUAEEAVABJAE8ATgBcAG0AdQBzAGkAYwBcAE0AdQBzAGkAYwBcAEYATABBAEMAXABHAG8AcgBhAG4AIABCAHIAZQBnAG8AdgBpAAcBXABUAGEAbABlAHMAIABBAG4AZAAgAFMAbwBuAGcAcwAgAEYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABBAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkAYwAgAC0AIABUAGEAbABlAHMAIABhAG4AZAAgAFMAbwBuAGcAcwAgAGYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABhAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwAgACgAMgAwADAAMgAsACAATQBlAHIAYwB1AHIAeQApAC4AYwB1AGUAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAQQByAHQAdwBvAHIAawAAAAAA
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Opera x64\opera.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\marian\AppData\Local\Opera\Opera x64\temporary_downloads\RSITx64.exe"
"C:\Users\marian\AppData\Local\Opera\Opera x64\temporary_downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6c6595fd785e.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Synology Data Replicator 3-marian-PC-marian.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-31 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-31 210856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2014-02-13 12240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2014-02-13 12240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-07-18 518424]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-01-24 1451728]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files (x86)\Sandboxie\SbieCtrl.exe [2012-12-16 765200]
"uTorrent"=C:\Users\marian\AppData\Roaming\uTorrent\uTorrent.exe [2014-05-13 1272400]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-10-24 7805824]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102192]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-03-11 689744]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-02-13 1758160]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"QuickTime Plugin Install"=C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [2014-01-24 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi8"=wdmaud.drv
"aux8"=wdmaud.drv
"midi9"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-05-23 11:32:30 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-05-23 11:32:13 ----D---- C:\AdwCleaner
2014-05-21 21:59:57 ----D---- C:\ProgramData\SafetyNut
2014-05-20 21:43:12 ----D---- C:\rsit
2014-05-20 21:43:12 ----D---- C:\Program Files\trend micro
2014-05-20 21:41:38 ----A---- C:\Windows\system32\E_IBCBFCE.DLL
2014-05-20 21:41:38 ----A---- C:\Windows\system32\E_GCINST.DLL
2014-05-14 22:13:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-14 22:13:30 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 22:13:30 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 22:13:29 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-14 22:13:27 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-14 21:14:22 ----A---- C:\Windows\system32\shell32.dll
2014-05-14 21:14:21 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-14 21:14:21 ----A---- C:\Windows\system32\aepdu.dll
2014-05-14 21:14:21 ----A---- C:\Windows\system32\aeinv.dll
2014-05-14 21:14:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-14 21:14:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-14 21:14:15 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-14 21:14:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-14 21:14:15 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 21:14:15 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 21:14:15 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-14 21:14:15 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-14 21:14:15 ----A---- C:\Windows\system32\kerberos.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\wdigest.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\schannel.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\secur32.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 21:14:14 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 21:14:14 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 21:14:14 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 21:14:14 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\credssp.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\adprovider.dll
2014-05-13 20:40:41 ----D---- C:\Program Files (x86)\Browser Tab Search by Ask
2014-05-07 11:34:56 ----D---- C:\Users\marian\AppData\Roaming\Waldorf
2014-05-06 12:47:44 ----A---- C:\Windows\SYSWOW64\msvcsv60.dll
2014-05-06 12:47:44 ----A---- C:\Windows\msocreg32.dat
2014-04-30 19:56:24 ----SD---- C:\Windows\system32\CompatTel
======List of files/folders modified in the last 1 month======
2014-05-26 21:22:49 ----D---- C:\Windows\Temp
2014-05-26 21:18:41 ----D---- C:\Users\marian\AppData\Roaming\uTorrent
2014-05-26 16:38:58 ----D---- C:\Windows\System32
2014-05-26 16:38:58 ----D---- C:\Windows\inf
2014-05-26 16:38:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-26 16:36:25 ----D---- C:\Windows\system32\config
2014-05-26 16:34:41 ----D---- C:\Users\marian\AppData\Roaming\foobar2000
2014-05-25 10:20:14 ----D---- C:\Users\marian\AppData\Roaming\vlc
2014-05-23 11:43:29 ----D---- C:\Windows\Microsoft.NET
2014-05-23 11:43:03 ----RSD---- C:\Windows\assembly
2014-05-23 11:32:36 ----RD---- C:\Program Files (x86)
2014-05-23 11:32:36 ----HD---- C:\ProgramData
2014-05-23 11:32:30 ----D---- C:\Windows\SysWOW64
2014-05-20 21:43:12 ----RD---- C:\Program Files
2014-05-20 21:41:52 ----D---- C:\Windows\system32\DriverStore
2014-05-20 21:41:48 ----SHD---- C:\System Volume Information
2014-05-20 21:41:37 ----D---- C:\Windows\system32\catroot
2014-05-20 21:41:36 ----D---- C:\Windows\system32\catroot2
2014-05-20 21:27:36 ----D---- C:\Program Files (x86)\epson
2014-05-20 21:22:18 ----D---- C:\Users\marian\AppData\Roaming\EPSON
2014-05-20 21:13:55 ----D---- C:\Windows\system32\FxsTmp
2014-05-20 21:11:07 ----D---- C:\ProgramData\UDL
2014-05-20 21:10:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-20 21:10:39 ----SHD---- C:\Windows\Installer
2014-05-20 21:09:07 ----D---- C:\Windows\twain_32
2014-05-20 21:02:58 ----D---- C:\ProgramData\EPSON
2014-05-16 19:32:01 ----D---- C:\ProgramData\DVD Shrink
2014-05-16 19:12:27 ----D---- C:\Users\marian\AppData\Roaming\dvdcss
2014-05-15 20:29:45 ----D---- C:\Program Files (x86)\Internet Explorer
2014-05-15 09:44:16 ----D---- C:\Windows\winsxs
2014-05-15 09:43:36 ----D---- C:\Windows\system32\drivers
2014-05-15 09:43:36 ----D---- C:\Windows\system32\cs-CZ
2014-05-15 09:43:36 ----D---- C:\Windows\PolicyDefinitions
2014-05-14 22:14:14 ----D---- C:\ProgramData\Microsoft Help
2014-05-14 22:13:27 ----D---- C:\Program Files\Common Files
2014-05-14 22:13:03 ----D---- C:\Windows\system32\MRT
2014-05-14 22:12:20 ----A---- C:\Windows\system32\MRT.exe
2014-05-10 17:36:18 ----D---- C:\Windows\Tasks
2014-05-07 11:36:32 ----D---- C:\Users\marian\AppData\Roaming\Audacity
2014-05-07 09:57:30 ----D---- C:\Program Files (x86)\Common Files
2014-05-07 09:39:18 ----D---- C:\ProgramData\Ableton
2014-05-06 12:47:44 ----D---- C:\Windows
2014-04-27 20:38:53 ----A---- C:\Windows\SYSWOW64\certsentry.dll
2014-04-27 20:38:53 ----A---- C:\Windows\system32\certsentry.dll
2014-04-27 20:38:48 ----D---- C:\Program Files (x86)\Comodo
2014-04-27 19:53:21 ----D---- C:\Program Files\Opera x64
2014-04-27 19:53:21 ----D---- C:\Program Files (x86)\Opera x64
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-12-01 116000]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-08-04 458584]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-12-01 269600]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2013-12-01 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2013-12-01 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2013-12-01 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2013-12-01 117024]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-01-05 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-01-05 28600]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-01-16 23176]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-01-16 699880]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-01-16 48360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-01-16 95752]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-08-04 613720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-01-05 108440]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2013-12-01 367200]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2012-08-03 55776]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
R3 SbieDrv;SbieDrv; \??\C:\Program Files (x86)\Sandboxie\SbieDrv.sys [2012-12-16 202632]
S3 AlesisFirewire;Alesis Firewire; C:\Windows\System32\Drivers\AlesisFirewire.sys [2010-05-03 211680]
S3 AlesisFirewireAudio;Alesis Firewire Audio; C:\Windows\system32\drivers\AlesisFirewireAudio.sys [2010-05-03 39008]
S3 AlesisFirewireMidi;Alesis Firewire MIDI; C:\Windows\system32\drivers\AlesisFirewireMidi.sys [2010-05-03 41440]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2013-12-01 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-07-18 1142584]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-12-01 3873784]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-03-11 440400]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-03-11 440400]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2014-03-11 1017424]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-02-13 166352]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-01-24 3724472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-04-24 2135232]
R2 SbieSvc;Sandboxie Service; C:\Program Files (x86)\Sandboxie\SbieSvc.exe [2012-12-16 123664]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142320]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2013-04-30 248704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-23 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-01-24 158928]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by marian at 2014-05-26 21:22:47
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 31 GB (27%) free of 114 GB
Total RAM: 15306 MB (91% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:22:50, on 26.5.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal
Running processes:
C:\Users\marian\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\foobar2000\foobar2000.exe
C:\Program Files\trend micro\marian.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.search.ask.com/?o=APN11459&g ... 27-346&t=4
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Avira SearchFree Toolbar BHO - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O3 - Toolbar: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll" (file missing)
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [QuickTime Plugin Install] C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
O4 - HKCU\..\Run: [uTorrent] "C:\Users\marian\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1B69F6DA-685C-4CD4-AE0F-A8C8D0423BD4}: NameServer = 10.10.11.1
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files (x86)\Sandboxie\SbieSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: SynoDrService - Unknown owner - C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10777 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe"
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files (x86)\Sandboxie\SbieSvc.exe"
C:\Windows\System32\spoolsv.exe
"C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe"
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe" /ModeAvMonitor -Embedding
"C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe" avshadowcontrol0_000007e0
"C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"
"C:\Program Files (x86)\Sandboxie\SbieCtrl.exe"
"C:\Users\marian\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
"C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
"C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\COMODO\COMODO Internet Security\cis.exe" --alertsUI
foobar2000.exe /noresume /shellop:2,FAAAAAAAAAAAAAAAAAAAAAEAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAMAAxAC4AIABIAG8AcAAgAEgAbwBwACAASABvAHAALgBmAGwAYQBjAAAAXABcAEQASQBTAEsAUwBUAEEAVABJAE8ATgBcAG0AdQBzAGkAYwBcAE0AdQBzAGkAYwBcAEYATABBAEMAXABHAG8AcgBhAG4AIABCAHIAZQBnAG8AdgBpAAcBXABUAGEAbABlAHMAIABBAG4AZAAgAFMAbwBuAGcAcwAgAEYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABBAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwBcADAAMgAuACAAVABhAGwAZQAgAEkAIAAoAEcAcgBhAHYAZQAgAEQAaQBzAHAAZQByAGEAdABvACkALgBmAGwAYQBjAAAAXABcAEQASQBTAEsAUwBUAEEAVABJAE8ATgBcAG0AdQBzAGkAYwBcAE0AdQBzAGkAYwBcAEYATABBAEMAXABHAG8AcgBhAG4AIABCAHIAZQBnAG8AdgBpAAcBXABUAGEAbABlAHMAIABBAG4AZAAgAFMAbwBuAGcAcwAgAEYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABBAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwBcADAAMwAuACAAQQB2AGUAbgAgAEkAdgBlAG4AZABhAC4AZgBsAGEAYwAAAFwAXABEAEkAUwBLAFMAVABBAFQASQBPAE4AXABtAHUAcwBpAGMAXABNAHUAcwBpAGMAXABGAEwAQQBDAFwARwBvAHIAYQBuACAAQgByAGUAZwBvAHYAaQAHAVwAVABhAGwAZQBzACAAQQBuAGQAIABTAG8AbgBnAHMAIABGAHIAbwBtACAAVwBlAGQAZABpAG4AZwBzACAAQQBuAGQAIABGAHUAbgBlAHIAYQBsAHMAXAAwADQALgAgAFMAZQB4AC4AZgBsAGEAYwAAAFwAXABEAEkAUwBLAFMAVABBAFQASQBPAE4AXABtAHUAcwBpAGMAXABNAHUAcwBpAGMAXABGAEwAQQBDAFwARwBvAHIAYQBuACAAQgByAGUAZwBvAHYAaQAHAVwAVABhAGwAZQBzACAAQQBuAGQAIABTAG8AbgBnAHMAIABGAHIAbwBtACAAVwBlAGQAZABpAG4AZwBzACAAQQBuAGQAIABGAHUAbgBlAHIAYQBsAHMAXAAwADUALgAgAFQAYQBsAGUAIABJAEkAIAAoAEEAZABhAGcAaQBvACAAUABvAGMAbwAgAEYAZQBiAHIAaQBsAGUAKQAuAGYAbABhAGMAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAMAA2AC4AIABNAGEAawBpACAATQBhAGsAaQAuAGYAbABhAGMAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAMAA3AC4AIABUAGEAbABlACAASQBJAEkAIAAoAEwAZQBuAHQAbwAgAEEAcgBhAGIAZQBzAGMAbwApAC4AZgBsAGEAYwAAAFwAXABEAEkAUwBLAFMAVABBAFQASQBPAE4AXABtAHUAcwBpAGMAXABNAHUAcwBpAGMAXABGAEwAQQBDAFwARwBvAHIAYQBuACAAQgByAGUAZwBvAHYAaQAHAVwAVABhAGwAZQBzACAAQQBuAGQAIABTAG8AbgBnAHMAIABGAHIAbwBtACAAVwBlAGQAZABpAG4AZwBzACAAQQBuAGQAIABGAHUAbgBlAHIAYQBsAHMAXAAwADgALgAgAFMAbwAgAE4AZQB2AG8AIABTAGkALgBmAGwAYQBjAAAAXABcAEQASQBTAEsAUwBUAEEAVABJAE8ATgBcAG0AdQBzAGkAYwBcAE0AdQBzAGkAYwBcAEYATABBAEMAXABHAG8AcgBhAG4AIABCAHIAZQBnAG8AdgBpAAcBXABUAGEAbABlAHMAIABBAG4AZAAgAFMAbwBuAGcAcwAgAEYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABBAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwBcADAAOQAuACAAVABhAGwAZQAgAEkAVgAgACgATQBvAGQAZQByAGEAdABvACAATQBlAGwAYQBuAGMAbwBsAGkAYwBvACkALgBmAGwAYQBjAAAAXABcAEQASQBTAEsAUwBUAEEAVABJAE8ATgBcAG0AdQBzAGkAYwBcAE0AdQBzAGkAYwBcAEYATABBAEMAXABHAG8AcgBhAG4AIABCAHIAZQBnAG8AdgBpAAcBXABUAGEAbABlAHMAIABBAG4AZAAgAFMAbwBuAGcAcwAgAEYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABBAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwBcADEAMAAuACAAQwBvAGMAawB0AGEAaQBsACAATQBvAGwAbwB0AG8AdgAuAGYAbABhAGMAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAMQAxAC4AIABUAGEAbABlACAAVgAgACgAQQBuAGQAYQBuAHQAZQAgAEEAbQBvAHIAbwBzAG8AKQAuAGYAbABhAGMAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAMQAyAC4AIABQAG8AbABpAHoAaQBhACAATQBvAGwAdABvACAAQQByAGEAYgBiAGkAYQB0AGEALgBmAGwAYQBjAAAAXABcAEQASQBTAEsAUwBUAEEAVABJAE8ATgBcAG0AdQBzAGkAYwBcAE0AdQBzAGkAYwBcAEYATABBAEMAXABHAG8AcgBhAG4AIABCAHIAZQBnAG8AdgBpAAcBXABUAGEAbABlAHMAIABBAG4AZAAgAFMAbwBuAGcAcwAgAEYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABBAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwBcADEAMwAuACAAVABhAGwAZQAgAFYASQAgACgAQQBkAGEAZwBpAG8AIABEAGUAbABpAGMAYQB0AG8AKQAuAGYAbABhAGMAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAMQA0AC4AIABUAGUAIABLAHUAcgBhAHYAbABlAC4AZgBsAGEAYwAAAFwAXABEAEkAUwBLAFMAVABBAFQASQBPAE4AXABtAHUAcwBpAGMAXABNAHUAcwBpAGMAXABGAEwAQQBDAFwARwBvAHIAYQBuACAAQgByAGUAZwBvAHYAaQAHAVwAVABhAGwAZQBzACAAQQBuAGQAIABTAG8AbgBnAHMAIABGAHIAbwBtACAAVwBlAGQAZABpAG4AZwBzACAAQQBuAGQAIABGAHUAbgBlAHIAYQBsAHMAXAAxADUALgAgAFQAYQBsAGUAIABWAEkASQAgACgAVgBpAHYAbwAgAEMAbwBuACAARgB1AG8AYwBvACkALgBmAGwAYQBjAAAAXABcAEQASQBTAEsAUwBUAEEAVABJAE8ATgBcAG0AdQBzAGkAYwBcAE0AdQBzAGkAYwBcAEYATABBAEMAXABHAG8AcgBhAG4AIABCAHIAZQBnAG8AdgBpAAcBXABUAGEAbABlAHMAIABBAG4AZAAgAFMAbwBuAGcAcwAgAEYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABBAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkAYwAgAC0AIABUAGEAbABlAHMAIABhAG4AZAAgAFMAbwBuAGcAcwAgAGYAcgBvAG0AIABXAGUAZABkAGkAbgBnAHMAIABhAG4AZAAgAEYAdQBuAGUAcgBhAGwAcwAgACgAMgAwADAAMgAsACAATQBlAHIAYwB1AHIAeQApAC4AYwB1AGUAAABcAFwARABJAFMASwBTAFQAQQBUAEkATwBOAFwAbQB1AHMAaQBjAFwATQB1AHMAaQBjAFwARgBMAEEAQwBcAEcAbwByAGEAbgAgAEIAcgBlAGcAbwB2AGkABwFcAFQAYQBsAGUAcwAgAEEAbgBkACAAUwBvAG4AZwBzACAARgByAG8AbQAgAFcAZQBkAGQAaQBuAGcAcwAgAEEAbgBkACAARgB1AG4AZQByAGEAbABzAFwAQQByAHQAdwBvAHIAawAAAAAA
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Opera x64\opera.exe"
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\marian\AppData\Local\Opera\Opera x64\temporary_downloads\RSITx64.exe"
"C:\Users\marian\AppData\Local\Opera\Opera x64\temporary_downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6c6595fd785e.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Synology Data Replicator 3-marian-PC-marian.job - C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe /SCH /MIN
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-31 553384]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-31 210856]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2014-02-13 12240]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll [2014-02-13 13776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{41564952-412D-5637-00A7-7A786E7484D7} - Avira SearchFree Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll [2014-02-13 12240]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2012-06-12 6548112]
"Acronis Scheduler2 Service"=C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-07-18 518424]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2013-01-24 1451728]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SandboxieControl"=C:\Program Files (x86)\Sandboxie\SbieCtrl.exe [2012-12-16 765200]
"uTorrent"=C:\Users\marian\AppData\Roaming\uTorrent\uTorrent.exe [2014-05-13 1272400]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"Nikon Message Center 2"=C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [2011-10-30 571392]
"TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-10-24 7805824]
"AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102192]
"avgnt"=C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2014-03-11 689744]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-02-13 1758160]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"QuickTime Plugin Install"=C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe [2014-01-24 86016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave9"=wdmaud.drv
"mixer9"=wdmaud.drv
"midi8"=wdmaud.drv
"aux8"=wdmaud.drv
"midi9"=wdmaud.drv
"aux9"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-05-23 11:32:30 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-05-23 11:32:13 ----D---- C:\AdwCleaner
2014-05-21 21:59:57 ----D---- C:\ProgramData\SafetyNut
2014-05-20 21:43:12 ----D---- C:\rsit
2014-05-20 21:43:12 ----D---- C:\Program Files\trend micro
2014-05-20 21:41:38 ----A---- C:\Windows\system32\E_IBCBFCE.DLL
2014-05-20 21:41:38 ----A---- C:\Windows\system32\E_GCINST.DLL
2014-05-14 22:13:30 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-05-14 22:13:30 ----A---- C:\Windows\system32\mshtmled.dll
2014-05-14 22:13:30 ----A---- C:\Windows\system32\mshtml.dll
2014-05-14 22:13:29 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-05-14 22:13:27 ----D---- C:\Program Files\Common Files\DESIGNER
2014-05-14 21:14:22 ----A---- C:\Windows\system32\shell32.dll
2014-05-14 21:14:21 ----A---- C:\Windows\SYSWOW64\shell32.dll
2014-05-14 21:14:21 ----A---- C:\Windows\system32\aepdu.dll
2014-05-14 21:14:21 ----A---- C:\Windows\system32\aeinv.dll
2014-05-14 21:14:15 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-05-14 21:14:15 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-05-14 21:14:15 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-05-14 21:14:15 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-05-14 21:14:15 ----A---- C:\Windows\system32\winlogon.exe
2014-05-14 21:14:15 ----A---- C:\Windows\system32\objsel.dll
2014-05-14 21:14:15 ----A---- C:\Windows\system32\msv1_0.dll
2014-05-14 21:14:15 ----A---- C:\Windows\system32\lsasrv.dll
2014-05-14 21:14:15 ----A---- C:\Windows\system32\kerberos.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\wincredprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\objsel.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\dpapiprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\dimsroam.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\cngprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\capiprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\SYSWOW64\adprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\wincredprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\wdigest.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\TSpkg.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\sspisrv.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\sspicli.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\schannel.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\secur32.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-05-14 21:14:14 ----A---- C:\Windows\system32\lsass.exe
2014-05-14 21:14:14 ----A---- C:\Windows\system32\KernelBase.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-05-14 21:14:14 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2014-05-14 21:14:14 ----A---- C:\Windows\system32\dpapiprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\dimsroam.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\credssp.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\cngprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\capiprovider.dll
2014-05-14 21:14:14 ----A---- C:\Windows\system32\adprovider.dll
2014-05-13 20:40:41 ----D---- C:\Program Files (x86)\Browser Tab Search by Ask
2014-05-07 11:34:56 ----D---- C:\Users\marian\AppData\Roaming\Waldorf
2014-05-06 12:47:44 ----A---- C:\Windows\SYSWOW64\msvcsv60.dll
2014-05-06 12:47:44 ----A---- C:\Windows\msocreg32.dat
2014-04-30 19:56:24 ----SD---- C:\Windows\system32\CompatTel
======List of files/folders modified in the last 1 month======
2014-05-26 21:22:49 ----D---- C:\Windows\Temp
2014-05-26 21:18:41 ----D---- C:\Users\marian\AppData\Roaming\uTorrent
2014-05-26 16:38:58 ----D---- C:\Windows\System32
2014-05-26 16:38:58 ----D---- C:\Windows\inf
2014-05-26 16:38:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-05-26 16:36:25 ----D---- C:\Windows\system32\config
2014-05-26 16:34:41 ----D---- C:\Users\marian\AppData\Roaming\foobar2000
2014-05-25 10:20:14 ----D---- C:\Users\marian\AppData\Roaming\vlc
2014-05-23 11:43:29 ----D---- C:\Windows\Microsoft.NET
2014-05-23 11:43:03 ----RSD---- C:\Windows\assembly
2014-05-23 11:32:36 ----RD---- C:\Program Files (x86)
2014-05-23 11:32:36 ----HD---- C:\ProgramData
2014-05-23 11:32:30 ----D---- C:\Windows\SysWOW64
2014-05-20 21:43:12 ----RD---- C:\Program Files
2014-05-20 21:41:52 ----D---- C:\Windows\system32\DriverStore
2014-05-20 21:41:48 ----SHD---- C:\System Volume Information
2014-05-20 21:41:37 ----D---- C:\Windows\system32\catroot
2014-05-20 21:41:36 ----D---- C:\Windows\system32\catroot2
2014-05-20 21:27:36 ----D---- C:\Program Files (x86)\epson
2014-05-20 21:22:18 ----D---- C:\Users\marian\AppData\Roaming\EPSON
2014-05-20 21:13:55 ----D---- C:\Windows\system32\FxsTmp
2014-05-20 21:11:07 ----D---- C:\ProgramData\UDL
2014-05-20 21:10:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-05-20 21:10:39 ----SHD---- C:\Windows\Installer
2014-05-20 21:09:07 ----D---- C:\Windows\twain_32
2014-05-20 21:02:58 ----D---- C:\ProgramData\EPSON
2014-05-16 19:32:01 ----D---- C:\ProgramData\DVD Shrink
2014-05-16 19:12:27 ----D---- C:\Users\marian\AppData\Roaming\dvdcss
2014-05-15 20:29:45 ----D---- C:\Program Files (x86)\Internet Explorer
2014-05-15 09:44:16 ----D---- C:\Windows\winsxs
2014-05-15 09:43:36 ----D---- C:\Windows\system32\drivers
2014-05-15 09:43:36 ----D---- C:\Windows\system32\cs-CZ
2014-05-15 09:43:36 ----D---- C:\Windows\PolicyDefinitions
2014-05-14 22:14:14 ----D---- C:\ProgramData\Microsoft Help
2014-05-14 22:13:27 ----D---- C:\Program Files\Common Files
2014-05-14 22:13:03 ----D---- C:\Windows\system32\MRT
2014-05-14 22:12:20 ----A---- C:\Windows\system32\MRT.exe
2014-05-10 17:36:18 ----D---- C:\Windows\Tasks
2014-05-07 11:36:32 ----D---- C:\Users\marian\AppData\Roaming\Audacity
2014-05-07 09:57:30 ----D---- C:\Program Files (x86)\Common Files
2014-05-07 09:39:18 ----D---- C:\ProgramData\Ableton
2014-05-06 12:47:44 ----D---- C:\Windows
2014-04-27 20:38:53 ----A---- C:\Windows\SYSWOW64\certsentry.dll
2014-04-27 20:38:53 ----A---- C:\Windows\system32\certsentry.dll
2014-04-27 20:38:48 ----D---- C:\Program Files (x86)\Comodo
2014-04-27 19:53:21 ----D---- C:\Program Files\Opera x64
2014-04-27 19:53:21 ----D---- C:\Program Files (x86)\Opera x64
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2013-12-01 116000]
R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2013-08-04 458584]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2013-12-01 269600]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2013-12-01 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2013-12-01 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2013-12-01 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2013-12-01 117024]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2014-01-05 131576]
R1 avkmgr;avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [2014-01-05 28600]
R1 cmderd;COMODO Internet Security Eradication Driver; C:\Windows\System32\DRIVERS\cmderd.sys [2013-01-16 23176]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\Windows\system32\DRIVERS\cmdguard.sys [2013-01-16 699880]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\Windows\System32\DRIVERS\cmdhlp.sys [2013-01-16 48360]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 inspect;COMODO Internet Security Firewall Driver; C:\Windows\system32\DRIVERS\inspect.sys [2013-01-16 95752]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2013-08-04 613720]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2014-01-05 108440]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2013-12-01 367200]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2012-08-03 55776]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-19 4065296]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2012-05-20 357184]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2012-05-20 789824]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2012-06-12 726160]
R3 SbieDrv;SbieDrv; \??\C:\Program Files (x86)\Sandboxie\SbieDrv.sys [2012-12-16 202632]
S3 AlesisFirewire;Alesis Firewire; C:\Windows\System32\Drivers\AlesisFirewire.sys [2010-05-03 211680]
S3 AlesisFirewireAudio;Alesis Firewire Audio; C:\Windows\system32\drivers\AlesisFirewireAudio.sys [2010-05-03 39008]
S3 AlesisFirewireMidi;Alesis Firewire MIDI; C:\Windows\system32\drivers\AlesisFirewireMidi.sys [2010-05-03 41440]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2013-12-01 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-07-18 1142584]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-12-01 3873784]
R2 AntiVirService;Avira Real-Time Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2014-03-11 440400]
R2 AntiVirSchedulerService;Avira Scheduler; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2014-03-11 440400]
R2 AntiVirWebService;Avira Web Protection; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2014-03-11 1017424]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-02-13 166352]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2013-01-24 3724472]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DragonUpdater;COMODO Dragon Update Service; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2014-04-24 2135232]
R2 SbieSvc;Sandboxie Service; C:\Program Files (x86)\Sandboxie\SbieSvc.exe [2012-12-16 123664]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142320]
R2 SynoDrService;SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [2013-10-09 384072]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2013-12-17 5341536]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2013-04-30 248704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-23 257712]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 cmdvirth;COMODO Virtual Service Manager; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-01-24 158928]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-08 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-03-06 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-02-01 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nelze navázat komunikaci s tiskárnou-podivné chování(RSI
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Program Files (x86)\AskPartnerNetwork
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6c6595fd785e.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{41564952-412D-5637-00A7-7A786E7484D7}]
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nelze navázat komunikaci s tiskárnou-podivné chování(RSI
Dobrý den. Měl jsem s posledním úkonem menší problém. (viz.obrázek)
A ještě text z "Results:"
All processes killed
========== FILES ==========
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\AVIRA-V7 folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\VNT folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\Updater folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox\Profiles folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7 folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork folder moved successfully.
< C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6c6595fd785e.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c >
C:\Users\marian\Desktop\cmd.bat deleted successfully.
C:\Users\marian\Desktop\cmd.txt deleted successfully.
A ještě text z "Results:"
All processes killed
========== FILES ==========
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\AVIRA-V7 folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\VNT folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\Updater folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata\AskPartnerNetwork folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\common appdata folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder} folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox\Profiles folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla\Firefox folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata\Mozilla folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\appdata folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7 folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork\Toolbar folder moved successfully.
C:\Program Files (x86)\AskPartnerNetwork folder moved successfully.
< C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6c6595fd785e.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c >
C:\Users\marian\Desktop\cmd.bat deleted successfully.
C:\Users\marian\Desktop\cmd.txt deleted successfully.
-
Rudy
- Site Admin
- Příspěvky: 119541
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Nelze navázat komunikaci s tiskárnou-podivné chování(RSI
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Nelze navázat komunikaci s tiskárnou-podivné chování(RSI
Problém vyřešen. Děkuji za pomoc s vyčištěním.
Přispějete na provoz fóra?