Dobrý den,
potřeboval bych instrukce k odstranění infiltrace virem Win32/SProtector.D.
ESET NOD32 Antivirus 8 detekuje následující:
5.11.2014 12:12:36 Kontrola při startu soubor Operační paměť » rundll32.exe(1920) varianta infiltrace Win32/SProtector.D potenciálně nechtěná aplikace vyléčen smazáním
Řešení naprosto identického problému jsem našel zde: http://www.fixitpc.pl/topic/24712-win32 ... ndll32exe/
Prosím o kontrolu logu z RSIT a děkuji za vaši ochotu a čas:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Acer at 2014-11-05 12:33:13
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 25 GB (7%) free of 360 GB
Total RAM: 3767 MB (43% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:33:17, on 5.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrotray.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\Acer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared
\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
(User 'Default user')
O4 - Startup: Dropbox.lnk = Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files
(x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program
Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office
\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office
\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash
\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology
\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management
Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: Nalpeiron Control Service (NalServ) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nalserv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\UNS\UNS.exe
O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file
missing)
--
End of file - 18035 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1
ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1
ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 24111728
\??\C:\Windows\system32\conhost.exe "-1022762741-18401523761152121591696912301384682796-14475575511931890662700631504
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\VideoCnv\Zet.dll",serv
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\VideoCnv\Zet.dll",serv
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"taskhost.exe"
C:\Windows\SysWOW64\nalserv.exe
C:\Windows\SysWOW64\nlssrv32.exe
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Popcorn Time\Updater.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2332
adb fork-server server
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe"
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Zune\ZuneLauncher.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrotray.exe"
"C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
KHALMNPR.EXE /API
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe" --client=2 --server-address=\\.\pipe\pyc-4316-0-fmnvxm
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4628.251e9040.404777198 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll" -greomni
"C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox
\browser" E7CF176E110C211B 4628 "\\.\pipe\gecko-crash-server-pipe.4628" plugin
taskeng.exe {D8E4D2BD-BBC8-411F-9142-F558B9AB99D6}
"D:\totalcmd\TOTALCMD64.EXE"
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Acer Registration - Data Sending task.job - C:\Program Files (x86)\Acer\Registration\GREG.exe /DS
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cef0bbbf4837a6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf28db90a57dd.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-497701146-2149256653-1218492009-1000Core1cf695892e79b86.job - C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe
/c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-497701146-2149256653-1218492009-1000UA1cf8ab55088b83e.job - C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe
/ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\pptzszwc.default-1374850080073
prefs.js - "browser.search.useDBForOrder" - true
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files (x86)\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=D:\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npdjvu.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\pptzszwc.default-1374850080073\extensions\
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{d37dc5d0-431d-44e5-8c91-49419370caa1}
{d5eeb813-935a-435d-b01e-b3a02f2cb408}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-02-21 436464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-19 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21 367344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-19 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ODDPwr"=C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [2010-04-22 223264]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-13 11046504]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-07-13 2103912]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-11 2107176]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2010-06-11 496160]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-09-22 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-08-08 22734160]
"Spotify Web Helper"=C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-11-04 1514040]
"SkyDrive"=C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-09-24 277672]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
D:\MyHeritage\Bin\FTBCheckUpdates.exe [2011-12-21 229376]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Adobe Acrobat Speed Launcher"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrobat_sl.exe [2013-05-08 44128]
"Acrobat Assistant 8.0"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrotray.exe [2013-05-08 642664]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
""= []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-06-13 336384]
"HTC Sync Loader"=C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03 659456]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="acaptuser64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-02-08 68848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - install -
======List of files/folders created in the last 1 month======
2014-11-05 12:20:47 ----D---- C:\FRST
2014-11-05 10:38:01 ----D---- C:\Program Files\trend micro
2014-11-05 10:38:00 ----D---- C:\rsit
2014-11-03 14:01:42 ----D---- C:\Program Files (x86)\VideoCnv
2014-11-03 13:41:26 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-11-03 13:40:53 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-11-03 13:40:52 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-11-03 13:40:48 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-19 19:48:47 ----D---- C:\Users\Acer\AppData\Roaming\Oracle
2014-10-19 19:47:15 ----N---- C:\Windows\SYSWOW64\javaws.exe
2014-10-19 19:47:00 ----N---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-19 19:46:42 ----N---- C:\Windows\SYSWOW64\javaw.exe
2014-10-19 19:46:42 ----N---- C:\Windows\SYSWOW64\java.exe
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 18:22:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 18:22:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 18:22:53 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 18:22:53 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 18:22:52 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 18:22:51 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 18:22:51 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 18:22:50 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 18:22:47 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 18:22:47 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 18:22:47 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 18:22:46 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 18:22:18 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 18:22:18 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 18:22:18 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 18:22:17 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 18:22:16 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 18:22:16 ----A---- C:\Windows\system32\mf.dll
2014-10-15 18:22:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 18:22:15 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 18:22:15 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 18:22:15 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 18:22:14 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 18:22:14 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 18:22:14 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 18:22:13 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 18:22:13 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 18:22:13 ----A---- C:\Windows\system32\winload.exe
2014-10-15 18:22:13 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 18:22:13 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\ci.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 18:22:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 18:22:12 ----A---- C:\Windows\system32\evr.dll
2014-10-15 18:22:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 18:22:11 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 18:22:10 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 18:22:09 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 18:22:06 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 18:22:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 18:22:00 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 18:21:59 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 18:21:59 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 18:21:59 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 18:21:59 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 18:21:58 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 18:21:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 18:21:57 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 18:21:43 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 18:21:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 18:21:35 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 18:21:35 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 18:21:34 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 18:21:25 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 18:21:25 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 18:21:25 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 18:21:24 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 18:21:24 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 18:21:24 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 18:21:24 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 18:21:24 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 18:21:10 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 18:21:10 ----A---- C:\Windows\system32\msi.dll
2014-10-15 18:20:27 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 18:20:27 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 18:20:14 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 18:20:14 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 18:20:13 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 18:17:00 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 18:16:59 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 18:16:09 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 18:16:09 ----A---- C:\Windows\system32\packager.dll
2014-10-14 18:31:35 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-10-06 20:20:28 ----D---- C:\ProgramData\ESET
======List of files/folders modified in the last 1 month======
2014-11-05 12:33:14 ----D---- C:\Windows\Temp
2014-11-05 12:32:48 ----D---- C:\Program Files (x86)
2014-11-05 12:32:00 ----D---- C:\Windows\system32\config
2014-11-05 12:20:52 ----AD---- C:\Windows
2014-11-05 12:10:41 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-05 12:10:20 ----D---- C:\Users\Acer\AppData\Roaming\Dropbox
2014-11-05 12:07:40 ----D---- C:\Windows\Jaksta
2014-11-05 12:05:21 ----D---- C:\Users\Acer\AppData\Roaming\Skype
2014-11-05 11:26:24 ----SHD---- C:\Windows\Installer
2014-11-05 11:26:24 ----SHD---- C:\Config.Msi
2014-11-05 11:25:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-05 11:23:10 ----HD---- C:\ProgramData
2014-11-05 11:20:07 ----D---- C:\Program Files (x86)\Acer GameZone
2014-11-05 10:38:08 ----D---- C:\Windows\Prefetch
2014-11-05 10:38:01 ----RD---- C:\Program Files
2014-11-04 19:56:38 ----D---- C:\Windows\system32\drivers
2014-11-04 19:56:38 ----D---- C:\Windows\Sun
2014-11-04 19:40:25 ----D---- C:\Users\Acer\AppData\Roaming\Spotify
2014-11-03 14:13:39 ----RSD---- C:\Windows\Fonts
2014-11-03 14:03:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-03 13:40:48 ----D---- C:\ProgramData\Malwarebytes
2014-11-02 13:33:05 ----D---- C:\Windows\System32
2014-11-02 13:33:05 ----D---- C:\Windows\inf
2014-11-02 13:33:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-31 12:39:32 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-29 22:38:09 ----SHD---- C:\$Recycle.Bin
2014-10-29 22:07:23 ----D---- C:\Users\Acer\AppData\Roaming\vlc
2014-10-28 09:32:43 ----D---- C:\Windows\Minidump
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-25 22:38:39 ----HD---- C:\_acestream_cache_
2014-10-25 22:38:29 ----D---- C:\Users\Acer\AppData\Roaming\.ACEStream
2014-10-23 19:45:45 ----A---- C:\Windows\wininit.ini
2014-10-23 13:30:00 ----D---- C:\Windows\system32\Tasks
2014-10-23 13:11:12 ----D---- C:\Users\Acer\AppData\Roaming\Electronic Arts
2014-10-22 09:12:26 ----N---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-22 09:05:37 ----D---- C:\Program Files (x86)\Popcorn Time
2014-10-21 10:28:28 ----D---- C:\Windows\Tasks
2014-10-20 20:17:49 ----D---- C:\ProgramData\Skype
2014-10-20 13:18:53 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-10-19 19:50:01 ----D---- C:\Program Files (x86)\Java
2014-10-19 19:49:46 ----D---- C:\Windows\SysWOW64
2014-10-19 19:48:27 ----D---- C:\ProgramData\Oracle
2014-10-16 19:30:53 ----D---- C:\Program Files (x86)\Steam
2014-10-16 07:37:33 ----D---- C:\Windows\rescache
2014-10-15 19:43:12 ----D---- C:\Windows\Microsoft.NET
2014-10-15 19:42:36 ----RSD---- C:\Windows\assembly
2014-10-15 19:27:20 ----D---- C:\Windows\system32\catroot2
2014-10-15 19:23:26 ----D---- C:\Windows\winsxs
2014-10-15 19:19:27 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 19:19:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 19:19:27 ----D---- C:\Program Files\Windows Media Player
2014-10-15 19:19:27 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 19:19:25 ----D---- C:\Windows\system32\en-US
2014-10-15 19:19:25 ----D---- C:\Windows\system32\Dism
2014-10-15 19:19:25 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 19:19:24 ----SD---- C:\Windows\system32\CompatTel
2014-10-15 19:19:24 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 19:19:24 ----D---- C:\Windows\system32\Boot
2014-10-15 19:19:23 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 19:19:23 ----D---- C:\Program Files\Internet Explorer
2014-10-15 19:19:22 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 18:42:21 ----D---- C:\ProgramData\Microsoft Help
2014-10-15 18:37:58 ----D---- C:\Windows\system32\MRT
2014-10-15 18:25:04 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 18:20:42 ----D---- C:\Windows\system32\catroot
2014-10-09 13:03:42 ----D---- C:\Users\Acer\AppData\Roaming\Adobe
2014-10-09 09:10:26 ----RD---- C:\Program Files (x86)\Skype
2014-10-06 20:20:48 ----D---- C:\Windows\system32\DriverStore
2014-10-06 15:32:52 ----D---- C:\ProgramData\Origin
2014-10-06 14:02:33 ----D---- C:\Program Files (x86)\Origin
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-18 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-09-22 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-09-22 169280]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-09-22 158968]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-06-14 9319424]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-06-13 303616]
R3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-06-03 4171328]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-13 2424040]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-08-25 10611552]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2013-01-03 79240]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2013-01-03 15752]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-01-03 77192]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-01-03 61832]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 25816]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-28 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-11 316464]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-04-28 17408]
S0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-05 125456]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-25 342056]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-06-25 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-06-25 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-25 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-25 21544]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 esihdrv;esihdrv; \??\C:\Users\Acer\AppData\Local\Temp\esihdrv.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 63704]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 PCDSRVC{D1725DDC-4C449E30-06020101}_0;PCDSRVC{D1725DDC-4C449E30-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\acer\appdata\local\temp
\vrc85j3005ut\pcdrdiag\bin\pcdsrvc_x64.pkms []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-06-13 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-25 952096]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-09-16 1350112]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-06-11 821792]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-04-02 87368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-07-
01 325656]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
R2 NalServ;Nalpeiron Control Service; C:\Windows\SysWOW64\nalserv.exe [2014-04-10 147056]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2014-04-10 70768]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-29 255744]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
R2 ODDPwrSvc;Acer ODD Power Service; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-03-10 75064]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-03-20 4971840]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-01
2533400]
R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2014-10-09 179200]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 fa6789c5;VideoCnv; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-22 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-11
651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-02-08 359664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-31 114288]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-25 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
[2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Infiltrace Win32/SProtector.D
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
xfloorman78
- Návštěvník
- Příspěvky: 8
- Registrován: 05 lis 2014 12:38
-
Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Infiltrace Win32/SProtector.D
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
xfloorman78
- Návštěvník
- Příspěvky: 8
- Registrován: 05 lis 2014 12:38
Re: Infiltrace Win32/SProtector.D
Díky, tady to je:
# AdwCleaner v3.311 - Report created 05/11/2014 at 21:28:41
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Acer - COMM4U-ZL-NTB
# Running from : C:\Users\Acer\Desktop\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\Users\Helenka\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Jana\AppData\LocalLow\AskToolbar
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 228200
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0.2 (x86 cs)
[ File : C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\pptzszwc.default-1374850080073\prefs.js ]
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[ File : C:\Users\Bětuška\AppData\Roaming\Mozilla\Firefox\Profiles\0pnevvxf.default-1403096492012\prefs.js ]
[ File : C:\Users\Helenka\AppData\Roaming\Mozilla\Firefox\Profiles\mfkqf705.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
[ File : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\jp8xjdq6.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
-\\ Google Chrome v
[ File : C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3011 octets] - [05/11/2014 21:26:07]
AdwCleaner[S0].txt - [2810 octets] - [05/11/2014 21:28:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2870 octets] ##########
# AdwCleaner v3.311 - Report created 05/11/2014 at 21:28:41
# Updated 30/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Acer - COMM4U-ZL-NTB
# Running from : C:\Users\Acer\Desktop\adwcleaner_3.311.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Uniblue
Folder Deleted : C:\Users\Helenka\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Jana\AppData\LocalLow\AskToolbar
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 228200
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Mozilla Firefox v33.0.2 (x86 cs)
[ File : C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\pptzszwc.default-1374850080073\prefs.js ]
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[ File : C:\Users\Bětuška\AppData\Roaming\Mozilla\Firefox\Profiles\0pnevvxf.default-1403096492012\prefs.js ]
[ File : C:\Users\Helenka\AppData\Roaming\Mozilla\Firefox\Profiles\mfkqf705.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
[ File : C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\jp8xjdq6.default\prefs.js ]
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
-\\ Google Chrome v
[ File : C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [3011 octets] - [05/11/2014 21:26:07]
AdwCleaner[S0].txt - [2810 octets] - [05/11/2014 21:28:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2870 octets] ##########
-
Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Infiltrace Win32/SProtector.D
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
xfloorman78
- Návštěvník
- Příspěvky: 8
- Registrován: 05 lis 2014 12:38
Re: Infiltrace Win32/SProtector.D
Logfile of random's system information tool 1.10 (written by random/random)
Run by Acer at 2014-11-05 22:10:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 36 GB (10%) free of 360 GB
Total RAM: 3767 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:44, on 5.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrotray.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Acer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Dropbox.lnk = Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: Nalpeiron Control Service (NalServ) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nalserv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 18126 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 36741584
\??\C:\Windows\system32\conhost.exe "-616867036-1407453627-521788331708478222-836773987-535036195-2063626499-1623691934
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\VideoCnv\Zet.dll",serv
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\VideoCnv\Zet.dll",serv
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
C:\Windows\SysWOW64\nalserv.exe
C:\Windows\SysWOW64\nlssrv32.exe
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Popcorn Time\Updater.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2728
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
adb fork-server server
"C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe"
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Zune\ZuneLauncher.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S0].txt
KHALMNPR.EXE /API
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe" --client=2 --server-address=\\.\pipe\pyc-4188-0-dirqw6
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"D:\totalcmd\TOTALCMD64.EXE"
"C:\Program Files\CCleaner\CCleaner64.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskhost.exe $(Arg0)
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Acer Registration - Data Sending task.job - C:\Program Files (x86)\Acer\Registration\GREG.exe /DS
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cef0bbbf4837a6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf28db90a57dd.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-497701146-2149256653-1218492009-1000Core1cf695892e79b86.job - C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-497701146-2149256653-1218492009-1000UA1cf8ab55088b83e.job - C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\pptzszwc.default-1374850080073
prefs.js - "browser.search.useDBForOrder" - true
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files (x86)\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=D:\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npdjvu.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\pptzszwc.default-1374850080073\extensions\
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{d37dc5d0-431d-44e5-8c91-49419370caa1}
{d5eeb813-935a-435d-b01e-b3a02f2cb408}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-02-21 436464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-19 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21 367344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-19 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ODDPwr"=C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [2010-04-22 223264]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-13 11046504]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-07-13 2103912]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-11 2107176]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2010-06-11 496160]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-09-22 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-08-08 22734160]
"Spotify Web Helper"=C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-11-04 1514040]
"SkyDrive"=C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-09-24 277672]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-30 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
D:\MyHeritage\Bin\FTBCheckUpdates.exe [2011-12-21 229376]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Adobe Acrobat Speed Launcher"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrobat_sl.exe [2013-05-08 44128]
"Acrobat Assistant 8.0"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrotray.exe [2013-05-08 642664]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
""= []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-06-13 336384]
"HTC Sync Loader"=C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03 659456]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="acaptuser64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-02-08 68848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - install -
======List of files/folders created in the last 1 month======
2014-11-05 21:27:25 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-11-05 21:26:04 ----D---- C:\AdwCleaner
2014-11-05 12:20:47 ----D---- C:\FRST
2014-11-05 10:38:01 ----D---- C:\Program Files\trend micro
2014-11-05 10:38:00 ----D---- C:\rsit
2014-11-03 14:01:42 ----D---- C:\Program Files (x86)\VideoCnv
2014-11-03 13:41:26 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-11-03 13:40:53 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-11-03 13:40:52 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-11-03 13:40:48 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-19 19:48:47 ----D---- C:\Users\Acer\AppData\Roaming\Oracle
2014-10-19 19:47:15 ----N---- C:\Windows\SYSWOW64\javaws.exe
2014-10-19 19:47:00 ----N---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-19 19:46:42 ----N---- C:\Windows\SYSWOW64\javaw.exe
2014-10-19 19:46:42 ----N---- C:\Windows\SYSWOW64\java.exe
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 18:22:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 18:22:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 18:22:53 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 18:22:53 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 18:22:52 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 18:22:51 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 18:22:51 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 18:22:50 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 18:22:47 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 18:22:47 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 18:22:47 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 18:22:46 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 18:22:18 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 18:22:18 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 18:22:18 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 18:22:17 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 18:22:16 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 18:22:16 ----A---- C:\Windows\system32\mf.dll
2014-10-15 18:22:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 18:22:15 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 18:22:15 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 18:22:15 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 18:22:14 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 18:22:14 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 18:22:14 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 18:22:13 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 18:22:13 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 18:22:13 ----A---- C:\Windows\system32\winload.exe
2014-10-15 18:22:13 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 18:22:13 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\ci.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 18:22:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 18:22:12 ----A---- C:\Windows\system32\evr.dll
2014-10-15 18:22:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 18:22:11 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 18:22:10 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 18:22:09 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 18:22:06 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 18:22:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 18:22:00 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 18:21:59 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 18:21:59 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 18:21:59 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 18:21:59 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 18:21:58 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 18:21:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 18:21:57 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 18:21:43 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 18:21:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 18:21:35 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 18:21:35 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 18:21:34 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 18:21:25 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 18:21:25 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 18:21:25 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 18:21:24 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 18:21:24 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 18:21:24 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 18:21:24 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 18:21:24 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 18:21:10 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 18:21:10 ----A---- C:\Windows\system32\msi.dll
2014-10-15 18:20:27 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 18:20:27 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 18:20:14 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 18:20:14 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 18:20:13 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 18:17:00 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 18:16:59 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 18:16:09 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 18:16:09 ----A---- C:\Windows\system32\packager.dll
2014-10-14 18:31:35 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-10-06 20:20:28 ----D---- C:\ProgramData\ESET
======List of files/folders modified in the last 1 month======
2014-11-05 22:10:44 ----D---- C:\Windows\Prefetch
2014-11-05 22:10:40 ----D---- C:\Windows\Temp
2014-11-05 22:01:49 ----D---- C:\Users\Acer\AppData\Roaming\TeamViewer
2014-11-05 22:01:49 ----D---- C:\Users\Acer\AppData\Roaming\DAEMON Tools Lite
2014-11-05 22:01:48 ----D---- C:\Program Files (x86)\Steam
2014-11-05 22:01:46 ----D---- C:\Users\Acer\AppData\Roaming\uTorrent
2014-11-05 22:01:46 ----D---- C:\Users\Acer\AppData\Roaming\Skype
2014-11-05 21:57:46 ----D---- C:\Windows\Panther
2014-11-05 21:57:46 ----D---- C:\Windows\Minidump
2014-11-05 21:57:46 ----D---- C:\Windows\Logs
2014-11-05 21:57:46 ----D---- C:\Windows\inf
2014-11-05 21:57:46 ----D---- C:\Windows\debug
2014-11-05 21:57:46 ----AD---- C:\Windows
2014-11-05 21:56:07 ----D---- C:\Windows\system32\config
2014-11-05 21:48:57 ----D---- C:\Program Files\CCleaner
2014-11-05 21:33:26 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-05 21:33:06 ----D---- C:\Users\Acer\AppData\Roaming\Dropbox
2014-11-05 21:28:43 ----HD---- C:\ProgramData
2014-11-05 21:27:25 ----D---- C:\Windows\SysWOW64
2014-11-05 12:32:48 ----D---- C:\Program Files (x86)
2014-11-05 12:07:40 ----D---- C:\Windows\Jaksta
2014-11-05 12:07:40 ----D---- C:\Applian Technologies
2014-11-05 11:26:26 ----D---- C:\ProgramData\CyberLink
2014-11-05 11:26:24 ----SHD---- C:\Windows\Installer
2014-11-05 11:26:24 ----SHD---- C:\Config.Msi
2014-11-05 11:25:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-05 11:20:07 ----D---- C:\Program Files (x86)\Acer GameZone
2014-11-05 10:38:01 ----RD---- C:\Program Files
2014-11-04 19:56:38 ----D---- C:\Windows\system32\drivers
2014-11-04 19:56:38 ----D---- C:\Windows\Sun
2014-11-04 19:40:25 ----D---- C:\Users\Acer\AppData\Roaming\Spotify
2014-11-03 14:13:39 ----RSD---- C:\Windows\Fonts
2014-11-03 14:03:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-03 13:40:48 ----D---- C:\ProgramData\Malwarebytes
2014-11-02 13:33:05 ----D---- C:\Windows\System32
2014-11-02 13:33:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-31 12:39:32 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-29 22:38:09 ----SHD---- C:\$Recycle.Bin
2014-10-29 22:07:23 ----D---- C:\Users\Acer\AppData\Roaming\vlc
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-25 22:38:39 ----HD---- C:\_acestream_cache_
2014-10-25 22:38:29 ----D---- C:\Users\Acer\AppData\Roaming\.ACEStream
2014-10-23 19:45:45 ----A---- C:\Windows\wininit.ini
2014-10-23 13:30:00 ----D---- C:\Windows\system32\Tasks
2014-10-23 13:11:12 ----D---- C:\Users\Acer\AppData\Roaming\Electronic Arts
2014-10-22 09:12:26 ----N---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-22 09:05:37 ----D---- C:\Program Files (x86)\Popcorn Time
2014-10-21 10:28:28 ----D---- C:\Windows\Tasks
2014-10-20 20:17:49 ----D---- C:\ProgramData\Skype
2014-10-20 13:18:53 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-10-19 19:50:01 ----D---- C:\Program Files (x86)\Java
2014-10-19 19:48:27 ----D---- C:\ProgramData\Oracle
2014-10-16 07:37:33 ----D---- C:\Windows\rescache
2014-10-15 19:43:12 ----D---- C:\Windows\Microsoft.NET
2014-10-15 19:42:36 ----RSD---- C:\Windows\assembly
2014-10-15 19:27:20 ----D---- C:\Windows\system32\catroot2
2014-10-15 19:23:26 ----D---- C:\Windows\winsxs
2014-10-15 19:19:27 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 19:19:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 19:19:27 ----D---- C:\Program Files\Windows Media Player
2014-10-15 19:19:27 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 19:19:25 ----D---- C:\Windows\system32\en-US
2014-10-15 19:19:25 ----D---- C:\Windows\system32\Dism
2014-10-15 19:19:25 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 19:19:24 ----SD---- C:\Windows\system32\CompatTel
2014-10-15 19:19:24 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 19:19:24 ----D---- C:\Windows\system32\Boot
2014-10-15 19:19:23 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 19:19:23 ----D---- C:\Program Files\Internet Explorer
2014-10-15 19:19:22 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 18:42:21 ----D---- C:\ProgramData\Microsoft Help
2014-10-15 18:37:58 ----D---- C:\Windows\system32\MRT
2014-10-15 18:25:04 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 18:20:42 ----D---- C:\Windows\system32\catroot
2014-10-09 13:03:42 ----D---- C:\Users\Acer\AppData\Roaming\Adobe
2014-10-09 09:10:26 ----RD---- C:\Program Files (x86)\Skype
2014-10-06 20:20:48 ----D---- C:\Windows\system32\DriverStore
2014-10-06 15:32:52 ----D---- C:\ProgramData\Origin
2014-10-06 14:02:33 ----D---- C:\Program Files (x86)\Origin
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-18 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-09-22 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-09-22 169280]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-09-22 158968]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-06-14 9319424]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-06-13 303616]
R3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-06-03 4171328]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-13 2424040]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-08-25 10611552]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2013-01-03 79240]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2013-01-03 15752]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-01-03 77192]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-01-03 61832]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-11-05 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 63704]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-28 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-11 316464]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-04-28 17408]
S0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-05 125456]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-25 342056]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-06-25 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-06-25 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-25 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-25 21544]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 esihdrv;esihdrv; \??\C:\Users\Acer\AppData\Local\Temp\esihdrv.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 PCDSRVC{D1725DDC-4C449E30-06020101}_0;PCDSRVC{D1725DDC-4C449E30-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\acer\appdata\local\temp\vrc85j3005ut\pcdrdiag\bin\pcdsrvc_x64.pkms []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-06-13 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-25 952096]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-09-16 1350112]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-06-11 821792]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-04-02 87368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-07-01 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
R2 NalServ;Nalpeiron Control Service; C:\Windows\SysWOW64\nalserv.exe [2014-04-10 147056]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2014-04-10 70768]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-29 255744]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
R2 ODDPwrSvc;Acer ODD Power Service; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-03-10 75064]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-03-20 4971840]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-01 2533400]
R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2014-10-09 179200]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 fa6789c5;VideoCnv; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-22 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-11 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-02-08 359664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-31 114288]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-25 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Run by Acer at 2014-11-05 22:10:37
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 36 GB (10%) free of 360 GB
Total RAM: 3767 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:10:44, on 5.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrotray.exe
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Acer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKCU\..\Run: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Dropbox.lnk = Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: Nalpeiron Control Service (NalServ) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nalserv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 18126 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 36741584
\??\C:\Windows\system32\conhost.exe "-616867036-1407453627-521788331708478222-836773987-535036195-2063626499-1623691934
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\VideoCnv\Zet.dll",serv
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\VideoCnv\Zet.dll",serv
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
C:\Windows\SysWOW64\nalserv.exe
C:\Windows\SysWOW64\nlssrv32.exe
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"C:\Program Files (x86)\Popcorn Time\Updater.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2728
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
adb fork-server server
"C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe"
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Zune\ZuneLauncher.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
"C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Windows\system32\NOTEPAD.EXE" C:\AdwCleaner\AdwCleaner[S0].txt
KHALMNPR.EXE /API
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe" --client=2 --server-address=\\.\pipe\pyc-4188-0-dirqw6
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"D:\totalcmd\TOTALCMD64.EXE"
"C:\Program Files\CCleaner\CCleaner64.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskhost.exe $(Arg0)
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}
======Scheduled tasks folder======
C:\Windows\tasks\Acer Registration - Data Sending task.job - C:\Program Files (x86)\Acer\Registration\GREG.exe /DS
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cef0bbbf4837a6.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf28db90a57dd.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-497701146-2149256653-1218492009-1000Core1cf695892e79b86.job - C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-497701146-2149256653-1218492009-1000UA1cf8ab55088b83e.job - C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\pptzszwc.default-1374850080073
prefs.js - "browser.search.useDBForOrder" - true
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files (x86)\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=D:\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npdjvu.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\pptzszwc.default-1374850080073\extensions\
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{d37dc5d0-431d-44e5-8c91-49419370caa1}
{d5eeb813-935a-435d-b01e-b3a02f2cb408}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-02-21 436464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-19 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21 367344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-19 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ODDPwr"=C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [2010-04-22 223264]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-13 11046504]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-07-13 2103912]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-11 2107176]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2010-06-11 496160]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-09-22 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-08-08 22734160]
"Spotify Web Helper"=C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-11-04 1514040]
"SkyDrive"=C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-09-24 277672]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-30 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
D:\MyHeritage\Bin\FTBCheckUpdates.exe [2011-12-21 229376]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"EgisTecPMMUpdate"=C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Adobe Acrobat Speed Launcher"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrobat_sl.exe [2013-05-08 44128]
"Acrobat Assistant 8.0"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrotray.exe [2013-05-08 642664]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
""= []
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-06-13 336384]
"HTC Sync Loader"=C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03 659456]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="acaptuser64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-02-08 68848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - install -
======List of files/folders created in the last 1 month======
2014-11-05 21:27:25 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-11-05 21:26:04 ----D---- C:\AdwCleaner
2014-11-05 12:20:47 ----D---- C:\FRST
2014-11-05 10:38:01 ----D---- C:\Program Files\trend micro
2014-11-05 10:38:00 ----D---- C:\rsit
2014-11-03 14:01:42 ----D---- C:\Program Files (x86)\VideoCnv
2014-11-03 13:41:26 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-11-03 13:40:53 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-11-03 13:40:52 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-11-03 13:40:48 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-19 19:48:47 ----D---- C:\Users\Acer\AppData\Roaming\Oracle
2014-10-19 19:47:15 ----N---- C:\Windows\SYSWOW64\javaws.exe
2014-10-19 19:47:00 ----N---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-19 19:46:42 ----N---- C:\Windows\SYSWOW64\javaw.exe
2014-10-19 19:46:42 ----N---- C:\Windows\SYSWOW64\java.exe
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 18:22:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 18:22:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 18:22:53 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 18:22:53 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 18:22:52 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 18:22:51 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 18:22:51 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 18:22:50 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 18:22:47 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 18:22:47 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 18:22:47 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 18:22:46 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 18:22:18 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 18:22:18 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 18:22:18 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 18:22:17 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 18:22:16 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 18:22:16 ----A---- C:\Windows\system32\mf.dll
2014-10-15 18:22:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 18:22:15 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 18:22:15 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 18:22:15 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 18:22:14 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 18:22:14 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 18:22:14 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 18:22:13 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 18:22:13 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 18:22:13 ----A---- C:\Windows\system32\winload.exe
2014-10-15 18:22:13 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 18:22:13 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\ci.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 18:22:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 18:22:12 ----A---- C:\Windows\system32\evr.dll
2014-10-15 18:22:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 18:22:11 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 18:22:10 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 18:22:09 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 18:22:06 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 18:22:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 18:22:00 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 18:21:59 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 18:21:59 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 18:21:59 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 18:21:59 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 18:21:58 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 18:21:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 18:21:57 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 18:21:43 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 18:21:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 18:21:35 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 18:21:35 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 18:21:34 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 18:21:25 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 18:21:25 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 18:21:25 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 18:21:24 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 18:21:24 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 18:21:24 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 18:21:24 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 18:21:24 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 18:21:10 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 18:21:10 ----A---- C:\Windows\system32\msi.dll
2014-10-15 18:20:27 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 18:20:27 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 18:20:14 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 18:20:14 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 18:20:13 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 18:17:00 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 18:16:59 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 18:16:09 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 18:16:09 ----A---- C:\Windows\system32\packager.dll
2014-10-14 18:31:35 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-10-06 20:20:28 ----D---- C:\ProgramData\ESET
======List of files/folders modified in the last 1 month======
2014-11-05 22:10:44 ----D---- C:\Windows\Prefetch
2014-11-05 22:10:40 ----D---- C:\Windows\Temp
2014-11-05 22:01:49 ----D---- C:\Users\Acer\AppData\Roaming\TeamViewer
2014-11-05 22:01:49 ----D---- C:\Users\Acer\AppData\Roaming\DAEMON Tools Lite
2014-11-05 22:01:48 ----D---- C:\Program Files (x86)\Steam
2014-11-05 22:01:46 ----D---- C:\Users\Acer\AppData\Roaming\uTorrent
2014-11-05 22:01:46 ----D---- C:\Users\Acer\AppData\Roaming\Skype
2014-11-05 21:57:46 ----D---- C:\Windows\Panther
2014-11-05 21:57:46 ----D---- C:\Windows\Minidump
2014-11-05 21:57:46 ----D---- C:\Windows\Logs
2014-11-05 21:57:46 ----D---- C:\Windows\inf
2014-11-05 21:57:46 ----D---- C:\Windows\debug
2014-11-05 21:57:46 ----AD---- C:\Windows
2014-11-05 21:56:07 ----D---- C:\Windows\system32\config
2014-11-05 21:48:57 ----D---- C:\Program Files\CCleaner
2014-11-05 21:33:26 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-05 21:33:06 ----D---- C:\Users\Acer\AppData\Roaming\Dropbox
2014-11-05 21:28:43 ----HD---- C:\ProgramData
2014-11-05 21:27:25 ----D---- C:\Windows\SysWOW64
2014-11-05 12:32:48 ----D---- C:\Program Files (x86)
2014-11-05 12:07:40 ----D---- C:\Windows\Jaksta
2014-11-05 12:07:40 ----D---- C:\Applian Technologies
2014-11-05 11:26:26 ----D---- C:\ProgramData\CyberLink
2014-11-05 11:26:24 ----SHD---- C:\Windows\Installer
2014-11-05 11:26:24 ----SHD---- C:\Config.Msi
2014-11-05 11:25:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-05 11:20:07 ----D---- C:\Program Files (x86)\Acer GameZone
2014-11-05 10:38:01 ----RD---- C:\Program Files
2014-11-04 19:56:38 ----D---- C:\Windows\system32\drivers
2014-11-04 19:56:38 ----D---- C:\Windows\Sun
2014-11-04 19:40:25 ----D---- C:\Users\Acer\AppData\Roaming\Spotify
2014-11-03 14:13:39 ----RSD---- C:\Windows\Fonts
2014-11-03 14:03:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-03 13:40:48 ----D---- C:\ProgramData\Malwarebytes
2014-11-02 13:33:05 ----D---- C:\Windows\System32
2014-11-02 13:33:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-31 12:39:32 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-29 22:38:09 ----SHD---- C:\$Recycle.Bin
2014-10-29 22:07:23 ----D---- C:\Users\Acer\AppData\Roaming\vlc
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-25 22:38:39 ----HD---- C:\_acestream_cache_
2014-10-25 22:38:29 ----D---- C:\Users\Acer\AppData\Roaming\.ACEStream
2014-10-23 19:45:45 ----A---- C:\Windows\wininit.ini
2014-10-23 13:30:00 ----D---- C:\Windows\system32\Tasks
2014-10-23 13:11:12 ----D---- C:\Users\Acer\AppData\Roaming\Electronic Arts
2014-10-22 09:12:26 ----N---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-22 09:05:37 ----D---- C:\Program Files (x86)\Popcorn Time
2014-10-21 10:28:28 ----D---- C:\Windows\Tasks
2014-10-20 20:17:49 ----D---- C:\ProgramData\Skype
2014-10-20 13:18:53 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-10-19 19:50:01 ----D---- C:\Program Files (x86)\Java
2014-10-19 19:48:27 ----D---- C:\ProgramData\Oracle
2014-10-16 07:37:33 ----D---- C:\Windows\rescache
2014-10-15 19:43:12 ----D---- C:\Windows\Microsoft.NET
2014-10-15 19:42:36 ----RSD---- C:\Windows\assembly
2014-10-15 19:27:20 ----D---- C:\Windows\system32\catroot2
2014-10-15 19:23:26 ----D---- C:\Windows\winsxs
2014-10-15 19:19:27 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 19:19:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 19:19:27 ----D---- C:\Program Files\Windows Media Player
2014-10-15 19:19:27 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 19:19:25 ----D---- C:\Windows\system32\en-US
2014-10-15 19:19:25 ----D---- C:\Windows\system32\Dism
2014-10-15 19:19:25 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 19:19:24 ----SD---- C:\Windows\system32\CompatTel
2014-10-15 19:19:24 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 19:19:24 ----D---- C:\Windows\system32\Boot
2014-10-15 19:19:23 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 19:19:23 ----D---- C:\Program Files\Internet Explorer
2014-10-15 19:19:22 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 18:42:21 ----D---- C:\ProgramData\Microsoft Help
2014-10-15 18:37:58 ----D---- C:\Windows\system32\MRT
2014-10-15 18:25:04 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 18:20:42 ----D---- C:\Windows\system32\catroot
2014-10-09 13:03:42 ----D---- C:\Users\Acer\AppData\Roaming\Adobe
2014-10-09 09:10:26 ----RD---- C:\Program Files (x86)\Skype
2014-10-06 20:20:48 ----D---- C:\Windows\system32\DriverStore
2014-10-06 15:32:52 ----D---- C:\ProgramData\Origin
2014-10-06 14:02:33 ----D---- C:\Program Files (x86)\Origin
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-18 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-09-22 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-09-22 169280]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-09-22 158968]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-06-14 9319424]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-06-13 303616]
R3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-06-03 4171328]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-13 2424040]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-08-25 10611552]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2013-01-03 79240]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2013-01-03 15752]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-01-03 77192]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-01-03 61832]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-11-05 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 63704]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-28 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-11 316464]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-04-28 17408]
S0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-05 125456]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-25 342056]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-06-25 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-06-25 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-25 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-25 21544]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 esihdrv;esihdrv; \??\C:\Users\Acer\AppData\Local\Temp\esihdrv.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 PCDSRVC{D1725DDC-4C449E30-06020101}_0;PCDSRVC{D1725DDC-4C449E30-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\acer\appdata\local\temp\vrc85j3005ut\pcdrdiag\bin\pcdsrvc_x64.pkms []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-06-13 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-25 952096]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-09-16 1350112]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-06-11 821792]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-04-02 87368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-07-01 325656]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
R2 NalServ;Nalpeiron Control Service; C:\Windows\SysWOW64\nalserv.exe [2014-04-10 147056]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2014-04-10 70768]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-29 255744]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
R2 ODDPwrSvc;Acer ODD Power Service; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-03-10 75064]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-03-20 4971840]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-01 2533400]
R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2014-10-09 179200]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 fa6789c5;VideoCnv; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-22 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-11 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-02-08 359664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-31 114288]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-25 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Infiltrace Win32/SProtector.D
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:files
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cef0bbbf4837a6.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf28db90a57dd.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-497701146-2149256653-1218492009-1000Core1cf695892e79b86.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-497701146-2149256653-1218492009-1000UA1cf8ab55088b83e.job
:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
xfloorman78
- Návštěvník
- Příspěvky: 8
- Registrován: 05 lis 2014 12:38
Re: Infiltrace Win32/SProtector.D
Po restartu to NOD detekoval znovu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Acer at 2014-11-05 23:21:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 38 GB (10%) free of 360 GB
Total RAM: 3767 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:21:39, on 5.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrobat_sl.exe
D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrotray.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\SysWOW64\RunDll32.exe
D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\AcroDist.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\trend micro\Acer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Dropbox.lnk = Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: Nalpeiron Control Service (NalServ) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nalserv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17411 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 29846048
\??\C:\Windows\system32\conhost.exe "8987373231916520792-1918302611-837790084-1574847772-1617752134-8461847732141599409
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {E6BD0EA0-AAFF-4E75-969B-C4E21AC33D5C}
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\VideoCnv\Zet.dll",serv
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\VideoCnv\Zet.dll",serv
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
C:\Windows\SysWOW64\nalserv.exe
C:\Windows\SysWOW64\nlssrv32.exe
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Popcorn Time\Updater.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2956
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
adb fork-server server
"C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe"
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Zune\ZuneLauncher.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrobat_sl.exe"
taskeng.exe {B60CCBF2-DE76-4729-AB3E-E9249E4E7EB8}
KHALMNPR.EXE /API
"D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
/N /P --UseSystemFonts /Q:15
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"D:\totalcmd\TOTALCMD64.EXE"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe" --client=2 --server-address=\\.\pipe\pyc-4332-0-eu9zpk
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\sppsvc.exe
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
======Scheduled tasks folder======
C:\Windows\tasks\Acer Registration - Data Sending task.job - C:\Program Files (x86)\Acer\Registration\GREG.exe /DS
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\pptzszwc.default-1374850080073
prefs.js - "browser.search.useDBForOrder" - true
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files (x86)\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=D:\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npdjvu.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\pptzszwc.default-1374850080073\extensions\
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{d37dc5d0-431d-44e5-8c91-49419370caa1}
{d5eeb813-935a-435d-b01e-b3a02f2cb408}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-02-21 436464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-19 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21 367344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-19 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ODDPwr"=C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [2010-04-22 223264]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-13 11046504]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-07-13 2103912]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-11 2107176]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2010-06-11 496160]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-09-22 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-08-08 22734160]
"SkyDrive"=C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-09-24 277672]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-30 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
D:\MyHeritage\Bin\FTBCheckUpdates.exe [2011-12-21 229376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03 659456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-11-04 1514040]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Adobe Acrobat Speed Launcher"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrobat_sl.exe [2013-05-08 44128]
"Acrobat Assistant 8.0"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrotray.exe [2013-05-08 642664]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-06-13 336384]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="acaptuser64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-02-08 68848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - install -
======List of files/folders created in the last 1 month======
2014-11-05 23:10:41 ----D---- C:\_OTM
2014-11-05 21:27:25 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-11-05 21:26:04 ----D---- C:\AdwCleaner
2014-11-05 12:20:47 ----D---- C:\FRST
2014-11-05 10:38:01 ----D---- C:\Program Files\trend micro
2014-11-05 10:38:00 ----D---- C:\rsit
2014-11-03 14:01:42 ----D---- C:\Program Files (x86)\VideoCnv
2014-11-03 13:41:26 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-11-03 13:40:53 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-11-03 13:40:52 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-11-03 13:40:48 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-19 19:48:47 ----D---- C:\Users\Acer\AppData\Roaming\Oracle
2014-10-19 19:47:15 ----N---- C:\Windows\SYSWOW64\javaws.exe
2014-10-19 19:47:00 ----N---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-19 19:46:42 ----N---- C:\Windows\SYSWOW64\javaw.exe
2014-10-19 19:46:42 ----N---- C:\Windows\SYSWOW64\java.exe
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 18:22:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 18:22:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 18:22:53 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 18:22:53 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 18:22:52 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 18:22:51 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 18:22:51 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 18:22:50 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 18:22:47 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 18:22:47 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 18:22:47 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 18:22:46 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 18:22:18 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 18:22:18 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 18:22:18 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 18:22:17 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 18:22:16 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 18:22:16 ----A---- C:\Windows\system32\mf.dll
2014-10-15 18:22:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 18:22:15 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 18:22:15 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 18:22:15 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 18:22:14 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 18:22:14 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 18:22:14 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 18:22:13 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 18:22:13 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 18:22:13 ----A---- C:\Windows\system32\winload.exe
2014-10-15 18:22:13 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 18:22:13 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\ci.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 18:22:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 18:22:12 ----A---- C:\Windows\system32\evr.dll
2014-10-15 18:22:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 18:22:11 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 18:22:10 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 18:22:09 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 18:22:06 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 18:22:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 18:22:00 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 18:21:59 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 18:21:59 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 18:21:59 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 18:21:59 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 18:21:58 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 18:21:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 18:21:57 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 18:21:43 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 18:21:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 18:21:35 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 18:21:35 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 18:21:34 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 18:21:25 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 18:21:25 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 18:21:25 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 18:21:24 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 18:21:24 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 18:21:24 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 18:21:24 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 18:21:24 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 18:21:10 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 18:21:10 ----A---- C:\Windows\system32\msi.dll
2014-10-15 18:20:27 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 18:20:27 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 18:20:14 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 18:20:14 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 18:20:13 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 18:17:00 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 18:16:59 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 18:16:09 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 18:16:09 ----A---- C:\Windows\system32\packager.dll
2014-10-14 18:31:35 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-10-06 20:20:28 ----D---- C:\ProgramData\ESET
======List of files/folders modified in the last 1 month======
2014-11-05 23:20:29 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-05 23:19:42 ----D---- C:\Users\Acer\AppData\Roaming\Dropbox
2014-11-05 23:19:02 ----D---- C:\Windows\Prefetch
2014-11-05 23:18:35 ----D---- C:\Windows\inf
2014-11-05 23:17:39 ----D---- C:\Windows\Temp
2014-11-05 23:17:39 ----D---- C:\Windows\system32\config
2014-11-05 23:17:13 ----AD---- C:\Windows
2014-11-05 23:10:45 ----D---- C:\Windows\Tasks
2014-11-05 22:01:49 ----D---- C:\Users\Acer\AppData\Roaming\TeamViewer
2014-11-05 22:01:49 ----D---- C:\Users\Acer\AppData\Roaming\DAEMON Tools Lite
2014-11-05 22:01:48 ----D---- C:\Program Files (x86)\Steam
2014-11-05 22:01:46 ----D---- C:\Users\Acer\AppData\Roaming\uTorrent
2014-11-05 22:01:46 ----D---- C:\Users\Acer\AppData\Roaming\Skype
2014-11-05 21:57:46 ----D---- C:\Windows\Panther
2014-11-05 21:57:46 ----D---- C:\Windows\Minidump
2014-11-05 21:57:46 ----D---- C:\Windows\Logs
2014-11-05 21:57:46 ----D---- C:\Windows\debug
2014-11-05 21:48:57 ----D---- C:\Program Files\CCleaner
2014-11-05 21:28:43 ----HD---- C:\ProgramData
2014-11-05 21:27:25 ----D---- C:\Windows\SysWOW64
2014-11-05 12:32:48 ----D---- C:\Program Files (x86)
2014-11-05 12:07:40 ----D---- C:\Windows\Jaksta
2014-11-05 12:07:40 ----D---- C:\Applian Technologies
2014-11-05 11:26:26 ----D---- C:\ProgramData\CyberLink
2014-11-05 11:26:24 ----SHD---- C:\Windows\Installer
2014-11-05 11:26:24 ----SHD---- C:\Config.Msi
2014-11-05 11:25:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-05 11:20:07 ----D---- C:\Program Files (x86)\Acer GameZone
2014-11-05 10:38:01 ----RD---- C:\Program Files
2014-11-04 19:56:38 ----D---- C:\Windows\system32\drivers
2014-11-04 19:56:38 ----D---- C:\Windows\Sun
2014-11-04 19:40:25 ----D---- C:\Users\Acer\AppData\Roaming\Spotify
2014-11-03 14:13:39 ----RSD---- C:\Windows\Fonts
2014-11-03 14:03:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-03 13:40:48 ----D---- C:\ProgramData\Malwarebytes
2014-11-02 13:33:05 ----D---- C:\Windows\System32
2014-11-02 13:33:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-31 12:39:32 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-29 22:38:09 ----SHD---- C:\$Recycle.Bin
2014-10-29 22:07:23 ----D---- C:\Users\Acer\AppData\Roaming\vlc
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-25 22:38:39 ----HD---- C:\_acestream_cache_
2014-10-25 22:38:29 ----D---- C:\Users\Acer\AppData\Roaming\.ACEStream
2014-10-23 19:45:45 ----A---- C:\Windows\wininit.ini
2014-10-23 13:30:00 ----D---- C:\Windows\system32\Tasks
2014-10-23 13:11:12 ----D---- C:\Users\Acer\AppData\Roaming\Electronic Arts
2014-10-22 09:12:26 ----N---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-22 09:05:37 ----D---- C:\Program Files (x86)\Popcorn Time
2014-10-20 20:17:49 ----D---- C:\ProgramData\Skype
2014-10-20 13:18:53 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-10-19 19:50:01 ----D---- C:\Program Files (x86)\Java
2014-10-19 19:48:27 ----D---- C:\ProgramData\Oracle
2014-10-16 07:37:33 ----D---- C:\Windows\rescache
2014-10-15 19:43:12 ----D---- C:\Windows\Microsoft.NET
2014-10-15 19:42:36 ----RSD---- C:\Windows\assembly
2014-10-15 19:27:20 ----D---- C:\Windows\system32\catroot2
2014-10-15 19:23:26 ----D---- C:\Windows\winsxs
2014-10-15 19:19:27 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 19:19:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 19:19:27 ----D---- C:\Program Files\Windows Media Player
2014-10-15 19:19:27 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 19:19:25 ----D---- C:\Windows\system32\en-US
2014-10-15 19:19:25 ----D---- C:\Windows\system32\Dism
2014-10-15 19:19:25 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 19:19:24 ----SD---- C:\Windows\system32\CompatTel
2014-10-15 19:19:24 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 19:19:24 ----D---- C:\Windows\system32\Boot
2014-10-15 19:19:23 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 19:19:23 ----D---- C:\Program Files\Internet Explorer
2014-10-15 19:19:22 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 18:42:21 ----D---- C:\ProgramData\Microsoft Help
2014-10-15 18:37:58 ----D---- C:\Windows\system32\MRT
2014-10-15 18:25:04 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 18:20:42 ----D---- C:\Windows\system32\catroot
2014-10-09 13:03:42 ----D---- C:\Users\Acer\AppData\Roaming\Adobe
2014-10-09 09:10:26 ----RD---- C:\Program Files (x86)\Skype
2014-10-06 20:20:48 ----D---- C:\Windows\system32\DriverStore
2014-10-06 15:32:52 ----D---- C:\ProgramData\Origin
2014-10-06 14:02:33 ----D---- C:\Program Files (x86)\Origin
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-18 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-09-22 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-09-22 169280]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-09-22 158968]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-06-14 9319424]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-06-13 303616]
R3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-06-03 4171328]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-13 2424040]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-08-25 10611552]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2013-01-03 79240]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2013-01-03 15752]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-01-03 77192]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-01-03 61832]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 25816]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-28 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-11 316464]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-04-28 17408]
S0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-05 125456]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-25 342056]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-06-25 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-06-25 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-25 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-25 21544]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 esihdrv;esihdrv; \??\C:\Users\Acer\AppData\Local\Temp\esihdrv.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 63704]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 PCDSRVC{D1725DDC-4C449E30-06020101}_0;PCDSRVC{D1725DDC-4C449E30-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\acer\appdata\local\temp\vrc85j3005ut\pcdrdiag\bin\pcdsrvc_x64.pkms []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-06-13 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-25 952096]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-09-16 1350112]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-06-11 821792]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-04-02 87368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-07-01 325656]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
R2 NalServ;Nalpeiron Control Service; C:\Windows\SysWOW64\nalserv.exe [2014-04-10 147056]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2014-04-10 70768]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-29 255744]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
R2 ODDPwrSvc;Acer ODD Power Service; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-03-10 75064]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-03-20 4971840]
R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2014-10-09 179200]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 fa6789c5;VideoCnv; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-01 2533400]
S2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-22 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-11 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-02-08 359664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-31 114288]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-25 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Acer at 2014-11-05 23:21:18
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 38 GB (10%) free of 360 GB
Total RAM: 3767 MB (54% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:21:39, on 5.11.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17344)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrobat_sl.exe
D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrotray.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\SysWOW64\RunDll32.exe
D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\AcroDist.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\trend micro\Acer.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Pomocná služba pro přihlášení ke službě Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [SkyDrive] "C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Dropbox.lnk = Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://D:\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MyWinLocker Service (MWLService) - Egis Technology Inc. - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
O23 - Service: Nalpeiron Control Service (NalServ) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nalserv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\Windows\SysWOW64\nlssrv32.exe
O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NTI, Inc. - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Acer ODD Power Service (ODDPwrSvc) - Acer Incorporated - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Raw Socket Service (RS_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update service - Company - C:\Program Files (x86)\Popcorn Time\Updater.exe
O23 - Service: Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 17411 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\system32\WLANExt.exe 29846048
\??\C:\Windows\system32\conhost.exe "8987373231916520792-1918302611-837790084-1574847772-1617752134-8461847732141599409
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {E6BD0EA0-AAFF-4E75-969B-C4E21AC33D5C}
"C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe"
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\VideoCnv\Zet.dll",serv
"C:\Windows\system32\rundll32.exe" "c:\Program Files (x86)\VideoCnv\Zet.dll",serv
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"
"C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
C:\Windows\SysWOW64\nalserv.exe
C:\Windows\SysWOW64\nlssrv32.exe
"C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe"
"C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe"
"C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"
"taskhost.exe"
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Popcorn Time\Updater.exe"
"C:\Windows\system32\Dwm.exe"
"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2956
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
adb fork-server server
"C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe"
"C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE3
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Zune\ZuneLauncher.exe"
"C:\Program Files\Logitech\SetPointP\SetPoint.exe" /launchGaming
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
"C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\Launch Manager\LManager.exe"
"C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrobat_sl.exe"
taskeng.exe {B60CCBF2-DE76-4729-AB3E-E9249E4E7EB8}
KHALMNPR.EXE /API
"D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\acrotray.exe"
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
"C:\Program Files (x86)\Launch Manager\LMworker.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\SysWOW64\RunDll32.exe "C:\Program Files\WIDCOMM\Bluetooth Software\SysWOW64\BtMmHook.dll",SetAndWaitBtMmHook
/N /P --UseSystemFonts /Q:15
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"D:\totalcmd\TOTALCMD64.EXE"
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe"
"C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe" --client=2 --server-address=\\.\pipe\pyc-4332-0-eu9zpk
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k WindowsMobile
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\sppsvc.exe
"D:\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
======Scheduled tasks folder======
C:\Windows\tasks\Acer Registration - Data Sending task.job - C:\Program Files (x86)\Acer\Registration\GREG.exe /DS
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\pptzszwc.default-1374850080073
prefs.js - "browser.search.useDBForOrder" - true
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=
"Path"=
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files (x86)\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.71.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@software602.cz/602XML Filler]
"Description"=602XML Filler Plugin
"Path"=C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
"Description"=Veetle TV Core
"Path"=C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
"Description"=Veetle TV Player
"Path"=C:\Program Files (x86)\Veetle\Player\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5]
"Description"=VLC Multimedia Plugin
"Path"=D:\VideoLAN\VLC\npvlc.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Acrobat]
"Description"=Handles PDFs in-place in Firefox
"Path"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Air\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@cuminas.jp/DjVuPlugin]
"Description"=Document Express DjVu Plug-in
"Path"=C:\Program Files\Cuminas\Document Express DjVu Plug-in\npdjvu.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=D:\MICROS~1\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt
C:\Program Files (x86)\Mozilla Firefox\plugins\
npdjvu.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\pptzszwc.default-1374850080073\extensions\
{6AC85730-7D0F-4de0-B3FA-21142DD85326}
{d37dc5d0-431d-44e5-8c91-49419370caa1}
{d5eeb813-935a-435d-b01e-b3a02f2cb408}
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2013-02-21 436464]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - D:\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-10-19 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení ke službě Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333}]
Logitech SetPoint - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2013-02-21 367344]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-10-19 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08 351864]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ODDPwr"=C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [2010-04-22 223264]
"mwlDaemon"=C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [2010-05-27 349552]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-07-13 11046504]
"RtHDVBg"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2010-07-13 2103912]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-03-11 2107176]
"Acer ePower Management"=C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [2010-06-11 496160]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
"Zune Launcher"=C:\Program Files\Zune\ZuneLauncher.exe [2011-08-05 163552]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
"EvtMgr6"=C:\Program Files\Logitech\SetPointP\SetPoint.exe [2013-02-21 2991856]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2010-08-25 161304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2010-08-25 386584]
"Persistence"=C:\Windows\system32\igfxpers.exe [2010-08-25 415256]
"egui"=C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2014-09-22 5595848]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Acer\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-21 107912]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2014-08-08 22734160]
"SkyDrive"=C:\Users\Acer\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [2014-09-24 277672]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-30 6501656]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EgisTecPMMUpdate]
C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [2010-03-11 407920]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Family Tree Builder Update]
D:\MyHeritage\Bin\FTBCheckUpdates.exe [2011-12-21 229376]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03 659456]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
C:\Users\Acer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [2014-11-04 1514040]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2010-08-10 975952]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Adobe Acrobat Speed Launcher"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrobat_sl.exe [2013-05-08 44128]
"Acrobat Assistant 8.0"=D:\Adobe\Adobe Acrobat 9 Pro Extended\Acrobat\Acrotray.exe [2013-05-08 642664]
""= []
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2011-06-13 336384]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Acer\AppData\Roaming\Dropbox\bin\Dropbox.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="acaptuser64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2010-08-25 271360]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2013-02-08 68848]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - install -
======List of files/folders created in the last 1 month======
2014-11-05 23:10:41 ----D---- C:\_OTM
2014-11-05 21:27:25 ----A---- C:\Windows\SYSWOW64\sqlite3.dll
2014-11-05 21:26:04 ----D---- C:\AdwCleaner
2014-11-05 12:20:47 ----D---- C:\FRST
2014-11-05 10:38:01 ----D---- C:\Program Files\trend micro
2014-11-05 10:38:00 ----D---- C:\rsit
2014-11-03 14:01:42 ----D---- C:\Program Files (x86)\VideoCnv
2014-11-03 13:41:26 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-11-03 13:40:53 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-11-03 13:40:52 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-11-03 13:40:48 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-19 19:48:47 ----D---- C:\Users\Acer\AppData\Roaming\Oracle
2014-10-19 19:47:15 ----N---- C:\Windows\SYSWOW64\javaws.exe
2014-10-19 19:47:00 ----N---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2014-10-19 19:46:42 ----N---- C:\Windows\SYSWOW64\javaw.exe
2014-10-19 19:46:42 ----N---- C:\Windows\SYSWOW64\java.exe
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-10-15 18:22:56 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-10-15 18:22:55 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\iernonce.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-10-15 18:22:55 ----A---- C:\Windows\system32\ie4uinit.exe
2014-10-15 18:22:53 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-10-15 18:22:53 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-10-15 18:22:53 ----A---- C:\Windows\system32\urlmon.dll
2014-10-15 18:22:53 ----A---- C:\Windows\system32\iedkcs32.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-10-15 18:22:52 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\msfeeds.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 18:22:52 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-10-15 18:22:52 ----A---- C:\Windows\system32\dxtmsft.dll
2014-10-15 18:22:51 ----A---- C:\Windows\system32\iesetup.dll
2014-10-15 18:22:51 ----A---- C:\Windows\system32\iertutil.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-10-15 18:22:50 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-10-15 18:22:50 ----A---- C:\Windows\system32\jsproxy.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\ieui.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\ieframe.dll
2014-10-15 18:22:49 ----A---- C:\Windows\system32\dxtrans.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\mshtmled.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\jscript9diag.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\jscript9.dll
2014-10-15 18:22:48 ----A---- C:\Windows\system32\ieUnatt.exe
2014-10-15 18:22:47 ----A---- C:\Windows\system32\wininet.dll
2014-10-15 18:22:47 ----A---- C:\Windows\system32\vbscript.dll
2014-10-15 18:22:47 ----A---- C:\Windows\system32\ieapfltr.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 18:22:46 ----A---- C:\Windows\system32\msrating.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-10-15 18:22:46 ----A---- C:\Windows\system32\mshtml.dll
2014-10-15 18:22:18 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2014-10-15 18:22:18 ----A---- C:\Windows\system32\drmv2clt.dll
2014-10-15 18:22:18 ----A---- C:\Windows\system32\blackbox.dll
2014-10-15 18:22:17 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2014-10-15 18:22:16 ----A---- C:\Windows\system32\wmp.dll
2014-10-15 18:22:16 ----A---- C:\Windows\system32\mf.dll
2014-10-15 18:22:15 ----A---- C:\Windows\SYSWOW64\wmp.dll
2014-10-15 18:22:15 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2014-10-15 18:22:15 ----A---- C:\Windows\system32\wmdrmsdk.dll
2014-10-15 18:22:15 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-10-15 18:22:14 ----A---- C:\Windows\SYSWOW64\mf.dll
2014-10-15 18:22:14 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2014-10-15 18:22:14 ----A---- C:\Windows\system32\drmmgrtn.dll
2014-10-15 18:22:13 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-10-15 18:22:13 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\wintrust.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\winresume.exe
2014-10-15 18:22:13 ----A---- C:\Windows\system32\winload.exe
2014-10-15 18:22:13 ----A---- C:\Windows\system32\quartz.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2014-10-15 18:22:13 ----A---- C:\Windows\system32\cryptsvc.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\ci.dll
2014-10-15 18:22:13 ----A---- C:\Windows\system32\AudioEng.dll
2014-10-15 18:22:12 ----A---- C:\Windows\system32\ntoskrnl.exe
2014-10-15 18:22:12 ----A---- C:\Windows\system32\evr.dll
2014-10-15 18:22:11 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2014-10-15 18:22:11 ----A---- C:\Windows\system32\EncDump.dll
2014-10-15 18:22:10 ----A---- C:\Windows\system32\crypt32.dll
2014-10-15 18:22:09 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2014-10-15 18:22:06 ----A---- C:\Windows\system32\AudioSes.dll
2014-10-15 18:22:04 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\quartz.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\evr.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2014-10-15 18:22:01 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\pcasvc.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\mfplat.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\cryptui.dll
2014-10-15 18:22:01 ----A---- C:\Windows\system32\audiosrv.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\msscp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\srcore.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\rstrui.exe
2014-10-15 18:22:00 ----A---- C:\Windows\system32\msscp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\msnetobj.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\cryptsp.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\appidsvc.dll
2014-10-15 18:22:00 ----A---- C:\Windows\system32\appidapi.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\mfps.dll
2014-10-15 18:21:59 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2014-10-15 18:21:59 ----A---- C:\Windows\system32\rrinstaller.exe
2014-10-15 18:21:59 ----A---- C:\Windows\system32\mfps.dll
2014-10-15 18:21:59 ----A---- C:\Windows\system32\drivers\appid.sys
2014-10-15 18:21:59 ----A---- C:\Windows\system32\audiodg.exe
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\srclient.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\mferror.dll
2014-10-15 18:21:58 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\srclient.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\spwmp.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\setbcdlocale.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\mfpmp.exe
2014-10-15 18:21:58 ----A---- C:\Windows\system32\mferror.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\dxmasf.dll
2014-10-15 18:21:58 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 18:21:58 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 18:21:57 ----A---- C:\Windows\system32\wmploc.DLL
2014-10-15 18:21:43 ----A---- C:\Windows\system32\win32k.sys
2014-10-15 18:21:38 ----A---- C:\Windows\system32\rdpcorets.dll
2014-10-15 18:21:35 ----A---- C:\Windows\system32\generaltel.dll
2014-10-15 18:21:35 ----A---- C:\Windows\system32\aepdu.dll
2014-10-15 18:21:34 ----A---- C:\Windows\system32\aeinv.dll
2014-10-15 18:21:25 ----A---- C:\Windows\SYSWOW64\winsta.dll
2014-10-15 18:21:25 ----A---- C:\Windows\system32\winsta.dll
2014-10-15 18:21:25 ----A---- C:\Windows\system32\termsrv.dll
2014-10-15 18:21:24 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-10-15 18:21:24 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\winlogon.exe
2014-10-15 18:21:24 ----A---- C:\Windows\system32\TSpkg.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\rdpcorekmts.dll
2014-10-15 18:21:24 ----A---- C:\Windows\system32\drivers\tssecsrv.sys
2014-10-15 18:21:24 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2014-10-15 18:21:24 ----A---- C:\Windows\system32\credssp.dll
2014-10-15 18:21:10 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-10-15 18:21:10 ----A---- C:\Windows\system32\msi.dll
2014-10-15 18:20:27 ----A---- C:\Windows\SYSWOW64\rastls.dll
2014-10-15 18:20:27 ----A---- C:\Windows\system32\rastls.dll
2014-10-15 18:20:14 ----A---- C:\Windows\SYSWOW64\mscorier.dll
2014-10-15 18:20:14 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\mscories.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\mscorier.dll
2014-10-15 18:20:14 ----A---- C:\Windows\system32\dfshim.dll
2014-10-15 18:20:13 ----A---- C:\Windows\SYSWOW64\mscories.dll
2014-10-15 18:17:00 ----A---- C:\Windows\system32\mstscax.dll
2014-10-15 18:16:59 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2014-10-15 18:16:09 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-10-15 18:16:09 ----A---- C:\Windows\system32\packager.dll
2014-10-14 18:31:35 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2014-10-06 20:20:28 ----D---- C:\ProgramData\ESET
======List of files/folders modified in the last 1 month======
2014-11-05 23:20:29 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-05 23:19:42 ----D---- C:\Users\Acer\AppData\Roaming\Dropbox
2014-11-05 23:19:02 ----D---- C:\Windows\Prefetch
2014-11-05 23:18:35 ----D---- C:\Windows\inf
2014-11-05 23:17:39 ----D---- C:\Windows\Temp
2014-11-05 23:17:39 ----D---- C:\Windows\system32\config
2014-11-05 23:17:13 ----AD---- C:\Windows
2014-11-05 23:10:45 ----D---- C:\Windows\Tasks
2014-11-05 22:01:49 ----D---- C:\Users\Acer\AppData\Roaming\TeamViewer
2014-11-05 22:01:49 ----D---- C:\Users\Acer\AppData\Roaming\DAEMON Tools Lite
2014-11-05 22:01:48 ----D---- C:\Program Files (x86)\Steam
2014-11-05 22:01:46 ----D---- C:\Users\Acer\AppData\Roaming\uTorrent
2014-11-05 22:01:46 ----D---- C:\Users\Acer\AppData\Roaming\Skype
2014-11-05 21:57:46 ----D---- C:\Windows\Panther
2014-11-05 21:57:46 ----D---- C:\Windows\Minidump
2014-11-05 21:57:46 ----D---- C:\Windows\Logs
2014-11-05 21:57:46 ----D---- C:\Windows\debug
2014-11-05 21:48:57 ----D---- C:\Program Files\CCleaner
2014-11-05 21:28:43 ----HD---- C:\ProgramData
2014-11-05 21:27:25 ----D---- C:\Windows\SysWOW64
2014-11-05 12:32:48 ----D---- C:\Program Files (x86)
2014-11-05 12:07:40 ----D---- C:\Windows\Jaksta
2014-11-05 12:07:40 ----D---- C:\Applian Technologies
2014-11-05 11:26:26 ----D---- C:\ProgramData\CyberLink
2014-11-05 11:26:24 ----SHD---- C:\Windows\Installer
2014-11-05 11:26:24 ----SHD---- C:\Config.Msi
2014-11-05 11:25:07 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-05 11:20:07 ----D---- C:\Program Files (x86)\Acer GameZone
2014-11-05 10:38:01 ----RD---- C:\Program Files
2014-11-04 19:56:38 ----D---- C:\Windows\system32\drivers
2014-11-04 19:56:38 ----D---- C:\Windows\Sun
2014-11-04 19:40:25 ----D---- C:\Users\Acer\AppData\Roaming\Spotify
2014-11-03 14:13:39 ----RSD---- C:\Windows\Fonts
2014-11-03 14:03:41 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-03 13:40:48 ----D---- C:\ProgramData\Malwarebytes
2014-11-02 13:33:05 ----D---- C:\Windows\System32
2014-11-02 13:33:05 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-10-31 12:39:32 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-10-29 22:38:09 ----SHD---- C:\$Recycle.Bin
2014-10-29 22:07:23 ----D---- C:\Users\Acer\AppData\Roaming\vlc
2014-10-28 06:34:58 ----N---- C:\Windows\system32\MpSigStub.exe
2014-10-25 22:38:39 ----HD---- C:\_acestream_cache_
2014-10-25 22:38:29 ----D---- C:\Users\Acer\AppData\Roaming\.ACEStream
2014-10-23 19:45:45 ----A---- C:\Windows\wininit.ini
2014-10-23 13:30:00 ----D---- C:\Windows\system32\Tasks
2014-10-23 13:11:12 ----D---- C:\Users\Acer\AppData\Roaming\Electronic Arts
2014-10-22 09:12:26 ----N---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-10-22 09:05:37 ----D---- C:\Program Files (x86)\Popcorn Time
2014-10-20 20:17:49 ----D---- C:\ProgramData\Skype
2014-10-20 13:18:53 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2014-10-19 19:50:01 ----D---- C:\Program Files (x86)\Java
2014-10-19 19:48:27 ----D---- C:\ProgramData\Oracle
2014-10-16 07:37:33 ----D---- C:\Windows\rescache
2014-10-15 19:43:12 ----D---- C:\Windows\Microsoft.NET
2014-10-15 19:42:36 ----RSD---- C:\Windows\assembly
2014-10-15 19:27:20 ----D---- C:\Windows\system32\catroot2
2014-10-15 19:23:26 ----D---- C:\Windows\winsxs
2014-10-15 19:19:27 ----D---- C:\Windows\SYSWOW64\Dism
2014-10-15 19:19:27 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-10-15 19:19:27 ----D---- C:\Program Files\Windows Media Player
2014-10-15 19:19:27 ----D---- C:\Program Files (x86)\Windows Media Player
2014-10-15 19:19:25 ----D---- C:\Windows\system32\en-US
2014-10-15 19:19:25 ----D---- C:\Windows\system32\Dism
2014-10-15 19:19:25 ----D---- C:\Windows\system32\cs-CZ
2014-10-15 19:19:24 ----SD---- C:\Windows\system32\CompatTel
2014-10-15 19:19:24 ----D---- C:\Windows\system32\CodeIntegrity
2014-10-15 19:19:24 ----D---- C:\Windows\system32\Boot
2014-10-15 19:19:23 ----D---- C:\Windows\SYSWOW64\en-US
2014-10-15 19:19:23 ----D---- C:\Program Files\Internet Explorer
2014-10-15 19:19:22 ----D---- C:\Program Files (x86)\Internet Explorer
2014-10-15 18:42:21 ----D---- C:\ProgramData\Microsoft Help
2014-10-15 18:37:58 ----D---- C:\Windows\system32\MRT
2014-10-15 18:25:04 ----A---- C:\Windows\system32\MRT.exe
2014-10-15 18:20:42 ----D---- C:\Windows\system32\catroot
2014-10-09 13:03:42 ----D---- C:\Users\Acer\AppData\Roaming\Adobe
2014-10-09 09:10:26 ----RD---- C:\Program Files (x86)\Skype
2014-10-06 20:20:48 ----D---- C:\Windows\system32\DriverStore
2014-10-06 15:32:52 ----D---- C:\ProgramData\Origin
2014-10-06 14:02:33 ----D---- C:\Program Files (x86)\Origin
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys [2010-03-04 540696]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2012-03-18 283200]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-09-22 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-09-22 169280]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-09-22 158968]
R2 TurboB;Turbo Boost UI Monitor driver; C:\Windows\system32\DRIVERS\TurboB.sys [2009-11-02 13784]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2011-06-14 9319424]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2011-06-13 303616]
R3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2012-05-17 33872]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2011-03-30 114704]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl664.sys [2010-06-03 4171328]
R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-03-23 304784]
R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne64x.sys [2008-11-16 157968]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-07-13 2424040]
R3 intelkmd;intelkmd; C:\Windows\system32\DRIVERS\igdpmd64.sys [2010-08-25 10611552]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [2013-01-03 79240]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter; C:\Windows\system32\DRIVERS\LHidEqd.Sys [2013-01-03 15752]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2013-01-03 77192]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2013-01-03 61832]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 25816]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-28 18432]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-03-11 316464]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-04-28 17408]
S0 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys []
S3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-06-20 1394688]
S3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\AtiHdmi.sys [2010-05-05 125456]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btwampfl;Bluetooth AMP USB Filter; C:\Windows\system32\drivers\btwampfl.sys [2010-06-25 342056]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-06-25 102952]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-06-25 135720]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-06-25 39464]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-06-25 21544]
S3 CVirtA;Cisco Systems VPN Adapter for 64-bit Windows; C:\Windows\system32\DRIVERS\CVirtA64.sys [2010-02-08 14992]
S3 esihdrv;esihdrv; \??\C:\Users\Acer\AppData\Local\Temp\esihdrv.sys []
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2012-12-07 36928]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2010-08-25 10611552]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 63704]
S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
S3 PCDSRVC{D1725DDC-4C449E30-06020101}_0;PCDSRVC{D1725DDC-4C449E30-06020101}_0 - PCDR Kernel Mode Service Helper Driver; \??\c:\users\acer\appdata\local\temp\vrc85j3005ut\pcdrdiag\bin\pcdsrvc_x64.pkms []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys []
S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 602XML Updater;602Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [2011-10-10 85344]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-09-12 64704]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2011-06-13 203264]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-25 952096]
R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [2010-03-23 1528616]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-09-16 1350112]
R2 ePowerSvc;Acer ePower Service; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-06-11 821792]
R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-04-02 87368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2010-07-01 325656]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]
R2 NalServ;Nalpeiron Control Service; C:\Windows\SysWOW64\nalserv.exe [2014-04-10 147056]
R2 nlsX86cc;Nalpeiron Licensing Service; C:\Windows\SysWOW64\nlssrv32.exe [2014-04-10 70768]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-29 255744]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
R2 ODDPwrSvc;Acer ODD Power Service; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-12-07 167424]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-03-10 75064]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 RS_Service;Raw Socket Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-03-20 4971840]
R2 Update service;Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [2014-10-09 179200]
R2 Updater Service;Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 fa6789c5;VideoCnv; C:\Windows\syswow64\rundll32.exe [2009-07-14 44544]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-04-03 315008]
S2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-07-01 2533400]
S2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-22 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-01-11 651720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-04-24 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 111616]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [2013-02-08 359664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-31 114288]
S3 MWLService;MyWinLocker Service; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-07-16 542912]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-11-25 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
-
xfloorman78
- Návštěvník
- Příspěvky: 8
- Registrován: 05 lis 2014 12:38
Re: Infiltrace Win32/SProtector.D
NOD během dneška detekoval nově i toto:
6.11.2014 14:06:17 Kontrola při startu soubor Operační paměť » C:\Program Files (x86)\VideoCnv\Zet.dll Win32/SProtector.K potenciálně nechtěná aplikace vyléčen smazáním (po nejbližším restartu) - uložen do karantény
6.11.2014 14:04:33 Rezidentní ochrana soubor C:\PROGRAM FILES (X86)\VIDEOCNV\ZET.DLL Win32/SProtector.K potenciálně nechtěná aplikace vyléčen smazáním (po nejbližším restartu) - uložen do karantény COMM4U-ZL-NTB\Acer Tato skutečnost byla zjištěna při pokusu o spuštění souboru aplikací: C:\Windows\SysWOW64\rundll32.exe.
6.11.2014 14:04:33 Kontrola při startu soubor Operační paměť » c:\Program Files (x86)\VideoCnv\Zet.dll Win32/SProtector.K potenciálně nechtěná aplikace vyléčen smazáním (po nejbližším restartu) - uložen do karantény
6.11.2014 14:04:00 Kontrola při startu soubor Operační paměť » rundll32.exe(1912) varianta infiltrace Win32/SProtector.L potenciálně nechtěná aplikace vyléčen smazáním
6.11.2014 14:06:17 Kontrola při startu soubor Operační paměť » C:\Program Files (x86)\VideoCnv\Zet.dll Win32/SProtector.K potenciálně nechtěná aplikace vyléčen smazáním (po nejbližším restartu) - uložen do karantény
6.11.2014 14:04:33 Rezidentní ochrana soubor C:\PROGRAM FILES (X86)\VIDEOCNV\ZET.DLL Win32/SProtector.K potenciálně nechtěná aplikace vyléčen smazáním (po nejbližším restartu) - uložen do karantény COMM4U-ZL-NTB\Acer Tato skutečnost byla zjištěna při pokusu o spuštění souboru aplikací: C:\Windows\SysWOW64\rundll32.exe.
6.11.2014 14:04:33 Kontrola při startu soubor Operační paměť » c:\Program Files (x86)\VideoCnv\Zet.dll Win32/SProtector.K potenciálně nechtěná aplikace vyléčen smazáním (po nejbližším restartu) - uložen do karantény
6.11.2014 14:04:00 Kontrola při startu soubor Operační paměť » rundll32.exe(1912) varianta infiltrace Win32/SProtector.L potenciálně nechtěná aplikace vyléčen smazáním
-
xfloorman78
- Návštěvník
- Příspěvky: 8
- Registrován: 05 lis 2014 12:38
Re: Infiltrace Win32/SProtector.D
Plus do karantény NOD přibylo to detekované .dll
- Přílohy
-
- Výstřižek.jpg (31.17 KiB) Zobrazeno 877 x
-
Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Infiltrace Win32/SProtector.D
Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Pak udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
xfloorman78
- Návštěvník
- Příspěvky: 8
- Registrován: 05 lis 2014 12:38
Re: Infiltrace Win32/SProtector.D
Laicky bych řekl, že problém vyřešil NOD ostraněním toho .dll do karantény, od té doby už nehlásí žádnou hrozbu. Log z MBAM je čistý.
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 6.11.2014
Čas skenování: 19:47:32
Protokol: mbam.txt
Správce: Ano
Verze: 2.00.3.1025
Databáze malwaru: v2014.11.06.07
Databáze rootkitů: v2014.11.01.02
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Acer
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 507908
Uplynulý čas: 57 min, 42 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 0
(Žádné zákerné zjištěny položek)
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 6.11.2014
Čas skenování: 19:47:32
Protokol: mbam.txt
Správce: Ano
Verze: 2.00.3.1025
Databáze malwaru: v2014.11.06.07
Databáze rootkitů: v2014.11.01.02
Licence: Zkušební verze
Ochrana proti malwaru: Zapnuto
Ochrana proti škodlivým webovým stránkám: Zapnuto
Sebeobrany: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: Acer
Typ skenu: Sken hrozeb
Výsledek: Dokončeno
Prohledaných objektů: 507908
Uplynulý čas: 57 min, 42 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Varovat
PUM: Zapnuto
Procesy: 0
(Žádné zákerné zjištěny položek)
Moduly: 0
(Žádné zákerné zjištěny položek)
Klíče registru: 0
(Žádné zákerné zjištěny položek)
Hodnoty registru: 0
(Žádné zákerné zjištěny položek)
Data registru: 0
(Žádné zákerné zjištěny položek)
Složky: 0
(Žádné zákerné zjištěny položek)
Soubory: 0
(Žádné zákerné zjištěny položek)
Fyzické sektory: 0
(Žádné zákerné zjištěny položek)
(end)
-
Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Infiltrace Win32/SProtector.D
Mělo by být vše v pořádku.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
xfloorman78
- Návštěvník
- Příspěvky: 8
- Registrován: 05 lis 2014 12:38
Re: Infiltrace Win32/SProtector.D
Zdá se, že jo. Díky moc za věnovaný čas a rady. 
-
Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Infiltrace Win32/SProtector.D
Rádo se stalo! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?