
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
NTB se seká
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
NTB se seká
Zdravím, dostal se ke mě včera notas mé známé, po úspěšné recovery se mi konečně podařilo rozchodit notas, tak abych s ním mohl manipulovat a popř. ho i opravit, pro začátek jsem odinstaloval mcaffe ( mám v plánu jí tam hodit Aviru). Notas je pomalý a seká se.
Zde je log, díky za odpovědi.
Logfile of random's system information tool 1.10 (written by random/random)
Run by ANDREA at 2014-11-09 10:57:32
Microsoft Windows 8
System drive C: has 566 GB (81%) free of 700 GB
Total RAM: 3890 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:57:38, on 9. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16384)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files\trend micro\ANDREA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [BakupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -k -h
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
--
End of file - 8097 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 638312221088
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
dashost.exe {309a9905-f01f-4a30-bb60a8e26a816cd4}
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -Embedding
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
taskhostex.exe
taskeng.exe {2F1E7141-FD40-4E96-B4AB-BEC754E1E3BB}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3180.0.626366095\159835286" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2828 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group15 pct:1f stable:r1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_Experiment_R2_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="3180.4.748927361\671798046" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"
"C:\Users\ANDREA\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-01 64640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-08 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-08 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-08 440640]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-31 12936848]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-07-31 1214608]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-08-01 64640]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-11 2864016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BakupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-08-23 533568]
"Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2012-04-23 508256]
"LManager"= []
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2012-07-11 2995904]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer Backup Manager Tray.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-08 439296]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-09 10:57:33 ----D---- C:\Program Files\trend micro
2014-11-09 10:57:32 ----D---- C:\rsit
2014-11-09 10:53:48 ----A---- C:\Windows\system32\netcfg-68015.txt
2014-11-09 10:52:20 ----A---- C:\Windows\system32\netcfg-1963390.txt
2014-11-09 10:07:02 ----A---- C:\Windows\system32\netcfg-70483265.txt
2014-11-09 10:07:01 ----A---- C:\Windows\system32\netcfg-70481515.txt
2014-11-09 02:33:36 ----A---- C:\Windows\system32\netcfg-43281968.txt
2014-11-09 02:33:35 ----A---- C:\Windows\system32\netcfg-43281140.txt
2014-11-08 20:36:10 ----D---- C:\Windows.old
2014-11-08 20:08:35 ----HD---- C:\$SysReset
2014-11-08 14:33:11 ----A---- C:\Windows\system32\netcfg-57109.txt
2014-11-08 14:32:01 ----A---- C:\Windows\system32\netcfg-1920765.txt
2014-11-08 14:12:38 ----D---- C:\Program Files\CCleaner
2014-11-08 14:10:44 ----D---- C:\Program Files (x86)\Google
2014-11-08 14:09:56 ----D---- C:\Users\ANDREA\AppData\Roaming\Macromedia
2014-11-08 14:01:15 ----A---- C:\Windows\system32\netcfg-80437.txt
2014-11-08 13:59:46 ----N---- C:\bootsqm.dat
2014-11-08 13:32:44 ----A---- C:\Windows\system32\netcfg-2286109.txt
2014-11-08 13:21:58 ----A---- C:\Windows\system32\netcfg-1640281.txt
2014-11-08 13:21:55 ----A---- C:\Windows\system32\netcfg-1636937.txt
2014-11-08 12:59:28 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-11-08 12:59:28 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-11-08 12:59:28 ----A---- C:\Windows\system32\wudriver.dll
2014-11-08 12:59:28 ----A---- C:\Windows\system32\storewuauth.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wushareduxresources.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wups2.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wups.dll
2014-11-08 12:59:25 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-11-08 12:59:25 ----A---- C:\Windows\system32\wuauclt.exe
2014-11-08 12:59:25 ----A---- C:\Windows\system32\wuaext.dll
2014-11-08 12:59:22 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wucltux.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wuaueng.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wuapi.dll
2014-11-08 12:58:52 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-11-08 12:58:52 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-11-08 12:58:52 ----A---- C:\Windows\system32\wuwebv.dll
2014-11-08 12:58:52 ----A---- C:\Windows\system32\wuapp.exe
2014-11-08 12:31:39 ----D---- C:\Windows\Minidump
2014-11-08 12:26:39 ----A---- C:\Windows\system32\netcfg-3006765.txt
2014-11-08 12:26:38 ----A---- C:\Windows\system32\netcfg-3005765.txt
2014-11-08 12:24:47 ----D---- C:\Users\ANDREA\AppData\Roaming\Atheros
2014-11-08 12:24:02 ----D---- C:\Users\ANDREA\AppData\Roaming\Adobe
2014-11-08 12:23:28 ----D---- C:\Users\ANDREA\AppData\Roaming\lm
2014-11-08 11:42:20 ----D---- C:\Windows\SoftwareDistribution
2014-11-08 11:39:26 ----SD---- C:\Users\ANDREA\AppData\Roaming\Microsoft
2014-11-08 11:39:00 ----A---- C:\Windows\system32\netcfg-147625.txt
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Šablony
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Plocha
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Nabídka Start
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Dokumenty
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Data aplikací
2014-11-08 09:47:55 ----ASH---- C:\pagefile.sys
2014-10-18 06:52:49 ----SHD---- C:\found.001
2014-10-17 12:30:57 ----SHD---- C:\found.000
2014-10-11 13:37:02 ----A---- C:\autoexec.bat
2014-10-11 13:36:37 ----D---- C:\sh4ldr
======List of files/folders modified in the last 1 month======
2014-11-09 10:57:33 ----RD---- C:\Program Files
2014-11-09 10:56:16 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-09 10:55:35 ----D---- C:\Windows\Prefetch
2014-11-09 10:54:04 ----D---- C:\Windows\system32\config
2014-11-09 10:54:02 ----D---- C:\Windows\WinSxS
2014-11-09 10:53:48 ----RD---- C:\Windows\System32
2014-11-09 10:53:45 ----RD---- C:\Program Files (x86)
2014-11-09 10:53:45 ----D---- C:\ProgramData\McAfee
2014-11-09 10:53:45 ----D---- C:\Program Files (x86)\McAfee
2014-11-09 10:53:45 ----D---- C:\Program Files (x86)\Common Files
2014-11-09 10:53:38 ----D---- C:\Program Files\Common Files\mcafee
2014-11-09 10:53:00 ----D---- C:\Windows\SysWOW64
2014-11-09 10:52:57 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-11-09 10:52:57 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-09 10:52:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-09 10:52:56 ----D---- C:\Windows\system32\sk-SK
2014-11-09 10:52:56 ----D---- C:\Windows\system32\cs-CZ
2014-11-09 10:52:55 ----D---- C:\Windows\system32\en-US
2014-11-09 10:52:49 ----D---- C:\Windows\Temp
2014-11-09 10:52:46 ----A---- C:\Windows\system32\wpbbin.exe
2014-11-09 10:45:17 ----D---- C:\Windows\CbsTemp
2014-11-09 10:44:03 ----D---- C:\Windows\system32\Drivers
2014-11-09 10:44:00 ----HD---- C:\Windows\ELAMBKUP
2014-11-09 10:38:44 ----SHD---- C:\System Volume Information
2014-11-09 10:24:17 ----SD---- C:\ProgramData\Microsoft
2014-11-09 10:07:01 ----D---- C:\Windows\system32\sru
2014-11-08 14:20:00 ----SHD---- C:\Windows\Installer
2014-11-08 14:18:50 ----D---- C:\Windows\system32\Tasks
2014-11-08 14:15:50 ----D---- C:\Windows\Tasks
2014-11-08 13:21:54 ----D---- C:\Windows\system32\wdi
2014-11-08 13:01:00 ----D---- C:\Windows\system32\catroot2
2014-11-08 12:54:57 ----D---- C:\Windows
2014-11-08 12:53:42 ----D---- C:\Windows\Inf
2014-11-08 12:52:50 ----D---- C:\Windows\AUInstallAgent
2014-11-08 12:44:51 ----D---- C:\Windows\system32\restore
2014-11-08 12:25:15 ----SHD---- C:\$Recycle.Bin
2014-11-08 12:23:57 ----AHD---- C:\Elements
2014-11-08 12:23:48 ----RD---- C:\Users
2014-11-08 12:23:30 ----A---- C:\Windows\WisLangCode.ini
2014-11-08 12:14:52 ----D---- C:\Windows\WinStore
2014-11-08 12:14:50 ----RD---- C:\Windows\ImmersiveControlPanel
2014-11-08 11:52:51 ----RSD---- C:\Windows\assembly
2014-11-08 11:49:07 ----D---- C:\Windows\Microsoft.NET
2014-11-08 11:43:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-08 11:42:09 ----D---- C:\Windows\rescache
2014-11-08 11:40:50 ----D---- C:\Windows\system32\Recovery
2014-11-08 11:38:20 ----HD---- C:\ProgramData
2014-10-15 13:54:57 ----HD---- C:\Program Files\WindowsApps
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-07-09 645952]
R1 ccSet_NARA;NARA Settings Manager; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [2012-05-26 168608]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-09-13 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-09-13 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-13 62776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 athr;@oem17.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2012-07-24 3618304]
R3 BTATH_BUS;@oem9.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2012-08-01 33944]
R3 ETD;@oem14.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-08-11 315280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-08-08 8987456]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-31 4097808]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 Ps2Kb2Hid;@oem19.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-09-13 26736]
R3 RSBASTOR;@oem1.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2012-06-14 294544]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-06-13 683664]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2012-07-26 210304]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 AthBTPort;@oem13.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-08-01 88728]
S3 b57nd60a;@netb57va.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2012-06-02 425472]
S3 BCM43XX;@netbc63a.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-06-02 5139968]
S3 BTATH_A2DP;@oem12.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-08-01 344216]
S3 btath_avdt;@oem12.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-08-01 114840]
S3 BTATH_HCRP;@oem15.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2012-08-01 178840]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-08-01 76952]
S3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2012-08-01 135832]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-08-01 574616]
S3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2012-07-26 51712]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-26 1170944]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-07-26 74752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2012-07-26 156672]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-01 207488]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-08-22 348784]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-07-11 3939008]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-08-23 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-09-13 93296]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-08 116648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-08-08 276288]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-07-12 174160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-07 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-08 116648]
-----------------EOF-----------------
Zde je log, díky za odpovědi.
Logfile of random's system information tool 1.10 (written by random/random)
Run by ANDREA at 2014-11-09 10:57:32
Microsoft Windows 8
System drive C: has 566 GB (81%) free of 700 GB
Total RAM: 3890 MB (59% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:57:38, on 9. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16384)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files\trend micro\ANDREA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [BakupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -k -h
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
--
End of file - 8097 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 638312221088
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
dashost.exe {309a9905-f01f-4a30-bb60a8e26a816cd4}
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -Embedding
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
taskhostex.exe
taskeng.exe {2F1E7141-FD40-4E96-B4AB-BEC754E1E3BB}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3180.0.626366095\159835286" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,16 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2828 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutoReloadExperiment/Enabled/AutoReloadVisibleOnlyExperiment/Enabled/BrowserBlacklist/Enabled/DomRel-Enable/disable/EmbeddedSearch/Group15 pct:1f stable:r1 prefetch_results:1 reuse_instant_search_base_page:1/ExtensionContentVerification/None/ExtensionInstallVerification/Enforce/GoogleNow/Enable/OmniboxBundledExperimentV1/SuggestFeatureAblation_Stable_Experiment_R2_Postperiod/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/QUIC/Disabled/RapporRollout/Enabled/RememberCertificateErrorDecisions/Default/SDCH/EnabledAll/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_11/UMA-Uniformity-Trial-1-Percent/group_88/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_05/UMA-Uniformity-Trial-50-Percent/default/VoiceTrigger/Install/" --renderer-print-preview --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --channel="3180.4.748927361\671798046" /prefetch:673131151
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"
"C:\Users\ANDREA\Downloads\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-01 64640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-08 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-08 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-08 440640]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-31 12936848]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-07-31 1214608]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-08-01 64640]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-11 2864016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BakupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-08-23 533568]
"Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2012-04-23 508256]
"LManager"= []
"Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2012-07-11 2995904]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer Backup Manager Tray.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-08 439296]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-09 10:57:33 ----D---- C:\Program Files\trend micro
2014-11-09 10:57:32 ----D---- C:\rsit
2014-11-09 10:53:48 ----A---- C:\Windows\system32\netcfg-68015.txt
2014-11-09 10:52:20 ----A---- C:\Windows\system32\netcfg-1963390.txt
2014-11-09 10:07:02 ----A---- C:\Windows\system32\netcfg-70483265.txt
2014-11-09 10:07:01 ----A---- C:\Windows\system32\netcfg-70481515.txt
2014-11-09 02:33:36 ----A---- C:\Windows\system32\netcfg-43281968.txt
2014-11-09 02:33:35 ----A---- C:\Windows\system32\netcfg-43281140.txt
2014-11-08 20:36:10 ----D---- C:\Windows.old
2014-11-08 20:08:35 ----HD---- C:\$SysReset
2014-11-08 14:33:11 ----A---- C:\Windows\system32\netcfg-57109.txt
2014-11-08 14:32:01 ----A---- C:\Windows\system32\netcfg-1920765.txt
2014-11-08 14:12:38 ----D---- C:\Program Files\CCleaner
2014-11-08 14:10:44 ----D---- C:\Program Files (x86)\Google
2014-11-08 14:09:56 ----D---- C:\Users\ANDREA\AppData\Roaming\Macromedia
2014-11-08 14:01:15 ----A---- C:\Windows\system32\netcfg-80437.txt
2014-11-08 13:59:46 ----N---- C:\bootsqm.dat
2014-11-08 13:32:44 ----A---- C:\Windows\system32\netcfg-2286109.txt
2014-11-08 13:21:58 ----A---- C:\Windows\system32\netcfg-1640281.txt
2014-11-08 13:21:55 ----A---- C:\Windows\system32\netcfg-1636937.txt
2014-11-08 12:59:28 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-11-08 12:59:28 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-11-08 12:59:28 ----A---- C:\Windows\system32\wudriver.dll
2014-11-08 12:59:28 ----A---- C:\Windows\system32\storewuauth.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wushareduxresources.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wups2.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wups.dll
2014-11-08 12:59:25 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-11-08 12:59:25 ----A---- C:\Windows\system32\wuauclt.exe
2014-11-08 12:59:25 ----A---- C:\Windows\system32\wuaext.dll
2014-11-08 12:59:22 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wucltux.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wuaueng.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wuapi.dll
2014-11-08 12:58:52 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-11-08 12:58:52 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-11-08 12:58:52 ----A---- C:\Windows\system32\wuwebv.dll
2014-11-08 12:58:52 ----A---- C:\Windows\system32\wuapp.exe
2014-11-08 12:31:39 ----D---- C:\Windows\Minidump
2014-11-08 12:26:39 ----A---- C:\Windows\system32\netcfg-3006765.txt
2014-11-08 12:26:38 ----A---- C:\Windows\system32\netcfg-3005765.txt
2014-11-08 12:24:47 ----D---- C:\Users\ANDREA\AppData\Roaming\Atheros
2014-11-08 12:24:02 ----D---- C:\Users\ANDREA\AppData\Roaming\Adobe
2014-11-08 12:23:28 ----D---- C:\Users\ANDREA\AppData\Roaming\lm
2014-11-08 11:42:20 ----D---- C:\Windows\SoftwareDistribution
2014-11-08 11:39:26 ----SD---- C:\Users\ANDREA\AppData\Roaming\Microsoft
2014-11-08 11:39:00 ----A---- C:\Windows\system32\netcfg-147625.txt
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Šablony
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Plocha
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Nabídka Start
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Dokumenty
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Data aplikací
2014-11-08 09:47:55 ----ASH---- C:\pagefile.sys
2014-10-18 06:52:49 ----SHD---- C:\found.001
2014-10-17 12:30:57 ----SHD---- C:\found.000
2014-10-11 13:37:02 ----A---- C:\autoexec.bat
2014-10-11 13:36:37 ----D---- C:\sh4ldr
======List of files/folders modified in the last 1 month======
2014-11-09 10:57:33 ----RD---- C:\Program Files
2014-11-09 10:56:16 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-09 10:55:35 ----D---- C:\Windows\Prefetch
2014-11-09 10:54:04 ----D---- C:\Windows\system32\config
2014-11-09 10:54:02 ----D---- C:\Windows\WinSxS
2014-11-09 10:53:48 ----RD---- C:\Windows\System32
2014-11-09 10:53:45 ----RD---- C:\Program Files (x86)
2014-11-09 10:53:45 ----D---- C:\ProgramData\McAfee
2014-11-09 10:53:45 ----D---- C:\Program Files (x86)\McAfee
2014-11-09 10:53:45 ----D---- C:\Program Files (x86)\Common Files
2014-11-09 10:53:38 ----D---- C:\Program Files\Common Files\mcafee
2014-11-09 10:53:00 ----D---- C:\Windows\SysWOW64
2014-11-09 10:52:57 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-11-09 10:52:57 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-09 10:52:57 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-09 10:52:56 ----D---- C:\Windows\system32\sk-SK
2014-11-09 10:52:56 ----D---- C:\Windows\system32\cs-CZ
2014-11-09 10:52:55 ----D---- C:\Windows\system32\en-US
2014-11-09 10:52:49 ----D---- C:\Windows\Temp
2014-11-09 10:52:46 ----A---- C:\Windows\system32\wpbbin.exe
2014-11-09 10:45:17 ----D---- C:\Windows\CbsTemp
2014-11-09 10:44:03 ----D---- C:\Windows\system32\Drivers
2014-11-09 10:44:00 ----HD---- C:\Windows\ELAMBKUP
2014-11-09 10:38:44 ----SHD---- C:\System Volume Information
2014-11-09 10:24:17 ----SD---- C:\ProgramData\Microsoft
2014-11-09 10:07:01 ----D---- C:\Windows\system32\sru
2014-11-08 14:20:00 ----SHD---- C:\Windows\Installer
2014-11-08 14:18:50 ----D---- C:\Windows\system32\Tasks
2014-11-08 14:15:50 ----D---- C:\Windows\Tasks
2014-11-08 13:21:54 ----D---- C:\Windows\system32\wdi
2014-11-08 13:01:00 ----D---- C:\Windows\system32\catroot2
2014-11-08 12:54:57 ----D---- C:\Windows
2014-11-08 12:53:42 ----D---- C:\Windows\Inf
2014-11-08 12:52:50 ----D---- C:\Windows\AUInstallAgent
2014-11-08 12:44:51 ----D---- C:\Windows\system32\restore
2014-11-08 12:25:15 ----SHD---- C:\$Recycle.Bin
2014-11-08 12:23:57 ----AHD---- C:\Elements
2014-11-08 12:23:48 ----RD---- C:\Users
2014-11-08 12:23:30 ----A---- C:\Windows\WisLangCode.ini
2014-11-08 12:14:52 ----D---- C:\Windows\WinStore
2014-11-08 12:14:50 ----RD---- C:\Windows\ImmersiveControlPanel
2014-11-08 11:52:51 ----RSD---- C:\Windows\assembly
2014-11-08 11:49:07 ----D---- C:\Windows\Microsoft.NET
2014-11-08 11:43:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-08 11:42:09 ----D---- C:\Windows\rescache
2014-11-08 11:40:50 ----D---- C:\Windows\system32\Recovery
2014-11-08 11:38:20 ----HD---- C:\ProgramData
2014-10-15 13:54:57 ----HD---- C:\Program Files\WindowsApps
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-07-09 645952]
R1 ccSet_NARA;NARA Settings Manager; C:\Windows\system32\drivers\NARAx64\0401000.00A\ccSetx64.sys [2012-05-26 168608]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-09-13 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-09-13 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-13 62776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 athr;@oem17.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2012-07-24 3618304]
R3 BTATH_BUS;@oem9.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2012-08-01 33944]
R3 ETD;@oem14.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-08-11 315280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-08-08 8987456]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-31 4097808]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 Ps2Kb2Hid;@oem19.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-09-13 26736]
R3 RSBASTOR;@oem1.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2012-06-14 294544]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-06-13 683664]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2012-07-26 210304]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 AthBTPort;@oem13.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-08-01 88728]
S3 b57nd60a;@netb57va.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2012-06-02 425472]
S3 BCM43XX;@netbc63a.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-06-02 5139968]
S3 BTATH_A2DP;@oem12.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-08-01 344216]
S3 btath_avdt;@oem12.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-08-01 114840]
S3 BTATH_HCRP;@oem15.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2012-08-01 178840]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-08-01 76952]
S3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2012-08-01 135832]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-08-01 574616]
S3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2012-07-26 51712]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-26 1170944]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-07-26 74752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2012-07-26 156672]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-01 207488]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-08-22 348784]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-07-11 3939008]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-08-23 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-09-13 93296]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-08 116648]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-08-08 276288]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-07-12 174160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-07 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-08 116648]
-----------------EOF-----------------
- Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NTB se seká
Zdravím!
Spusťte nejprve tuto utilitu:
Spusťte nejprve tuto utilitu:
Stáhněte AdwCleaner http://www.stahuj.centrum.cz/utility_a_ ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve >Scan< a potom na >Clean< (smazat)
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: NTB se seká
Zdravím, zde je log.
# AdwCleaner v4.100 - Report created 09/11/2014 at 11:52:55
# DB v2014-11-07.1
# Updated 08/11/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : ANDREA - PEPINA
# Running from : C:\Users\ANDREA\Desktop\adwcleaner_4.100.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16384
*************************
AdwCleaner[R0].txt - [890 octets] - [09/11/2014 11:45:10]
AdwCleaner[R1].txt - [949 octets] - [09/11/2014 11:51:44]
AdwCleaner[S0].txt - [870 octets] - [09/11/2014 11:52:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [929 octets] ##########
# AdwCleaner v4.100 - Report created 09/11/2014 at 11:52:55
# DB v2014-11-07.1
# Updated 08/11/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : ANDREA - PEPINA
# Running from : C:\Users\ANDREA\Desktop\adwcleaner_4.100.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browsers ] *****
-\\ Internet Explorer v10.0.9200.16384
*************************
AdwCleaner[R0].txt - [890 octets] - [09/11/2014 11:45:10]
AdwCleaner[R1].txt - [949 octets] - [09/11/2014 11:51:44]
AdwCleaner[S0].txt - [870 octets] - [09/11/2014 11:52:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [929 octets] ##########
- Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NTB se seká
Dejte nový log RSIT.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: NTB se seká
Logfile of random's system information tool 1.10 (written by random/random)
Run by ANDREA at 2014-11-09 15:15:10
Microsoft Windows 8
System drive C: has 576 GB (82%) free of 700 GB
Total RAM: 3890 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:15:20, on 9. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16384)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files\trend micro\ANDREA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [BakupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -k -h
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
--
End of file - 7626 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 720207506672
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
dashost.exe {31231580-d88d-43c8-b03f5497d94f2b8d}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
taskhostex.exe
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
taskhost.exe $(Arg0)
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -Embedding
"C:\Users\ANDREA\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ANDREA\AppData\Roaming\Mozilla\Firefox\Profiles\zxlzeenn.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-01 64640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-08 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-08 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-08 440640]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-31 12936848]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-07-31 1214608]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-08-01 64640]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-11 2864016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BakupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-08-23 533568]
"Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2012-04-23 508256]
"LManager"= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer Backup Manager Tray.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-08 439296]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-09 12:06:17 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-11-09 12:06:17 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-11-09 11:55:50 ----D---- C:\Users\ANDREA\AppData\Roaming\Mozilla
2014-11-09 11:54:40 ----A---- C:\Windows\system32\netcfg-44421.txt
2014-11-09 11:53:35 ----A---- C:\Windows\system32\netcfg-3654859.txt
2014-11-09 11:45:08 ----D---- C:\AdwCleaner
2014-11-09 11:32:53 ----D---- C:\ProgramData\Mozilla
2014-11-09 11:32:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-09 11:32:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-09 10:57:33 ----D---- C:\Program Files\trend micro
2014-11-09 10:57:32 ----D---- C:\rsit
2014-11-09 10:53:48 ----A---- C:\Windows\system32\netcfg-68015.txt
2014-11-09 10:52:20 ----A---- C:\Windows\system32\netcfg-1963390.txt
2014-11-09 10:07:02 ----A---- C:\Windows\system32\netcfg-70483265.txt
2014-11-09 10:07:01 ----A---- C:\Windows\system32\netcfg-70481515.txt
2014-11-09 02:33:36 ----A---- C:\Windows\system32\netcfg-43281968.txt
2014-11-09 02:33:35 ----A---- C:\Windows\system32\netcfg-43281140.txt
2014-11-08 20:36:10 ----D---- C:\Windows.old
2014-11-08 20:08:35 ----HD---- C:\$SysReset
2014-11-08 14:33:11 ----A---- C:\Windows\system32\netcfg-57109.txt
2014-11-08 14:32:01 ----A---- C:\Windows\system32\netcfg-1920765.txt
2014-11-08 14:12:38 ----D---- C:\Program Files\CCleaner
2014-11-08 14:10:44 ----D---- C:\Program Files (x86)\Google
2014-11-08 14:09:56 ----D---- C:\Users\ANDREA\AppData\Roaming\Macromedia
2014-11-08 14:01:15 ----A---- C:\Windows\system32\netcfg-80437.txt
2014-11-08 13:32:44 ----A---- C:\Windows\system32\netcfg-2286109.txt
2014-11-08 13:21:58 ----A---- C:\Windows\system32\netcfg-1640281.txt
2014-11-08 13:21:55 ----A---- C:\Windows\system32\netcfg-1636937.txt
2014-11-08 12:59:28 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-11-08 12:59:28 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-11-08 12:59:28 ----A---- C:\Windows\system32\wudriver.dll
2014-11-08 12:59:28 ----A---- C:\Windows\system32\storewuauth.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wushareduxresources.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wups2.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wups.dll
2014-11-08 12:59:25 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-11-08 12:59:25 ----A---- C:\Windows\system32\wuauclt.exe
2014-11-08 12:59:25 ----A---- C:\Windows\system32\wuaext.dll
2014-11-08 12:59:22 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wucltux.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wuaueng.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wuapi.dll
2014-11-08 12:58:52 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-11-08 12:58:52 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-11-08 12:58:52 ----A---- C:\Windows\system32\wuwebv.dll
2014-11-08 12:58:52 ----A---- C:\Windows\system32\wuapp.exe
2014-11-08 12:31:39 ----D---- C:\Windows\Minidump
2014-11-08 12:26:39 ----A---- C:\Windows\system32\netcfg-3006765.txt
2014-11-08 12:26:38 ----A---- C:\Windows\system32\netcfg-3005765.txt
2014-11-08 12:24:47 ----D---- C:\Users\ANDREA\AppData\Roaming\Atheros
2014-11-08 12:24:02 ----D---- C:\Users\ANDREA\AppData\Roaming\Adobe
2014-11-08 12:23:28 ----D---- C:\Users\ANDREA\AppData\Roaming\lm
2014-11-08 11:42:20 ----D---- C:\Windows\SoftwareDistribution
2014-11-08 11:39:26 ----SD---- C:\Users\ANDREA\AppData\Roaming\Microsoft
2014-11-08 11:39:00 ----A---- C:\Windows\system32\netcfg-147625.txt
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Šablony
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Plocha
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Nabídka Start
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Dokumenty
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Data aplikací
2014-11-08 09:47:55 ----ASH---- C:\pagefile.sys
2014-10-18 06:52:49 ----SHD---- C:\found.001
2014-10-17 12:30:57 ----SHD---- C:\found.000
2014-10-11 13:37:02 ----A---- C:\autoexec.bat
2014-10-11 13:36:37 ----D---- C:\sh4ldr
======List of files/folders modified in the last 1 month======
2014-11-09 15:14:37 ----D---- C:\Windows\system32\config
2014-11-09 15:14:37 ----D---- C:\Windows\Microsoft.NET
2014-11-09 15:12:27 ----SHD---- C:\System Volume Information
2014-11-09 15:01:09 ----D---- C:\Windows\system32\sru
2014-11-09 14:57:49 ----D---- C:\Windows\Prefetch
2014-11-09 13:05:29 ----D---- C:\Windows\WinSxS
2014-11-09 13:04:29 ----D---- C:\Windows\system32\catroot2
2014-11-09 12:22:33 ----D---- C:\Windows\rescache
2014-11-09 12:10:33 ----D---- C:\Windows\Temp
2014-11-09 12:07:21 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-09 12:07:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-09 12:07:21 ----D---- C:\Windows\SysWOW64
2014-11-09 12:07:20 ----RD---- C:\Windows\System32
2014-11-09 12:07:20 ----D---- C:\Windows\system32\en-US
2014-11-09 12:07:20 ----D---- C:\Windows\system32\cs-CZ
2014-11-09 12:06:02 ----D---- C:\Windows\CbsTemp
2014-11-09 11:56:36 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-09 11:54:05 ----D---- C:\ProgramData\Norton
2014-11-09 11:54:01 ----A---- C:\Windows\system32\wpbbin.exe
2014-11-09 11:53:32 ----D---- C:\Windows\Inf
2014-11-09 11:44:15 ----D---- C:\Windows\Logs
2014-11-09 11:44:04 ----SHD---- C:\Windows\Installer
2014-11-09 11:32:53 ----HD---- C:\ProgramData
2014-11-09 11:32:52 ----RD---- C:\Program Files (x86)
2014-11-09 11:30:19 ----D---- C:\Windows\system32\Tasks
2014-11-09 11:30:15 ----D---- C:\Windows\Tasks
2014-11-09 11:04:50 ----D---- C:\Windows\system32\Drivers
2014-11-09 11:04:48 ----D---- C:\ProgramData\NortonInstaller
2014-11-09 10:57:33 ----RD---- C:\Program Files
2014-11-09 10:56:51 ----D---- C:\Windows\system32\wdi
2014-11-09 10:53:45 ----D---- C:\ProgramData\McAfee
2014-11-09 10:53:45 ----D---- C:\Program Files (x86)\McAfee
2014-11-09 10:53:45 ----D---- C:\Program Files (x86)\Common Files
2014-11-09 10:53:38 ----D---- C:\Program Files\Common Files\mcafee
2014-11-09 10:52:57 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-11-09 10:52:56 ----D---- C:\Windows\system32\sk-SK
2014-11-09 10:44:00 ----HD---- C:\Windows\ELAMBKUP
2014-11-09 10:24:17 ----SD---- C:\ProgramData\Microsoft
2014-11-08 12:54:57 ----D---- C:\Windows
2014-11-08 12:52:50 ----D---- C:\Windows\AUInstallAgent
2014-11-08 12:44:51 ----D---- C:\Windows\system32\restore
2014-11-08 12:25:15 ----SHD---- C:\$Recycle.Bin
2014-11-08 12:23:57 ----AHD---- C:\Elements
2014-11-08 12:23:48 ----RD---- C:\Users
2014-11-08 12:23:30 ----A---- C:\Windows\WisLangCode.ini
2014-11-08 12:14:52 ----D---- C:\Windows\WinStore
2014-11-08 12:14:50 ----RD---- C:\Windows\ImmersiveControlPanel
2014-11-08 11:52:51 ----RSD---- C:\Windows\assembly
2014-11-08 11:43:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-08 11:40:50 ----D---- C:\Windows\system32\Recovery
2014-10-15 13:54:57 ----HD---- C:\Program Files\WindowsApps
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-07-09 645952]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-09-13 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-09-13 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-13 62776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 athr;@oem17.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2012-07-24 3618304]
R3 BTATH_BUS;@oem9.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2012-08-01 33944]
R3 ETD;@oem14.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-08-11 315280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-08-08 8987456]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-31 4097808]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 Ps2Kb2Hid;@oem19.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-09-13 26736]
R3 RSBASTOR;@oem1.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2012-06-14 294544]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-06-13 683664]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2012-07-26 210304]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 AthBTPort;@oem13.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-08-01 88728]
S3 b57nd60a;@netb57va.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2012-06-02 425472]
S3 BCM43XX;@netbc63a.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-06-02 5139968]
S3 BTATH_A2DP;@oem12.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-08-01 344216]
S3 btath_avdt;@oem12.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-08-01 114840]
S3 BTATH_HCRP;@oem15.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2012-08-01 178840]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-08-01 76952]
S3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2012-08-01 135832]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-08-01 574616]
S3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2012-07-26 51712]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-26 1170944]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-07-26 74752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2012-07-26 156672]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-01 207488]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-08-22 348784]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-08-23 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-09-13 93296]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-08-08 276288]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-07-12 174160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-07 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-28 114288]
-----------------EOF-----------------
Run by ANDREA at 2014-11-09 15:15:10
Microsoft Windows 8
System drive C: has 576 GB (82%) free of 700 GB
Total RAM: 3890 MB (48% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:15:20, on 9. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16384)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files\trend micro\ANDREA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [BakupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -k -h
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
--
End of file - 7626 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 720207506672
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
dashost.exe {31231580-d88d-43c8-b03f5497d94f2b8d}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
taskhostex.exe
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe"
"C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
"C:\Program Files\EgisTec IPS\PMMUpdate.exe"
"C:\Program Files\EgisTec IPS\EgisUpdate.exe"
taskhost.exe $(Arg0)
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe -Embedding
"C:\Users\ANDREA\Desktop\RSITx64.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe5_ Global\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
C:\Windows\system32\wbem\wmiprvse.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ANDREA\AppData\Roaming\Mozilla\Firefox\Profiles\zxlzeenn.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-01 64640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-08 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-08 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-08 440640]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-31 12936848]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-07-31 1214608]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-08-01 64640]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-11 2864016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BakupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-08-23 533568]
"Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2012-04-23 508256]
"LManager"= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer Backup Manager Tray.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-08 439296]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-09 12:06:17 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-11-09 12:06:17 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-11-09 11:55:50 ----D---- C:\Users\ANDREA\AppData\Roaming\Mozilla
2014-11-09 11:54:40 ----A---- C:\Windows\system32\netcfg-44421.txt
2014-11-09 11:53:35 ----A---- C:\Windows\system32\netcfg-3654859.txt
2014-11-09 11:45:08 ----D---- C:\AdwCleaner
2014-11-09 11:32:53 ----D---- C:\ProgramData\Mozilla
2014-11-09 11:32:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-09 11:32:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-09 10:57:33 ----D---- C:\Program Files\trend micro
2014-11-09 10:57:32 ----D---- C:\rsit
2014-11-09 10:53:48 ----A---- C:\Windows\system32\netcfg-68015.txt
2014-11-09 10:52:20 ----A---- C:\Windows\system32\netcfg-1963390.txt
2014-11-09 10:07:02 ----A---- C:\Windows\system32\netcfg-70483265.txt
2014-11-09 10:07:01 ----A---- C:\Windows\system32\netcfg-70481515.txt
2014-11-09 02:33:36 ----A---- C:\Windows\system32\netcfg-43281968.txt
2014-11-09 02:33:35 ----A---- C:\Windows\system32\netcfg-43281140.txt
2014-11-08 20:36:10 ----D---- C:\Windows.old
2014-11-08 20:08:35 ----HD---- C:\$SysReset
2014-11-08 14:33:11 ----A---- C:\Windows\system32\netcfg-57109.txt
2014-11-08 14:32:01 ----A---- C:\Windows\system32\netcfg-1920765.txt
2014-11-08 14:12:38 ----D---- C:\Program Files\CCleaner
2014-11-08 14:10:44 ----D---- C:\Program Files (x86)\Google
2014-11-08 14:09:56 ----D---- C:\Users\ANDREA\AppData\Roaming\Macromedia
2014-11-08 14:01:15 ----A---- C:\Windows\system32\netcfg-80437.txt
2014-11-08 13:32:44 ----A---- C:\Windows\system32\netcfg-2286109.txt
2014-11-08 13:21:58 ----A---- C:\Windows\system32\netcfg-1640281.txt
2014-11-08 13:21:55 ----A---- C:\Windows\system32\netcfg-1636937.txt
2014-11-08 12:59:28 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-11-08 12:59:28 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-11-08 12:59:28 ----A---- C:\Windows\system32\wudriver.dll
2014-11-08 12:59:28 ----A---- C:\Windows\system32\storewuauth.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wushareduxresources.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wups2.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wups.dll
2014-11-08 12:59:25 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-11-08 12:59:25 ----A---- C:\Windows\system32\wuauclt.exe
2014-11-08 12:59:25 ----A---- C:\Windows\system32\wuaext.dll
2014-11-08 12:59:22 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wucltux.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wuaueng.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wuapi.dll
2014-11-08 12:58:52 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-11-08 12:58:52 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-11-08 12:58:52 ----A---- C:\Windows\system32\wuwebv.dll
2014-11-08 12:58:52 ----A---- C:\Windows\system32\wuapp.exe
2014-11-08 12:31:39 ----D---- C:\Windows\Minidump
2014-11-08 12:26:39 ----A---- C:\Windows\system32\netcfg-3006765.txt
2014-11-08 12:26:38 ----A---- C:\Windows\system32\netcfg-3005765.txt
2014-11-08 12:24:47 ----D---- C:\Users\ANDREA\AppData\Roaming\Atheros
2014-11-08 12:24:02 ----D---- C:\Users\ANDREA\AppData\Roaming\Adobe
2014-11-08 12:23:28 ----D---- C:\Users\ANDREA\AppData\Roaming\lm
2014-11-08 11:42:20 ----D---- C:\Windows\SoftwareDistribution
2014-11-08 11:39:26 ----SD---- C:\Users\ANDREA\AppData\Roaming\Microsoft
2014-11-08 11:39:00 ----A---- C:\Windows\system32\netcfg-147625.txt
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Šablony
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Plocha
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Nabídka Start
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Dokumenty
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Data aplikací
2014-11-08 09:47:55 ----ASH---- C:\pagefile.sys
2014-10-18 06:52:49 ----SHD---- C:\found.001
2014-10-17 12:30:57 ----SHD---- C:\found.000
2014-10-11 13:37:02 ----A---- C:\autoexec.bat
2014-10-11 13:36:37 ----D---- C:\sh4ldr
======List of files/folders modified in the last 1 month======
2014-11-09 15:14:37 ----D---- C:\Windows\system32\config
2014-11-09 15:14:37 ----D---- C:\Windows\Microsoft.NET
2014-11-09 15:12:27 ----SHD---- C:\System Volume Information
2014-11-09 15:01:09 ----D---- C:\Windows\system32\sru
2014-11-09 14:57:49 ----D---- C:\Windows\Prefetch
2014-11-09 13:05:29 ----D---- C:\Windows\WinSxS
2014-11-09 13:04:29 ----D---- C:\Windows\system32\catroot2
2014-11-09 12:22:33 ----D---- C:\Windows\rescache
2014-11-09 12:10:33 ----D---- C:\Windows\Temp
2014-11-09 12:07:21 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-09 12:07:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-09 12:07:21 ----D---- C:\Windows\SysWOW64
2014-11-09 12:07:20 ----RD---- C:\Windows\System32
2014-11-09 12:07:20 ----D---- C:\Windows\system32\en-US
2014-11-09 12:07:20 ----D---- C:\Windows\system32\cs-CZ
2014-11-09 12:06:02 ----D---- C:\Windows\CbsTemp
2014-11-09 11:56:36 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-09 11:54:05 ----D---- C:\ProgramData\Norton
2014-11-09 11:54:01 ----A---- C:\Windows\system32\wpbbin.exe
2014-11-09 11:53:32 ----D---- C:\Windows\Inf
2014-11-09 11:44:15 ----D---- C:\Windows\Logs
2014-11-09 11:44:04 ----SHD---- C:\Windows\Installer
2014-11-09 11:32:53 ----HD---- C:\ProgramData
2014-11-09 11:32:52 ----RD---- C:\Program Files (x86)
2014-11-09 11:30:19 ----D---- C:\Windows\system32\Tasks
2014-11-09 11:30:15 ----D---- C:\Windows\Tasks
2014-11-09 11:04:50 ----D---- C:\Windows\system32\Drivers
2014-11-09 11:04:48 ----D---- C:\ProgramData\NortonInstaller
2014-11-09 10:57:33 ----RD---- C:\Program Files
2014-11-09 10:56:51 ----D---- C:\Windows\system32\wdi
2014-11-09 10:53:45 ----D---- C:\ProgramData\McAfee
2014-11-09 10:53:45 ----D---- C:\Program Files (x86)\McAfee
2014-11-09 10:53:45 ----D---- C:\Program Files (x86)\Common Files
2014-11-09 10:53:38 ----D---- C:\Program Files\Common Files\mcafee
2014-11-09 10:52:57 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-11-09 10:52:56 ----D---- C:\Windows\system32\sk-SK
2014-11-09 10:44:00 ----HD---- C:\Windows\ELAMBKUP
2014-11-09 10:24:17 ----SD---- C:\ProgramData\Microsoft
2014-11-08 12:54:57 ----D---- C:\Windows
2014-11-08 12:52:50 ----D---- C:\Windows\AUInstallAgent
2014-11-08 12:44:51 ----D---- C:\Windows\system32\restore
2014-11-08 12:25:15 ----SHD---- C:\$Recycle.Bin
2014-11-08 12:23:57 ----AHD---- C:\Elements
2014-11-08 12:23:48 ----RD---- C:\Users
2014-11-08 12:23:30 ----A---- C:\Windows\WisLangCode.ini
2014-11-08 12:14:52 ----D---- C:\Windows\WinStore
2014-11-08 12:14:50 ----RD---- C:\Windows\ImmersiveControlPanel
2014-11-08 11:52:51 ----RSD---- C:\Windows\assembly
2014-11-08 11:43:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-08 11:40:50 ----D---- C:\Windows\system32\Recovery
2014-10-15 13:54:57 ----HD---- C:\Program Files\WindowsApps
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-07-09 645952]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-09-13 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-09-13 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-13 62776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 athr;@oem17.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2012-07-24 3618304]
R3 BTATH_BUS;@oem9.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2012-08-01 33944]
R3 ETD;@oem14.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-08-11 315280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-08-08 8987456]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-31 4097808]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 Ps2Kb2Hid;@oem19.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-09-13 26736]
R3 RSBASTOR;@oem1.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2012-06-14 294544]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-06-13 683664]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2012-07-26 210304]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 AthBTPort;@oem13.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-08-01 88728]
S3 b57nd60a;@netb57va.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2012-06-02 425472]
S3 BCM43XX;@netbc63a.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-06-02 5139968]
S3 BTATH_A2DP;@oem12.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-08-01 344216]
S3 btath_avdt;@oem12.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-08-01 114840]
S3 BTATH_HCRP;@oem15.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2012-08-01 178840]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-08-01 76952]
S3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2012-08-01 135832]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-08-01 574616]
S3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2012-07-26 51712]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-26 1170944]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-07-26 74752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2012-07-26 156672]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-01 207488]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-08-22 348784]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-08-23 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-09-13 93296]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-08-08 276288]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-07-12 174160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-07 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-28 114288]
-----------------EOF-----------------
- Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NTB se seká
Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:
a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.:commands
[Purity]
[Emptytemp]
[Emptyflash]
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: NTB se seká
Zde je nový log z RSITu, chcete i log z OTM?
Logfile of random's system information tool 1.10 (written by random/random)
Run by ANDREA at 2014-11-09 19:01:14
Microsoft Windows 8
System drive C: has 571 GB (82%) free of 700 GB
Total RAM: 3890 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:01:17, on 9. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16384)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\trend micro\ANDREA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [BakupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -k -h
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
--
End of file - 7638 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 716365650880
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
dashost.exe {b2732c64-bc82-49cf-8e2b43aba051b41b}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
taskhostex.exe
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\11092014_185740.log
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -k -h
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Users\ANDREA\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ANDREA\AppData\Roaming\Mozilla\Firefox\Profiles\zxlzeenn.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-01 64640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-08 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-08 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-08 440640]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-31 12936848]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-07-31 1214608]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-08-01 64640]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-11 2864016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BakupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-08-23 533568]
"Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2012-04-23 508256]
"LManager"= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer Backup Manager Tray.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-08 439296]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-09 18:59:27 ----A---- C:\Windows\system32\netcfg-37234.txt
2014-11-09 18:58:39 ----A---- C:\Windows\system32\netcfg-25483640.txt
2014-11-09 18:57:40 ----D---- C:\_OTM
2014-11-09 12:06:17 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-11-09 12:06:17 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-11-09 11:55:50 ----D---- C:\Users\ANDREA\AppData\Roaming\Mozilla
2014-11-09 11:54:40 ----A---- C:\Windows\system32\netcfg-44421.txt
2014-11-09 11:53:35 ----A---- C:\Windows\system32\netcfg-3654859.txt
2014-11-09 11:45:08 ----D---- C:\AdwCleaner
2014-11-09 11:32:53 ----D---- C:\ProgramData\Mozilla
2014-11-09 11:32:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-09 11:32:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-09 10:57:33 ----D---- C:\Program Files\trend micro
2014-11-09 10:57:32 ----D---- C:\rsit
2014-11-09 10:53:48 ----A---- C:\Windows\system32\netcfg-68015.txt
2014-11-09 10:52:20 ----A---- C:\Windows\system32\netcfg-1963390.txt
2014-11-09 10:07:02 ----A---- C:\Windows\system32\netcfg-70483265.txt
2014-11-09 10:07:01 ----A---- C:\Windows\system32\netcfg-70481515.txt
2014-11-09 02:33:36 ----A---- C:\Windows\system32\netcfg-43281968.txt
2014-11-09 02:33:35 ----A---- C:\Windows\system32\netcfg-43281140.txt
2014-11-08 20:36:10 ----D---- C:\Windows.old
2014-11-08 20:08:35 ----HD---- C:\$SysReset
2014-11-08 14:33:11 ----A---- C:\Windows\system32\netcfg-57109.txt
2014-11-08 14:32:01 ----A---- C:\Windows\system32\netcfg-1920765.txt
2014-11-08 14:12:38 ----D---- C:\Program Files\CCleaner
2014-11-08 14:10:44 ----D---- C:\Program Files (x86)\Google
2014-11-08 14:09:56 ----D---- C:\Users\ANDREA\AppData\Roaming\Macromedia
2014-11-08 14:01:15 ----A---- C:\Windows\system32\netcfg-80437.txt
2014-11-08 13:32:44 ----A---- C:\Windows\system32\netcfg-2286109.txt
2014-11-08 13:21:58 ----A---- C:\Windows\system32\netcfg-1640281.txt
2014-11-08 13:21:55 ----A---- C:\Windows\system32\netcfg-1636937.txt
2014-11-08 12:59:28 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-11-08 12:59:28 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-11-08 12:59:28 ----A---- C:\Windows\system32\wudriver.dll
2014-11-08 12:59:28 ----A---- C:\Windows\system32\storewuauth.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wushareduxresources.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wups2.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wups.dll
2014-11-08 12:59:25 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-11-08 12:59:25 ----A---- C:\Windows\system32\wuauclt.exe
2014-11-08 12:59:25 ----A---- C:\Windows\system32\wuaext.dll
2014-11-08 12:59:22 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wucltux.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wuaueng.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wuapi.dll
2014-11-08 12:58:52 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-11-08 12:58:52 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-11-08 12:58:52 ----A---- C:\Windows\system32\wuwebv.dll
2014-11-08 12:58:52 ----A---- C:\Windows\system32\wuapp.exe
2014-11-08 12:31:39 ----D---- C:\Windows\Minidump
2014-11-08 12:26:39 ----A---- C:\Windows\system32\netcfg-3006765.txt
2014-11-08 12:26:38 ----A---- C:\Windows\system32\netcfg-3005765.txt
2014-11-08 12:24:47 ----D---- C:\Users\ANDREA\AppData\Roaming\Atheros
2014-11-08 12:24:02 ----D---- C:\Users\ANDREA\AppData\Roaming\Adobe
2014-11-08 12:23:28 ----D---- C:\Users\ANDREA\AppData\Roaming\lm
2014-11-08 11:42:20 ----D---- C:\Windows\SoftwareDistribution
2014-11-08 11:39:26 ----SD---- C:\Users\ANDREA\AppData\Roaming\Microsoft
2014-11-08 11:39:00 ----A---- C:\Windows\system32\netcfg-147625.txt
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Šablony
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Plocha
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Nabídka Start
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Dokumenty
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Data aplikací
2014-11-08 09:47:55 ----ASH---- C:\pagefile.sys
2014-10-18 06:52:49 ----SHD---- C:\found.001
2014-10-17 12:30:57 ----SHD---- C:\found.000
2014-10-11 13:37:02 ----A---- C:\autoexec.bat
2014-10-11 13:36:37 ----D---- C:\sh4ldr
======List of files/folders modified in the last 1 month======
2014-11-09 19:00:02 ----D---- C:\Windows\system32\sru
2014-11-09 18:59:27 ----RD---- C:\Windows\System32
2014-11-09 18:58:56 ----A---- C:\Windows\system32\wpbbin.exe
2014-11-09 18:58:29 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-09 18:58:19 ----D---- C:\Windows\Temp
2014-11-09 18:57:29 ----D---- C:\Windows\Prefetch
2014-11-09 17:26:28 ----D---- C:\Windows\system32\config
2014-11-09 16:49:53 ----SHD---- C:\Windows\Installer
2014-11-09 16:29:04 ----HD---- C:\Program Files\WindowsApps
2014-11-09 16:12:29 ----D---- C:\Windows\system32\Tasks
2014-11-09 16:02:11 ----D---- C:\Windows\AUInstallAgent
2014-11-09 16:00:07 ----SD---- C:\ProgramData\Microsoft
2014-11-09 15:48:05 ----D---- C:\Windows\system32\catroot2
2014-11-09 15:47:44 ----D---- C:\Windows\WinSxS
2014-11-09 15:40:32 ----SHD---- C:\System Volume Information
2014-11-09 15:34:21 ----D---- C:\Windows\Microsoft.NET
2014-11-09 13:05:59 ----D---- C:\Windows\CbsTemp
2014-11-09 12:22:33 ----D---- C:\Windows\rescache
2014-11-09 12:07:21 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-09 12:07:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-09 12:07:21 ----D---- C:\Windows\SysWOW64
2014-11-09 12:07:20 ----D---- C:\Windows\system32\en-US
2014-11-09 12:07:20 ----D---- C:\Windows\system32\cs-CZ
2014-11-09 11:54:05 ----D---- C:\ProgramData\Norton
2014-11-09 11:53:32 ----D---- C:\Windows\Inf
2014-11-09 11:44:15 ----D---- C:\Windows\Logs
2014-11-09 11:32:53 ----HD---- C:\ProgramData
2014-11-09 11:32:52 ----RD---- C:\Program Files (x86)
2014-11-09 11:30:15 ----D---- C:\Windows\Tasks
2014-11-09 11:04:50 ----D---- C:\Windows\system32\Drivers
2014-11-09 11:04:48 ----D---- C:\ProgramData\NortonInstaller
2014-11-09 10:57:33 ----RD---- C:\Program Files
2014-11-09 10:56:51 ----D---- C:\Windows\system32\wdi
2014-11-09 10:53:45 ----D---- C:\ProgramData\McAfee
2014-11-09 10:53:45 ----D---- C:\Program Files (x86)\McAfee
2014-11-09 10:53:45 ----D---- C:\Program Files (x86)\Common Files
2014-11-09 10:53:38 ----D---- C:\Program Files\Common Files\mcafee
2014-11-09 10:52:57 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-11-09 10:52:56 ----D---- C:\Windows\system32\sk-SK
2014-11-09 10:44:00 ----HD---- C:\Windows\ELAMBKUP
2014-11-08 12:54:57 ----D---- C:\Windows
2014-11-08 12:44:51 ----D---- C:\Windows\system32\restore
2014-11-08 12:25:15 ----SHD---- C:\$Recycle.Bin
2014-11-08 12:23:57 ----AHD---- C:\Elements
2014-11-08 12:23:48 ----RD---- C:\Users
2014-11-08 12:23:30 ----A---- C:\Windows\WisLangCode.ini
2014-11-08 12:14:52 ----D---- C:\Windows\WinStore
2014-11-08 12:14:50 ----RD---- C:\Windows\ImmersiveControlPanel
2014-11-08 11:52:51 ----RSD---- C:\Windows\assembly
2014-11-08 11:43:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-08 11:40:50 ----D---- C:\Windows\system32\Recovery
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-07-09 645952]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-09-13 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-09-13 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-13 62776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 athr;@oem17.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2012-07-24 3618304]
R3 BTATH_BUS;@oem9.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2012-08-01 33944]
R3 ETD;@oem14.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-08-11 315280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-08-08 8987456]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-31 4097808]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 Ps2Kb2Hid;@oem19.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-09-13 26736]
R3 RSBASTOR;@oem1.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2012-06-14 294544]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-06-13 683664]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2012-07-26 210304]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 AthBTPort;@oem13.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-08-01 88728]
S3 b57nd60a;@netb57va.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2012-06-02 425472]
S3 BCM43XX;@netbc63a.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-06-02 5139968]
S3 BTATH_A2DP;@oem12.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-08-01 344216]
S3 btath_avdt;@oem12.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-08-01 114840]
S3 BTATH_HCRP;@oem15.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2012-08-01 178840]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-08-01 76952]
S3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2012-08-01 135832]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-08-01 574616]
S3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2012-07-26 51712]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-26 1170944]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-07-26 74752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2012-07-26 156672]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-01 207488]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-08-22 348784]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-08-23 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-09-13 93296]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-09 267440]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-08-08 276288]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-07-12 174160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-07 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-09 114288]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by ANDREA at 2014-11-09 19:01:14
Microsoft Windows 8
System drive C: has 571 GB (82%) free of 700 GB
Total RAM: 3890 MB (77% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:01:17, on 9. 11. 2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16384)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\trend micro\ANDREA.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKLM\..\Run: [BakupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -k -h
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O4 - Global Startup: Acer Backup Manager Tray.lnk = C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
--
End of file - 7638 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"dwm.exe"
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 716365650880
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe"
"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"
dashost.exe {b2732c64-bc82-49cf-8e2b43aba051b41b}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"
C:\Windows\RfBtnSvc64.exe
"C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
taskhostex.exe
"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window --enable-setforeground-window --enable-kbhook-window
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Launch Manager\LManager.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"
C:\Windows\system32\igfxext.exe -Embedding
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\notepad.exe" C:\_OTM\MovedFiles\11092014_185740.log
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -k -h
"C:\Dolby PCEE4\pcee4.exe" -autostart
"C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe"
C:\Windows\system32\igfxsrvc.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe"
"C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe"
"C:\Users\ANDREA\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
=========Mozilla firefox=========
ProfilePath - C:\Users\ANDREA\AppData\Roaming\Mozilla\Firefox\Profiles\zxlzeenn.default
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.189 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-01 64640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-08-08 170304]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-08-08 398656]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-08-08 440640]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2012-07-31 12936848]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2012-07-31 1214608]
"BtPreLoad"=C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe [2012-08-01 64640]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2012-08-11 2864016]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-10-29 6501656]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"BakupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2012-08-23 533568]
"Dolby Advanced Audio v2"=C:\Dolby PCEE4\pcee4.exe [2012-04-23 508256]
"LManager"= []
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Acer Backup Manager Tray.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-08-08 439296]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableCAD"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-11-09 18:59:27 ----A---- C:\Windows\system32\netcfg-37234.txt
2014-11-09 18:58:39 ----A---- C:\Windows\system32\netcfg-25483640.txt
2014-11-09 18:57:40 ----D---- C:\_OTM
2014-11-09 12:06:17 ----A---- C:\Windows\SYSWOW64\TsWpfWrp.exe
2014-11-09 12:06:17 ----A---- C:\Windows\system32\TsWpfWrp.exe
2014-11-09 11:55:50 ----D---- C:\Users\ANDREA\AppData\Roaming\Mozilla
2014-11-09 11:54:40 ----A---- C:\Windows\system32\netcfg-44421.txt
2014-11-09 11:53:35 ----A---- C:\Windows\system32\netcfg-3654859.txt
2014-11-09 11:45:08 ----D---- C:\AdwCleaner
2014-11-09 11:32:53 ----D---- C:\ProgramData\Mozilla
2014-11-09 11:32:52 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-09 11:32:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-11-09 10:57:33 ----D---- C:\Program Files\trend micro
2014-11-09 10:57:32 ----D---- C:\rsit
2014-11-09 10:53:48 ----A---- C:\Windows\system32\netcfg-68015.txt
2014-11-09 10:52:20 ----A---- C:\Windows\system32\netcfg-1963390.txt
2014-11-09 10:07:02 ----A---- C:\Windows\system32\netcfg-70483265.txt
2014-11-09 10:07:01 ----A---- C:\Windows\system32\netcfg-70481515.txt
2014-11-09 02:33:36 ----A---- C:\Windows\system32\netcfg-43281968.txt
2014-11-09 02:33:35 ----A---- C:\Windows\system32\netcfg-43281140.txt
2014-11-08 20:36:10 ----D---- C:\Windows.old
2014-11-08 20:08:35 ----HD---- C:\$SysReset
2014-11-08 14:33:11 ----A---- C:\Windows\system32\netcfg-57109.txt
2014-11-08 14:32:01 ----A---- C:\Windows\system32\netcfg-1920765.txt
2014-11-08 14:12:38 ----D---- C:\Program Files\CCleaner
2014-11-08 14:10:44 ----D---- C:\Program Files (x86)\Google
2014-11-08 14:09:56 ----D---- C:\Users\ANDREA\AppData\Roaming\Macromedia
2014-11-08 14:01:15 ----A---- C:\Windows\system32\netcfg-80437.txt
2014-11-08 13:32:44 ----A---- C:\Windows\system32\netcfg-2286109.txt
2014-11-08 13:21:58 ----A---- C:\Windows\system32\netcfg-1640281.txt
2014-11-08 13:21:55 ----A---- C:\Windows\system32\netcfg-1636937.txt
2014-11-08 12:59:28 ----A---- C:\Windows\SYSWOW64\wups.dll
2014-11-08 12:59:28 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2014-11-08 12:59:28 ----A---- C:\Windows\system32\wudriver.dll
2014-11-08 12:59:28 ----A---- C:\Windows\system32\storewuauth.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wushareduxresources.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wups2.dll
2014-11-08 12:59:27 ----A---- C:\Windows\system32\wups.dll
2014-11-08 12:59:25 ----A---- C:\Windows\system32\WUSettingsProvider.dll
2014-11-08 12:59:25 ----A---- C:\Windows\system32\wuauclt.exe
2014-11-08 12:59:25 ----A---- C:\Windows\system32\wuaext.dll
2014-11-08 12:59:22 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wucltux.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wuaueng.dll
2014-11-08 12:59:22 ----A---- C:\Windows\system32\wuapi.dll
2014-11-08 12:58:52 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2014-11-08 12:58:52 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2014-11-08 12:58:52 ----A---- C:\Windows\system32\wuwebv.dll
2014-11-08 12:58:52 ----A---- C:\Windows\system32\wuapp.exe
2014-11-08 12:31:39 ----D---- C:\Windows\Minidump
2014-11-08 12:26:39 ----A---- C:\Windows\system32\netcfg-3006765.txt
2014-11-08 12:26:38 ----A---- C:\Windows\system32\netcfg-3005765.txt
2014-11-08 12:24:47 ----D---- C:\Users\ANDREA\AppData\Roaming\Atheros
2014-11-08 12:24:02 ----D---- C:\Users\ANDREA\AppData\Roaming\Adobe
2014-11-08 12:23:28 ----D---- C:\Users\ANDREA\AppData\Roaming\lm
2014-11-08 11:42:20 ----D---- C:\Windows\SoftwareDistribution
2014-11-08 11:39:26 ----SD---- C:\Users\ANDREA\AppData\Roaming\Microsoft
2014-11-08 11:39:00 ----A---- C:\Windows\system32\netcfg-147625.txt
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Šablony
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Plocha
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Nabídka Start
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Dokumenty
2014-11-08 11:38:20 ----SHD---- C:\ProgramData\Data aplikací
2014-11-08 09:47:55 ----ASH---- C:\pagefile.sys
2014-10-18 06:52:49 ----SHD---- C:\found.001
2014-10-17 12:30:57 ----SHD---- C:\found.000
2014-10-11 13:37:02 ----A---- C:\autoexec.bat
2014-10-11 13:36:37 ----D---- C:\sh4ldr
======List of files/folders modified in the last 1 month======
2014-11-09 19:00:02 ----D---- C:\Windows\system32\sru
2014-11-09 18:59:27 ----RD---- C:\Windows\System32
2014-11-09 18:58:56 ----A---- C:\Windows\system32\wpbbin.exe
2014-11-09 18:58:29 ----A---- C:\Windows\SYSWOW64\log.txt
2014-11-09 18:58:19 ----D---- C:\Windows\Temp
2014-11-09 18:57:29 ----D---- C:\Windows\Prefetch
2014-11-09 17:26:28 ----D---- C:\Windows\system32\config
2014-11-09 16:49:53 ----SHD---- C:\Windows\Installer
2014-11-09 16:29:04 ----HD---- C:\Program Files\WindowsApps
2014-11-09 16:12:29 ----D---- C:\Windows\system32\Tasks
2014-11-09 16:02:11 ----D---- C:\Windows\AUInstallAgent
2014-11-09 16:00:07 ----SD---- C:\ProgramData\Microsoft
2014-11-09 15:48:05 ----D---- C:\Windows\system32\catroot2
2014-11-09 15:47:44 ----D---- C:\Windows\WinSxS
2014-11-09 15:40:32 ----SHD---- C:\System Volume Information
2014-11-09 15:34:21 ----D---- C:\Windows\Microsoft.NET
2014-11-09 13:05:59 ----D---- C:\Windows\CbsTemp
2014-11-09 12:22:33 ----D---- C:\Windows\rescache
2014-11-09 12:07:21 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-09 12:07:21 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-09 12:07:21 ----D---- C:\Windows\SysWOW64
2014-11-09 12:07:20 ----D---- C:\Windows\system32\en-US
2014-11-09 12:07:20 ----D---- C:\Windows\system32\cs-CZ
2014-11-09 11:54:05 ----D---- C:\ProgramData\Norton
2014-11-09 11:53:32 ----D---- C:\Windows\Inf
2014-11-09 11:44:15 ----D---- C:\Windows\Logs
2014-11-09 11:32:53 ----HD---- C:\ProgramData
2014-11-09 11:32:52 ----RD---- C:\Program Files (x86)
2014-11-09 11:30:15 ----D---- C:\Windows\Tasks
2014-11-09 11:04:50 ----D---- C:\Windows\system32\Drivers
2014-11-09 11:04:48 ----D---- C:\ProgramData\NortonInstaller
2014-11-09 10:57:33 ----RD---- C:\Program Files
2014-11-09 10:56:51 ----D---- C:\Windows\system32\wdi
2014-11-09 10:53:45 ----D---- C:\ProgramData\McAfee
2014-11-09 10:53:45 ----D---- C:\Program Files (x86)\McAfee
2014-11-09 10:53:45 ----D---- C:\Program Files (x86)\Common Files
2014-11-09 10:53:38 ----D---- C:\Program Files\Common Files\mcafee
2014-11-09 10:52:57 ----D---- C:\Windows\SYSWOW64\sk-SK
2014-11-09 10:52:56 ----D---- C:\Windows\system32\sk-SK
2014-11-09 10:44:00 ----HD---- C:\Windows\ELAMBKUP
2014-11-08 12:54:57 ----D---- C:\Windows
2014-11-08 12:44:51 ----D---- C:\Windows\system32\restore
2014-11-08 12:25:15 ----SHD---- C:\$Recycle.Bin
2014-11-08 12:23:57 ----AHD---- C:\Elements
2014-11-08 12:23:48 ----RD---- C:\Users
2014-11-08 12:23:30 ----A---- C:\Windows\WisLangCode.ini
2014-11-08 12:14:52 ----D---- C:\Windows\WinStore
2014-11-08 12:14:50 ----RD---- C:\Windows\ImmersiveControlPanel
2014-11-08 11:52:51 ----RSD---- C:\Windows\assembly
2014-11-08 11:43:55 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-08 11:40:50 ----D---- C:\Windows\system32\Recovery
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStorA;iaStorA; C:\Windows\System32\drivers\iaStorA.sys [2012-07-09 645952]
R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2012-09-13 22648]
R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2012-09-13 20520]
R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-09-13 62776]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2012-07-26 64000]
R3 athr;@oem17.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athw8x.sys [2012-07-24 3618304]
R3 BTATH_BUS;@oem9.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2012-08-01 33944]
R3 ETD;@oem14.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2012-08-11 315280]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-08-08 8987456]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-07-31 4097808]
R3 IntcDAud;@oem5.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2012-06-19 342528]
R3 MEIx64;@oem6.inf,%HECI_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\System32\drivers\HECIx64.sys [2012-07-02 62784]
R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2010-04-20 18432]
R3 Ps2Kb2Hid;@oem19.inf,%Ps2Kb2Hid.SVCDESC%;PS/2 Keyboard to HID Driver; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [2012-09-13 26736]
R3 RSBASTOR;@oem1.inf,%Rts5208%;Realtek PCIE CardReader Driver - BA; C:\Windows\system32\DRIVERS\RtsBaStor.sys [2012-06-14 294544]
R3 RTL8168;@oem8.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2012-06-13 683664]
R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2010-07-09 17408]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2012-07-26 210304]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2012-07-26 17920]
S3 AthBTPort;@oem13.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2012-08-01 88728]
S3 b57nd60a;@netb57va.inf,%SvcDispName%;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60a.sys [2012-06-02 425472]
S3 BCM43XX;@netbc63a.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2012-06-02 5139968]
S3 BTATH_A2DP;@oem12.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2012-08-01 344216]
S3 btath_avdt;@oem12.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2012-08-01 114840]
S3 BTATH_HCRP;@oem15.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2012-08-01 178840]
S3 BTATH_LWFLT;@oem16.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2012-08-01 76952]
S3 BTATH_RCP;@oem18.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2012-08-01 135832]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2012-08-01 574616]
S3 BthEnum;@tdibth.inf,%BthEnum.DisplayName%;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2012-07-26 51712]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2012-07-26 202752]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2012-07-26 119808]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-26 1170944]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2012-07-26 74752]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2012-07-26 156672]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2012-08-01 207488]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2012-08-24 2435728]
R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2012-08-22 348784]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-04-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-06-25 166720]
R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-08-23 259136]
R2 RfButtonDriverService;Dritek RF Button Command Service; C:\Windows\RfBtnSvc64.exe [2012-09-13 93296]
R3 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2012-08-23 658576]
S2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-07-17 277824]
S2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-07-17 365376]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-09 267440]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-08-08 276288]
S3 DeviceFastLaneService;Device Fast-lane Service; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2012-08-23 468624]
S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2012-07-12 174160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2012-08-07 655624]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2012-07-26 43616]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-11-09 114288]
-----------------EOF-----------------
- Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NTB se seká
Smazáno. Znovu spusťte OTM a klikněte na >CleanUp!<. OTM po sobě uklidí. Nakonec restartujte PC. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: NTB se seká
Dobře, díky. Notas je rychlejší. Před použití OTM mi vyskakoval každých 5 minut error, jednalo se o werfault.exe. Použitím OTM se to vyřešilo ? Díky
- Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NTB se seká
To nevím. Může být nakopnutý systém. Bude třeba to chvíli sledovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: NTB se seká
Fajn, tak zatím díky moc 

- Rudy
- Site Admin
- Příspěvky: 119548
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: NTB se seká
Zatím není zač! 

Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:

e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.