Dobrý den, všechny mé fotografie mají příponu .encrypted, počítač je zpomalený, mám podezření, že mám v notebooku vir. Moc Vás prosím o radu
Logfile of random's system information tool 1.10 (written by random/random)
Run by dalibor at 2015-01-02 23:51:16
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 256 GB (56%) free of 456 GB
Total RAM: 8142 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:51:23, on 2.1.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Users\dalibor\AppData\Local\Apps\2.0\GZPYH5D7.531\5Y0D96CC.WKL\move..tion_3ccae3cb2a36e2f5_0001.0002_7e496279a8bddd76\Moveslink2.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
C:\Program Files (x86)\Xerox\NetworkScan\NSCSysUI_XEROX.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\sp64126.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\swsetup\SP64126\msiinstaller.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\dalibor.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMNTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HP HD Webcam [Fixed]_Monitor] C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe
O4 - HKLM\..\Run: [DsMgr] C:\Program Files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe
O4 - HKLM\..\Run: [IFXSPMGT] "c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe" /NotifyLogon
O4 - HKLM\..\Run: [NSCSysTrayUI_XEROX] "C:\Program Files (x86)\XEROX\NetworkScan\NSCSysUI_XEROX.exe" /HIDEUI
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Moveslink2] C:\Users\dalibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Údržba databáze BUILDpower.LNK = C:\Program Files (x86)\RTSStavitel\BPStartUp.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Firebird Guardian - SATJAM (FirebirdGuardianSATJAM) - Firebird Project - C:\Program Files (x86)\ZasobyPL\Firebird2_1_SATJAM\bin\fbguard.exe
O23 - Service: Firebird Server - SATJAM (FirebirdServerSATJAM) - Firebird Project - C:\Program Files (x86)\ZasobyPL\Firebird2_1_SATJAM\bin\fbserver.exe
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Úložná technologie Intel(R) Rapid (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Služba jednotky Personal Secure Drive (PersonalSecureDriveService) - Infineon Technologies AG - c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: Mobile Broadband Service (WMCoreService) - Ericsson AB - C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 16969 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\windows\system32\svchost.exe -k GPSvcGroup
C:\windows\system32\Hpservice.exe
C:\windows\system32\vcsFPService.exe
atieclxx
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\spoolsv.exe
"C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"taskhost.exe"
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\LSI SoftModem\agr64svc.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\ZasobyPL\Firebird2_1_SATJAM\bin\fbguard.exe" -s SATJAM
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe"
"C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe"
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Ericsson\Mobile Broadband Drivers\WMCore\mini_WMCore.exe" servicemode
WLIDSvcM.exe 3092
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\ZasobyPL\Firebird2_1_SATJAM\bin\fbserver.exe" -s SATJAM
"C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"C:\windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-f456d527-27a7-4647-8165-6f5176a8f8a6 -SystemEventPortName:HostProcess-315247b3-4700-4aca-bcf8-bbe68fc5cff5 -IoCancelEventPortName:HostProcess-0dd92a98-1737-4dff-ad52-854b33a42eb3 -NonStateChangingEventPortName:HostProcess-dae09673-a69c-4b84-9476-788ad8303aed -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:86bbe9f4-bef9-4f48-b736-8e1af046bfc3 -DeviceGroupId:
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe1_ Global\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"
"C:\Users\dalibor\AppData\Local\Apps\2.0\GZPYH5D7.531\5Y0D96CC.WKL\move..tion_3ccae3cb2a36e2f5_0001.0002_7e496279a8bddd76\Moveslink2.exe"
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" -Embedding
"C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE" /tsr
"C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe"
taskeng.exe {310FA48D-8922-4DED-839B-B0F7D9B0C4B5}
"c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\PSDrt.exe"
"C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe"
{C621FA62-7EE1-40DB-BA85-5B46317EE549}
{989A1616-9C45-4513-B736-FF4BB7741CD8}
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
{C2ADD805-10CE-43EE-A4FC-C023076A2DCF}
"C:\Program Files (x86)\Xerox\NetworkScan\NSCSysUI_XEROX.exe" /HIDEUI
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
"C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe" F:
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\windows\system32\svchost.exe -k SDRSVC
C:\windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe" /a /p 0 /HPSFFixFlag /hpsfversion False False True
"C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\sp64126.exe" -s -a -s
"c:\swsetup\SP64126\setup.exe" -s /hide_progress
C:\windows\system32\msiexec.exe /V
taskmgr.exe /3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="7244.0.1014464541\969790907" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,17,38 --gpu-vendor-id=0x1002 --gpu-device-id=0x6760 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=12.104.2.0 --ignored=" --type=renderer " /prefetch:822062411
"C:\swsetup\SP64126\msiinstaller.exe" -s /hide_progress /Verbose"C:\Users\dalibor\AppData\Local\Temp\HPSA_MSI_848439484.log"
C:\windows\system32\vssvc.exe
C:\windows\System32\svchost.exe -k swprv
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="BrowserBlacklist/Enabled/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Bootstrap/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/OldAvatarMenu/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/QUIC/Disabled/RememberCertificateErrorDecisions/Default/SPDY/DefaultSpdy31Enabled/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Default/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-1-Percent/group_04/UMA-Uniformity-Trial-10-Percent/group_07/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_17/UMA-Uniformity-Trial-50-Percent/group_01/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --enable-impl-side-painting --num-raster-threads=1 --channel="7244.5.1144441400\1347255108" /prefetch:673131151
taskhost.exe $(Arg0)
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
"C:\windows\system32\SearchFilterHost.exe" 0 516 520 528 65536 524
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\Users\dalibor\Downloads\RSITx64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
C:\windows\system32\DllHost.exe /Processid:{F32D97DF-E3E5-4CB9-9E3E-0EB5B4E49801}
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleFordalibor.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleFordalibor (null)
C:\windows\tasks\HPCeeScheduleForNTBDALIBOR$.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForNTBDALIBOR$ (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 532336]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2011-05-09 117248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-08-09 462760]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-04-25 1520776]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-08-09 171944]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-04-25 1520776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe [2011-01-27 13880]
"MfeEpePcMonitor"=C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [2013-02-01 200704]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2015-01-01 1128448]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-01-01 2816240]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-05-19 2736128]
"Moveslink2"=C:\Users\dalibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms [2014-07-24 336]
"PC Suite Tray"=C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [2012-06-26 1516632]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2014-10-17 43816]
"ApplePhotoStreams"=C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2014-11-21 43816]
"iCloudDrive"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [2014-10-20 43816]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-12-12 7394584]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Desktop Disc Tool"=C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2011-01-12 514544]
"File Sanitizer"=c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2011-05-09 12277248]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2010-11-17 113288]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2011-01-03 112152]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2011-01-26 283160]
"HP HD Webcam [Fixed]_Monitor"=C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [2010-11-26 267128]
"DsMgr"=C:\Program Files (x86)\Hewlett-Packard\HP GPS and Location\dsMgr.exe [2011-03-10 93240]
"IFXSPMGT"=c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
"NSCSysTrayUI_XEROX"=C:\Program Files (x86)\XEROX\NetworkScan\NSCSysUI_XEROX.exe [2009-01-13 266240]
"ApnUpdater"=C:\Program Files (x86)\Ask.com\Updater\Updater.exe [2013-04-25 1648264]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25 256896]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2011-03-21 312376]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-05-30 642816]
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2011-05-23 103992]
""= []
"HPQuickWebProxy"=C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [2015-01-01 169528]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"InstallShieldSetup"=C:\PROGRA~2\INSTAL~1\{E35A3~1\setup.exe [2015-01-02 987744]
C:\Users\dalibor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
Údržba databáze BUILDpower.LNK - C:\Program Files (x86)\RTSStavitel\BPStartUp.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=EpePcNp64
DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2015-01-02 23:51:16 ----D---- C:\rsit
2015-01-02 23:51:16 ----D---- C:\Program Files\trend micro
2015-01-02 23:49:26 ----D---- C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2015-01-02 21:44:42 ----D---- C:\Program Files\CCleaner
2015-01-01 12:13:06 ----D---- C:\ProgramData\McAfee
2015-01-01 11:53:51 ----D---- C:\ProgramData\ATI
2015-01-01 11:52:01 ----D---- C:\ProgramData\AMD
2015-01-01 11:52:00 ----D---- C:\Program Files (x86)\AMD AVT
2015-01-01 11:50:45 ----D---- C:\Program Files\Common Files\ATI Technologies
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\OVDecode.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\OpenVideo.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\OpenCL.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\ativvsvl.dat
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\ativvsva.dat
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\atiuxpag.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\atipblag.dat
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\atioglxx.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\atimpc32.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\atiglpxx.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\atigktxx.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\atidxx32.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\aticalrt.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\aticaldd.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\aticalcl.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\atiadlxy.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\ati2edxx.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\amdpcom32.dll
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\amdocl_ld32.exe
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\amdocl_as32.exe
2015-01-01 11:49:48 ----A---- C:\windows\SYSWOW64\amdocl.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\OVDecode64.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\OpenVideo64.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\OpenCL.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\drivers\atikmpag.sys
2015-01-01 11:49:48 ----A---- C:\windows\system32\drivers\atikmdag.sys
2015-01-01 11:49:48 ----A---- C:\windows\system32\drivers\AtihdW76.sys
2015-01-01 11:49:48 ----A---- C:\windows\system32\drivers\ati2erec.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\DelayAPO.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\coinst_12.104.2.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\clinfo.exe
2015-01-01 11:49:48 ----A---- C:\windows\system32\ativvsvl.dat
2015-01-01 11:49:48 ----A---- C:\windows\system32\ativvsva.dat
2015-01-01 11:49:48 ----A---- C:\windows\system32\ativvaxy_cik_nd.dat
2015-01-01 11:49:48 ----A---- C:\windows\system32\ativvaxy_cik.dat
2015-01-01 11:49:48 ----A---- C:\windows\system32\ativce02.dat
2015-01-01 11:49:48 ----A---- C:\windows\system32\atitmm64.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\atipblag.dat
2015-01-01 11:49:48 ----A---- C:\windows\system32\atio6axx.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\atimuixx.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\atimpc64.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\atiicdxx.dat
2015-01-01 11:49:48 ----A---- C:\windows\system32\atiglpxx.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\atig6txx.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\atig6pxx.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\atiesrxx.exe
2015-01-01 11:49:48 ----A---- C:\windows\system32\atiedu64.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\atieclxx.exe
2015-01-01 11:49:48 ----A---- C:\windows\system32\atidemgy.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\aticalrt64.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\aticaldd64.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\aticalcl64.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\atiapfxx.exe
2015-01-01 11:49:48 ----A---- C:\windows\system32\amdpcom64.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\amdocl64.dll
2015-01-01 11:49:48 ----A---- C:\windows\system32\amdocl_ld64.exe
2015-01-01 11:49:48 ----A---- C:\windows\system32\amdocl_as64.exe
2015-01-01 11:40:29 ----N---- C:\windows\system32\stapi64.dll
2015-01-01 11:40:29 ----A---- C:\windows\system32\stcplx64.dll
2015-01-01 11:40:29 ----A---- C:\windows\system32\stapo64.dll
2015-01-01 11:40:29 ----A---- C:\windows\system32\drivers\stwrt64.sys
2015-01-01 11:40:22 ----D---- C:\Program Files\IDT
2015-01-01 11:37:59 ----D---- C:\Users\dalibor\AppData\Roaming\Macrovision
2015-01-01 11:37:58 ----D---- C:\Users\dalibor\AppData\Roaming\FLEXnet
2015-01-01 11:37:46 ----D---- C:\windows\DPDrv
2015-01-01 11:33:49 ----A---- C:\windows\hbcikrnl.ini
2015-01-01 11:33:47 ----D---- C:\ProgramData\SZCCID
2015-01-01 11:33:47 ----D---- C:\Program Files (x86)\AlcorMicro
2015-01-01 11:33:44 ----D---- C:\Program Files (x86)\AlcorMicroData
2015-01-01 11:30:21 ----A---- C:\windows\SYSWOW64\SynTPCom.dll
2015-01-01 11:30:21 ----A---- C:\windows\SYSWOW64\SynCom.dll
2015-01-01 11:30:21 ----A---- C:\windows\system32\WdfCoInstaller01011.dll
2015-01-01 11:30:21 ----A---- C:\windows\system32\SynTPCo19.dll
2015-01-01 11:30:21 ----A---- C:\windows\system32\SynTPAPI.dll
2015-01-01 11:30:21 ----A---- C:\windows\system32\SynCOM.dll
2015-01-01 11:30:21 ----A---- C:\windows\system32\drivers\SynTP.sys
2015-01-01 11:13:31 ----D---- C:\Program Files\Intel
2014-12-22 20:44:51 ----D---- C:\Games
2014-12-18 13:23:59 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-12-18 13:23:59 ----A---- C:\windows\system32\ieUnatt.exe
2014-12-12 16:54:10 ----D---- C:\windows\system32\appraiser
2014-12-12 06:51:40 ----A---- C:\windows\SYSWOW64\mferror.dll
2014-12-12 06:51:40 ----A---- C:\windows\system32\rrinstaller.exe
2014-12-12 06:51:40 ----A---- C:\windows\system32\mfpmp.exe
2014-12-12 06:51:40 ----A---- C:\windows\system32\mferror.dll
2014-12-12 06:51:39 ----A---- C:\windows\SYSWOW64\rrinstaller.exe
2014-12-12 06:51:39 ----A---- C:\windows\SYSWOW64\mfps.dll
2014-12-12 06:51:39 ----A---- C:\windows\SYSWOW64\mfpmp.exe
2014-12-12 06:51:39 ----A---- C:\windows\SYSWOW64\mf.dll
2014-12-12 06:51:39 ----A---- C:\windows\system32\mfps.dll
2014-12-12 06:51:39 ----A---- C:\windows\system32\mf.dll
2014-12-11 07:11:42 ----A---- C:\windows\system32\invagent.dll
2014-12-11 07:11:42 ----A---- C:\windows\system32\generaltel.dll
2014-12-11 07:11:42 ----A---- C:\windows\system32\devinv.dll
2014-12-11 07:11:42 ----A---- C:\windows\system32\appraiser.dll
2014-12-11 07:11:42 ----A---- C:\windows\system32\aitstatic.exe
2014-12-11 07:11:42 ----A---- C:\windows\system32\aepic.dll
2014-12-11 07:11:42 ----A---- C:\windows\system32\aeinv.dll
2014-12-11 07:11:41 ----A---- C:\windows\system32\aepdu.dll
2014-12-11 07:11:35 ----A---- C:\windows\SYSWOW64\WindowsCodecs.dll
2014-12-11 07:11:35 ----A---- C:\windows\system32\WindowsCodecs.dll
2014-12-11 07:11:34 ----A---- C:\windows\system32\drivers\tdx.sys
2014-12-11 07:11:33 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-12-11 07:11:33 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-12-11 07:11:33 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-12-11 07:11:33 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-12-11 07:11:33 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-12-11 07:11:33 ----A---- C:\windows\system32\iernonce.dll
2014-12-11 07:11:33 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-12-11 07:11:33 ----A---- C:\windows\system32\ieetwcollector.exe
2014-12-11 07:11:33 ----A---- C:\windows\system32\ie4uinit.exe
2014-12-11 07:11:32 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-12-11 07:11:32 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-12-11 07:11:32 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-12-11 07:11:32 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-12-11 07:11:32 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 07:11:31 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-12-11 07:11:31 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-12-11 07:11:31 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-12-11 07:11:31 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-12-11 07:11:31 ----A---- C:\windows\system32\urlmon.dll
2014-12-11 07:11:31 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-12-11 07:11:31 ----A---- C:\windows\system32\iedkcs32.dll
2014-12-11 07:11:30 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-12-11 07:11:30 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-12-11 07:11:30 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-12-11 07:11:30 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-12-11 07:11:30 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-12-11 07:11:30 ----A---- C:\windows\system32\msfeeds.dll
2014-12-11 07:11:30 ----A---- C:\windows\system32\iesetup.dll
2014-12-11 07:11:30 ----A---- C:\windows\system32\dxtrans.dll
2014-12-11 07:11:29 ----A---- C:\windows\system32\iertutil.dll
2014-12-11 07:11:29 ----A---- C:\windows\system32\ieapfltr.dll
2014-12-11 07:11:28 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-12-11 07:11:28 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-12-11 07:11:28 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-12-11 07:11:28 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-12-11 07:11:28 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-12-11 07:11:28 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-12-11 07:11:28 ----A---- C:\windows\system32\jsproxy.dll
2014-12-11 07:11:27 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-12-11 07:11:27 ----A---- C:\windows\system32\mshtmled.dll
2014-12-11 07:11:27 ----A---- C:\windows\system32\jscript9diag.dll
2014-12-11 07:11:27 ----A---- C:\windows\system32\ieui.dll
2014-12-11 07:11:27 ----A---- C:\windows\system32\ieframe.dll
2014-12-11 07:11:27 ----A---- C:\windows\system32\dxtmsft.dll
2014-12-11 07:11:26 ----A---- C:\windows\system32\wininet.dll
2014-12-11 07:11:26 ----A---- C:\windows\system32\vbscript.dll
2014-12-11 07:11:26 ----A---- C:\windows\system32\MshtmlDac.dll
2014-12-11 07:11:26 ----A---- C:\windows\system32\jscript9.dll
2014-12-11 07:11:25 ----A---- C:\windows\system32\msrating.dll
2014-12-11 07:11:25 ----A---- C:\windows\system32\mshtml.dll
2014-12-11 07:10:43 ----A---- C:\windows\SYSWOW64\WsmSvc.dll
2014-12-11 07:10:43 ----A---- C:\windows\SYSWOW64\charmap.exe
2014-12-11 07:10:43 ----A---- C:\windows\system32\WsmWmiPl.dll
2014-12-11 07:10:43 ----A---- C:\windows\system32\WsmSvc.dll
2014-12-11 07:10:43 ----A---- C:\windows\system32\WSManMigrationPlugin.dll
2014-12-11 07:10:43 ----A---- C:\windows\system32\WSManHTTPConfig.exe
2014-12-11 07:10:43 ----A---- C:\windows\system32\charmap.exe
2014-12-11 07:10:42 ----A---- C:\windows\SYSWOW64\WsmWmiPl.dll
2014-12-11 07:10:42 ----A---- C:\windows\SYSWOW64\WsmAuto.dll
2014-12-11 07:10:42 ----A---- C:\windows\SYSWOW64\WSManMigrationPlugin.dll
2014-12-11 07:10:42 ----A---- C:\windows\SYSWOW64\WSManHTTPConfig.exe
2014-12-11 07:10:42 ----A---- C:\windows\system32\WsmAuto.dll
2014-12-11 07:10:41 ----A---- C:\windows\SYSWOW64\tzres.dll
2014-12-11 07:10:41 ----A---- C:\windows\system32\tzres.dll
======List of files/folders modified in the last 1 month======
2015-01-02 23:51:22 ----SHD---- C:\windows\Installer
2015-01-02 23:51:22 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2015-01-02 23:51:21 ----D---- C:\windows\Temp
2015-01-02 23:51:17 ----RSD---- C:\windows\assembly
2015-01-02 23:51:16 ----SHD---- C:\Config.Msi
2015-01-02 23:51:16 ----RD---- C:\Program Files
2015-01-02 23:50:59 ----D---- C:\Program Files (x86)\Hewlett-Packard
2015-01-02 23:49:54 ----SHD---- C:\System Volume Information
2015-01-02 23:49:26 ----HD---- C:\ProgramData
2015-01-02 23:48:30 ----D---- C:\ProgramData\Hewlett-Packard
2015-01-02 23:48:25 ----D---- C:\windows\system32\config
2015-01-02 23:48:03 ----D---- C:\swsetup
2015-01-02 23:45:34 ----D---- C:\windows\System32
2015-01-02 23:45:34 ----D---- C:\windows\inf
2015-01-02 23:45:34 ----A---- C:\windows\system32\PerfStringBackup.INI
2015-01-02 23:42:33 ----D---- C:\windows\Prefetch
2015-01-02 23:42:19 ----A---- C:\windows\SYSWOW64\log.txt
2015-01-02 22:05:06 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-02 22:02:04 ----SD---- C:\ProgramData\Microsoft
2015-01-02 21:57:53 ----D---- C:\Windows
2015-01-02 21:55:43 ----D---- C:\windows\Panther
2015-01-02 21:55:43 ----D---- C:\windows\Logs
2015-01-02 21:55:43 ----D---- C:\windows\debug
2015-01-02 21:44:49 ----D---- C:\windows\system32\Tasks
2015-01-02 21:29:02 ----D---- C:\ProgramData\Sonic
2015-01-02 13:30:43 ----D---- C:\windows\system32\wdi
2015-01-01 13:30:30 ----D---- C:\Users\dalibor\AppData\Roaming\hpqLog
2015-01-01 13:30:27 ----D---- C:\Users\dalibor\AppData\Roaming\Hewlett-Packard
2015-01-01 13:30:00 ----D---- C:\windows\system32\DriverStore
2015-01-01 13:30:00 ----D---- C:\windows\system32\catroot
2015-01-01 13:12:56 ----D---- C:\windows\system32\catroot2
2015-01-01 13:12:44 ----D---- C:\windows\SysWOW64
2015-01-01 13:12:41 ----D---- C:\windows\system32\drivers
2015-01-01 12:20:09 ----D---- C:\Program Files\Hewlett-Packard
2015-01-01 12:18:52 ----D---- C:\Program Files (x86)\Common Files
2015-01-01 11:52:00 ----RD---- C:\Program Files (x86)
2015-01-01 11:51:50 ----D---- C:\Program Files (x86)\ATI Technologies
2015-01-01 11:50:45 ----D---- C:\Program Files\Common Files
2015-01-01 11:49:37 ----A---- C:\windows\SYSWOW64\atiumdva.dll
2015-01-01 11:49:37 ----A---- C:\windows\SYSWOW64\atiumdag.dll
2015-01-01 11:49:37 ----A---- C:\windows\system32\atiuxp64.dll
2015-01-01 11:49:36 ----A---- C:\windows\SYSWOW64\atiu9pag.dll
2015-01-01 11:49:36 ----A---- C:\windows\SYSWOW64\aticfx32.dll
2015-01-01 11:49:36 ----A---- C:\windows\system32\atiumd6a.dll
2015-01-01 11:49:36 ----A---- C:\windows\system32\atiumd64.dll
2015-01-01 11:49:36 ----A---- C:\windows\system32\atiu9p64.dll
2015-01-01 11:49:36 ----A---- C:\windows\system32\atidxx64.dll
2015-01-01 11:49:36 ----A---- C:\windows\system32\aticfx64.dll
2015-01-01 11:49:35 ----A---- C:\windows\system32\atiadlxx.dll
2015-01-01 11:40:14 ----A---- C:\windows\system32\stlang64.dll
2015-01-01 11:40:14 ----A---- C:\windows\sttray64.exe
2015-01-01 11:40:13 ----A---- C:\windows\system32\staco64.dll
2015-01-01 11:40:13 ----A---- C:\windows\system32\IDTNX.dll
2015-01-01 11:40:13 ----A---- C:\windows\system32\IDTNJ.exe
2015-01-01 11:40:13 ----A---- C:\windows\system32\IDTNHP.dll
2015-01-01 11:40:13 ----A---- C:\windows\system32\IDTNGUI.exe
2015-01-01 11:40:12 ----A---- C:\windows\system32\HPToneCtrls64.dll
2015-01-01 11:40:12 ----A---- C:\windows\system32\AESTEC64.dll
2015-01-01 11:40:12 ----A---- C:\windows\system32\AESTCo64.dll
2015-01-01 11:40:12 ----A---- C:\windows\system32\AESTAR64.dll
2015-01-01 11:40:12 ----A---- C:\windows\system32\AESTAC64.dll
2015-01-01 11:37:55 ----D---- C:\windows\SYSWOW64\zh-Hant
2015-01-01 11:37:55 ----D---- C:\windows\SYSWOW64\zh-Hans
2015-01-01 11:37:55 ----D---- C:\windows\SYSWOW64\ru
2015-01-01 11:37:55 ----D---- C:\windows\SYSWOW64\pt-BR
2015-01-01 11:37:55 ----D---- C:\windows\SYSWOW64\ko
2015-01-01 11:37:55 ----D---- C:\windows\SYSWOW64\ja
2015-01-01 11:37:55 ----D---- C:\windows\SYSWOW64\it
2015-01-01 11:37:55 ----D---- C:\windows\SYSWOW64\fr
2015-01-01 11:37:55 ----D---- C:\windows\SYSWOW64\es
2015-01-01 11:37:55 ----D---- C:\windows\SYSWOW64\en-US
2015-01-01 11:37:55 ----D---- C:\windows\SYSWOW64\de
2015-01-01 11:37:55 ----D---- C:\windows\SYSWOW64\cs
2015-01-01 11:37:55 ----D---- C:\windows\system32\zh-Hant
2015-01-01 11:37:55 ----D---- C:\windows\system32\zh-Hans
2015-01-01 11:37:55 ----D---- C:\windows\system32\ru
2015-01-01 11:37:55 ----D---- C:\windows\system32\pt-BR
2015-01-01 11:37:55 ----D---- C:\windows\system32\ko
2015-01-01 11:37:55 ----D---- C:\windows\system32\ja
2015-01-01 11:37:55 ----D---- C:\windows\system32\it
2015-01-01 11:37:55 ----D---- C:\windows\system32\fr
2015-01-01 11:37:55 ----D---- C:\windows\system32\es
2015-01-01 11:37:55 ----D---- C:\windows\system32\en-US
2015-01-01 11:37:55 ----D---- C:\windows\system32\de
2015-01-01 11:37:55 ----D---- C:\windows\system32\cs
2015-01-01 11:36:49 ----D---- C:\ProgramData\HPQLOG
2015-01-01 11:31:43 ----A---- C:\windows\SYSWOW64\CSVer.dll
2015-01-01 11:22:23 ----D---- C:\windows\winsxs
2014-12-31 22:06:26 ----D---- C:\windows\system32\wfp
2014-12-31 22:06:25 ----D---- C:\windows\system32\wbem
2014-12-31 22:05:44 ----D---- C:\windows\Tasks
2014-12-31 22:05:42 ----D---- C:\windows\registration
2014-12-26 16:59:12 ----D---- C:\Users\dalibor\AppData\Roaming\vlc
2014-12-12 21:46:16 ----D---- C:\windows\rescache
2014-12-12 16:54:10 ----SD---- C:\windows\system32\CompatTel
2014-12-12 16:54:10 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-12-12 16:54:10 ----D---- C:\windows\AppCompat
2014-12-12 16:54:10 ----D---- C:\Program Files\Internet Explorer
2014-12-12 16:54:09 ----D---- C:\windows\system32\cs-CZ
2014-12-12 16:54:09 ----D---- C:\windows\PolicyDefinitions
2014-12-12 16:54:08 ----D---- C:\Program Files (x86)\Internet Explorer
2014-12-12 08:31:56 ----D---- C:\ProgramData\Microsoft Help
2014-12-12 08:31:40 ----D---- C:\windows\system32\MRT
2014-12-12 06:52:50 ----A---- C:\windows\system32\MRT.exe
2014-12-10 00:22:21 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2011-01-13 439320]
R0 MfeEpeOpal;MfeEpeOpal; C:\windows\system32\drivers\MfeEpeOpal.sys [2013-02-01 101288]
R0 MfeEpePc;MfeEpePc; C:\windows\system32\drivers\MfeEpePc.sys [2013-02-01 158888]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 PxHlpa64;PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 PersonalSecureDrive;PersonalSecureDrive; C:\windows\System32\drivers\psd.sys [2010-01-26 44576]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 DgiVecp;DgiVecp; \??\C:\windows\system32\Drivers\DgiVecp.sys [2008-10-28 54072]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R2 SSPORT;SSPORT; \??\C:\windows\system32\Drivers\SSPORT.sys [2008-10-28 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\agrsm64.sys [2010-01-26 1212416]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2015-01-01 11664896]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2015-01-01 581120]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 299008]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2010-11-11 32192]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\windows\system32\drivers\AtihdW76.sys [2015-01-01 96768]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\windows\system32\DRIVERS\e1c62x64.sys [2012-11-28 482128]
R3 ecnssndis; Mobile Broadband Driver; C:\windows\System32\Drivers\wwuss64.sys [2010-02-23 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter; C:\windows\System32\Drivers\wwussf64.sys [2010-02-23 30248]
R3 h36wgps;HP Mobile Broadband Module NMEA; C:\windows\system32\DRIVERS\h36wgps64.sys [2011-02-28 101416]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-12-03 25912]
R3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys [2014-10-03 175928]
R3 johci;JMicron 1394 Filter Driver; C:\windows\system32\DRIVERS\johci.sys [2014-10-03 26208]
R3 Mbm3CBus;HP hs2340 HSPA+ Mobile Broadband Module USB Device (WDM); C:\windows\system32\DRIVERS\Mbm3CBus.sys [2010-10-31 411208]
R3 Mbm3DevMt;HP Mobile Broadband Module Device Management Driver (WDM); C:\windows\system32\DRIVERS\Mbm3DevMt.sys [2010-10-31 419912]
R3 Mbm3mdfl;HP Mobile Broadband Module Modem Filter; C:\windows\system32\DRIVERS\Mbm3mdfl.sys [2010-10-31 19528]
R3 Mbm3Mdm;HP Mobile Broadband Module Modem Driver; C:\windows\system32\DRIVERS\Mbm3Mdm.sys [2010-10-31 472648]
R3 MEIx64;Intel(R) Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys [2014-10-03 8604672]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys [2010-12-10 181248]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 SPUVCbv;SPUVCb Driver Service; C:\windows\System32\Drivers\SPUVCbv_x64.sys [2011-01-12 2611704]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\windows\system32\DRIVERS\stwrt64.sys [2015-01-01 520192]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2015-01-01 555760]
R3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® + High Speed; C:\windows\system32\DRIVERS\amppal.sys [2011-08-08 299008]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2011-02-07 63336]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\windows\system32\drivers\ccdcmbx64.sys [2012-01-09 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\windows\system32\drivers\ccdcmbox64.sys [2012-01-09 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\windows\system32\DRIVERS\pccsmcfdx64.sys [2012-06-11 26112]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 upperdev;upperdev; C:\windows\system32\DRIVERS\usbser_lowerfltx64.sys [2012-01-09 9216]
S3 usbser;USB Modem Driver; C:\windows\system32\drivers\usbser.sys [2013-08-29 33280]
S3 UsbserFilt;UsbserFilt; C:\windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2012-01-09 9216]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-19 81088]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2015-01-01 89600]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agr64svc.exe [2009-12-04 28672]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2015-01-01 241152]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-08-31 1166848]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DpHost;@C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2011-11-10 486224]
R2 FirebirdGuardianSATJAM;Firebird Guardian - SATJAM; C:\Program Files (x86)\ZasobyPL\Firebird2_1_SATJAM\bin\fbguard.exe [2008-02-29 81920]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2011-01-27 131128]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2011-05-09 320512]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [2011-03-21 293944]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2012-09-24 31040]
R2 IAStorDataMgrSvc;Úložná technologie Intel(R) Rapid; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-26 13336]
R2 IFXSpMgtSrv;Security Platform Management Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxspmgt.exe [2011-01-20 1125728]
R2 IFXTCS;Trusted Platform Core Service; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\ifxtcs.exe [2011-01-20 980320]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service; C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2010-11-29 210896]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-01-03 326168]
R2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [2013-02-01 1323008]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2011-01-18 113264]
R2 PersonalSecureDriveService;Služba jednotky Personal Secure Drive; c:\Program Files (x86)\Hewlett-Packard\Embedded Security Software\IfxPsdSv.exe [2011-01-20 203104]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2015-01-01 297984]
R2 uArcCapture;ArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [2010-11-11 502464]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-01-03 2656280]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2011-01-21 3154224]
R3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
R3 FirebirdServerSATJAM;Firebird Server - SATJAM; C:\Program Files (x86)\ZasobyPL\Firebird2_1_SATJAM\bin\fbserver.exe [2008-02-29 2719744]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2011-05-23 1098296]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2013-05-13 1129760]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
R3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-23 116648]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10 267440]
S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2011-02-04 464480]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-23 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-11-22 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM; C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2011-01-15 1116656]
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2010-11-09 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-10-23 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zavirovaný notebook
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
stell
- VIP in memoriam
- Příspěvky: 5175
- Registrován: 09 pro 2007 09:27
- Bydliště: SK-REVUCA
- Kontaktovat uživatele:
Re: Zavirovaný notebook
Zdravim.
Obnovovali ste system?? ak nie, tak ani to nedoporucujem.!!!!!
Moje doporucenie.
1:Okamzite kym este nie je neskoro navstivte nasu sluzbu http://www.neslape.cz
a zistime ze co sa da urobit na zachranu fotiek,a dat.
2:Nepokusajte odvirovavat pocitac sam,ani cez forum, toto sa neda vyriesit sposobom spravte to ,atd... mozete prist o vsetky vase data, fotografie.
3:Poslite ako prilohu zopar zasifrovanych suborov na moj E-mail,mam to v podpise.
subory typu>>excel,doc, jpg, pdf. 4-stacia.
4:Ak mate zaujem, prosim vyplnte pravdivo formular na neslape.cz.
5:Nas technik, do 1-hodiny sa vam ozve telefonicky.
Dakujem
Stefan
neslape.cz.
Vas pocitac je napadnuty virusom cryptolocker.Dobrý den, všechny mé fotografie mají příponu .encrypted,
Obnovovali ste system?? ak nie, tak ani to nedoporucujem.!!!!!
Moje doporucenie.
1:Okamzite kym este nie je neskoro navstivte nasu sluzbu http://www.neslape.cz
a zistime ze co sa da urobit na zachranu fotiek,a dat.
2:Nepokusajte odvirovavat pocitac sam,ani cez forum, toto sa neda vyriesit sposobom spravte to ,atd... mozete prist o vsetky vase data, fotografie.
3:Poslite ako prilohu zopar zasifrovanych suborov na moj E-mail,mam to v podpise.
subory typu>>excel,doc, jpg, pdf. 4-stacia.
4:Ak mate zaujem, prosim vyplnte pravdivo formular na neslape.cz.
5:Nas technik, do 1-hodiny sa vam ozve telefonicky.
Dakujem
Stefan
neslape.cz.
Dôležité informácie.
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
NEŠLAPE Vám počítač?
Je zavirovaný? Šlape pomalu? Nefunguje program? Problém s instalací?
Využíjte služby vzdálené pomoci!
e-mail: stell(zavináč)forum.viry.cz
Thanks! Vďaka!
Přispějete na provoz fóra?