Logfile of random's system information tool 1.14 (written by random/random)
Run by elite at 2016-11-02 21:45:48
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 71 GB (15%) free of 472 GB
Total RAM: 12238 MB (63% free)
X64
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:53:58, on 2.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18450)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Users\elite\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\elite\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\elite\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe
C:\Users\elite\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-connect.exe
C:\Users\elite\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-daemon.exe
C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\elite_RSITx64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
O4 - HKLM\..\Run: [NUSB3MON] "c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [MSStp] C:\Windows\system32\msstp.vbe
O4 - HKLM\..\Run: [mnclelvSrv] C:\Windows\inf\mnclelv.vbe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [T-Mobile CManager] "C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\elite\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\elite\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Synology Cloud Station Backup.lnk = C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe
O4 - Global Startup: Údržba databáze BUILDpower.lnk = C:\RTS\BUILDpower\BPStartUp.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O23 - Service: Aktivace aplikace ABBYY PDF Transformer 3.0 – Licenční služba (ABBYY.Licensing.PDFTransformer.Classic.3.0) - ABBYY - C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Nemetschek Allplan Updatelauncher Service 2015 (AllplanUpdateLauncher 2015) - Nemetschek Allplan Systems GmbH - C:\Program Files\Nemetschek\AllplanUpdateLauncher 2015\AllplanUpdateLauncher.exe
O23 - Service: Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: BUILDpower S HW Agent v2 (BPSHWAgent) - RTS, a.s. - C:\BUILDpowerS\system\BPSHWAgentService.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Cloud Station Backup VSS Service x64 - Unknown owner - C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\Windows\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA WMI Provider (NVWMI) - Unknown owner - C:\Windows\system32\nvwmi64.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13983 bytes
======Enumerating Processes======
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\winlogon.exe
"C:\Windows\system32\nvvsvc.exe"
"C:\Windows\system32\nvwmi64.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\nvwmi64.exe -spawnprovider
C:\Windows\system32\WLANExt.exe 27231024
\??\C:\Windows\system32\conhost.exe "1125097247-209064073818630638239014058891150283697329916137-1959880664772382251
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\IDT\WDM\AESTSr64.exe"
"C:\Program Files\Nemetschek\AllplanUpdateLauncher 2015\AllplanUpdateLauncher.exe"
"C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe"
C:\BUILDpowerS\system\BPSHWAgentService.exe
"C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe"
"C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe"
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe" -autorun
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe "C:\Program Files\NVIDIA Corporation\nview\nview.dll",nViewInitialize
"C:\Program Files (x86)\Windows Sidebar\sidebar.exe" /autoRun
"C:\Users\elite\AppData\Local\Google\Update\GoogleUpdate.exe" /c
"C:\Users\elite\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" /start
"C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
"C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
C:\Windows\SysWOW64\SecUPDUtilSvc.exe
"C:\Users\elite\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-ui.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
"C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe"
C:\Users\elite\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-connect.exe --log_folder log --info_folder . --log_level CloudStation.app/log_template/syncfolder_c.debug
\??\C:\Windows\system32\conhost.exe "-135075351-1481843886-2835442581329329544679060334-2130326204365072956-1600262449
C:\Users\elite\AppData\Local\CloudStationBackup\CloudStation.app\bin\cloud-backup-daemon.exe C:/Users/elite/AppData/Local/CloudStationBackup/data/config/client.conf 1024
\??\C:\Windows\system32\conhost.exe "-77358607315715441131805029660-3395577941229643215-3958405481163933931-318133769
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
C:\Windows\SysWOW64\svchost.exe -k MbnExt
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe"
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 "--database=C:\Users\elite\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=54.0.2840.71 --handshake-handle=0xa0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="AppBannerTriggering/Control/AutofillCreditCardSigninPromo/Default/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/ClientSideDetectionModel/Model0/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/OmniboxBundledExperimentV1/StandardR7/Override YouTube Flash emed/YouTubeFlashRewrite/ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/SSLPostQuantum/disabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Control/StrictSecureCookies/Default/SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/" --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=5,14,15,16,19,33,59,73 --gpu-vendor-id=0x10de --gpu-device-id=0x0e3a --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.4195 --gpu-driver-date=1-29-2016 --mojo-application-channel-token=02B0B2AD9619FF9F1B2E4EC88695A7C5 --mojo-platform-channel-handle=1144 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/Control/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Control/StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/" --primordial-pipe-token=B677B8EB4B8409CECC23B51ED4950821 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=B677B8EB4B8409CECC23B51ED4950821 --channel="6820.3.614719953\1907745665" --mojo-platform-channel-handle=2716 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/Control/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Control/StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/" --primordial-pipe-token=B5C68E6D3143FD3990904F1961F3CDF4 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=B5C68E6D3143FD3990904F1961F3CDF4 --channel="6820.4.325661182\255563645" --mojo-platform-channel-handle=2440 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/Control/AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Control/StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/WebFontsInterventionV2/Default/" --primordial-pipe-token=FAAB3BB10219D3AF0562BF8EBDED1115 --lang=cs --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=FAAB3BB10219D3AF0562BF8EBDED1115 --channel="6820.5.1870415965\1714972559" --mojo-platform-channel-handle=2904 /prefetch:1
"C:\Users\elite\Downloads\RSITx64.exe"
C:\Windows\system32\taskeng.exe
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/Control/*AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Control/*StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/" --primordial-pipe-token=B3171AA5C6C275A318CDC83CA877A147 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=B3171AA5C6C275A318CDC83CA877A147 --channel="6820.20.1905417541\2085331980" --mojo-platform-channel-handle=6360 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features="*AutofillCreditCardSigninPromo<AutofillCreditCardSigninPromo,AutomaticTabDiscarding<AutomaticTabDiscarding,BlockSmallPluginContent<PluginPowerSaverTiny,MaterialDesignUserManager<MaterialDesignUserManager,NonValidatingReloadOnNormalReload<NonValidatingReloadOnNormalReload,OverrideYouTubeFlashEmbed<Override YouTube Flash emed,*PreconnectMore<PreconnectMore,*SubresourceFilter<SubresourceFilter,*TranslateUI2016Q2<TranslateUI2016Q2" --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,MetricsReporting<MetricsAndCrashSampling,ParseHTMLOnMainThread<ParseHTMLOnMainThread,PointerEvent<PointerEvent,SSLPostQuantumExperiment<SSLPostQuantum,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials="*AppBannerTriggering/Control/*AutofillCreditCardSigninPromo/Default/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Enabled/*ChromeChannelStable/Enabled/*ClientSideDetectionModel/Model0/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableWin32kLockDownMimeTypes/PPAPILockdown_Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/*GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/MaterialDesignUserManager/Enabled/MetricsAndCrashSampling/OutOfReportingSample/*NetworkQualityEstimator/Enabled/*NonValidatingReloadOnNormalReload/Enabled2/*OmniboxBundledExperimentV1/StandardR7/Override YouTube Flash emed/YouTubeFlashRewrite/*ParseHTMLOnMainThread/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Enable/PluginPowerSaverTiny/Enabled2/*PreconnectMore/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/BiMonthlyPrompt/SSLCommonNameMismatchHandling/Control/*SSLPostQuantum/disabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/SignInPasswordPromo/Control/*StrictSecureCookies/Default/*SubresourceFilter/Disabled/TranslateServerStudy/Default/TranslateUI2016Q2/DefaultTranslateUI2016Q2/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_74/*UMA-Uniformity-Trial-10-Percent/group_01/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_19/*UMA-Uniformity-Trial-50-Percent/default/WebBluetoothBlacklist/BlacklistUpdate1/*WebFontsInterventionV2/Default/" --primordial-pipe-token=CE83C1F375E252AA310F703927247891 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553 --mojo-application-channel-token=CE83C1F375E252AA310F703927247891 --channel="6820.24.1721959944\1393725302" --mojo-platform-channel-handle=5740 /prefetch:1
======Scheduled tasks folder======
C:\Windows\tasks\DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d043749f89dd8c.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3693040185-2102049822-3035534750-1000Core.job - C:\Users\elite\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3693040185-2102049822-3035534750-1000UA.job - C:\Users\elite\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForelite.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForelite (null)
C:\Windows\tasks\WebContent AutoUpdate 2015.job - C:\Program Files\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe /f "C:\Data\Nemetschek\Allplan_1\Std\AllplanUpdate.inf" /one http://autoupdate.allplan.com/Updates/A ... ontent.upd
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\DropboxUpdateTaskMachineCore - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\system32\tasks\DropboxUpdateTaskMachineUA - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA1d043749f89dd8c - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3693040185-2102049822-3035534750-1000Core - C:\Users\elite\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-3693040185-2102049822-3035534750-1000UA - C:\Users\elite\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\HPCeeScheduleForelite - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForelite (null)
C:\Windows\system32\tasks\klcp_update - "C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe" /verysilent /update /freq=30
C:\Windows\system32\tasks\WebContent AutoUpdate 2015 - C:\Program Files\Nemetschek\Allplan_1\prg\NemDownloadHandler.exe /f "C:\Data\Nemetschek\Allplan_1\Std\AllplanUpdate.inf" /one http://autoupdate.allplan.com/Updates/A ... ontent.upd
C:\Windows\system32\tasks\{2B63F110-75BF-4E5A-8725-79DD7059C8F4} - C:\Windows\system32\pcalua.exe -a C:\Users\elite\Downloads\sp64109.exe -d C:\Users\elite\Downloads
C:\Windows\system32\tasks\{690280F8-2A97-46A9-BDCC-24CC2FC4EB41} - C:\Windows\system32\pcalua.exe -a C:\Users\elite\Downloads\sp52773.exe -d C:\Users\elite\Downloads
C:\Windows\system32\tasks\{7F374626-7F59-4CD9-9D03-D54C4B0075CA} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.2.0.103/cs/a ... age=tsBing
C:\Windows\system32\tasks\{94BC0768-449B-4271-B8DF-CFB55BF6CCAE} - C:\Windows\system32\pcalua.exe -a "C:\ProgramData\HP\HP SoftPaq Download Manager\SWDownload\sp52773.exe" -d "C:\ProgramData\HP\HP SoftPaq Download Manager\SWDownload"
C:\Windows\system32\tasks\{AA4FA3D8-8EE7-4367-9F34-6AD71B323E3A} - "c:\program files (x86)\google\chrome\application\chrome.exe" http://ui.skype.com/ui/0/7.2.0.103/cs/a ... age=tsBing
C:\Windows\system32\tasks\{C105A642-D55A-4511-A113-36EE268C46FE} - C:\Windows\system32\pcalua.exe -a "C:\Users\elite\Downloads\BuildPower-2009_2010.key\BuildPower-2009+2010.key\Install\Vyroba Z.exe" -d C:\Users\elite\Downloads\BuildPower-2009_2010.key\BuildPower-2009+2010.key\Install
C:\Windows\system32\tasks\{D51F6729-9396-4093-BDF2-99E31A341505} - C:\Windows\system32\pcalua.exe -a "C:\Users\elite\Downloads\BuildPower-2009_2010.key\BuildPower-2009+2010.key\Install\Rozpoctar Z.exe" -d C:\Users\elite\Downloads\BuildPower-2009_2010.key\BuildPower-2009+2010.key\Install
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-3693040185-2102049822-3035534750-1000 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup - %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor - %systemroot%\system32\sdclt.exe /CHECKSKIPPED
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeReminderTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime - %windir%\system32\GWX\GWXUXWorker.exe /ScheduleUpgradeTime
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess - %windir%\system32\GWX\GWX.exe /tasklaunch
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfig
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshConfigAndContent
C:\Windows\system32\tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent - %windir%\system32\GWX\GWXConfigManager.exe /RefreshContent
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate_scheduled - %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -source HPSA
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources - C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /r /m
C:\Windows\system32\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis
C:\Windows\system32\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA
=========Google Chrome=========
C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace Google 0.9
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty Google 0.9
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coobgpohoikkiipiblmjeljniedjpjpf 1 Vyhledávání Google 0.0.0.60
Extension cpfefcnbolgjjabocpajaplcgpniphdd 1 Synology Note Station 1.0.105
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension ennkphjdgehloodpbhlhldgbnhmacadg 1 Settings 0.2
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky Google 1.1
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension gighmmpiobklfepjocnamgkkbiglidom 1 AdBlock 3.4.0
Extension goanabmlmgfinmjohhepcpffcnkeobjm 1 Translate selection 1.6
Extension hkacjpbfdknhflllbcmjibkdeoafencn 1 Classic 1.1
Extension hmjkmjkepdijhoojdojkdfohbdgmmhki 1 Google Keep – poznámky a seznamy 3.1.16434.1185
Extension ilfoopambfaclfjmpiaijnccgcmbeigi 1 FormApps Chrome Extension 1.5.0.20
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.38
Extension lmjegmlicamnimmfhcmpkclmigmmcbeh 1 Application Launcher for Drive (by Google) 3.2
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mgndgikekgjfcpckkfioiadnlibdjbkf 1 Chrome 0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.0
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.0
Extension pafkbggdmjlpgkdkcbjmhmfcdpncadgh 1 Google Now 1.2.0.1
Extension pcfbfimijgibligmbglggnbiobgjgmbk 1 Synology Web Clipper 2.0.92
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 5416.905.0.6
Homepage: http://search.babylon.com/?affID=112555 ... 2186d7b9f4
default_search_provider.search_url:
C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-02-25 439352]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-17 461888]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-17 173120]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25 414776]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-09-20 1664000]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-11-17 2816240]
"CDAServer"=C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]
"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2016-01-29 2727568]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"T-Mobile CManager"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\Manager.exe [2015-08-06 2162152]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Sidebar"=C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20 1174016]
"Google Update"=C:\Users\elite\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-06 144200]
"Google Photos Backup"=C:\Users\elite\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [2016-04-08 3790936]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2016-07-29 23375200]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-09-12 29645440]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2013-02-07 683656]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [2012-09-12 334240]
""= []
"Desktop Disc Tool"=C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [2011-04-18 522736]
"NUSB3MON"=c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [2011-09-16 115048]
"MSStp"=C:\Windows\system32\msstp.vbe []
"mnclelvSrv"=C:\Windows\inf\mnclelv.vbe []
"HPConnectionManager"=C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [2013-10-31 185144]
"Dropbox"=C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [2016-10-24 25424008]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20 595992]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Údržba databáze BUILDpower.lnk - C:\RTS\BUILDpower\BPStartUp.exe
C:\Users\elite\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Synology Cloud Station Backup.lnk - C:\Program Files (x86)\Synology\CloudStationBackup\bin\launcher.exe
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2016-11-02 21:45:48 ----D---- C:\rsit
2016-11-02 21:45:48 ----D---- C:\Program Files\trend micro
2016-10-30 04:00:48 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2016-10-30 04:00:48 ----A---- C:\Windows\system32\poqexec.exe
2016-10-24 14:06:26 ----A---- C:\Windows\system32\DbxSvc.exe
2016-10-24 14:06:10 ----A---- C:\Windows\system32\drivers\dbx-stable.sys
2016-10-24 14:06:10 ----A---- C:\Windows\system32\drivers\dbx-dev.sys
2016-10-24 14:06:10 ----A---- C:\Windows\system32\drivers\dbx-canary.sys
2016-10-11 21:49:40 ----D---- C:\Users\elite\AppData\Roaming\Adobe
2016-10-08 09:54:28 ----A---- C:\Windows\system32\drivers\ekbdflt.sys
2016-10-07 07:09:34 ----D---- C:\Users\elite\AppData\Roaming\Adobe-BackupByPhotoshopCS6Portable
2016-10-04 09:18:57 ----A---- C:\Windows\system32\nvhdap64.dll
2016-10-04 09:18:57 ----A---- C:\Windows\system32\drivers\nvhda64v.sys
2016-10-04 09:18:54 ----A---- C:\Windows\SYSWOW64\nvopencl.dll
2016-10-04 09:18:54 ----A---- C:\Windows\SYSWOW64\nvoglv32.dll
2016-10-04 09:18:54 ----A---- C:\Windows\SYSWOW64\NvIFR.dll
2016-10-04 09:18:54 ----A---- C:\Windows\SYSWOW64\NvFBC.dll
2016-10-04 09:18:54 ----A---- C:\Windows\SYSWOW64\nvcuvid.dll
2016-10-04 09:18:54 ----A---- C:\Windows\SYSWOW64\nvcuda.dll
2016-10-04 09:18:54 ----A---- C:\Windows\system32\nvopencl.dll
2016-10-04 09:18:54 ----A---- C:\Windows\system32\nvoglv64.dll
2016-10-04 09:18:54 ----A---- C:\Windows\system32\NvIFR64.dll
2016-10-04 09:18:54 ----A---- C:\Windows\system32\NvFBC64.dll
2016-10-04 09:18:54 ----A---- C:\Windows\system32\nvcuvid.dll
2016-10-04 09:18:54 ----A---- C:\Windows\system32\nvcuda.dll
2016-10-04 09:18:54 ----A---- C:\Windows\system32\drivers\nvlddmkm.sys
2016-10-04 09:18:53 ----A---- C:\Windows\SYSWOW64\nvcompiler.dll
2016-10-04 09:18:53 ----A---- C:\Windows\SYSWOW64\nvapi.dll
2016-10-04 09:18:53 ----A---- C:\Windows\system32\nvcompiler.dll
======List of files/folders modified in the last 1 month======
2016-11-02 21:46:20 ----D---- C:\Windows\Tasks
2016-11-02 21:46:20 ----D---- C:\Windows\system32\Tasks
2016-11-02 21:46:12 ----D---- C:\Windows\Temp
2016-11-02 21:45:48 ----RD---- C:\Program Files
2016-11-02 21:36:35 ----D---- C:\Windows\System32
2016-11-02 21:36:35 ----D---- C:\Windows\inf
2016-11-02 21:36:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-02 21:35:13 ----D---- C:\Windows\system32\config
2016-11-02 21:32:45 ----D---- C:\Users\elite\AppData\Roaming\Skype
2016-11-02 21:30:34 ----D---- C:\ProgramData\PDFC
2016-11-02 09:51:59 ----D---- C:\ProgramData\Sonic
2016-11-02 00:55:31 ----HD---- C:\ProgramData
2016-10-30 20:53:58 ----D---- C:\Windows\Microsoft.NET
2016-10-30 20:53:14 ----RSD---- C:\Windows\assembly
2016-10-30 20:25:59 ----D---- C:\Windows\SysWOW64
2016-10-30 20:25:25 ----SHD---- C:\System Volume Information
2016-10-30 20:17:19 ----D---- C:\Windows\system32\catroot2
2016-10-30 20:16:54 ----D---- C:\Windows\winsxs
2016-10-30 20:02:49 ----D---- C:\Program Files\Microsoft Silverlight
2016-10-30 20:02:47 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2016-10-30 19:57:03 ----SHD---- C:\Windows\Installer
2016-10-30 19:57:03 ----SHD---- C:\Config.Msi
2016-10-30 19:56:57 ----D---- C:\ProgramData\Microsoft Help
2016-10-30 19:56:45 ----D---- C:\Windows\system32\MRT
2016-10-30 19:49:15 ----AC---- C:\Windows\system32\MRT.exe
2016-10-27 19:04:30 ----D---- C:\Program Files (x86)\Dropbox
2016-10-27 19:04:05 ----D---- C:\Windows\system32\drivers
2016-10-26 17:29:06 ----N---- C:\Windows\system32\MpSigStub.exe
2016-10-23 13:45:42 ----D---- C:\Data
2016-10-17 21:57:38 ----D---- C:\Windows\Prefetch
2016-10-17 09:40:05 ----D---- C:\FTP
2016-10-09 11:00:12 ----RD---- C:\Program Files (x86)\Skype
2016-10-09 11:00:12 ----D---- C:\Program Files (x86)\Common Files
2016-10-09 10:59:47 ----D---- C:\ProgramData\Skype
2016-10-08 09:54:43 ----D---- C:\Windows\system32\DriverStore
2016-10-04 11:03:55 ----D---- C:\install
2016-10-04 09:32:36 ----D---- C:\Windows
2016-10-04 09:23:16 ----D---- C:\SWSetup
2016-10-04 09:21:57 ----D---- C:\ProgramData\NVIDIA
2016-10-04 09:20:11 ----D---- C:\Program Files\NVIDIA Corporation
2016-10-04 09:19:10 ----D---- C:\ProgramData\NVIDIA Corporation
File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2016-10-08 84640]
R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2012-09-24 31040]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2010-03-19 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2015-08-17 381440]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-10-08 263296]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2016-10-08 197288]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2016-10-08 208552]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2016-10-08 61608]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\Windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\Windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2016-10-08 153248]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2014-05-07 11576]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2012-09-24 43840]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\agrsm64.sys [2009-06-10 1146880]
R3 AMPPAL;Virtuální adaptér Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\Windows\system32\DRIVERS\AMPPAL.sys [2011-08-08 299008]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\Windows\system32\DRIVERS\ArcSoftVCapture.sys [2012-02-03 42816]
R3 BthEnum;Služba Bluetooth Enumerator; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2015-08-17 283064]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C; C:\Windows\system32\DRIVERS\e1c62x64.sys [2014-05-02 495376]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2011-07-18 25912]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2012-07-31 175928]
R3 NETwNs64;Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\Netwsw01.sys [2015-03-12 11532704]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2012-05-10 97792]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2012-05-10 217600]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2013-11-28 197408]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2012-11-28 1866080]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-09-20 543744]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2014-11-17 555760]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AMPPALP;Protokol Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed; C:\Windows\system32\DRIVERS\amppal.sys [2011-08-08 299008]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dbx;dbx; C:\Windows\system32\DRIVERS\dbx.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2009-09-10 117248]
S3 hwusbdev;Huawei DataCard USB PNP Device; C:\Windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 TPM;Čip TPM; C:\Windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ABBYY.Licensing.PDFTransformer.Classic.3.0;Aktivace aplikace ABBYY PDF Transformer 3.0 – Licenční služba; C:\Program Files (x86)\ABBYY PDF Transformer 3.0\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-09-16 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-03 89600]
R2 AllplanUpdateLauncher 2015;Nemetschek Allplan Updatelauncher Service 2015; C:\Program Files\Nemetschek\AllplanUpdateLauncher 2015\AllplanUpdateLauncher.exe [2014-10-30 16680]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-08-31 1166848]
R2 BPSHWAgent;BUILDpower S HW Agent v2; C:\BUILDpowerS\system\BPSHWAgentService.exe [2012-11-26 5660672]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-06-03 134928]
R2 Cloud Station Backup VSS Service x64;Cloud Station Backup VSS Service x64; C:\Program Files (x86)\Synology\CloudStationBackup\bin\vss-service-x64.exe [2016-05-18 287240]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 DbxSvc;DbxSvc; C:\Windows\system32\DbxSvc.exe [2016-10-24 41576]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-10-08 2780160]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-07-27 1517328]
R2 hpHotkeyMonitor;hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2012-09-12 523680]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2012-09-24 31040]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-04-26 28552]
R2 MbnExt;Mobile Broadband Extension Service; %SystemRoot%\system32\svchost.exe -k MbnExt;"ServiceDll"=C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\MbnExt.dll
R2 Net Driver HPZ12;Net Driver HPZ12; %SystemRoot%\System32\svchost.exe -k HPZ12;"ServiceDll"=C:\Windows\system32\HPZinw12.dll
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-01-29 932728]
R2 NVWMI;NVIDIA WMI Provider; C:\Windows\system32\nvwmi64.exe [2016-01-29 2701880]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2013-02-07 1135752]
R2 Pml Driver HPZ12;Pml Driver HPZ12; %SystemRoot%\System32\svchost.exe -k HPZ12;"ServiceDll"=C:\Windows\system32\HPZipm12.dll
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-07-27 844560]
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [2014-11-26 118576]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-09-20 323072]
R2 uArcCapture;ArcCapture; C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe [2012-04-05 498352]
R2 vcsFPService;Validity VCS Fingerprint Service; C:\Windows\system32\vcsFPService.exe [2013-09-12 3221392]
R3 hpCMSrv;HP Connection Manager 4 Service; C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [2013-10-31 1421112]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2015-04-28 1102472]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 dbupdate;Dropbox Update Service (dbupdate); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-07 143144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S2 MSSQL$BUILDPOWERS;SQL Server (BUILDPOWERS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\sqlservr.exe [2011-06-17 43040096]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224]
S3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S3 dbupdatem;Dropbox Update Service (dbupdatem); C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-02-07 143144]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-09-01 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 stllssvr;stllssvr; C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe [2010-11-08 74392]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-06 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 44896]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 SQLAgent$BUILDPOWERS;SQL Server Agent (BUILDPOWERS); C:\Program Files (x86)\Microsoft SQL Server\MSSQL10_50.BUILDPOWERS\MSSQL\Binn\SQLAGENT.EXE [2011-06-17 370016]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
necinost systemu WIN 7 na NTB z probuzeni ze spanku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
petr.vera.
- Návštěvník
- Příspěvky: 12
- Registrován: 10 led 2014 00:21
Re: necinost systemu WIN 7 na NTB z probuzeni ze spanku
Zdravim 
Co se tedy deje po probuzeni? Zustane cerna obrazovka, nebo je tam normalne plocha, ale nejde nic delat? Nebo neco jineho?
Kazdopadne je to zavirovane.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce
Co se tedy deje po probuzeni? Zustane cerna obrazovka, nebo je tam normalne plocha, ale nejde nic delat? Nebo neco jineho?
Kazdopadne je to zavirovane.
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
petr.vera.
- Návštěvník
- Příspěvky: 12
- Registrován: 10 led 2014 00:21
Re: necinost systemu WIN 7 na NTB z probuzeni ze spanku
Po probuzeni zustane vestina programu bez reakce (nedaji se obsuhovat/vypnout) ve spravci uloh jsou oznaceny jako necinne a nedaji se shodit.
log
# AdwCleaner v6.030 - Log soubor vytvořen 02/11/2016 na 22:48:57
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-02.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : elite - ELITE-PC
# Beží od : C:\Users\elite\Downloads\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\Users\elite\AppData\Local\DriverToolkit
[-] Adresář smazán:C:\rei
[-] Adresář smazán:C:\Program Files (x86)\DriverToolkit
[-] Adresář smazán:C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Extensions\goanabmlmgfinmjohhepcpffcnkeobjm
[-] Adresář smazán:C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\goanabmlmgfinmjohhepcpffcnkeobjm
***** [ Soubory ] *****
[-] Soubor smazán:C:\prefs.js
[-] Soubor smazán:C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_goanabmlmgfinmjohhepcpffcnkeobjm_0.localstorage
[-] Soubor smazán:C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_goanabmlmgfinmjohhepcpffcnkeobjm_0.localstorage-journal
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKU\S-1-5-21-3693040185-2102049822-3035534750-1000\Software\DriverToolkit
[#] Klíč smazán po restartování:HKCU\Software\DriverToolkit
[#] Klíč smazán po restartování:[x64] HKCU\Software\DriverToolkit
***** [ Prohlížeče ] *****
[-] [C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:goanabmlmgfinmjohhepcpffcnkeobjm
[-] [C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default] [homepage] Smazání:hxxp://search.babylon.com/?affID=112555&tt=020512_mntb_est&babsrc=HP_ss&mntrId=282b5acf000000000000002186d7b9f4
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2155 Bajtů] - [02/11/2016 22:48:57]
C:\AdwCleaner\AdwCleaner[S0].txt - [2510 Bajtů] - [02/11/2016 22:47:46]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2303 Bajtů] ##########
log
# AdwCleaner v6.030 - Log soubor vytvořen 02/11/2016 na 22:48:57
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-02.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : elite - ELITE-PC
# Beží od : C:\Users\elite\Downloads\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support
***** [ Služby ] *****
***** [ Adresáře ] *****
[-] Adresář smazán:C:\Users\elite\AppData\Local\DriverToolkit
[-] Adresář smazán:C:\rei
[-] Adresář smazán:C:\Program Files (x86)\DriverToolkit
[-] Adresář smazán:C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Extensions\goanabmlmgfinmjohhepcpffcnkeobjm
[-] Adresář smazán:C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\goanabmlmgfinmjohhepcpffcnkeobjm
***** [ Soubory ] *****
[-] Soubor smazán:C:\prefs.js
[-] Soubor smazán:C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_goanabmlmgfinmjohhepcpffcnkeobjm_0.localstorage
[-] Soubor smazán:C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_goanabmlmgfinmjohhepcpffcnkeobjm_0.localstorage-journal
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Zástupce ] *****
***** [ Plánovač úloh ] *****
***** [ Registry ] *****
[-] Klíč smazán:HKU\S-1-5-21-3693040185-2102049822-3035534750-1000\Software\DriverToolkit
[#] Klíč smazán po restartování:HKCU\Software\DriverToolkit
[#] Klíč smazán po restartování:[x64] HKCU\Software\DriverToolkit
***** [ Prohlížeče ] *****
[-] [C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default] [extension] Smazání:goanabmlmgfinmjohhepcpffcnkeobjm
[-] [C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default] [homepage] Smazání:hxxp://search.babylon.com/?affID=112555&tt=020512_mntb_est&babsrc=HP_ss&mntrId=282b5acf000000000000002186d7b9f4
*************************
:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2155 Bajtů] - [02/11/2016 22:48:57]
C:\AdwCleaner\AdwCleaner[S0].txt - [2510 Bajtů] - [02/11/2016 22:47:46]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2303 Bajtů] ##########
-
petr.vera.
- Návštěvník
- Příspěvky: 12
- Registrován: 10 led 2014 00:21
Re: necinost systemu WIN 7 na NTB z probuzeni ze spanku
POZOR po ulozeni logu jsem chtel log otevrit pricemz mi zcernala obrazovka a NTB byl bez reakce musel jsem ho resetovat.
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 2.11.2016
Čas skenování: 23:08
Protokol: mamb01.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.11.02.13
Databáze rootkitů: v2016.10.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: elite
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 977081
Uplynulý čas: 5 hod, 36 min, 0 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 2
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\bitstreams, , [8afb95269901c17514d4149001017090],
Soubory: 36
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\avupdate.exe, , [bdc806b5c5d5ff37e44b5a9c07fd44bc],
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\savapi3_restart.exe, , [bec7902b5446cf67b37cf00650b460a0],
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\savapi3_start.exe, , [a3e2c4f7f7a3999d34fb20d640c455ab],
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\savapi3_stop.exe, , [265f982302986ec876b9dd1960a434cc],
PUP.Optional.Spigot, C:\Config.Msi\5dec2.rbf, , [96ef982383179b9b615efc3190719d63],
HackTool.Agent, C:\FTP\P R O J E K T Y\RD Linka\doc\DSP\CRACK\Artlantis Studio_4.0.13.3.X86_Crk.exe, , [bacb5269e6b4f83ee7351de9e11fe41c],
HackTool.Agent, C:\install\ABBYY PDF Transformer 3.0\ABBYY_PDF_Transformer_3.0_Crack.zip, , [ec99a11aeeac999d8c902ed8768ac23e],
HackTool.Agent, C:\install\ABBYY PDF Transformer 3.0\ABBYY PDF Transformer 3.0 Crack\Crack\3.0.100.216\3.0.100.216.exe, , [a9dc69520199b680120a7e8849b719e7],
HackTool.Agent, C:\install\ABBYY PDF Transformer 3.0\ABBYY PDF Transformer 3.0 Crack rar\Crack\3.0.100.216\3.0.100.216.exe, , [acd9edce7f1bd6604bd13fc7de224ab6],
RiskWare.Tool.CK, C:\install\pdf\keygen.exe, , [1075ab109cfe2e08cafc020613ef54ac],
RiskWare.Tool.CK, C:\install\pdf\pdf_factory_pro_3.30.rar, , [45402c8f8119eb4b3d89bf4928dac53b],
HackTool.Agent, C:\Program Files (x86)\ABBYY PDF Transformer 3.0\3.0.100.216.exe, , [691c308b0595211521fb040219e7da26],
HackTool.Agent, C:\Users\elite\Downloads\Nepotvrzeno 726540.crdownload, , [394ca9121486f93d4110c85af9081be5],
HackTool.Agent, C:\Users\elite\Downloads\Nepotvrzeno 838795.crdownload, , [6d18c3f886141a1cf8592002946d0df3],
RiskWare.Tool.CK, C:\Users\elite\Downloads\OO-DiskRecovery-Professional-v9.0.223-(x86-x64)-Incl-Keymaker-ZWT-[TorDigger].zip, , [6b1a714ab6e4c86ea2b4c5bdf80828d8],
RiskWare.Tool.CK, C:\Users\elite\Downloads\PdfFactory Pro_5.20_FinePrint_8.2\XXX\FinePrint PdfFactory Pro key\FinePrint PdfFactory Pro key.exe, , [6d185f5ce0ba0c2a0c4a711126da5ba5],
Trojan.Agent.W, C:\Users\elite\Downloads\20141124_223439\sources\$OEM$\$$\SETUP\SCRIPTS\Windows7Loader.exe, , [f5901ba01684d4627bed7ba35aaacf31],
Trojan.BitCoinMiner, C:\Windows\inf\mnclelv\mnclelv.exe, , [582d7348c2d8c4723be070c5bc460df3],
Trojan.BitCoinMiner, C:\Windows\inf\mncpwncbp\mncpwncbp.exe, , [4045c0fbe8b2102632e91f1637cb5fa1],
Trojan.BitCoinMiner, C:\Windows\inf\msfmlof\msfmlof.exe, , [4f369c1f178381b570f5752e3fc15ba5],
Trojan.Agent.W, C:\Windows\Setup\SCRIPTS\Windows7Loader.exe, , [3a4bc2f9425841f50c5c0a140ef6946c],
PUP.Optional.Babylon, C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage, , [bbcabcff7c1e3afc5f60d7fa4eb40000],
PUP.Optional.Babylon, C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage-journal, , [e89d8b3073279b9b1aa54b8629d9db25],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\diablo130302.cl, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\diakgcn121016.cl, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libcurl-4.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libeay32.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libidn-11.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\librtmp.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libssh2.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\phatk121016.cl, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\poclbm130302.cl, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\scrypt130511.cl, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\ssleay32.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\zlib1.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [8afb95269901c17514d4149001017090],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 2.11.2016
Čas skenování: 23:08
Protokol: mamb01.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.11.02.13
Databáze rootkitů: v2016.10.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: elite
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 977081
Uplynulý čas: 5 hod, 36 min, 0 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 2
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\bitstreams, , [8afb95269901c17514d4149001017090],
Soubory: 36
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\avupdate.exe, , [bdc806b5c5d5ff37e44b5a9c07fd44bc],
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\savapi3_restart.exe, , [bec7902b5446cf67b37cf00650b460a0],
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\savapi3_start.exe, , [a3e2c4f7f7a3999d34fb20d640c455ab],
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\savapi3_stop.exe, , [265f982302986ec876b9dd1960a434cc],
PUP.Optional.Spigot, C:\Config.Msi\5dec2.rbf, , [96ef982383179b9b615efc3190719d63],
HackTool.Agent, C:\FTP\P R O J E K T Y\RD Linka\doc\DSP\CRACK\Artlantis Studio_4.0.13.3.X86_Crk.exe, , [bacb5269e6b4f83ee7351de9e11fe41c],
HackTool.Agent, C:\install\ABBYY PDF Transformer 3.0\ABBYY_PDF_Transformer_3.0_Crack.zip, , [ec99a11aeeac999d8c902ed8768ac23e],
HackTool.Agent, C:\install\ABBYY PDF Transformer 3.0\ABBYY PDF Transformer 3.0 Crack\Crack\3.0.100.216\3.0.100.216.exe, , [a9dc69520199b680120a7e8849b719e7],
HackTool.Agent, C:\install\ABBYY PDF Transformer 3.0\ABBYY PDF Transformer 3.0 Crack rar\Crack\3.0.100.216\3.0.100.216.exe, , [acd9edce7f1bd6604bd13fc7de224ab6],
RiskWare.Tool.CK, C:\install\pdf\keygen.exe, , [1075ab109cfe2e08cafc020613ef54ac],
RiskWare.Tool.CK, C:\install\pdf\pdf_factory_pro_3.30.rar, , [45402c8f8119eb4b3d89bf4928dac53b],
HackTool.Agent, C:\Program Files (x86)\ABBYY PDF Transformer 3.0\3.0.100.216.exe, , [691c308b0595211521fb040219e7da26],
HackTool.Agent, C:\Users\elite\Downloads\Nepotvrzeno 726540.crdownload, , [394ca9121486f93d4110c85af9081be5],
HackTool.Agent, C:\Users\elite\Downloads\Nepotvrzeno 838795.crdownload, , [6d18c3f886141a1cf8592002946d0df3],
RiskWare.Tool.CK, C:\Users\elite\Downloads\OO-DiskRecovery-Professional-v9.0.223-(x86-x64)-Incl-Keymaker-ZWT-[TorDigger].zip, , [6b1a714ab6e4c86ea2b4c5bdf80828d8],
RiskWare.Tool.CK, C:\Users\elite\Downloads\PdfFactory Pro_5.20_FinePrint_8.2\XXX\FinePrint PdfFactory Pro key\FinePrint PdfFactory Pro key.exe, , [6d185f5ce0ba0c2a0c4a711126da5ba5],
Trojan.Agent.W, C:\Users\elite\Downloads\20141124_223439\sources\$OEM$\$$\SETUP\SCRIPTS\Windows7Loader.exe, , [f5901ba01684d4627bed7ba35aaacf31],
Trojan.BitCoinMiner, C:\Windows\inf\mnclelv\mnclelv.exe, , [582d7348c2d8c4723be070c5bc460df3],
Trojan.BitCoinMiner, C:\Windows\inf\mncpwncbp\mncpwncbp.exe, , [4045c0fbe8b2102632e91f1637cb5fa1],
Trojan.BitCoinMiner, C:\Windows\inf\msfmlof\msfmlof.exe, , [4f369c1f178381b570f5752e3fc15ba5],
Trojan.Agent.W, C:\Windows\Setup\SCRIPTS\Windows7Loader.exe, , [3a4bc2f9425841f50c5c0a140ef6946c],
PUP.Optional.Babylon, C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage, , [bbcabcff7c1e3afc5f60d7fa4eb40000],
PUP.Optional.Babylon, C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage-journal, , [e89d8b3073279b9b1aa54b8629d9db25],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\diablo130302.cl, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\diakgcn121016.cl, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libcurl-4.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libeay32.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libidn-11.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\librtmp.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libssh2.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\phatk121016.cl, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\poclbm130302.cl, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\scrypt130511.cl, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\ssleay32.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\zlib1.dll, , [8afb95269901c17514d4149001017090],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [8afb95269901c17514d4149001017090],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: necinost systemu WIN 7 na NTB z probuzeni ze spanku
Je tam spousta haveti, ale taky nelegalne aktivovany windows a pravidla fora mi nedovoluji pokracovat 
Hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512
Hovori jasne http://forum.viry.cz/viewtopic.php?f=12&t=115512
Pomáhat NELZE:
2) Pokud stroj uživatele prokazatelně obsahuje nelegální hostitelský čí ochranný software
(operační systém, antivir, firewall, atd.), je nutné navést uživatele k nápravě, např. skrze neplacený software,
a začít řešit, až v době kdy je PC "v pořádku". V případě že uživatel nechce na pravidla přistoupit,
je nutné jej vyzvat ať fórum opustí, a vrátí se až je splní.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
petr.vera.
- Návštěvník
- Příspěvky: 12
- Registrován: 10 led 2014 00:21
Re: necinost systemu WIN 7 na NTB z probuzeni ze spanku
To asi ne, je to NTB s ofiko win 7 professiolal, ESET Smart Security a pod.
Re: necinost systemu WIN 7 na NTB z probuzeni ze spanku
Log hovori zcela jasne. Ten nelegalni aktivator tam proste je a sam od sebe se tam dostat nemohl. Mozna vam to nekdo preinstalovaval (kamarad, v servisu, nebo nevim) a aktivoval to misto platnym kodem tim crackem. To uz nezjistim. Ale ten aktivator tam sviti jak vanocni svetylko 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
petr.vera.
- Návštěvník
- Příspěvky: 12
- Registrován: 10 led 2014 00:21
Re: necinost systemu WIN 7 na NTB z probuzeni ze spanku
OK, pokusim se sjednat napravu
Re: necinost systemu WIN 7 na NTB z probuzeni ze spanku
To je na vas, ja vas k tomu samozrejme nenutim. Jen rikam, co vidim a poukazuju na pravidla fora, kterymi se musim ridit. Jinak naprava, abych mohl pocitac cistit, je jedine preinstalace systemu a aktivovani platnym kodem. Po preinstalaci vsak uz bude stejne pocitac cisty, takze uz cisteni nebude potreba 
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
petr.vera.
- Návštěvník
- Příspěvky: 12
- Registrován: 10 led 2014 00:21
Re: necinost systemu WIN 7 na NTB z probuzeni ze spanku
Malwarebytes Anti-Malware
www.malwarebytes.org
Datum skenování: 3.11.2016
Čas skenování: 12:08
Protokol: mamb20161103.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.11.03.08
Databáze rootkitů: v2016.10.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: elite
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 975329
Uplynulý čas: 6 hod, 26 min, 57 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 2
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\bitstreams, , [489c17a4514900368f59ffa5699924dc],
Soubory: 25
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\avupdate.exe, , [3ca849720496e74f36f7b44282829a66],
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\savapi3_restart.exe, , [ac38e8d3edaddf57d8551bdb70943dc3],
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\savapi3_start.exe, , [c71d4f6c0a90d561230a2bcb02024fb1],
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\savapi3_stop.exe, , [1cc810abd1c961d567c6c630669ee21e],
HackTool.Agent, C:\Users\elite\Downloads\Nepotvrzeno 726540.crdownload, , [578d6e4de2b8f3438bc6140ec43da65a],
HackTool.Agent, C:\Users\elite\Downloads\Nepotvrzeno 838795.crdownload, , [855fd6e563375adcbb967ba77f823bc5],
RiskWare.Tool.CK, C:\Users\elite\Downloads\PdfFactory Pro_5.20_FinePrint_8.2\XXX\FinePrint PdfFactory Pro key\FinePrint PdfFactory Pro key.exe, , [05df6b50faa0fc3ae76f562cc33d39c7],
Trojan.BitCoinMiner, C:\Windows\inf\mnclelv\mnclelv.exe, , [0fd5e2d9dbbfc076a77467ce828011ef],
Trojan.BitCoinMiner, C:\Windows\inf\mncpwncbp\mncpwncbp.exe, , [bc284576207a21157ba05ed7bf43fa06],
Trojan.BitCoinMiner, C:\Windows\inf\msfmlof\msfmlof.exe, , [4a9a5467108aaf87c4a1059ed32d8a76],
PUP.Optional.Babylon, C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage, , [ce16a5160c8ed85e00bf755ca65ce719],
PUP.Optional.Babylon, C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage-journal, , [489c14a76c2e4cea299612bf03ffe21e],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\diablo130302.cl, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\diakgcn121016.cl, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libcurl-4.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libeay32.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libidn-11.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\librtmp.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libssh2.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\phatk121016.cl, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\poclbm130302.cl, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\scrypt130511.cl, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\ssleay32.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\zlib1.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [489c17a4514900368f59ffa5699924dc],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
www.malwarebytes.org
Datum skenování: 3.11.2016
Čas skenování: 12:08
Protokol: mamb20161103.txt
Správce: Ano
Verze: 2.2.1.1043
Databáze malwaru: v2016.11.03.08
Databáze rootkitů: v2016.10.31.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto
OS: Windows 7 Service Pack 1
CPU: x64
Souborový systém: NTFS
Uživatel: elite
Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 975329
Uplynulý čas: 6 hod, 26 min, 57 sek
Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Sken hloubkových rootkitů: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto
Procesy: 0
(Nenalezeny žádné škodlivé položky)
Moduly: 0
(Nenalezeny žádné škodlivé položky)
Klíče registru: 0
(Nenalezeny žádné škodlivé položky)
Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)
Data registru: 0
(Nenalezeny žádné škodlivé položky)
Složky: 2
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\bitstreams, , [489c17a4514900368f59ffa5699924dc],
Soubory: 25
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\avupdate.exe, , [3ca849720496e74f36f7b44282829a66],
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\savapi3_restart.exe, , [ac38e8d3edaddf57d8551bdb70943dc3],
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\savapi3_start.exe, , [c71d4f6c0a90d561230a2bcb02024fb1],
PUP.Optional.Reimage, C:\AdwCleaner\quarantine\files\nxoydhasupwuhaeumqeutebozcmdkmor\AV\savapi3_stop.exe, , [1cc810abd1c961d567c6c630669ee21e],
HackTool.Agent, C:\Users\elite\Downloads\Nepotvrzeno 726540.crdownload, , [578d6e4de2b8f3438bc6140ec43da65a],
HackTool.Agent, C:\Users\elite\Downloads\Nepotvrzeno 838795.crdownload, , [855fd6e563375adcbb967ba77f823bc5],
RiskWare.Tool.CK, C:\Users\elite\Downloads\PdfFactory Pro_5.20_FinePrint_8.2\XXX\FinePrint PdfFactory Pro key\FinePrint PdfFactory Pro key.exe, , [05df6b50faa0fc3ae76f562cc33d39c7],
Trojan.BitCoinMiner, C:\Windows\inf\mnclelv\mnclelv.exe, , [0fd5e2d9dbbfc076a77467ce828011ef],
Trojan.BitCoinMiner, C:\Windows\inf\mncpwncbp\mncpwncbp.exe, , [bc284576207a21157ba05ed7bf43fa06],
Trojan.BitCoinMiner, C:\Windows\inf\msfmlof\msfmlof.exe, , [4a9a5467108aaf87c4a1059ed32d8a76],
PUP.Optional.Babylon, C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage, , [ce16a5160c8ed85e00bf755ca65ce719],
PUP.Optional.Babylon, C:\Users\elite\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage-journal, , [489c14a76c2e4cea299612bf03ffe21e],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\diablo130302.cl, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\diakgcn121016.cl, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libcurl-4.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libeay32.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libidn-11.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\librtmp.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\libssh2.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\phatk121016.cl, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\poclbm130302.cl, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\scrypt130511.cl, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\ssleay32.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\zlib1.dll, , [489c17a4514900368f59ffa5699924dc],
Trojan.Agent.BCM, C:\Windows\inf\mncpwncbp\bitstreams\fpgaminer_top_fixed7_197MHz.ncd, , [489c17a4514900368f59ffa5699924dc],
Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)
(end)
Re: necinost systemu WIN 7 na NTB z probuzeni ze spanku
Preinstalovano nebylo, cili plati stale to stejne.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Přispějete na provoz fóra?