Prosím o kontrolu logu - problém s čínským programem

[Steve89]

Dobrý den,
poprosil bych vás o pomoc, nainstaloval se mi do notebooku nějaký čínský program, pořád mi to v prohlížeči vyhazuje odkazy na nějaké porno, přenastavilo mi to výchozí programy co se týče videa, obrázků atd ... to jsem stahoval jen češtinu do hry ...

Děkuji za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Štěpán at 2015-07-06 15:28:45
Microsoft Windows 8.1
System drive C: has 648 GB (69%) free of 934 GB
Total RAM: 8115 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:28:46, on 6. 7. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17416)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Games\Steam\Steam.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
C:\Games\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\baidu\baidu.exe
C:\Program Files (x86)\baidu\Bind.exe
C:\Users\Štěpán\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\IQIYI Video\Common\QyKernel.exe
C:\IQIYI Video\Common\QyFragment.exe
C:\IQIYI Video\Common\Mobile\AndroidService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Štěpán.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: °®ĆćŇŐÖúĘÖ - {FB4F6285-4C32-49F2-950F-A5998F9CEC6C} - C:\IQIYI Video\Common\Accelerator\IEHelper.dll
O4 - HKLM\..\Run: [Intel Privacy Notification Tool] "C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe"
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Steam] "C:\Games\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [apphide] C:\Program Files (x86)\baidu\baidu.exe
O4 - HKCU\..\Run: [HCDNClient] "C:\IQIYI Video\Common\QyKernel.exe" -shell_start
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Štěpán\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Štěpán\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Qualcomm Atheros - C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: McAfee Home Network (HomeNetSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, Inc. - C:\Program Files\McAfee\MSC\McAPExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
O23 - Service: McAfee Boot Delay Start Service (mcbootdelaystartsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Platform Services (mcpltsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Games\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12878 bytes

======Listing Processes======





wininit.exe

winlogon.exe

C:\Windows\system32\lsass.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Windows\system32\nvvsvc.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 842805054208
\??\C:\Windows\system32\conhost.exe 0x4
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskhostex.exe
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
dashost.exe {16f001d1-d55e-4ffa-9bd40615bc897a56}
"C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe"
"C:\Windows\system32\mfevtps.exe"
"C:\Windows\system32\mfevtps.exe" -mms
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" -mms
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" e8556f01-1676-418f-a423-e6fed7cb52ac 1
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe 0x4
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
igfxEM.exe
igfxHK.exe
igfxTray.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
"C:\Games\Steam\Steam.exe" -silent
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
"C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe"
"C:\Games\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Štěpán\AppData\Local\Steam\htmlcache" -steampid 4988 -buildid 1433441724 -steamid "0" --disable-gpu-compositing --disable-gpu --enable-threaded-compositing --disable-pinch-virtual-viewport --process-per-tab --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Windows\system32\GWX\GWX.exe"
C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe /platui
"C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\McAfee\MSC\McAPExe.exe"
"C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe"
"C:\Windows\SysWOW64\rundll32.exe" "c:\PROGRA~2\mcafee\siteadvisor\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\siteadvisor\x64\saHook.dll", saHooker_Initialize_and_Wait
"C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\baidu\baidu.exe"
"C:\Program Files (x86)\baidu\Bind.exe" -u=http://www.czzsyzxl.com/yanshi.txt -n=baidu.exe
C:\Windows\system32\cpuminer-gw64.exe
\??\C:\Windows\system32\conhost.exe 0x4
"C:\Users\Štěpán\AppData\Roaming\Seznam.cz\bin\szndesktop.exe" default restart
"C:\Users\Štěpán\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe 0x4
taskeng.exe {C1008758-9427-4E37-B418-FE9D863DA171}
"C:\Program Files (x86)\CinemaP-1.9cV06.07\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-6.exe" /rawdata=Y37bIwaCxDq1LHRQJpOAVXE8PAiqm4e0TAADDvLTuDNCNz0muRd029W64aF4cjY/kv/PP6nr+TSjLhVS/NNG/O8/HbjKutoWnV1gktORq5qslZ2wI5c81oDnP+FnYOgdquHS+s1p4FwRG5+SwVUiRUzyjkCVH+t1FX96fpq4UMNxnF2QxFrd+UI47uCF10uCRvAzBmum6BdrWKTDhWl7vK9TGzAbjjZT2SUBgdIDB/3CQKTnA1ihkjy46jns7BwJGTlalTQMDd8YHI7i5ZYTcoArNB2tmC7xLPQ1pcHtYWqyw/+uudmiO7A/6KQ8FjMjqblXpSmUHfr0s1yH49cx25AeG95ICJvGccgA8ON5epRYR3T81AxRzQwzamvGLp761iGr2oiBbrfSCG8hgiP9+iBIjSaIODN43NbOtj54JrP7m4PAX6ML+0Ydb/1sKzPodfjTOX5FcxK5kyv90H8h1KMNBsF7/oNRy4Atce3EAshMDNhqAoEWjwrSQHmjytPWlJsfXYPEmU7qX8lFr5TKCHkn+qV/mAUd3AxWTg/YgVkBFguNNwbXhAfKhEBzOiq+Y4qPyCOL1pFQV2tJHiUb6okyWNoVdvlj2fnGX4/36HMdgPuz7Z7DesPeeDkFj/1F0udsplsEpIOOyHw5SEHS5c8Cie+FF2Y0yCRYSV1wCEtWNrh9p+NLik98Uf5A/N0goWZXPdOOajm0mxszoagTos2KrPZ+2uWGhu4Da0+8VLFz5frO1MR2nn93QtlUIpA3W9IkW5atSDERS5zsOrlkMYogQJqGSMcwZinr/ECd6KI9gJXtiC/OmT2eCUzIv4ODDAaw+PkFBdrM/bHms+3BDBfTVGNHTHZDWPmEt6bLbmDceMskE6CHuLHCYirGjBR65PhQJSYHRSC/+aeDkaiw6RDSgfJ63eVIEuaKHv1wpaTbX80yh3tzR5NSCdFI9aZ27aJ4YUOL1bbr1iPPmECnzATG38E5OjYV+CDq2JoTkHAFvwydEw1X3/ysspNCaSFOSwAAZxojqCLs9JVTGR8ZZDgIPhp9hgK+GYO7cKx7jqD0hLwjrZ2eJsBcC79TiAugMwfYZpoWvthemmzo9eO9tGrsG9ly3YC8BC8FVwCjTDgtvAEofIdqjxp+nLkfTW8zPRp6iDmQGxNPxe4Zb/Ii9M42J21c6kyDORgqCE1PpPaRaKLUbDgUiJnLjeg313R/X/UVTCoPgKSMib6yTw5Eje/Xu56sitALFChYY5ZLOiqgb60ZD9bYBuhWvD4FcWkFH8qAwW0epPNxw6TpJt0Ry1s47J+VwSHmVGRy0HyqdUA1I97rgu+lpl/2kxohZDiboZ/lhkDsSyDR/VkY/e2aKIdQaKsPvHHKeYAkcMr+OcdhJhUye7JQnVqvWhrPiVfn6ylET8TPUkntIGoRIRuU25OdTng4xah/+xzhi3hU3DRB5tREIdUJ4ZRQRXnzIputNelXqW2KeNO0rUHsHy+TrbxSwF1lmUUWvZ3cZQ4dNuy8DMChXljhklq3ie5fNRRdUH65DYOQL9NWI9hdgr9+UJYkMPIvorEjeiFpzS7WDnBFRPNUbGZxme16WHubuZA9C2Gsm4oDI4BMh9AzwagbUVjyg8EDTsvxhvWi1BGbSCxJumeo3z+qU0CB+kcQGNeWE0+qEwBVpBA2i+KuivAfqZWJZt4A4OKuGFz6q0b9KDg9FHP5LXli126dWU2b1f1nPcTt8YeFxtaGFDB7fLgVY9rpiFoUFWrVq4sBkS0iZlKFjKIvHYXxcNlnCaeGgtp2yglZIDRPXL3U2mYJeXoATvpt+6IoWauJwycSTYH/fYlk6nes6UyKxMsTU6kRYtnhyqOAXCppssWS7nREH/QXzUK0tG8YUJmp+TvN0H9zuGFkt6r5YwH9kgMdKxwPfZKrA8tEn//qZpBmoAvFKddtvAk/sw40228UyVSp+UtRWrhPu0O3R9zLFWzDGk6DPtOsX+WGvsxASejE1VJV1U7EqcY5kZXFtX2B6jBa/L+8u8JtGdkAYvq3EcmaB4dWZ4qVn8vRpw26vbrLjUQ6cYUzKvVUpgiLGLDXsiSegpBZlhtkhszqRVlnOb8LEVZCQ3PPZVTM3UY3kwLfiSKfxZq+a9vkIISveK/IzOs7f7MZtZc7C9IHFbc1YKo949P+dEeMM3d6YPPPnQMTEsWXBBef6k/avTMti+Autp+FelczYGY=
"C:\Program Files (x86)\CinemaP-1.9cV06.07\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-1-6.exe" /rawdata=kYMaY75ndJKLW78jPYRoh3++b4VCiFWKQbuHlmSfVnEhIKLKoVQEdSr8CfCbhwVyB8WDSBVpAQ3Dd5rRVpVGAStXi7SySvJ2iItJNs+YttNiJYdGXZo8nrPN3N++T2YLuDREXYd7frZVms11fyHktkS4ejGyU3MMHGoaBNBUfnwh6tOWdkxiHqGl10wRQhgBgimR59zcEKCRAgyY9COsjNjYkpQeFrGf0ucvYdfnKx+OABHc/BXUECK4fAEog/C+qc3pXEdUlzeeqn7fRwf13dokVknT0WCkGgmtZjwjcXTKbwrJxq0HAOyte7yt+WRW6kAYm/gX1iFPg8nwnONuH1xq6/dtYZ+43sq2u/r1Xn6giw7HvebJFlKHmECaqhqLMnn8551HNHF1fNa+UjtbilUTbE/tK5lbsgc2lA9Uk/lkFHAubJry2eBioiVvwzEkYaV1XLH4hAU2g6OMMM+6PFhv0Nms57AN4KuBaE0qeZaI0bnntnistSB77e7e7qUCBsbafIKLcff1bNYq8IJJO/AOz5Iifm/us/lgpHoYmj8cybcMlyPBU7L6r7r56m6iTyfLnHdGcqpGDEaxjED4cbcjZXy3jP3IuAR4+86TGrVC2734IWz0jQmCZVsWqZl6Y6pY2i9LVmTvFS9Us16E7Alb4X2/aOdt80ZoOGdLN9KilxtBK/JBi6XwAWQhUyMCNmI/yA6pN20NdeCGvp1A1zdoOyI0DZurqtqOFoV/YqJZsu7iGonc0ePmQCXJ3a4kHy1jGpaUCC4ad8bQYcOHEyTYi5whLvx1bQJGw+PSBMuW8GofdAy2xJ3yhLV+0sHCeO1m4LWtYIxtaigVVl6TIRWNFck2YvQD17g9PYajNHZ9RCPevUYpZCAAz5ycmmcchzBa3r9p+p/T5Rpx3BknuXvrd/JoFhBdiQttRnH9S/oeJkQt8CYquQcaq6iVKKLFJeKZDqWXJOC/F6OSJVdYVkC7tMcwHLIRW3FfwtMx74aWGRDNcbwwv2MKejoWGK2fGhUkqD3Dr8XXprMneK4GGPKjK4BE7t2aRSFPm39tGG+PfgfME/95cvBflRSaQhRVXKZEwhEv02Gub84IFMJSPgiWZbJSK+5hQFKJ+OEuPNT0D26BvbzSGalHrSQzm1Y7UFzICF6fwNI9AOKQDMxbnipTEiEwgQs3Noz8+ycbVzk=

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" http://promptdownloader.com/?success
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6528.0.1537431035\1779937386" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,21,44 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=10.18.10.3643 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_NonMonotonicity_Experiment_PostPeriod/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6528 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6528.2.1427117898\1263969702" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="6528.6.1593814873\841801377" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_NonMonotonicity_Experiment_PostPeriod/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6528 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6528.9.1380390333\1658577069" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_NonMonotonicity_Experiment_PostPeriod/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6528 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6528.11.216782410\1423591753" /prefetch:673131151
C:\Windows\system32\wbem\wmiprvse.exe
"C:\IQIYI Video\Common\QyKernel.exe"
"C:\IQIYI Video\Common\QyFragment.exe"
adb fork-server server
C:\Windows\system32\msiexec.exe /V
"C:\Program Files (x86)\Internet Speed Checker\4178ace5-3707-4366-944b-52ddca0e277e-6.exe" /rawdata=FXUaETIKxgjuMUErFy8ltvyGvmdHU5ldTmkwWvqnTkrkp+3TKHN6tVFUYtS0KKbs391zOTtfZjJghei1jCU4h0C0+/3/1mQ/abCPuabAwr1nJHwjkHCvSDj0WjXgwSZtDJB1KI1N9Yt1yQVJ7zNdj0g6cU/gGckgdTIjUp+FSyZPOdwKNb28gOKimtKCPV2hSRzcudCQASs+hA75Bkr8EyEJkdNFBqFt5k8VbwQYV22YIykuF0bJfOf6+mh1WqrGlXD+I7k0HzatEM9+fPYDh/xx2mMbt70/zGY4q4a4aOmDvT8ewfIi3TXuMbfjg8DnbdhOZ/MV9oV1WvZMMbZ6ioUNVtQJMhSyt9BgpmNvBUK1bg4hqeM7LOVun6MReq5NvXtOgOsooT6NfkRWLyOotfLeNkQ3T29UPf/GUbwjIUTqpUWDYZC0Y1JrTMbkZKAYycAp9qRNV/AyYZuyKQSpnkbn0KCEErxPVenh0deY0mkjruYIC/T0/0UMEvBW5LFNdEtfvY2TQd1QaQnqtdo5TKoTix1KrPHPoJe1Fmi9M8WA4qS2Yh/QJV9EjUTj8A4z0bX0wbj+zwWslD5ht85lWjKP9/3lDiD3wNGUuGrmumoeLt1qGPC4aDn7RIWWfdZ1URG2U2GcQdFqlYqE/p+PWgGvjbL8QYOHFg6PHPn7WWY29exrDSUyZmvbM8vNe85FGh5sN1NHAMFaLtwLg61sbxdPNWAp1uVSF7jxkh0ao78ueY12RK/C8XAzQOtoQgzmKgN+MZqpF3Vpyxf+zsNHY+Uuh+DA4hB2RrgVvYFT3NmbMrLAqtpLiLl/GAzeffiuwUhpYRDwGYCuB89Z+ozcB3O8u4rduTcznihYVpmOCKfJgimHeWTnrpRxh7ID4lwXhhkWR3Q2vbXY/oIOoKmftXJIZN2/okq92Q/pDssIILD1GzD0lp2D6jlSAG2rZ6yDv0eVAy+PTGeuwu/5vQAa6gCtJGjtWLBN5eL431CYj6ZmhwXM/J3Nw+UD02S3G7GccdU+yafkw2gVgZaHCJrmF8239Dk5lvUk0gfYI05xPJbSlchkid3KMvdacYFPPST9iC1P6fQJE7kn6RFg3o/elE6/WAbb+XLKKSxKRLlwnmuwihJnSn3vgHgBSFWxykgqaIKWEHMU4jRbru3nj/0k9PN1sq+vL/m2CBkIPYEPXgaL02W9m4ld4EzP49vlSU+DDv2TjS60UB0Dr3utDYBYy89j1bmcZhyOAVsndZiwQsEoeDPu31PkuXtZj2F+nbT5G40y1f/2hmPkBY8eBUoiWWN3//mxKBl/3TRuen3N6WoAkJ69zHW3za5T8g4xhNiR5cpcoZExwKIh+UPK9PiudFbp3eYB97/GfjuO7rUqeeHUgcowNtwMC4uvjy74YIpaInbpzdf2I/E9fmjftti55Kk4HtXSJkCAIhp6CrXGGT4mh51rE1reic1CmZ7WRSzV3/uGGlKeYM1FtDMmqTlWoBG20CvoDd5yrsgKUFNzkj4hOuHRW0zjaXRkCUFSbVgsN9yp3cIpeHHEtbu/+JT3sxl6EEsmK8YVKCENwLx+RSqHyff7gIkFCKq3+gSWFDmJGQLvV3kd1Anylhh5eNtaO30pUnorC7Oem/yFreo2bD5dwbcUWjqnJMmk28sZtmrs41+2FLkbypLNVlIdN3rtRMX3wLda9V3NfzOm3iIvuoDCuuGi49RlZQqCfOAmioCU09+FJB/g0FqZkdFIqFak4qmDl2Ct9FbrUkSUll5rDbw9cu81Y/JsNTb9BDNQUEN6RlRI7voKtKNIby21/jS9QVy4QWywEFM+tD4uKHxF/xFrxomYeXI2ZHsepsLQJ2dNkhGHbXnFbv9Ib7lUb6oQhZ8obfr7gE0kJjYX0L/5v6ZAKqy/8j3R/DMCHIgVFyOwtDai+k1smugBx8eZLeIfbWoIWNVrm71LQ6ehZj1juqIG4fDBb2ID9LU21NT/Y9xw5JwdNROel0BC7/j85Wa2loHGEBnOARM0czFk3sv5VtJBiMojO+YJHz52iT9omyS/Z57k7a93sGhYGsHPJfKTh4p0nURrOrLQ7Mcnp+rkaNC5bjZMe0bnpieXs52lbhTPrsyXdBjH0yMEHdUDJzHgc1b1ZLf94jLXq1iJnLFxFhKHBNaHcMXkMn5HmMPxbYcZCU1qL5GYiJiAwifMQss7q8DSnIIzxxv1GtEelW61uKWnKK/DNX2PMVHqHOUdMgqV/uCeTS/+m23sTasQnV0CCJGvKBQGcjKtxBfaxLfePSs05oKoE29ghbafbsKcodXTjkmU2n06bP9kiFvCr8OoK6CSEAAzEyGxYXI8CgpdMAsEAloq7jHi83TI3niT6DDNmuCmmMDH8OmNAPL9FQMC1Q==
"C:\Program Files (x86)\Internet Speed Checker\4178ace5-3707-4366-944b-52ddca0e277e-1-6.exe" /rawdata=sQUecGEpSFon8QoVk4omO5Qo5I5eqUNPMQBvN4h5JgFURF0JdVNNYpdfh+oVGJ5S9yTywEFU1rVeMhtDP1iE8w6pWFuar04frhpepKmpweTnS6ddRgLf7XjTIcMukleksO+2PzFf6uPxT4NiWoQ7SN/aYkhkXTIl9hdFF1V8iVWQTPg/sV1XLzaGhWBOwa00cTUmX9vEzxI5kPGT8MQXzG5H+w8nVHosPDVFAQeKym0TZpg+NKB7mzkQyOfY5v3bExLA1uEY6R9IzhfclJNIj2ZjGxxk2XwGDeOX1BcovZBlQHC+5GazbjfZbxnf4D8pQnrPSqEPuZBkcp+32wkERl7b/nZU1B3jt30BiuLGJCpJh9z3CHJHm1/+xKoT2p4+psL8BjMkjoF1vcg3VAVPoTaGirdeDQYYLyvVz6VFskGMgsyya1vTA1U38Q5MQ14ystyOIWFUvDQR2xz7/debuWQFs3SJwH9bPFOgHL6+3MTWfsBA9WnJQ4sZvxORceDmck88aTWpHjhmUIxOBH+ftDqUp8UFoWCZNY3KeEueE5AuLHJ1uPZ1wUgbLRpkXDlVUVwxCBs2aHylS9Vph4VahZRuKLHQQeMa7sfUu5U4rZUl5taV144oHBQlsnDYF2zcFdUnZn5lcOTfDUjKo8vZCAZdSKzA/ypGtAtjlfxffa+fsAjacn/lfyj1hDaEjBfOBG5oJXZdmvf/p2tcpPl/fnvM25lnXKhjW25zWEWqtbs9c/R7vfBrCpfgrwaxgJza2BHrEfDn3Q/F0aHxYUCfxlv/NR913wasQcgFc9yeOvutAiafaYJmZHFQ8NSNdJpsUejcdnpTTvy7YKHbrGD2URu6vbg/27vyk3AeaGHsv6VvUysqe5uvsQeGuouRtsjk3BI3zjuHBr5p3RMCP2xDwxZHn3Fd/xuS/DEOg/HBjBqt2sPqnOW2OAgo0KkUnSFmMQ3eED8ONB/diji8t9kj2T7JppixR8Sg7uZhXB45Z9ZTYUmJALrq0OsrRfPrEg8SYL4r/wEoOhbyOueDnb9TG9nJ+uEA1UX1vdhooEg8VyX9O07xg/P1UpwOC23tdbDdgHe1LOaCcf+rIN+4pK/yZa2Q1BQwEkzDiriy9jTHv1Dlq9TwLb9dsmkUGwRKTH7zPZ52P6ho3TDiGabGiexWUhN+kqY3T2tRPdaNgSAEGLSL8NrFBqLowIMZNPgx7Xg7czeYNv6u8ChcM8yf7kKNYOye8ug45EBuNzSgIkl9fI2e+/T1XEoHRYmiMxItR9ZuhN61BC8Mp4J8ANfOO3IuJL5c1VXRCgSksokmURSuU6WEW88CfDIaog25i8k3B/ZShqNVNghw9cdtKuIKukXvhA==
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/*AutofillEnabled/Default/*BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/*EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Stable_NonMonotonicity_Experiment_PostPeriod/*PasswordGeneration/Disabled/PasswordLinkInSettings/Disabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Disabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_36/*UMA-Uniformity-Trial-10-Percent/group_02/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_03/*UMA-Uniformity-Trial-5-Percent/group_06/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/*Win32kLockdown/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=6528 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --channel="6528.15.237662354\1702756378" /prefetch:673131151
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe7_ Global\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 556 560 568 65536 564
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Realtek\Audio\HDA\FMAPP.exe" -START
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Štěpán\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\4178ace5-3707-4366-944b-52ddca0e277e-1-6.job - C:\Program Files (x86)\Internet Speed Checker\4178ace5-3707-4366-944b-52ddca0e277e-1-6.exe /rawdata=sQUecGEpSFon8QoVk4omO5Qo5I5eqUNPMQBvN4h5JgFURF0JdVNNYpdfh+oVGJ5S9yTywEFU1rVeMhtDP1iE8w6pWFuar04frhpepKmpweTnS6ddRgLf7XjTIcMukleksO+2PzFf6uPxT4NiWoQ7SN/aYkhkXTIl9hdFF1V8iVWQTPg/sV1XLzaGhWBOwa00cTUmX9vEzxI5kPGT8MQXzG5H+w8nVHosPDVFAQeKym0TZpg+NKB7mzkQyOfY5v3bExLA1uEY6R9IzhfclJNIj2ZjGxxk2XwGDeOX1BcovZBlQHC+5GazbjfZbxnf4D8pQnrPSqEPuZBkcp+32wkERl7b/nZU1B3jt30BiuLGJCpJh9z3CHJHm1/+xKoT2p4+psL8BjMkjoF1vcg3VAVPoTaGirdeDQYYLyvVz6VFskGMgsyya1vTA1U38Q5MQ14ystyOIWFUvDQR2xz7/debuWQFs3SJwH9bPFOgHL6+3MTWfsBA9WnJQ4sZvxORceDmck88aTWpHjhmUIxOBH+ftDqUp8UFoWCZNY3KeEueE5AuLHJ1uPZ1wUgbLRpkXDlVUVwxCBs2aHylS9Vph4VahZRuKLHQQeMa7sfUu5U4rZUl5taV144oHBQlsnDYF2zcFdUnZn5lcOTfDUjKo8vZCAZdSKzA/ypGtAtjlfxffa+fsAjacn/lfyj1hDaEjBfOBG5oJXZdmvf/p2tcpPl/fnvM25lnXKhjW25zWEWqtbs9c/R7vfBrCpfgrwaxgJza2BHrEfDn3Q/F0aHxYUCfxlv/NR913wasQcgFc9yeOvutAiafaYJmZHFQ8NSNdJpsUejcdnpTTvy7YKHbrGD2URu6vbg/27vyk3AeaGHsv6VvUysqe5uvsQeGuouRtsjk3BI3zjuHBr5p3RMCP2xDwxZHn3Fd/xuS/DEOg/HBjBqt2sPqnOW2OAgo0KkUnSFmMQ3eED8ONB/diji8t9kj2T7JppixR8Sg7uZhXB45Z9ZTYUmJALrq0OsrRfPrEg8SYL4r/wEoOhbyOueDnb9TG9nJ+uEA1UX1vdhooEg8VyX9O07xg/P1UpwOC23tdbDdgHe1LOaCcf+rIN+4pK/yZa2Q1BQwEkzDiriy9jTHv1Dlq9TwLb9dsmkUGwRKTH7zPZ52P6ho3TDiGabGiexWUhN+kqY3T2tRPdaNgSAEGLRMvP5Yd3qIF/DWu2VQxtkL6vefkZ/YeCoRaUTZzMfGlogp1F2+4PazWY4Av8T2N8W95jM+WHlYzkIxVxz0D+yX6KzqFT3AqRihTCaTvdKUEhdVZU9hA/hwM3jPtW/wByKjdn1XbSJ5T/2iZwOGgtC6HrXm+nK3LhBujTNqplaeFg==
C:\Windows\tasks\4178ace5-3707-4366-944b-52ddca0e277e-1-7.job - C:\Program Files (x86)\Internet Speed Checker\4178ace5-3707-4366-944b-52ddca0e277e-1-7.exe /rawdata=cc6bQBSGspHsv5a1if/MSUV9YpyCL7bGmlY1qVXif1hZQ+wUd5IjMEAhVqw8dmM4f9UHDgBfzia+YwOF8/hSFLBKLvP06VrSyk6bcjrau02l3/b7nkmYYaMj3HyDpV9PrEpC97d/naxgZNzxGSX0wwRo1+FvUkZXdGEHkCUew6Br0WfiFO6nBGiGEF39LTFrv9WXj9TIkBU+Z2ZNDYGDSeUpOnWzOHbCbP6QJOm3VKeLJEywqV3VgGCIwqAyHiVx6ThmNNXUaxXk2osT38SCDcohFLuW6RFrdJSfA3VmGg2oChm+xQadGnqiDJovsQguCp/irbYd4fpa5CqoWXrpvBMO0Cocw1QB2/nbA79wWhc/Zn5mLmqEr+0ExywhYrpIK4LfwXZlHyZl4VJgNerTWLTJlwVjHwQE7RxQ2STE12B2jYjsW8HWs20xNWD5TbYwRPt1myVSD2tECGy1V+Gpp9nTFxtA2WuKRMQeJqcAJWVtHIjYC/pxuFGAuqGNhDAmShewiZlkmO++ulyl1u4oB3MAUUfQKKqQdwAD/GzmgeIEHsQ/ZI1TrxHzepLi71baJ2vGu4OyOIw7v4RWFNvYChjvP/B6+r61x85EM6Ddw3mg9KWCja3qXS9BbBx0CXo+xnfvTDvUrFmT/t/PYqCBHSAp8wm7HDKCiRmrH7TRn9tzaKfWCl1d8Cqx6LuYOtWWoK49nyKCfhm9aCr0fx7Q/muOrXh2xkJuld1fJk8CaKLaMPZN4mJFOdZK6EXFxUflA0p9KvEdWT2OEGZeCTV6cC6/yQ0Ghqm5BfeHraLUDSxiahUtZxgbfO61CGEXd0unswPeH4jn0FacJRA1+2IaA5MkxOBobTc0BA3TFERXGWKd7lXXK95G81qYkDE+fghuQPNP+LbjaN6B86oVNV34xE5UUDSPd/LQs/toU28JEABApme7q44Thk+iFZngzwCjPnBeqsufpHvHwEF7XNlZSkrRqnVB19DVhic+X6HOiQRLc7OZse7TEbPFKYEU47DkCey3LK/JKagMoZNjYq3wyRDA5Vq3Kt8I3vbAZtXHb/stjqgoiywgdgXQYWnG8XNcQmcpLBOvu06nOW7YVhDWckHeSrF/4FXCXpZM1ePOrvvXqt6CJSctkLy+7hhscj1r/G2JeAYUhKhzmled7I2J49lO6eR88ebP1bxyuagtdkyvopIoCCJjyEVoYwdm5tMSHTWKZdojXN/jf7yzDui8E1Xb8L/FVIKz9daPR26oNY9CS04E/InBAHEVT5Jutwh7U8HY7EWyvomD5z+eZT72WsGJCS9ycucnf0do1b4r04LOrmhj/rqh8D+i27gV0UvEB6jOsdRtc1o0PjUYpI+i4w==
C:\Windows\tasks\4178ace5-3707-4366-944b-52ddca0e277e-10_user.job - C:\Program Files (x86)\Internet Speed Checker\4178ace5-3707-4366-944b-52ddca0e277e-10.exe /rawdata=ZpuuhX+/FaRcTzPzbAiB7p3l3DwN5Bga7p3udjn3Og72edzCB+uImpoqcmWX5/mh7BDmW0+Usj1W56ZxnkqOvI/0AbqhTKlKRx1FU9Z0nak2uN3g2gQnfpflVUkX38XFKh8TemTqm5v63y8fuGJzBTG83gaAJB8bZ1fdYbcDxLMLmFGWii4Wde++z0scK4aktI06tjBZbG7pJRuhT83y+NXd9aArD0gv/Q9+SOOivDGqJ++c2DfzGgibKmfTrtZGA2XrFMalXLjACxynjwZ4R5nG17nH+/jUFhfdOoHCtXYjpZSvN8y9ks0YO+tpfGyYHxpiVk4LsdnExTKCh8m2wQPpd/pzShwnUyx5EYXDsrBas3crKeqeLR1Sef8NW7ay1e1/LvUUxmpW8SAQ9rTez4I3tT6VbmNYkuPQ55LcKyfkdRlDcqugMx3+B8eZSuGLnjIDityRWSqxxXugOvfE0MFNTDCALxU3uP5yoiFEl+RwZkjDMFv72Ft9hrLFxQkDpJK2PSrDjDVsJ4rBhlgpsIRjLgJIE7uMzSBlrbESoqMYadhdRUesOErHVX2BY8tUubWM6A0CjM3x6f2ldU7KUKlUncYl7pgK5AAHEtF0R/LAkSMxmLdVlgVQcMcMYDPMwKIzmNRtsSvbO/peKoVtM2IpnatTk83F5vR+Vyx1NeEhI/je5tOUAX9eGDCFOOGLA02f1wDUa+NwWTLOW2UsD6GkO3yFU7UNB4BkA82QE1z3dNPhXLKAHYUb1MIf3EJ2d6mh3k65JeHranppJTKUDVEZoWFRmEmJMGNjTcIh0KczpNPk/hTRHFf68Ubv2wlHlCFoDEmZondBf0eZSBw1TA==
C:\Windows\tasks\4178ace5-3707-4366-944b-52ddca0e277e-5.job - C:\Program Files (x86)\Internet Speed Checker\4178ace5-3707-4366-944b-52ddca0e277e-5.exe /rawdata=iqoGCr4bYHfnnswvBhBgp0umvhpeZd6BX4sbbZdoukl9amzBcxuZtj63Eqf5awolu6PZy6X42brQMSkpxOSoM5b2/AZ6MxuQ84fIKGqFxox4pExQOzaWOBQTXTeotb0EVvd/npQ3ngm8Y5mIHA2AWubEpZ8bGlKIUuqfBkDl3iei3Lc6Cn5Mps2DNPnKHW+Fj/4vibSslggW6/rdDJnfNjdSthJqat2MYmATs7OYJkmYNNJbmBKMjbXDelmeTMf/siugnEQN3KoJiSgd6JirGftHDUsww64nrOBzLqH8jsrEOOMcOSYv7Df317IK7FTZPQCp2XoQoa90D4DRHm+3Tr3HpI6+zJELXIS02xUmFhH1LsBE/dwNF/S3t4XBmhRTM6flZ7yqU89+6SNjLdDbuZjD5QyloBQRvwoHiXyhkqtr9+bSdmrT4VQlQdgf3nt14Yvul5IVAhMNSmW1DEaIRzoGjGjLAmtl72fIfVFT6W71j9T6UM+TH5GjGUu6LNgmjM8kq76vKhkd4nyosHDRILFxqMKEivtQXVfzRO4PFhHkeJFXhLjMd8hLMgx/PtZt8+qJTmB3snbqZZn3w9uclpzCdigXUM9yi3EWx91Su7vRUzl6+RL0am8u07mx8WWpp4i70BYMyzbxyV5+Sd1rktps0zcCMEbG5q6Owh/1xyZdzwdHWl6hsAcdi6GKLqBtOl0IdB2BotpBzt++EXxQJ8N1eLYaZXW19kGGBbKZW4BsIKEpLnl5uqNh+0ct7ArYa5el4pyn6OGq5p4Gzx4X4ZIF8BA2ktx1lGJ1dIpOkbg5cHco6OH5RhtTJIlBhwHWhrcoDx5K0ly1gCK6wTaosYGf4qHEcdeIolnk8WYEXagurVklFXcMJSYJuMKxs4p7efvNNefnXXirlpn9E6iHwzDaDsxgFb1W4VPY1iAg83P0tYBZvm+YJOnzMW6oa7Y1KF5SfLd+99gWpErFNUPjI7y8e/mhRUb92LuciRsczrkUkNqzv853/jIwCbYv4MOP
C:\Windows\tasks\4178ace5-3707-4366-944b-52ddca0e277e-5_user.job - C:\Program Files (x86)\Internet Speed Checker\4178ace5-3707-4366-944b-52ddca0e277e-5.exe /rawdata=iqoGCr4bYHfnnswvBhBgp0umvhpeZd6BX4sbbZdoukl9amzBcxuZtj63Eqf5awolu6PZy6X42brQMSkpxOSoM5b2/AZ6MxuQ84fIKGqFxox4pExQOzaWOBQTXTeotb0EVvd/npQ3ngm8Y5mIHA2AWubEpZ8bGlKIUuqfBkDl3iei3Lc6Cn5Mps2DNPnKHW+Fj/4vibSslggW6/rdDJnfNjdSthJqat2MYmATs7OYJkmYNNJbmBKMjbXDelmeTMf/siugnEQN3KoJiSgd6JirGftHDUsww64nrOBzLqH8jsrEOOMcOSYv7Df317IK7FTZPQCp2XoQoa90D4DRHm+3Tr3HpI6+zJELXIS02xUmFhH1LsBE/dwNF/S3t4XBmhRTM6flZ7yqU89+6SNjLdDbuZjD5QyloBQRvwoHiXyhkqtr9+bSdmrT4VQlQdgf3nt14Yvul5IVAhMNSmW1DEaIRzoGjGjLAmtl72fIfVFT6W71j9T6UM+TH5GjGUu6LNgmjM8kq76vKhkd4nyosHDRILFxqMKEivtQXVfzRO4PFhHkeJFXhLjMd8hLMgx/PtZt8+qJTmB3snbqZZn3w9uclpzCdigXUM9yi3EWx91Su7vRUzl6+RL0am8u07mx8WWpp4i70BYMyzbxyV5+Sd1rktps0zcCMEbG5q6Owh/1xyZdzwdHWl6hsAcdi6GKLqBtOl0IdB2BotpBzt++EXxQJ8N1eLYaZXW19kGGBbKZW4BsIKEpLnl5uqNh+0ct7ArYa5el4pyn6OGq5p4Gzx4X4ZIF8BA2ktx1lGJ1dIpOkbg5cHco6OH5RhtTJIlBhwHWhrcoDx5K0ly1gCK6wTaosawWFP3IKWQm2Fq3f/5pKuzozH0OMSlXqAgyfKPKBPsrTAXZqkp3oFIUckTEr7uncA6zRPGh+s/+1e5FZe7K3wltdf+nrLDV17f220CZ3kHMneyVAWvG+b7VViby5PVNNq5XelTu6Y96X6N9bH5RoDAYcutSmEOLKZkvQfssU/KA
C:\Windows\tasks\4178ace5-3707-4366-944b-52ddca0e277e-6.job - C:\Program Files (x86)\Internet Speed Checker\4178ace5-3707-4366-944b-52ddca0e277e-6.exe /rawdata=FXUaETIKxgjuMUErFy8ltvyGvmdHU5ldTmkwWvqnTkrkp+3TKHN6tVFUYtS0KKbs391zOTtfZjJghei1jCU4h0C0+/3/1mQ/abCPuabAwr1nJHwjkHCvSDj0WjXgwSZtDJB1KI1N9Yt1yQVJ7zNdj0g6cU/gGckgdTIjUp+FSyZPOdwKNb28gOKimtKCPV2hSRzcudCQASs+hA75Bkr8EyEJkdNFBqFt5k8VbwQYV22YIykuF0bJfOf6+mh1WqrGlXD+I7k0HzatEM9+fPYDh/xx2mMbt70/zGY4q4a4aOmDvT8ewfIi3TXuMbfjg8DnbdhOZ/MV9oV1WvZMMbZ6ioUNVtQJMhSyt9BgpmNvBUK1bg4hqeM7LOVun6MReq5NvXtOgOsooT6NfkRWLyOotfLeNkQ3T29UPf/GUbwjIUTqpUWDYZC0Y1JrTMbkZKAYycAp9qRNV/AyYZuyKQSpnkbn0KCEErxPVenh0deY0mkjruYIC/T0/0UMEvBW5LFNdEtfvY2TQd1QaQnqtdo5TKoTix1KrPHPoJe1Fmi9M8WA4qS2Yh/QJV9EjUTj8A4z0bX0wbj+zwWslD5ht85lWjKP9/3lDiD3wNGUuGrmumoeLt1qGPC4aDn7RIWWfdZ1URG2U2GcQdFqlYqE/p+PWgGvjbL8QYOHFg6PHPn7WWY29exrDSUyZmvbM8vNe85FGh5sN1NHAMFaLtwLg61sbxdPNWAp1uVSF7jxkh0ao78ueY12RK/C8XAzQOtoQgzmKgN+MZqpF3Vpyxf+zsNHY+Uuh+DA4hB2RrgVvYFT3NmbMrLAqtpLiLl/GAzeffiuwUhpYRDwGYCuB89Z+ozcB3O8u4rduTcznihYVpmOCKfJgimHeWTnrpRxh7ID4lwXhhkWR3Q2vbXY/oIOoKmftXJIZN2/okq92Q/pDssIILD1GzD0lp2D6jlSAG2rZ6yDv0eVAy+PTGeuwu/5vQAa6gCtJGjtWLBN5eL431CYj6ZmhwXM/J3Nw+UD02S3G7GccdU+yafkw2gVgZaHCJrmF8239Dk5lvUk0gfYI05xPJbSlchkid3KMvdacYFPPST9iC1P6fQJE7kn6RFg3o/elE6/WAbb+XLKKSxKRLlwnmuwihJnSn3vgHgBSFWxykgqaIKWEHMU4jRbru3nj/0k9PN1sq+vL/m2CBkIPYEPXgaL02W9m4ld4EzP49vlSU+DDv2TjS60UB0Dr3utDYBYy89j1bmcZhyOAVsndZiwQsEoeDPu31PkuXtZj2F+nbT5G40y1f/2hmPkBY8eBUoiWWN3//mxKBl/3TRuen3N6WoAkJ69zHW3za5T8g4xhNiR5cpcoZExwKIh+UPK9PiudFbp3eYB97/GfjuO7rUqeeHUgcowNtwMC4uvjy74YIpaInbpzdf2I/E9fmjftti55Kk4HtXSJkCAIhp6CrXGGT4mh51rE1reic1CmZ7WRSzV3/uGGlKeYM1FtDMmqTlWoBG20CvoDd5yrsgKUFNzkj4hOuHRW0zjaXRkCUFSbVgsN9yp3cIpeHHEtbu/+JT3sxl6EEsmK8YVKCENwLx+RSqHyff7gIkFCKq3+gSWFDmJGQLvV3kd1Anylhh5eNtaO30pUnorC7Oem/yFreo2bD5dwbcUWjqnJMmk28sZtmrs41+2FLkbypLNVlIdN3rtRMX3wLda9V3NfzOm3iIvuoDCuuGi49RlZQqCfOAmioCU09+FJB/g0FqZkdFIqFak4qmDl2Ct9FbrUkSUll5rDbw9cu81Y/JsNTb9BDNQUEN6RlRI7voKtKNIby21/jS9QVy4QWywEFM+tD4uKHxF/xFrxomYeXI2ZHsepsLQJ2dNkhGHbXnFbv9Ib7lUb6oQhZ8obfr7gE0kJjYX0L/5v6ZAKqy/8j3R/DMCHIgVFyOwtDai+k1smugBx8eZLeIfbWoIWNVrm71LQ6ehZj1juqIG4fDBb2ID9LU21NT/Y9xw5JwdNROel0BC7/j85Wa2loHGEBnOARM0czFk3sv5VtJBiMojO+YJHz52iT9omyS/cGZPJsoxNjl7/WbBynaz8qWd7X9uRcxoPSMoZRhT/MkVimVfk/8r28+s/dzLbj8Mge4PvGmazgPOUiAEbtu8nd4LOdDbzqZpYcpSlUt/vcWz486pUSvJzhEkCkGqD4NmmGlQNsZJb2GPP0iER/GI/M2kNGQalMJ+fO+YqS4HwZxqtIoBlrYMWzCk3x2j0t6Yxrg6uvNnD8oh7XTPk8Tju8o0HbpJ/siaiarhn27Eu24ACtkGa3W7jxCrcw+DdXfZp3xs/jb765kEOqYbO1valwJh+7+5HsvNw/y8N5nomjLOSStA3yV4AHsqcYGskuDwIm/eU926wntamam5XMFTeYd3Q65fur1+j9RyModrYKbeapgHTP/dXG+ab4bGabpwwRWCBddo73C9BShTo/KqlAlbAtodC/iVDRhrsR+EnXc0k2e/SnvueCEpW9c9co69P0Me/0N4kfETHpKMYQ84A7nxKs8T+iL2Mzz60reJCQvrz4lpO7UkpM0CyzVBsN+M
C:\Windows\tasks\4178ace5-3707-4366-944b-52ddca0e277e-7.job - C:\Program Files (x86)\Internet Speed Checker\4178ace5-3707-4366-944b-52ddca0e277e-7.exe /rawdata=F/WqMx1QVeFmlJLurxKhx4/94Gv2b8y9Mq84bTn4Y13swb7LZaqJLcuxkH2lklHeqfRdtxO3PwiEXH7ZpJUHO1nw++FSZgWVcPZGK8iJNXgWkSwJmp7TNaGQZorv28nMvtOlzCkA5rMqZOpxUVaFzr9Q54sHbOQ31MPdjL/fdQ69DTZVczrSTh/nJnl8o9IPHTW7eFsp6f/kvtLRkmUe0HurTn2AZZX3UAjly3XHeSlawrOsMRa51jEU9KAjXcThw90W+qTdgIcfIRFnUkNnRYF0mqrw8rqKzpoe5/Ov7we//1KKDaXnIxkM6uohGhlQ3JUzUMRpb2pTgjA9vr0eCx965Rjsd+pI8nZcfQcSbF2ELaOoItM+qqJ+MCzxnlDkT4BGSIqXGcP2mSALU/qmd7/iRHi5V1FfRw82yr6FwsNV+QH5ez5p65qVyBjvo3A04SxMsWi4xl/jJHqXFT4+Z6Uyx2m/RMG3LS5hccG6J6fNEyDFS3weCggAsLb6GtamqvOi6mWi09sUMT27JrZdUPUhTYzcD/ou441aLNC5lzLbnBiN+cAyMZFjGMs/bR5sQJvlj5rkedDHV9U5OgCb5MvEqA/1QJvsCEfNO1vW64ov6ODHd8QOk32I8l9B3Z8c8jsYiLFQhOCaoNMg7jfwdSlAM941C6VbT4vcAmeE5aeI4Z5sUYsn1q7PoyJ1nWwZtL+pa8RZ+Fj0lEKSPPCUjNNYhulf6LtTDa/xvi49px0MyoSwPnuf/MdLx07rkhqCKKoi6mP4KGLEyZ2MhiE8X8F0ijNBii59fTMDon0Zd19BA2ukDRj8+N8YQBl5yDNS5fsrCbWJihYbBuGBFcl73XIHxyQGAA1yUe+lL8b2L+sHErKZsiMcxmvd9B4t8Qkx9VlTAGcQPzZh/niVZLwmUpwsry3b2Zg10rzgG9BT0isQVK8ev4z4h9EqkH/9sdcgCFa11lEQZZDCD6iSZxmLfy7fR7qKc9LCxYK9amrcTUJ2wbb6SneUnw7J4GXFZchOrL+fjIAy31xXml5IYe3cBreC1Z5UjubFB5Ra87TfXDSC6lc2DiBIxzmxtltMPHQhSdy1KAcu96rY2/32IAn4z/zusOPXSKba+TN7hEtb6j8GcrXiMUVJo7B2dwHvf/wA9y3vXIbhVdxIkjxSbytZKBX0cnZIDDUmaCK/99YO/PdAJja8dMh8HELKFOfbolcRkmPBi6pBop8N2YAnu93mT3aZudPh8tuVfhnUsu5emiLwnMBC1j6tEwrCh29ESp0YABu2A5aXR24kZzhzZVS8iHXABKAD0yIDX14gQxF+BQ0ZIhX0nN+eVok5VFL3HHGHETWH8cFI5MFPFynljJ/VZMXLUtOT/ztmU4pk1GEPuxyOTH2YY7a/1EE5W9lgKR28eYrCSgZlwS5v+GsuZ4V4amjtzyjcLxlX9YhiKcBQg4jFt0RNdJK6IOn4rDXWPIf/yZA2QH6joJFETfH4+2M9IAUbquxp9Z2G5JNQ8++7JfB4XiaLwM7vuVoBS7CxCJjNOQ55P6YUYkidz22UdWFCbOumIjs4j4u/JXPuRmN99qKkwyqxtgmZ10TTEE/2NFbdvM1Vk5f0bmKwgyAQ7RcBPQYa/eKXpxMKqSncwb43hlytJsnLPQFb2sxYShJKtj8UmqZv9ZJDqxzjxJs76ArsGeYGPOX2s68WHw8QoK0LAYlQrom8CzOeencvTOiP8zQrzN515yEGcAM/2ux5Q5b7tvw0XUK5s9LEIc0XMyTwLY4gYRwueADM+LcJ2QhUG4YPfjnYh7+GCRofq0duA4VCiZ8OOO96RCTKvZX0UZf43T5gxUYqia8A9GSvnf8ubSA1oePTADnbj2uUk5usGbHt4AMkDI0kOm196GkvN+7aQub5q1cPQbbcYVgVVPVYB7+g4jJ8IOQa8Hsr+7NUOtSNB+h4nTBWJWBx7bTiba/AKK1oI39gwFDZCuoRsO3SM0cLu8oQtsKzNvl3fao8fS0wglfFtmgEfeUNG88FwUYMHwMV8WK5WOxBlFlZq3AyrgVxdXYIEO1MloByjxwvSz+RCDN28vvd4p6fi++xxNngTnx8i/Ty1YSPuo81ie+tEMtRZpXxg3gArldM7o+Xq7j7KQZ7B9U8F28Ayi1/Ea1womNcKQ3hjcLc3bu7jZont/UJUFnnkN6T9/Z6B3lJmDdMgcp+Vpw3u5rqRFp/qkED65GB/EuFmVR2lmEoTvXl8zgSNETQ0+xM8exe5zfMewM9n3oVlrbqHGOioDxOdowE4noggisD1S2tfiNxgANZONnz8FYcaIsl9+jlyH2zl8APxwAZADLll1geZ0KzUmbpRNQe/auOC9d9VhgLXK8kpdaPHDINGktWz843lr2yI3ez+A==
C:\Windows\tasks\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-1-6.job - C:\Program Files (x86)\CinemaP-1.9cV06.07\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-1-6.exe /rawdata=kYMaY75ndJKLW78jPYRoh3++b4VCiFWKQbuHlmSfVnEhIKLKoVQEdSr8CfCbhwVyB8WDSBVpAQ3Dd5rRVpVGAStXi7SySvJ2iItJNs+YttNiJYdGXZo8nrPN3N++T2YLuDREXYd7frZVms11fyHktkS4ejGyU3MMHGoaBNBUfnwh6tOWdkxiHqGl10wRQhgBgimR59zcEKCRAgyY9COsjNjYkpQeFrGf0ucvYdfnKx+OABHc/BXUECK4fAEog/C+qc3pXEdUlzeeqn7fRwf13dokVknT0WCkGgmtZjwjcXTKbwrJxq0HAOyte7yt+WRW6kAYm/gX1iFPg8nwnONuH1xq6/dtYZ+43sq2u/r1Xn6giw7HvebJFlKHmECaqhqLMnn8551HNHF1fNa+UjtbilUTbE/tK5lbsgc2lA9Uk/lkFHAubJry2eBioiVvwzEkYaV1XLH4hAU2g6OMMM+6PFhv0Nms57AN4KuBaE0qeZaI0bnntnistSB77e7e7qUCBsbafIKLcff1bNYq8IJJO/AOz5Iifm/us/lgpHoYmj8cybcMlyPBU7L6r7r56m6iTyfLnHdGcqpGDEaxjED4cbcjZXy3jP3IuAR4+86TGrVC2734IWz0jQmCZVsWqZl6Y6pY2i9LVmTvFS9Us16E7Alb4X2/aOdt80ZoOGdLN9KilxtBK/JBi6XwAWQhUyMCNmI/yA6pN20NdeCGvp1A1zdoOyI0DZurqtqOFoV/YqJZsu7iGonc0ePmQCXJ3a4kHy1jGpaUCC4ad8bQYcOHEyTYi5whLvx1bQJGw+PSBMuW8GofdAy2xJ3yhLV+0sHCeO1m4LWtYIxtaigVVl6TIRWNFck2YvQD17g9PYajNHZ9RCPevUYpZCAAz5ycmmcchzBa3r9p+p/T5Rpx3BknuXvrd/JoFhBdiQttRnH9S/oeJkQt8CYquQcaq6iVKKLFJeKZDqWXJOC/F6OSJVdYVkC7tMcwHLIRW3FfwtMx74aWGRDNcbwwv2MKejoWGK2fgtPEEvyzdsKtrxA+YRSBpOV1WlsM2NcKygFJQ0lcS66uxwGkiDvbMAMGucr8tQm50U8FgKx7Y59EYuB9BVJOeixsAJYNOTJwiWxCOJ/KOXIpaTEXVMI+lwdrWEBUSok1f6In4QjhtoCNJFGTiVP251QyaicLFv+harNAXOV4Iu1Mty/auAxAgRBbsXuAd/kO0PYvLBGtv3rNkCVR1twdJijulqtImBEyULzeBRPMuj4ul3iNx1rWI+ty+XEJuH4yk0L4TBUzETJt8hgeFB+b7Y2CW0wqsleDRmml1l7ESDVnVvg70PsUnEZSo36EjyebAbZxVPq5j/odlY4rJdZ8aQ==
C:\Windows\tasks\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-1-7.job - C:\Program Files (x86)\CinemaP-1.9cV06.07\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-1-7.exe /rawdata=lU5EENIL07hftjf8yFfSofu7GZvx/gau+Po2aS6z7JptN6/xUn+6qAhpbMNgB71MXw//pN4LhuIwfkax9EGu3VoheLouxuwXP/7Y3sduYQ8RjdXtitF0Sgee1ZNSH5vw2AFnqpptbSeMiyBZFnmC2tfZAo1czsBvWYBNB7HJMM8TKMEP0oaGxP6Nb0ZQribF73TYqnwIDBBtuMTgaBNDdByleVq+e2hXj/7iUyb7dCpJIFFeOWBOfGZky7WKCwBWKVGN3GvZMUUyrom9W7MbX6fVG39RcaCNd01LAc3c9KLRxnrHx+xbJhbuPcTaTPSrzUFKwNBCouknrB5AAYZI85Y1fEdimBeMNZlAK/Hpvsw31k4+QBLGPMPtA6ze2cKTDTNwL9QUbUcwk0ptZoJtIwibqn6SV78c4m/8yJqzfIofegTmk/FHUrwSjPamf2Yo6hpf5YMOt2tlZFqQtuYEcPLmci9gtY2u/LD6651hbOeEB3a8GSZSobQ6yvimdV7mpKUlD6YABEIGl4yffwPif63TNQne0au495KOSGQwpxfQ83NlPGQhXCrX664SjTyrUhdrvD6EeYfdNvXkDhNMEMTFMJioABrcQe2tOwZ/6yUarsgRh7tf1JoPcC5mrOuvwmnCoObGJKzgL7P7UliinNkDIe7FJBE1nKQJuAmxiXEsjlHemUVNCrW7tfR3mLOV4ODhofT/i0APqLQhRP5eheywWhJOLott8UDV20WXm2nF+yk7xeBKVUHu8eI3K9zczKq1Vo0IkY5GMEJHdIYE3Ff8DtQ0Ozn9C/UI88FX5U2mUE5++iRUlnqY9jcZbsnTuvLNQNHluQhFUBteCrgwMZJOYBbdj0bXjlje4nUZqEYErBBI4SKigrW5qfBkRl/1PCzkvmKfyUnqIwVrQKCIkPlfyMPoXh0dAyypCrqS0oFga6OfPTgVh7NL+Yuk3bC1Ozch8ax9rwhvr6R6oLu70KlY/H22BP7MOMY1ON9mVYJE06YgFc75HGfbV753HGnDFVbZD2dNZ/VwhKyhZJRhbuoEVB63oYlNJcFiUvAouvtlCGUo06epTrNeA7bko81U4Dzk8zItNzwzmHt7hz+o2OOtJOIeoEwyd8lDAC/3QBAjSjYPJbpya6b707uQMWtq1nvILKmE+LTthxZWbLUnGviKCiQG50cWwnlJ3jcro3m/xf+HZvsl7jdXpiytn+Xug/DZVwJwp6l29J+SiUewPna90l7iZbpxigUs1NSFgzFOKx+hWUDe8siZam8p4yjV8dKE6tJCc2M+O0HVsKYPjkUYl1xZqMJwMag+Q5QvgweQTTuf7/rN3fPdWwSkGyA39uEXPiSAvsVEvQUzwLx5FA==
C:\Windows\tasks\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-10_user.job - C:\Program Files (x86)\CinemaP-1.9cV06.07\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-10.exe /rawdata=kS2/sJNH0CqgVEqG2Aimjz2GcjX0SIcpQB9ZJ6O53rv8sJo1ahDgWGzOam5LmJ+rnS1y/pQ7f31rWue0ngetNJ+RqGPl3wnxuo04eWa4qyIzuFwOg/ahpgpV6vDRnjzvtod/x+ltjizLqRdnUr4CJB4g/nG6o/azELt4iwf6lA4LmFGWii4Wde++z0scK4aktI06tjBZbG7pJRuhT83y+NXd9aArD0gv/Q9+SOOivDGqJ++c2DfzGgibKmfTrtZGA2XrFMalXLjACxynjwZ4R5nG17nH+/jUFhfdOoHCtXYjpZSvN8y9ks0YO+tpfGyYHxpiVk4LsdnExTKCh8m2wRNuhrojFD9IK+cHBHUglrPS0+Mntves1Xe/aZabNcBJ0jtX3a1oXistYomBxRKz1z6FL6ipfLH4QNKb2GRQnOJl+U5nn+7KYl+E7fqR1ax5LXIkwXjFBkMnbjQ9cXQLad/SHpjuWg0FUizpXfdne0dTRzsxrx84lezi0g+jgYnWpJK2PSrDjDVsJ4rBhlgpsIRjLgJIE7uMzSBlrbESoqMYadhdRUesOErHVX2BY8tUubWM6A0CjM3x6f2ldU7KUKlUncYl7pgK5AAHEtF0R/LAkSMxmLdVlgVQcMcMYDPMwKIzmNRtsSvbO/peKoVtM2IpnatTk83F5vR+Vyx1NeGndMKqe+S7pihiPqLXOsb307/Wzl5Ds/AMBRCB+KFNEpbm5E/RdwihHgv3NT9BP4c6xSAa2DROhWaybJycsdAvS0rHNRWMNzuKOraXgpF9VLU8uJ+yRQX2aV9PSjp02ApOg4lynryXqbZNw37Ly3BdWo5BQuPCv/g9aFhbWHZ9Ug==
C:\Windows\tasks\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-3.job - C:\Program Files (x86)\CinemaP-1.9cV06.07\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-3.exe /rawdata=sVUhiuHZF1DyPPGRyAqjtF92k8z3NPM7q/S1r6fS+LXHLSh40u9zlnMGAJ3v8j2t3GKKVECI715GKWWYTEOWVwV5aUYrm/ttvagzDZlGWWPjXuYdO+pReeFTx82xXqR2obDJ1mkCpRepbHcBa6dv2fuKYZx8owmqx0rlhEREpGVDgwfLCPpIsp73rRe3RxyMhbZtSBSzw2xaRLteOVtAoyhJTq+nx/KEgH6JOS+qUIeNSCiWP83K3RQxw1Of+CJXvIxNCwMx7qKQnrn/wZxFz0z+M5DcjDOTiE0zsFg7KhKwhfdh+/cTTRsNaV9MbZvgrvJNZdMTtu4ywFow6yiJRH6mDRGq2+jnA1FZBdPJzHtNoWUhLWjgscoaavs9UOHHf6+4cXONzRF47aC0kIiKTY4IsduO3X3PJXeHoz1/X32QDaLgt00ePALSo8X7iFs5qM0AZM5k6Q6zEDtBRO2IjVZ3PVaJI5yJ5khl5uIcOzx9Vb8dOTuyDeQTptKEpfjQYHcLe8sKtFbjBYOd1lhnu40Icm9qIKj1WkawU/HDeCwCahsYQg9YdZ/NPNSLNGs4c/XGbXzQoeGleUKB15yT5+NiPgmRbfFLe7t96s/yRS6lZd0PJyBII/39TcjpG3oIcXBXAeyg2W5f8TI0X8gPsYGJaWELVxvjFDZBM9LVRJFQjxJdBhc/hIhlsqDt0sJ4RLo4oQaCwMz9EZW37id5t+ROwlaAWS3/75fe2+IaSRBKdmM6Z6GdKjfspqatR61FPA171bX7JMxqQlbdVlsEqyJSTx0ApPZTXuhItrzgeyeZeSLmyrXFPsNRRyx4GjM9/N9QHPfsWBOqD5iWbJnOmrJuXa6GjwAtusYkGBHBUb9UUj/fsiWbsk8slfyGMmQUWDOOvg3SWrCB/j1D6+dCZu7pcIv6mIYBGGLJ1xcLdJniwfwCvw6OxTO2+Z2Uh0LtzdZs2lHuXlIgZnUES61FjpY/2QxyV3oG6MviPobM1kX2+4/67niMscdCtMwRDq71uaAbZraKZqj/4EYXgQRDUdgjd5wNNPgp5Zh8hvgwdl/YKmHc7jPbmFqu9Kzr41VUgLqwK806jw2iMob35p+sfp0UYtvNC3X5/vuM5NQhyvNfcEifLxm4oj+hMrHp/DnO7Dcy8jzp8Qs772YBfaSy9lATRsN+vtsp5Fx52fMk0UaWFc6F/p/RklmL8BUI3qOeYN4lZ8Eb0bmzVVCRSHQSs/olZTkUnsUF41uYGP5Avjl58yfDl0OnXT+kYceh0e7If//9NKGGOzoHulNbHv7aWGJhzORZdLS22oc82eF5C4+g6mHuYHzQTv3fvU4YChLf1TdBKbBSHB/fs5Khum0eDLtVP65OjkwLSKubkMPpYbcucsNibyNq6Uf5gQRYRqQUR+FBuLGRi3BATUIycMrD0X1xdOgHcR2RScA05xNX48nsDNbOJU4gsZqMjNJPxgDSbG6tCKOwqjVeBlh50kFMuvqRpVHfawSvvmd8Sji5t2c5VOcOMCODIgVinK8Fyph0YRHR9rG5uxxusixM2JZp4c1e2bTrW/pMrHy4ctR1kwyTduV8un35KuC11M7OdIdhjqwsuYmQp8PyyYz/xTSpaBsTdiwx/MYx6PmxY70gWzUKZIy7dNGj+Bwt92JxPB026E4vErT/AFMcXDYJNaPDLNPNGB4RTV3jCOYw1fWcjQ89I490XdsaxI9pJH00VuBrFHAL41N2nwZ5EyQLwWSXMLK+MtFPCb3RLLqC2Sof23DxEdASZLD4k3op2vb3di1+9da5WHiipVHeFR7EeL6N64CjBn1Pkxg76RgovkjWjouZIqt30Hnu7gNN7n3mLJfpvAHtRfcnkwSDphmGyF5/bQ==
C:\Windows\tasks\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-5.job - C:\Program Files (x86)\CinemaP-1.9cV06.07\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-5.exe /rawdata=VRm8DFjQsi8M+8E+u9xwJX7m+llsPRX5CdEV9Tdu8KSbKWF+f8onM4g7m5GdqhqnhBQFNCvqHYChgh6dvOJVl4JRI1LgnE5DXAWKEXerUCXz8PfI/BJXsEIk1bv3qcIVFXvpIBHDafc4zw/5l/MwmqTWRP6i7CrbbEFJ2hu3mmFSJRj5YmNIWRs4e0+2GhdndDQy8CH0cpXM45az641rHt17Wf0ZOWHfiO4NrfrF+LPW5HpM1aWrO0OnAhO/ljoHrgvdniyF6T/j+I/KiK3DGJZZ1AY7zw5n5Ej6jI5M4fHLCkpPkLxVwTuSweWtlS18sCwDrPQR3A3SPZ9GxtSuAqMYb5hiVMIcg2lN334rO2yhobf6awXyI5CSDbnS4ODVSPkVaFWJzuuMPOFcODa4Xp/4kO+uQefUIoxV53nOpTYZSxUygI2OPGyOlqjFsSv1DNIFRW/N4TmSOLgDB2auRgn1Jy9/IJ91t5hDu9Vz0j187Zl5cM8558N0t9KC2tLhVHn9ilnuPBaQzedBCUCx7KSSXvfWXZlwxrgYOMyiEDxp1s9GcO+AYBSGRTcMshNdQtCcys7CUHHQVKlWIRZJzziMj3a+I6/1Slv2cSh9xhoYeKukVjYOdYq09vTWYMpOyjKMX4XNeMW2KFNBoKxHpPpkwJUVWd0LR1mow5079fcY+XlsNKhu5fQ2XvW+HCTeimY5Vwmu57g07PpG1ScDAN3IXwl5dcGrI0Ap5xxLAQVin94Z+E8fPZowGdf6nmJdfRL99JCfu9v4o4wTiQwLXVhAa5i13RG1lVtfkw4q/lRuJkU7Zm9w5UMSs6i+WTqfbqzqubaguQTZh9uAfZt7Fok2ZXYIOI7Na6GoB6491G7Ta4t4KdpQPt7wJQWc8d2UjvwXK6SpEXbcRLnCvJLtEIFJc7PMiOJadaWVgZ1lFZBhvV/Ajlxc+ZcOBDW090k3UXqukeuEm+UQdUDjG7Tpf86MkyVjX3BXGbGkaN0HplOAs7j7OZk8Wud1P1PXJhl5
C:\Windows\tasks\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-5_user.job - C:\Program Files (x86)\CinemaP-1.9cV06.07\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-5.exe /rawdata=VRm8DFjQsi8M+8E+u9xwJX7m+llsPRX5CdEV9Tdu8KSbKWF+f8onM4g7m5GdqhqnhBQFNCvqHYChgh6dvOJVl4JRI1LgnE5DXAWKEXerUCXz8PfI/BJXsEIk1bv3qcIVFXvpIBHDafc4zw/5l/MwmqTWRP6i7CrbbEFJ2hu3mmFSJRj5YmNIWRs4e0+2GhdndDQy8CH0cpXM45az641rHt17Wf0ZOWHfiO4NrfrF+LPW5HpM1aWrO0OnAhO/ljoHrgvdniyF6T/j+I/KiK3DGJZZ1AY7zw5n5Ej6jI5M4fHLCkpPkLxVwTuSweWtlS18sCwDrPQR3A3SPZ9GxtSuAqMYb5hiVMIcg2lN334rO2yhobf6awXyI5CSDbnS4ODVSPkVaFWJzuuMPOFcODa4Xp/4kO+uQefUIoxV53nOpTYZSxUygI2OPGyOlqjFsSv1DNIFRW/N4TmSOLgDB2auRgn1Jy9/IJ91t5hDu9Vz0j187Zl5cM8558N0t9KC2tLhVHn9ilnuPBaQzedBCUCx7KSSXvfWXZlwxrgYOMyiEDxp1s9GcO+AYBSGRTcMshNdQtCcys7CUHHQVKlWIRZJzziMj3a+I6/1Slv2cSh9xhoYeKukVjYOdYq09vTWYMpOyjKMX4XNeMW2KFNBoKxHpPpkwJUVWd0LR1mow5079fcY+XlsNKhu5fQ2XvW+HCTeimY5Vwmu57g07PpG1ScDAN3IXwl5dcGrI0Ap5xxLAQVin94Z+E8fPZowGdf6nmJdfRL99JCfu9v4o4wTiQwLXVhAa5i13RG1lVtfkw4q/lRuJkU7Zm9w5UMSs6i+WTqfbqzqubaguQTZh9uAfZt7FmSx2GGmpO2KManbkfLrvdm0yG01A4+oaychnClpUbUqwS10HuyFUss/j9jJw2DIOeTFS0ut6ztxEU04O0PRnzy0vG2FhWcZsLzCs28xhoeB9QmwDfqDN0LR7wELkI04yLj36CP5xJB3lzlrcqa8sGOS8LRrVn3BhorCQpNYmrcb
C:\Windows\tasks\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-6.job - C:\Program Files (x86)\CinemaP-1.9cV06.07\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-6.exe /rawdata=Y37bIwaCxDq1LHRQJpOAVXE8PAiqm4e0TAADDvLTuDNCNz0muRd029W64aF4cjY/kv/PP6nr+TSjLhVS/NNG/O8/HbjKutoWnV1gktORq5qslZ2wI5c81oDnP+FnYOgdquHS+s1p4FwRG5+SwVUiRUzyjkCVH+t1FX96fpq4UMNxnF2QxFrd+UI47uCF10uCRvAzBmum6BdrWKTDhWl7vK9TGzAbjjZT2SUBgdIDB/3CQKTnA1ihkjy46jns7BwJGTlalTQMDd8YHI7i5ZYTcoArNB2tmC7xLPQ1pcHtYWqyw/+uudmiO7A/6KQ8FjMjqblXpSmUHfr0s1yH49cx25AeG95ICJvGccgA8ON5epRYR3T81AxRzQwzamvGLp761iGr2oiBbrfSCG8hgiP9+iBIjSaIODN43NbOtj54JrP7m4PAX6ML+0Ydb/1sKzPodfjTOX5FcxK5kyv90H8h1KMNBsF7/oNRy4Atce3EAshMDNhqAoEWjwrSQHmjytPWlJsfXYPEmU7qX8lFr5TKCHkn+qV/mAUd3AxWTg/YgVkBFguNNwbXhAfKhEBzOiq+Y4qPyCOL1pFQV2tJHiUb6okyWNoVdvlj2fnGX4/36HMdgPuz7Z7DesPeeDkFj/1F0udsplsEpIOOyHw5SEHS5c8Cie+FF2Y0yCRYSV1wCEtWNrh9p+NLik98Uf5A/N0goWZXPdOOajm0mxszoagTos2KrPZ+2uWGhu4Da0+8VLFz5frO1MR2nn93QtlUIpA3W9IkW5atSDERS5zsOrlkMYogQJqGSMcwZinr/ECd6KI9gJXtiC/OmT2eCUzIv4ODDAaw+PkFBdrM/bHms+3BDBfTVGNHTHZDWPmEt6bLbmDceMskE6CHuLHCYirGjBR65PhQJSYHRSC/+aeDkaiw6RDSgfJ63eVIEuaKHv1wpaTbX80yh3tzR5NSCdFI9aZ27aJ4YUOL1bbr1iPPmECnzATG38E5OjYV+CDq2JoTkHAFvwydEw1X3/ysspNCaSFOSwAAZxojqCLs9JVTGR8ZZDgIPhp9hgK+GYO7cKx7jqD0hLwjrZ2eJsBcC79TiAugMwfYZpoWvthemmzo9eO9tGrsG9ly3YC8BC8FVwCjTDgtvAEofIdqjxp+nLkfTW8zPRp6iDmQGxNPxe4Zb/Ii9M42J21c6kyDORgqCE1PpPaRaKLUbDgUiJnLjeg313R/X/UVTCoPgKSMib6yTw5Eje/Xu56sitALFChYY5ZLOiqgb60ZD9bYBuhWvD4FcWkFH8qAwW0epPNxw6TpJt0Ry1s47J+VwSHmVGRy0HyqdUA1I97rgu+lpl/2kxohZDiboZ/lhkDsSyDR/VkY/e2aKIdQaKsPvHHKeYAkcMr+OcdhJhUye7JQnVqvWhrPiVfn6ylET8TPUkntIGoRIRuU25OdTng4xah/+xzhi3hU3DRB5tREIdUJ4ZRQRXnzIputNelXqW2KeNO0rUHsHy+TrbxSwF1lmUUWvZ3cZQ4dNuy8DMChXljhklq3ie5fNRRdUH65DYOQL9NWI9hdgr9+UJYkMPIvorEjeiFpzS7WDnBFRPNUbGZxme16WHubuZA9C2Gsm4oDI4BMh9AzwagbUVjyg8EDTsvxhvWi1BGbSCxJumeo3z+qU0CB+kcQGNeWE0+qEwBVpBA2i+KuivAfqZWJZt4A4OKuGFz6q0b9KDg9FHP5LXli126dWU2b1f1nPcTt8YeFxtaGFDB7fLgVY9rpiFoUFWrVq4sBkS0iZlKFjKIvHYXxcNlnCaeGgtp2yglZIDRPXL3U2mYJeXoATvpt+6IoWauJwycSTYH/fYlk6nes6UyKxMsTU6kRYtnhyqOAXCppssWS7nREH/QXzUK0tG8YUJmp+TvN0H9zuGFkt6r5YwH9kgMdKxwPfZKrA8tEn//qZpBmoAvFKddtvAk/sw40228UyVSp+UtRWrhPu0O3R9zLFWzDGk6DPtOsX+WGvsxASejE1VJV1U7EqcY5kZXFtX2B6jBa/L+8u8JtGdkAYvq3EcmaB4dWZ4qVGxiG/AneMM244VoYOgxyNO7bGF1alouo5TfwqsV5TZg/yIdSZqDugClJ2pwQ53yuVI6OWpH4brwcfoielT1+UOkV4cMeS9qNU4RB6/WEANx41OBkqyidEYDaUe9WjBHjboLTWW7wRjX8h/300OsWFR/1Dr3zmmPz9QBNA82a3WqanJjsxCjBRK8Q1s+a7w7H0nsurlTYMpKh206RvCmq1uA4faVDSzdwnYwIW4+dtCGyrTfCN2VgSDRFWl9MQYFf9FDBFVfp53UJx1/6SggYNza1OEFNP8eorG9LsTHeXn8O+Kc0cEQyLDwKkqirC0DePpp3W2SuwzOlyxoERgvgu4n7euPFvzRrE2VPU0Kui+ke1wXFGaJuWbRs/8+iaVONLgn+G7Wb5YpsXuE0gX1mkx7f8+Va8iG81rtvtgBDwFgW0x2aNCg9io/kVbAiKjHnEt80bYqAdgphRmk2eFDU1kgi5gp6i72digmMxa33i+cLMLHem7IVtPR7d5a4SMRq
C:\Windows\tasks\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-7.job - C:\Program Files (x86)\CinemaP-1.9cV06.07\8f3b60c1-ef84-4bdb-be56-ab018aad9d8d-7.exe /rawdata=Vk92216ApcbMsBlJYjwxTW1UwipNmiKY7m1EKPQwHfZhodCoX83+Lqtgv6Y7V+PJQrRv3fFCbYGsmPPIoiO/gGUxb5Y53KRuaaWYFAj/p4E3IaQHA3jnP7++IVr/OZOR65qN5lBhMCM92nLzGL3sI30KB/6XVCxPS8Qn+BKW+QVQ8wOcoz9mMeorljlcVFMJQ3kOYdYcVXjiUtBoh7keZCOqAfh0wySMJSNr8cgNZ5Gc8Ky/6T+5HRcm4DoNMllrYIEamXMDaA7KIM1WuBttg0+9H1qks2iQ8pfDt81+0V7nYE+Q+iDFRqsozakglqQEA5jGU9iVU1HFtTdHTjhMhkVGfX9/1qj392N/w6Ld1nhmXWjFUSlIdiuIcDDIj61fNahkrOfsyTWTZ8koxK3DK11bUAe7Ai4YOPX3gjBoY6vG65ZK5ImePY1A0cImaG/F0N9PgmW8w02uTaeCNftaP1VYt8pKjLQV89FoAu50L/efnivghY1LOrlsPtsXDzJiRcCDSYlWoLnJVgNytgoT8wDiCFJhbni23NQps312ZeRjv9nmXH9chqnIRG/vEF4AQjs81VDowBXYXTETSFuBKOcxHdYQi5cQG9qlmHkH89zMC/V+MhnjqQsDZ2hRcZjOOnoGrFMH84TGDIYZCW/d+zZ2cQ6rYA0KFaMWyzp2Xf8kmkClaNmQi4CTw5yuvJC06vWzzMTyr3bV09s+ymU1ECU6akNzaxt+CEGS8wCoXVhZObsFwJxe6jDglf5o8R3xLAlsBtnbgz/zZP2pZmg0WoAs/ZAeHEy8TVo56RuQcRVJ0g7FlcwuyKFtK5sUkSB1MOBNEEa+2+4m2RFUo+PMarPa7cgfCVnr/Ncm1ct3rnGc3eqicQ/HaK/Y2dmOxM4wIqBrr5XILJELnk+xdkCR6ujXt7OaKeL6nG1wB3R9xMrhpk8vKOws4YdJTPZeLu7ybLeNLdl4fVQghRLRFE7Q707k7KqgFTzZJRkY9L5T19PtDlAq+HckcjSTyiYW2vopv/hyn94gIipPSMRo74SDIbHVxfJUUcg0LasxsgJC+f2TBFZ8IodM3D/vmhtUIUGrXUGqnds33LxNA4fKnV2boNcHdkVdITz+SJUr/tNSssxInWeqkRl7l+BvS7pXcEBbwEFBTm1xp9iN5YHGOAkeY1/JGBsoc0NKxzoEEb23P9Z73Rw3CKJDeyTvZ4c695A9mR2YBniafN2HNM6Qz4Ou0NQ9gVTahgZ/O22yUV5appAX80E0OCS8BLL5Pk9qjKQp6iHi2nllN1N90O1tuTx3kk+Yc2njUwiwvvyfnU0VolWciaGClFxti5DHBi9KstqyzRPo4KZoSL/GqsJ+BI/xiCHgpw8JQcUOApkVlv6HemWAT/ZjZjwrVtbUDs2oXtjf/7cIV/rpRqIRkq4PEEvdNJXrz3fRs6o5sp6Mgg+iLDHx7ff/DEG988EAG46ouMZxgpd5qWQDfyf3AcG5lVE++F6UuD50HTfmXFBIsrDrnz9lXedl64D67wiOt+cOifCoxMI5489wjygNux4XXpQ1622BHhirtp9mM7cjLbSD36n7ZcsnK/4p481gF5O64BCEY2/uk7NVPJgi4o8R7BAwjThZf/101xli37gEh6ghwKDalDBjM5IFF6J+Hh/eIGHVYRc8mSCM7BKbVKVjKkbCu4LpIrD7ogcqAZQLaKaatPJaq5ZBazrQzCq69bRysxgoN98zOWkcG/ZjgN173HN9orlFbdPAIOLTkgUAP+Xv25mqdF2WiYwkiyDFwBOfvvtwh323AC+aB76pB+X3VXiJNGgFrRuB+9VnsZRNxzss5qld9E/RGn3kXpHWbZeOnzp7ZgfWwxL8UlfqM625iWOejMCn2BmV7z5vWgMT4lEhLPXwy5asXcX9ufAtEou6i5viWrjzHPc6qwfpRlQDPCepp7gHhRQyDe9440sPQ30LVpNXlkf5MrGMI8Rw93RU8VhYfXulxetXArYnLhvLHqhwGL+TXpERuwdRjuk17/qgsPYWA0+hMQlMWJ2VMEJ41MHpItzNybY7OOQDL5kSRLAsaifaxpIqVqomKMLPXZNZ5V6ny2AIc44Iw70IVU5u0hvqfainndsm7KyzRmX5HEqgzNT3jwa/eY8nBDTR0DVP5i89hK/GTUnvjEpZWM0NFoahUT1AVwa79+ATXrWLLJ7QRTsfuh3KeSqS7PU1yKSk1hluP91C3v5TVKrQ24d75WHp7GZJlT3ABJ/5rgs1Ie0WGyPxsz99ysKE30Wk+yLI0G5lYfTh3PxzmPJavb15EsF8GWhdT5CX/C4sQHCNkY7HHadpK2bWq/PP/7C3ozH10CURIVdgkh+FHFw848KMVag/Ur8qIGC1O1q/4WJQPTsMow==
C:\Windows\tasks\AmiUpdXp.job - C:\Users\Štěpán\AppData\Local\3021\Updater.exe
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineCore1d09613b71a48e5.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\ys90tYj0ZLuDCwVvbVX.job - C:\Users\�t�p�n\AppData\Roaming\ys90tYj0ZLuDCwVvbVX.exe --c=PYEi3daPyObvZq23md46/RXeipSI8x1jRgL87NbuRtof3n1T91UBTWaSuoO9OgWHucqAOVrE4v7NT+b7D76ItNOhYuoSzf8NflA3pqqfb53XxpmLt+UR2thhrMLVRQ0IlTxfQDzjTzOYwe/F2VSfAiNTmAJAUw2CDwZyg8yNG6A2XEydDCPWI2uxwCgquxU2pjtaua7JpJz1pfczrqUk4C/U3lxs4GSxlc3Imtxwn9bvZm9RJg3NWjmiIjy1o2BK7G4zj6BVPM6dbci/C1I3aAgfP0BD23Fi//pSnIDPnXlspTDlxKB1JvEu+TlMmrIH39gYWmp1jLeS6TzBOwLz2Q==

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-04-22 219296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL [2015-04-14 2334936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-04-22 153760]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2015-04-14 1729752]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C}]
°®ĆćŇŐÖúĘÖ - C:\IQIYI Video\Common\Accelerator\IEHelper.dll [2015-04-29 326760]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-05-08 2685072]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-05-08 1570672]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-05-26 13672152]
"RtHDVBg_Dolby"=C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-05-13 1387376]
"gpuminer"=C:\Users\Štěpán\AppData\Roaming\cpuminer\sgminer\sgminer.cmd [2015-05-02 96]
"cpuminer"=C:\Windows\system32\cpuminer-gw64.exe [2015-06-30 1418528]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Games\Steam\steam.exe [2015-06-04 2892992]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
"apphide"=C:\Program Files (x86)\baidu\baidu.exe [2015-06-20 61440]
"HCDNClient"=C:\IQIYI Video\Common\QyKernel.exe [2015-05-12 576104]
"cz.seznam.software.autoupdate"=C:\Users\Štěpán\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Štěpán\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Intel Privacy Notification Tool"=C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [2014-10-30 8173240]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeaack.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfeavfk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfemms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfetdi2k.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.YUY2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"VIDC.YVYU"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux2"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-06 15:27:31 ----D---- C:\Program Files\trend micro
2015-07-06 15:27:30 ----D---- C:\rsit
2015-07-06 15:24:14 ----D---- C:\Program Files (x86)\globalUpdate
2015-07-06 15:24:14 ----D---- C:\Program Files (x86)\4d3998b4-4567-44b8-a6a0-06fec911a25d
2015-07-06 15:24:10 ----D---- C:\Program Files (x86)\Internet Speed Checker
2015-07-06 15:21:49 ----D---- C:\Qiyi
2015-07-06 15:21:40 ----D---- C:\Users\Štěpán\AppData\Roaming\ppslog
2015-07-06 15:11:26 ----D---- C:\Program Files (x86)\19c3ba1a-3723-469c-a19d-e1405990ac57
2015-07-06 15:11:05 ----D---- C:\Program Files (x86)\CinemaP-1.9cV06.07
2015-07-06 15:10:28 ----D---- C:\Program Files (x86)\Seznam.cz
2015-07-06 15:09:49 ----D---- C:\Users\Štěpán\AppData\Roaming\Seznam.cz
2015-07-06 15:09:38 ----D---- C:\Users\Štěpán\AppData\Roaming\cpuminer
2015-07-06 14:59:58 ----D---- C:\ProgramData\Steam
2015-07-06 14:59:52 ----D---- C:\qycache
2015-07-06 14:59:52 ----D---- C:\ppsfile
2015-07-06 14:59:33 ----D---- C:\IQIYI Video
2015-07-06 14:59:29 ----D---- C:\Users\Štěpán\AppData\Roaming\IQIYI Video
2015-07-06 14:59:27 ----D---- C:\ProgramData\IQIYI Video
2015-07-06 14:59:05 ----D---- C:\Program Files (x86)\baidu
2015-07-06 14:43:16 ----D---- C:\Program Files (x86)\AGEIA Technologies
2015-07-03 09:53:43 ----D---- C:\Users\Štěpán\AppData\Roaming\MK10
2015-07-03 09:50:00 ----D---- C:\Users\Štěpán\AppData\Roaming\Mortal Kombat X
2015-07-01 14:56:33 ----HD---- C:\ProgramData\CanonBJ
2015-07-01 14:56:28 ----A---- C:\Windows\system32\CNMLMB0.DLL
2015-07-01 14:56:09 ----HD---- C:\ProgramData\CanonIJFAX
2015-07-01 14:56:08 ----A---- C:\Windows\system32\CNCALB0.DLL
2015-07-01 14:55:47 ----D---- C:\Windows\LastGood.Tmp
2015-07-01 14:55:18 ----A---- C:\Windows\SYSWOW64\CNHMCA.dll
2015-07-01 14:55:18 ----A---- C:\Windows\SYSWOW64\CNC_B0U.dll
2015-07-01 14:55:18 ----A---- C:\Windows\SYSWOW64\CNC_B0L.dll
2015-07-01 14:55:18 ----A---- C:\Windows\system32\CNHMCA6.dll
2015-07-01 14:55:18 ----A---- C:\Windows\system32\CNC_B0L.dll
2015-07-01 14:55:18 ----A---- C:\Windows\system32\CNC_B0I.dll
2015-07-01 14:55:18 ----A---- C:\Windows\system32\CNC_B0C.dll
2015-06-30 13:10:00 ----A---- C:\Windows\system32\cpuminer-gw64.exe
2015-06-28 18:32:40 ----A---- C:\Windows\system32\drivers\HipShieldK.sys
2015-06-12 21:02:38 ----D---- C:\Users\Štěpán\AppData\Roaming\uTorrent
2015-06-08 18:54:27 ----D---- C:\Users\Štěpán\AppData\Roaming\Thinstall
2015-06-07 13:45:02 ----D---- C:\Program Files (x86)\Heroes of the Storm

======List of files/folders modified in the last 1 month======

2015-07-06 15:27:40 ----D---- C:\Windows\Prefetch
2015-07-06 15:27:31 ----RD---- C:\Program Files
2015-07-06 15:27:31 ----D---- C:\Windows\Temp
2015-07-06 15:24:55 ----D---- C:\Program Files (x86)
2015-07-06 15:24:46 ----D---- C:\Windows\system32\Tasks
2015-07-06 15:24:45 ----D---- C:\Windows\Tasks
2015-07-06 15:24:21 ----D---- C:\Program Files (x86)\3D Systems
2015-07-06 15:24:19 ----SHD---- C:\Windows\Installer
2015-07-06 15:11:33 ----D---- C:\Program Files (x86)\Acer
2015-07-06 15:10:17 ----SD---- C:\Users\Štěpán\AppData\Roaming\Microsoft
2015-07-06 15:09:38 ----RD---- C:\Windows\System32
2015-07-06 15:02:41 ----D---- C:\Games
2015-07-06 15:00:05 ----SHD---- C:\$Recycle.Bin
2015-07-06 15:00:00 ----D---- C:\Windows\system32\sru
2015-07-06 14:59:58 ----HD---- C:\ProgramData
2015-07-06 14:59:42 ----RSD---- C:\Windows\Fonts
2015-07-06 14:47:49 ----D---- C:\Windows\system32\DriverStore
2015-07-06 14:47:49 ----D---- C:\Windows\Inf
2015-07-06 14:47:18 ----D---- C:\Program Files (x86)\McAfee
2015-07-06 14:46:34 ----D---- C:\Windows
2015-07-06 14:45:57 ----D---- C:\Windows\system32\catroot
2015-07-06 14:43:16 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2015-07-06 14:42:25 ----SHD---- C:\System Volume Information
2015-07-06 09:32:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-05 16:45:49 ----D---- C:\Windows\Microsoft.NET
2015-07-05 13:48:05 ----D---- C:\Users\Štěpán\AppData\Roaming\Skype
2015-07-03 09:50:00 ----D---- C:\ProgramData\Package Cache
2015-07-01 14:55:48 ----RSD---- C:\Windows\Media
2015-07-01 14:55:47 ----D---- C:\Windows\twain_32
2015-07-01 14:55:47 ----D---- C:\Windows\SysWOW64
2015-07-01 14:54:01 ----D---- C:\Windows\system32\drivers
2015-06-28 18:32:18 ----D---- C:\Program Files\Common Files\mcafee
2015-06-28 18:32:03 ----HD---- C:\Windows\ELAMBKUP
2015-06-28 18:31:29 ----RSD---- C:\Windows\assembly
2015-06-24 17:47:01 ----D---- C:\Windows\system32\config
2015-06-23 18:23:22 ----D---- C:\ProgramData\Origin
2015-06-15 11:00:20 ----D---- C:\ProgramData\Blizzard Entertainment
2015-06-13 07:24:26 ----D---- C:\Users\Štěpán\AppData\Roaming\vlc
2015-06-09 13:52:51 ----D---- C:\Users\Štěpán\AppData\Roaming\Origin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 mfedisk;McAfee AAC Disk Filter Driver; C:\Windows\system32\DRIVERS\mfedisk.sys [2015-04-08 101872]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2015-04-08 864200]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2015-04-08 335944]
R1 dtsoftbus01;@oem19.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2015-05-24 254528]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2015-04-08 68784]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-06-16 3793408]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-06-03 3986392]
R3 iwdbus;@oem4.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\Windows\System32\drivers\iwdbus.sys [2014-05-07 27032]
R3 k57nd60a;@netk57a.inf,%SvcDispName%;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2013-06-18 425984]
R3 MEIx64;@oem9.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2014-02-20 116736]
R3 mfeaack;McAfee Inc. mfeaack; C:\Windows\system32\drivers\mfeaack.sys [2015-04-08 402888]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2015-04-08 338272]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2015-04-08 488000]
R3 mfencbdc;McAfee Inc. mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [2015-03-26 483240]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2014-12-24 13036232]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-05-08 19600]
R3 nvvad_WaveExtensible;@oem11.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2014-11-22 38032]
R3 Qcamain;@oem7.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\Qcamainx64.sys [2014-08-26 2220544]
R3 SynRMIHID;@oem16.inf,%SynRMIHID.SVCDESC%;Synaptics HID Service; C:\Windows\system32\DRIVERS\SynRMIHID.sys [2014-07-10 42736]
R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2015-04-08 80160]
S3 BCM43XX;@netbc64.inf,%BCM43XX_Service_DispName%;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl63a.sys [2013-07-01 8536752]
S3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2014-08-26 47720]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Služba Bluetooth Enumerator; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248]
S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\Windows\system32\DRIVERS\BthLEEnum.sys [2014-03-18 226304]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080]
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920]
S3 HipShieldK;McAfee Inc. HipShieldK; C:\Windows\system32\drivers\HipShieldK.sys [2015-04-27 198448]
S3 intaud_WaveExtensible;@oem3.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\Windows\system32\drivers\intelaud.sys [2014-05-07 38296]
S3 IntcDAud;@oem1.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2014-06-16 450520]
S3 IntelDFUACPI;@oem13.inf,%IntelDFUACPI.SVCDESC%;Intel(R) DFU ACPI Service; C:\Windows\System32\drivers\IntelDFUACPI.sys [2014-09-09 24456]
S3 LMDriver;@oem18.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-18 21360]
S3 mfencrk;McAfee Inc. mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [2015-03-26 100720]
S3 NVSWCFilter;@oem12.inf,%NVSWCFilter.SvcDesc%;NVIDIA SHIELD Wireless Controller Trackpad Service; C:\Windows\System32\drivers\nvswcfilter.sys [2014-09-06 19616]
S3 RadioShim;@oem18.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-18 14680]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424]
S3 RSUSBVSTOR;@oem15.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2014-03-27 331992]
S3 RTL8168;@netrt630x64.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\Windows\system32\DRIVERS\Rt630x64.sys [2013-06-18 591360]
S3 usbaudio;@wdma_usb.inf,%USBAudio.SvcDesc%;Ovladač zvuků USB (WDM); C:\Windows\system32\drivers\usbaudio.sys [2014-03-18 121088]
S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2014-10-29 44544]
S3 WDC_SAM;@oem12.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-04-30 23200]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-06-12 82112]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe [2014-08-22 305664]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2014-10-29 38792]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-05-08 1152656]
R2 HomeNetSvc;McAfee Home Network; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-05-06 340744]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-06-16 315352]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-02-20 154584]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2014-02-20 398296]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [2015-06-04 155368]
R2 McAPExe;McAfee AP Service; C:\Program Files\McAfee\MSC\McAPExe.exe [2015-05-13 754280]
R2 mcbootdelaystartsvc;McAfee Boot Delay Start Service; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2015-05-06 340744]
R2 mccspsvc;McAfee CSP Service; C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe [2015-06-04 207344]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-05-06 340744]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2015-05-06 340744]
R2 mcpltsvc;McAfee Platform Services; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2015-05-06 340744]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2015-05-06 340744]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2015-04-08 232656]
R2 mfemms;McAfee Service Controller; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [2015-05-14 373704]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2015-04-08 250672]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-05-06 340744]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-05-08 1884304]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-05-08 22997648]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2014-12-24 934032]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2014-03-18 43696]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-06 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-24 107848]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-06-17 279000]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-06 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-24 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-02-01 887232]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [2013-07-30 334608]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2015-05-05 609592]
S3 Origin Client Service;Origin Client Service; C:\Games\Origin\OriginClientService.exe [2015-06-09 1997168]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S4 McOobeSv2;McAfee OOBE Service2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [2015-05-06 340744]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner

• Ulozte nejlepe na plochu
• Ukoncete vsechny programy
• Po spusteni probehne stazeni databaze
• Kliknete na Scan a nasledne Clean
• Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte

[Steve89]

Problemy jsem nečekaně vyřešil obnovou systemu...

poté jsem udělal čistku dle vaší rady, tady je log:

Složka Smazáno : C:\Program Files\Common Files\tencent
Složka Smazáno : C:\Users\Štěpán\AppData\Local\globalUpdate
Složka Smazáno : C:\Users\Štěpán\AppData\Local\pokki
Složka Smazáno : C:\Users\Štěpán\AppData\Roaming\IQIYI Video
Složka Smazáno : C:\Users\Štěpán\AppData\Roaming\tencent
Složka Smazáno : C:\Users\Štěpán\AppData\Roaming\cpuminer
Složka Smazáno : C:\Users\???\AppData\Roaming\tencent

***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****

Klíč Smazáno : HKCU\Software\Classes\pokki
Klíč Smazáno : HKLM\SOFTWARE\YourFileDownloader

***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v43.0.2357.130

[C:\Users\Štěpán\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Homepage] : CF203A6BA40BEFAF629F9B4E1FDFBE0E81C219773763CAF9E88561CD8799F1F2","homepage_is_newtabpage":"3DE35FB94415ADDFAD3DEDFD9C5D02824F900481A6FE7988DDDF22C3DA2608A0","pinned_tabs":"8CE76DBF86B3CC4082D9FEA3CEDCE8DDE73A0629189A57AFCDF8F0E4CCA561DD","prefs":{"preference_reset_time":"9F43A916952A9532D93DD7A1B445FBA1DD7ED3CDCD84B7B2AD3366E81E409F62"},"profile":{"reset_prompt_memento":"3F70D7F27360FA8E03EB0D3BD73404CFCF1312C888A5700EBCD7BFB864B971EE"},"safebrowsing":{"incidents_sent":"0676AF3FDCD145E0095CF1ABF72F4DD8894341B9C2662041CA25C03A749D15FA"},"search_provider_overrides":"0BA79DC52A1E27AAAFF25483426AB3123BCFBEB0561859C019646565FF4720CD","session":{"restore_on_startup":"4276159B38FF84EBFBB9AE96FA10FA36D383EF9332F61420B0A771B2F1801699","startup_urls":"5E827FDBD5826EA2AB54E4851BE3521FFF49DA0D431F56D7424AA2AF894C82C6"},"software_reporter":{"prompt_reason":"A3A3EB8FF4A1DD0BE2AE9AF8BD939E8E5688F59517B4D947B9BDC428A049AEC7","prompt_seed":"549EAB4D3D2997584EF7E899FDE28FF4FA02188EDFFE90BF73D7E035087AECB6","prompt_version":"640D60D705473067EE8674BEE22F507AAC1C11337E6F5F78A7252C103B54B0D6"},"sync":{"remaining_rollback_tries":"9052FCA7503ADF574BCF77CBC1DE75197C9B96F14ACD3A99BADFE1B521B8FD67"}},"super_mac":"888CD12E096AB6FC0F76B63706A26475F38C3D5F6E5EB3FEBD0947CD664F5215"},"session":{"startup_urls":["hxxp://isearch.omiga-plus.com/?type=hp&ts=1417803145&from=smt&uid=ST1000LM014-1EJ164_W770F0CFXXXXW770F0CF
[C:\Users\Štěpán\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Smazáno [Startup_URLs] : 5E827FDBD5826EA2AB54E4851BE3521FFF49DA0D431F56D7424AA2AF894C82C6"},"software_reporter":{"prompt_reason":"A3A3EB8FF4A1DD0BE2AE9AF8BD939E8E5688F59517B4D947B9BDC428A049AEC7","prompt_seed":"549EAB4D3D2997584EF7E899FDE28FF4FA02188EDFFE90BF73D7E035087AECB6","prompt_version":"640D60D705473067EE8674BEE22F507AAC1C11337E6F5F78A7252C103B54B0D6"},"sync":{"remaining_rollback_tries":"9052FCA7503ADF574BCF77CBC1DE75197C9B96F14ACD3A99BADFE1B521B8FD67"}},"super_mac":"888CD12E096AB6FC0F76B63706A26475F38C3D5F6E5EB3FEBD0947CD664F5215"},"session":{"startup_urls":["hxxp://isearch.omiga-plus.com/?type=hp&ts=1417803145&from=smt&uid=ST1000LM014-1EJ164_W770F0CFXXXXW770F0CF

*************************

AdwCleaner[R0].txt - [4115 bytů] - [06/07/2015 16:40:03]
AdwCleaner[S0].txt - [3954 bytů] - [06/07/2015 16:40:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4012 bytů] ##########

[vyosek]

Tak nyni poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

[Steve89]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-07-2015
Ran by Štěpán (administrator) on ACERNITRO on 06-07-2015 17:40:13
Running from C:\Users\Štěpán\Desktop
Loaded Profiles: Štěpán (Available Profiles: Štěpán)
Platform: Windows 8.1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.5.495.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsMap.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\...\Run: [Steam] => C:\Games\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1141295087-4178081243-3562627391-1001 -> {6B8206DC-4E9F-4A32-AFF8-E14A8C21C8BB} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-04-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-04-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-05-25] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-05-25] (McAfee, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mcieplg.dll [2015-05-25] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\mcieplg.dll [2015-05-25] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-05-13] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-05-13] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{26927D4D-102A-4335-A447-C4825C547D18}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{AD80B90A-9CA6-4530-A094-6AD410F85CC9}: [DhcpNameServer] 172.20.10.1

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-20] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-05-13] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-24] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2015-01-13]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-01-13]

Chrome:
=======
CHR Profile: C:\Users\Štěpán\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (James White) - C:\Users\Štěpán\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2015-05-24]
CHR Extension: (Google Wallet) - C:\Users\Štěpán\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-06]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-29]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-06-29]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe [305664 2014-08-22] (Qualcomm Atheros) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-08] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-02-01] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-20] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [155368 2015-05-25] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [754280 2015-05-13] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-30] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.5.495.0\McCSPServiceHost.exe [207344 2015-06-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [609592 2015-05-05] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-04-08] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-05-14] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [250672 2015-04-08] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [340744 2015-05-06] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-08] (NVIDIA Corporation)
S3 Origin Client Service; C:\Games\Origin\OriginClientService.exe [1997168 2015-06-09] (Electronic Arts)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
S2 0292131434039498mcinstcleanup; C:\Windows\TEMP\029213~1.EXE -cleanup -nolog [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [68784 2015-04-08] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [254528 2015-05-24] (DT Soft Ltd)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [198448 2015-04-27] (McAfee, Inc.)
S3 IntelDFUACPI; C:\Windows\System32\drivers\IntelDFUACPI.sys [24456 2014-09-09] (Intel(R) Corporation)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-20] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [402888 2015-04-08] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [338272 2015-04-08] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [101872 2015-04-08] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-04-08] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [488000 2015-04-08] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864200 2015-04-08] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [483240 2015-03-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [100720 2015-03-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [335944 2015-04-08] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-08] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-06] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 Qcamain; C:\Windows\system32\DRIVERS\Qcamainx64.sys [2220544 2014-08-26] (Qualcomm Atheros, Inc.)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 17:40 - 2015-07-06 17:40 - 00018333 _____ C:\Users\Štěpán\Desktop\FRST.txt
2015-07-06 17:40 - 2015-07-06 17:40 - 00000000 ____D C:\FRST
2015-07-06 17:39 - 2015-07-06 17:39 - 00112640 _____ C:\Users\Štěpán\Downloads\Nepotvrzeno 186022.crdownload
2015-07-06 17:38 - 2015-07-06 17:38 - 00000000 _____ C:\Users\Štěpán\Downloads\FRSTLauncher.exe.eoprr3k.partial
2015-07-06 17:37 - 2015-07-06 17:37 - 00112640 _____ (forum.viry.cz) C:\Users\Štěpán\Downloads\Nepotvrzeno 597869.crdownload
2015-07-06 17:37 - 2015-07-06 17:37 - 00112640 _____ (forum.viry.cz) C:\Users\Štěpán\Downloads\Nepotvrzeno 336556.crdownload
2015-07-06 17:36 - 2015-07-06 17:36 - 02112512 _____ (Farbar) C:\Users\Štěpán\Desktop\FRST64.exe
2015-07-06 16:46 - 2015-07-06 16:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-07-06 16:38 - 2015-07-06 16:42 - 00000000 ____D C:\AdwCleaner
2015-07-06 16:37 - 2015-07-06 16:37 - 02244096 _____ C:\Users\Štěpán\Desktop\adwcleaner_4.207.exe
2015-07-06 16:00 - 2015-07-06 17:12 - 00212626 _____ C:\Windows\WindowsUpdate.log
2015-07-06 16:00 - 2015-07-06 16:43 - 00019398 _____ C:\Windows\PFRO.log
2015-07-06 16:00 - 2015-07-06 16:43 - 00001834 _____ C:\Windows\setupact.log
2015-07-06 16:00 - 2015-07-06 16:00 - 00000000 _____ C:\Windows\setuperr.log
2015-07-06 15:44 - 2015-07-06 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-07-06 15:37 - 2015-07-06 15:37 - 00000000 ____D C:\Users\Štěpán\Downloads\XCOM.Enemy.Within-RELOADED
2015-07-06 15:31 - 2015-07-06 16:17 - 00000000 ____D C:\ProgramData\Rising
2015-07-06 15:31 - 2015-07-06 16:01 - 00000000 ____D C:\Users\Štěpán\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-07-06 15:31 - 2015-07-06 15:31 - 00000000 ____D C:\Users\妕靝醤
2015-07-06 15:31 - 2015-07-06 15:31 - 00000000 ____D C:\Program Files (x86)\Rising
2015-07-06 15:27 - 2015-07-06 16:17 - 00000000 ____D C:\Program Files\trend micro
2015-07-06 15:27 - 2015-07-06 15:27 - 00000000 ____D C:\rsit
2015-07-06 15:22 - 2015-07-06 15:22 - 00000000 ____D C:\Users\Štěpán\.android
2015-07-06 15:21 - 2015-07-06 16:17 - 00000000 ____D C:\Users\Štěpán\AppData\Local\3021
2015-07-06 15:21 - 2015-07-06 15:21 - 00000000 ____D C:\Users\Štěpán\AppData\Roaming\ppslog
2015-07-06 15:21 - 2015-07-06 15:21 - 00000000 ____D C:\Qiyi
2015-07-06 15:11 - 2015-07-06 16:19 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV06.07
2015-07-06 15:11 - 2015-07-06 16:17 - 00000000 ____D C:\Users\Štěpán\Downloads\XCOM-Enemy-Unknown---čeština-(xzone.cz)-by-deadman93
2015-07-06 15:11 - 2015-07-06 16:17 - 00000000 ____D C:\Users\Štěpán\Downloads\XCOM-Enemy-Unknown-čeština
2015-07-06 15:10 - 2015-07-06 15:10 - 00000000 ____D C:\Program Files (x86)\Seznam.cz
2015-07-06 15:09 - 2015-07-06 16:17 - 00000000 ____D C:\Users\Štěpán\AppData\Roaming\Seznam.cz
2015-07-06 15:09 - 2015-07-06 15:09 - 00679658 _____ C:\Users\Štěpán\Downloads\XCOM-Enemy-Unknown---čeština-(xzone.cz)-by-deadman93.rar
2015-07-06 15:08 - 2015-07-06 15:08 - 00683628 _____ C:\Users\Štěpán\Downloads\XCOM-Enemy-Unknown-čeština.zip
2015-07-06 15:06 - 2015-07-06 15:06 - 00643733 _____ C:\Users\Štěpán\Downloads\Čeština---XCOM-Enemy-Within-.rar
2015-07-06 14:59 - 2015-07-06 16:19 - 00000000 ____D C:\Program Files (x86)\baidu
2015-07-06 14:59 - 2015-07-06 16:17 - 00000000 ____D C:\Users\Štěpán\AppData\Local\SysassistByHotWheel
2015-07-06 14:59 - 2015-07-06 16:01 - 00000000 ____D C:\qycache
2015-07-06 14:59 - 2015-07-06 15:52 - 00000000 ____D C:\Users\Štěpán\Documents\My Games
2015-07-06 14:59 - 2015-07-06 15:38 - 00000000 ____D C:\Users\Štěpán\AppData\Local\Unity
2015-07-06 14:59 - 2015-07-06 14:59 - 00000000 ____D C:\Users\Štěpán\Downloads\XCOM_Enemy_Within_Cestina_Vsechny_verze
2015-07-06 14:59 - 2015-07-06 14:59 - 00000000 ____D C:\Users\Public\QiYi
2015-07-06 14:59 - 2015-07-06 14:59 - 00000000 ____D C:\ProgramData\Steam
2015-07-06 14:59 - 2015-07-06 14:59 - 00000000 ____D C:\ppsfile
2015-07-06 14:43 - 2015-07-06 14:43 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2015-07-06 14:34 - 2015-07-06 14:34 - 01112689 _____ C:\Users\Štěpán\Downloads\XCOM_Enemy_Within_Cestina_Vsechny_verze.rar
2015-07-06 14:30 - 2015-07-06 14:30 - 00632112 _____ C:\Users\Štěpán\Downloads\Xcom Enemy Within Cestina Ke S Downloader.zip
2015-07-06 14:28 - 2015-07-06 14:28 - 00000000 ____D C:\Users\Štěpán\AppData\Local\Setup Integrity Check
2015-07-05 16:33 - 2015-07-05 16:33 - 00009348 _____ C:\Users\Štěpán\Desktop\převzetí stanov.xlsx
2015-07-05 15:56 - 2015-07-05 16:14 - 00012117 _____ C:\Users\Štěpán\Desktop\Stavy vodoměrů první pololetí 2015.xlsx
2015-07-05 13:49 - 2015-07-05 14:00 - 981052204 _____ C:\Users\Štěpán\Downloads\Temný případ .True Detective .S02E02 HDTV CZ Titulky.avi
2015-07-05 13:49 - 2015-07-05 13:59 - 1012490010 _____ C:\Users\Štěpán\Downloads\Temný případ .True Detective .S02E01 CZ Titulky.avi
2015-07-03 09:50 - 2015-07-03 09:50 - 00000000 ____D C:\Users\Štěpán\AppData\Roaming\Mortal Kombat X
2015-07-03 00:53 - 2015-07-03 07:59 - 00000000 ____D C:\Users\Štěpán\Downloads\[R.G. Mechanics] Mortal Kombat X
2015-07-01 15:00 - 2015-07-01 15:00 - 00000000 ____D C:\Users\Štěpán\Documents\Fax
2015-07-01 14:56 - 2015-07-06 16:07 - 00000000 ___HD C:\ProgramData\CanonIJFAX
2015-07-01 14:56 - 2015-07-06 16:07 - 00000000 ___HD C:\ProgramData\CanonBJ
2015-07-01 14:56 - 2012-03-14 05:00 - 00385024 _____ (CANON INC.) C:\Windows\system32\CNMLMB0.DLL
2015-07-01 14:56 - 2011-09-21 05:00 - 00302592 _____ (CANON INC.) C:\Windows\system32\CNCALB0.DLL
2015-07-01 14:55 - 2015-07-06 16:20 - 00000000 ____D C:\Windows\LastGood.Tmp
2015-07-01 14:55 - 2011-10-14 11:57 - 00300544 _____ (CANON INC.) C:\Windows\system32\CNC_B0C.dll
2015-07-01 14:55 - 2011-10-14 11:57 - 00102912 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_B0U.dll
2015-07-01 14:55 - 2011-10-14 11:56 - 00109568 _____ (CANON INC.) C:\Windows\system32\CNC_B0I.dll
2015-07-01 14:55 - 2011-09-22 08:59 - 00358912 _____ (CANON INC.) C:\Windows\system32\CNC_B0L.dll
2015-07-01 14:55 - 2011-09-22 08:57 - 00316416 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_B0L.dll
2015-07-01 14:55 - 2011-06-30 13:35 - 00065280 _____ C:\Windows\SysWOW64\CNC1759D.TBL
2015-07-01 14:55 - 2008-08-25 18:02 - 00017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2015-07-01 14:55 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2015-06-28 18:32 - 2015-04-27 08:02 - 00198448 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-06-28 18:31 - 2015-06-28 18:31 - 00003064 _____ C:\Windows\System32\Tasks\McAfeeLogon
2015-06-28 18:31 - 2015-06-28 18:31 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2015-06-23 22:16 - 2015-06-23 22:16 - 00548125 _____ (Rajce.net ) C:\Users\Štěpán\Downloads\RajcePhotoDownloader-instalace-1.0.1.0.exe
2015-06-21 18:28 - 2015-06-21 18:54 - 00000000 ____D C:\Users\Štěpán\Downloads\Peaky.Blinders.Season.2.Complete.HDTV.x264-SCENE
2015-06-16 20:32 - 2015-06-16 20:42 - 1381198316 _____ C:\Users\Štěpán\Downloads\Hra o truny .Game of Thrones S05E10 HDTV CZ Titulky.avi
2015-06-15 11:00 - 2015-06-17 09:18 - 00000000 ____D C:\Users\Štěpán\Documents\Heroes of the Storm
2015-06-14 21:16 - 2015-06-14 21:16 - 00051884 _____ C:\Users\Štěpán\Downloads\Peaky-Blinders-S01E04(0000224878).srt
2015-06-14 21:15 - 2015-06-14 21:15 - 00045897 _____ C:\Users\Štěpán\Downloads\Peaky-Blinders-S01E06(0000225710) (1).srt
2015-06-14 21:15 - 2015-06-14 21:15 - 00040193 _____ C:\Users\Štěpán\Downloads\Peaky-Blinders-S01E05(0000225285).srt
2015-06-14 21:13 - 2015-06-14 21:13 - 00045897 _____ C:\Users\Štěpán\Downloads\Peaky-Blinders-S01E06(0000225710).srt
2015-06-14 21:12 - 2015-06-14 21:12 - 00050866 _____ C:\Users\Štěpán\Downloads\Peaky-Blinders-S01E02(0000224183).srt
2015-06-14 21:12 - 2015-06-14 21:12 - 00044252 _____ C:\Users\Štěpán\Downloads\Peaky-Blinders-S01E03(0000224478).srt
2015-06-14 21:12 - 2015-06-14 21:12 - 00042301 _____ C:\Users\Štěpán\Downloads\Peaky-Blinders-S01E01(0000223886).srt
2015-06-14 09:50 - 2015-06-14 09:50 - 00001169 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-06-14 09:50 - 2015-06-14 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-06-12 21:04 - 2015-06-14 21:16 - 00000000 ____D C:\Users\Štěpán\Downloads\Peaky.Blinders.Season.1.Complete.HDTV.x264-SCENE
2015-06-12 21:02 - 2015-07-06 16:20 - 00000000 ____D C:\Users\Štěpán\AppData\Roaming\uTorrent
2015-06-12 21:02 - 2015-06-12 21:02 - 02168712 _____ (emc) C:\Users\Štěpán\Downloads\uTorrent221.exe
2015-06-12 21:02 - 2015-06-12 21:02 - 00001004 _____ C:\Users\Štěpán\Desktop\µTorrent.lnk
2015-06-12 21:02 - 2015-06-12 21:02 - 00000000 ____D C:\Users\Štěpán\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2015-06-12 21:01 - 2015-06-12 21:01 - 00214568 _____ (Jelbrus LLC) C:\Users\Štěpán\Downloads\Peaky.Blinders.Season.1.Complete.HDTV.x264-SCENE.exe
2015-06-11 18:17 - 2015-06-11 18:17 - 00000000 ____D C:\Users\Štěpán\AppData\Local\GWX
2015-06-09 22:16 - 2015-06-09 22:18 - 00000000 ____D C:\Users\Štěpán\Desktop\Monda
2015-06-09 22:16 - 2015-06-09 09:53 - 00000000 ____D C:\Users\Štěpán\Desktop\__MACOSX
2015-06-09 22:13 - 2015-06-09 22:14 - 53948933 _____ C:\Users\Štěpán\Downloads\ambi-londyn.zip
2015-06-09 18:48 - 2015-06-09 18:53 - 776770670 _____ C:\Users\Štěpán\Downloads\Hra o trůny - Game.of.Thrones.S05E09.HDTV.x264-ASAP+CZ TITULKY VE FILMU.avi
2015-06-09 13:02 - 2015-06-09 13:04 - 00000000 ____D C:\Users\Štěpán\Desktop\pondělníček
2015-06-08 19:34 - 2015-06-08 19:34 - 00805960 _____ C:\Users\Štěpán\Downloads\video-converter-ultimate_setup_full975.exe
2015-06-08 19:29 - 2015-06-08 19:29 - 00000000 ____D C:\Users\Štěpán\Downloads\G64_To_Avi_Converter
2015-06-08 19:28 - 2015-06-08 19:28 - 03861321 _____ C:\Users\Štěpán\Downloads\G64_To_Avi_Converter.zip
2015-06-08 18:54 - 2015-06-08 18:54 - 00000000 ____D C:\Users\Štěpán\AppData\Roaming\Thinstall
2015-06-08 18:54 - 2015-06-08 18:54 - 00000000 ____D C:\Users\Štěpán\AppData\Local\Thinstall
2015-06-07 13:45 - 2015-06-29 13:44 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-06-06 10:57 - 2015-06-06 10:57 - 00000205 _____ C:\Users\Štěpán\Desktop\Counter-Strike Global Offensive.url

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 17:22 - 2015-05-24 13:15 - 00000972 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-06 17:05 - 2015-05-24 13:11 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1141295087-4178081243-3562627391-1001
2015-07-06 17:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-06 16:45 - 2015-03-26 05:13 - 00006463 _____ C:\Windows\SysWOW64\Gms.log
2015-07-06 16:43 - 2015-05-24 13:15 - 00000976 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-06 16:43 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-06 16:42 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-06 16:37 - 2015-05-24 17:05 - 00108544 ___SH C:\Users\Štěpán\Downloads\Thumbs.db
2015-07-06 16:30 - 2015-03-26 03:49 - 00739924 _____ C:\Windows\system32\perfh005.dat
2015-07-06 16:30 - 2015-03-26 03:49 - 00151610 _____ C:\Windows\system32\perfc005.dat
2015-07-06 16:30 - 2014-03-18 12:03 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-06 16:26 - 2015-05-24 13:11 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9FCE7F59-A63F-41F9-B0D8-6EDCCEB498FE}
2015-07-06 16:22 - 2015-05-24 13:05 - 00000000 ____D C:\Users\Štěpán
2015-07-06 16:21 - 2015-01-13 08:42 - 00000000 ____D C:\ProgramData\McAfee
2015-07-06 16:21 - 2015-01-13 08:39 - 00000000 ____D C:\ProgramData\WildTangent
2015-07-06 16:20 - 2015-05-29 10:14 - 00000000 ____D C:\ProgramData\Origin
2015-07-06 16:20 - 2015-05-28 20:08 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-06 16:20 - 2015-05-24 17:31 - 00000000 ____D C:\ProgramData\Skype
2015-07-06 16:20 - 2015-03-26 05:24 - 00000000 ____D C:\ProgramData\CLSK
2015-07-06 16:20 - 2015-03-26 05:02 - 00000000 ____D C:\ProgramData\Intel
2015-07-06 16:20 - 2015-01-13 08:42 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-07-06 16:20 - 2015-01-13 08:37 - 00000000 ____D C:\ProgramData\Temp
2015-07-06 16:20 - 2015-01-13 08:37 - 00000000 ____D C:\ProgramData\OEM
2015-07-06 16:20 - 2015-01-13 08:37 - 00000000 ____D C:\ProgramData\install_clap
2015-07-06 16:20 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\Sysprep
2015-07-06 16:19 - 2015-03-26 05:21 - 00000000 ____D C:\Program Files (x86)\3D Systems
2015-07-06 16:08 - 2015-05-24 17:32 - 00000000 ____D C:\Users\Štěpán\AppData\Roaming\Skype
2015-07-06 16:08 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\registration
2015-07-06 16:07 - 2015-06-05 11:00 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-07-06 16:07 - 2015-06-05 10:57 - 00000000 ____D C:\ProgramData\Battle.net
2015-07-06 16:07 - 2015-05-24 17:07 - 00000000 ____D C:\ProgramData\Adobe
2015-07-06 16:07 - 2015-03-26 05:06 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-06 16:07 - 2015-03-26 05:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-07-06 16:07 - 2015-01-13 08:42 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-06 16:07 - 2015-01-13 08:37 - 00000000 ____D C:\ProgramData\CyberLink
2015-07-06 16:07 - 2015-01-13 08:37 - 00000000 ____D C:\ProgramData\Acer
2015-07-06 16:06 - 2015-05-24 13:15 - 00000000 ____D C:\Games
2015-07-06 15:52 - 2015-05-24 17:07 - 00000000 ____D C:\Users\Štěpán\AppData\Local\CrashDumps
2015-07-06 15:50 - 2015-01-13 07:50 - 00000000 ____D C:\Windows\Panther
2015-07-06 15:31 - 2015-05-24 13:06 - 00000000 ____D C:\Users\Štěpán\AppData\Local\VirtualStore
2015-07-01 21:16 - 2015-05-24 13:05 - 00000000 ____D C:\Users\Štěpán\AppData\Local\Packages
2015-07-01 14:55 - 2013-08-22 17:36 - 00000000 __RSD C:\Windows\Media
2015-07-01 13:49 - 2015-05-25 20:50 - 00000000 ____D C:\Users\Štěpán\Documents\The Witcher 3
2015-07-01 11:31 - 2015-05-30 08:43 - 00000000 ____D C:\Users\Štěpán\Documents\FIFA 15
2015-06-30 10:07 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-06-29 14:04 - 2015-06-05 11:00 - 00000000 ____D C:\Users\Štěpán\AppData\Local\Battle.net
2015-06-28 18:32 - 2015-01-13 08:42 - 00000000 ____D C:\Program Files\Common Files\mcafee
2015-06-28 18:32 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-06-22 22:22 - 2015-05-24 13:17 - 00002167 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-13 07:24 - 2015-05-31 18:12 - 00000000 ____D C:\Users\Štěpán\AppData\Roaming\vlc
2015-06-09 13:52 - 2015-05-29 11:39 - 00000000 ____D C:\Users\Štěpán\AppData\Roaming\Origin
2015-06-06 00:08 - 2015-05-29 12:02 - 00001131 _____ C:\Users\Public\Desktop\FIFA 15.lnk

==================== Files in the root of some directories =======

2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Štěpán\AppData\Roaming\ys90tYj0ZLuDCwVvbVX
2015-03-26 05:10 - 2015-03-26 05:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:
====================
C:\Users\Štěpán\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\Štěpán\AppData\Local\Temp\AcerPortalSetup.exe
C:\Users\Štěpán\AppData\Local\Temp\AOPSetup.exe
C:\Users\Štěpán\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Štěpán\AppData\Local\Temp\Quarantine.exe
C:\Users\Štěpán\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-04 21:58

==================== End of log ============================

[vyosek]

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
  HKLM\...\Policies\Explorer: [NoFolderOptions] 0
  HKLM\...\Policies\Explorer: [NoControlPanel] 0
  HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\...\Run: [Steam] => C:\Games\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
  HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)
  
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
  HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
  HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
  SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
  SearchScopes: HKU\S-1-5-21-1141295087-4178081243-3562627391-1001 -> {6B8206DC-4E9F-4A32-AFF8-E14A8C21C8BB} URL = 
  
  S2 0292131434039498mcinstcleanup; C:\Windows\TEMP\029213~1.EXE -cleanup -nolog [X]
  
  2015-07-06 17:39 - 2015-07-06 17:39 - 00112640 _____ C:\Users\Štěpán\Downloads\Nepotvrzeno 186022.crdownload
  2015-07-06 17:38 - 2015-07-06 17:38 - 00000000 _____ C:\Users\Štěpán\Downloads\FRSTLauncher.exe.eoprr3k.partial
  2015-07-06 17:37 - 2015-07-06 17:37 - 00112640 _____ (forum.viry.cz) C:\Users\Štěpán\Downloads\Nepotvrzeno 597869.crdownload
  2015-07-06 17:37 - 2015-07-06 17:37 - 00112640 _____ (forum.viry.cz) C:\Users\Štěpán\Downloads\Nepotvrzeno 336556.crdownload
  2015-07-06 16:38 - 2015-07-06 16:42 - 00000000 ____D C:\AdwCleaner
  2015-07-06 16:37 - 2015-07-06 16:37 - 02244096 _____ C:\Users\Štěpán\Desktop\adwcleaner_4.207.exe
  2015-07-06 15:31 - 2015-07-06 16:17 - 00000000 ____D C:\ProgramData\Rising
  2015-07-06 15:31 - 2015-07-06 16:01 - 00000000 ____D C:\Users\Štěpán\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
  2015-07-06 15:31 - 2015-07-06 15:31 - 00000000 ____D C:\Users\妕靝醤
  2015-07-06 15:31 - 2015-07-06 15:31 - 00000000 ____D C:\Program Files (x86)\Rising
  2015-07-06 15:27 - 2015-07-06 16:17 - 00000000 ____D C:\Program Files\trend micro
  2015-07-06 15:27 - 2015-07-06 15:27 - 00000000 ____D C:\rsit
  2015-07-06 15:21 - 2015-07-06 16:17 - 00000000 ____D C:\Users\Štěpán\AppData\Local\3021
  2015-07-06 15:21 - 2015-07-06 15:21 - 00000000 ____D C:\Qiyi
  2015-07-06 15:11 - 2015-07-06 16:19 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV06.07
  2015-07-06 14:59 - 2015-07-06 14:59 - 00000000 ____D C:\Users\Public\QiYi
  2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Štěpán\AppData\Roaming\ys90tYj0ZLuDCwVvbVX
  2015-03-26 05:10 - 2015-03-26 05:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
  
  Task: {F39DD04B-F12E-4627-B2AD-86C166A62705} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09613b71a48e5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

[Steve89]

Fix result of Farbar Recovery Scan Tool (x64) Version:05-07-2015
Ran by Štěpán at 2015-07-06 18:33:28 Run:1
Running from C:\Users\Štěpán\Desktop
Loaded Profiles: Štěpán (Available Profiles: Štěpán)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\...\Run: [Steam] => C:\Games\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-20] (DT Soft Ltd)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1141295087-4178081243-3562627391-1001 -> {6B8206DC-4E9F-4A32-AFF8-E14A8C21C8BB} URL =

S2 0292131434039498mcinstcleanup; C:\Windows\TEMP\029213~1.EXE -cleanup -nolog [X]

2015-07-06 17:39 - 2015-07-06 17:39 - 00112640 _____ C:\Users\Štěpán\Downloads\Nepotvrzeno 186022.crdownload
2015-07-06 17:38 - 2015-07-06 17:38 - 00000000 _____ C:\Users\Štěpán\Downloads\FRSTLauncher.exe.eoprr3k.partial
2015-07-06 17:37 - 2015-07-06 17:37 - 00112640 _____ (forum.viry.cz) C:\Users\Štěpán\Downloads\Nepotvrzeno 597869.crdownload
2015-07-06 17:37 - 2015-07-06 17:37 - 00112640 _____ (forum.viry.cz) C:\Users\Štěpán\Downloads\Nepotvrzeno 336556.crdownload
2015-07-06 16:38 - 2015-07-06 16:42 - 00000000 ____D C:\AdwCleaner
2015-07-06 16:37 - 2015-07-06 16:37 - 02244096 _____ C:\Users\Štěpán\Desktop\adwcleaner_4.207.exe
2015-07-06 15:31 - 2015-07-06 16:17 - 00000000 ____D C:\ProgramData\Rising
2015-07-06 15:31 - 2015-07-06 16:01 - 00000000 ____D C:\Users\Štěpán\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件
2015-07-06 15:31 - 2015-07-06 15:31 - 00000000 ____D C:\Users\妕靝醤
2015-07-06 15:31 - 2015-07-06 15:31 - 00000000 ____D C:\Program Files (x86)\Rising
2015-07-06 15:27 - 2015-07-06 16:17 - 00000000 ____D C:\Program Files\trend micro
2015-07-06 15:27 - 2015-07-06 15:27 - 00000000 ____D C:\rsit
2015-07-06 15:21 - 2015-07-06 16:17 - 00000000 ____D C:\Users\Štěpán\AppData\Local\3021
2015-07-06 15:21 - 2015-07-06 15:21 - 00000000 ____D C:\Qiyi
2015-07-06 15:11 - 2015-07-06 16:19 - 00000000 ____D C:\Program Files (x86)\CinemaP-1.9cV06.07
2015-07-06 14:59 - 2015-07-06 14:59 - 00000000 ____D C:\Users\Public\QiYi
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Štěpán\AppData\Roaming\ys90tYj0ZLuDCwVvbVX
2015-03-26 05:10 - 2015-03-26 05:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Task: {F39DD04B-F12E-4627-B2AD-86C166A62705} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09613b71a48e5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Restore point was successfully created.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value removed successfully
HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value removed successfully
HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-1141295087-4178081243-3562627391-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6B8206DC-4E9F-4A32-AFF8-E14A8C21C8BB}" => key removed successfully
HKCR\CLSID\{6B8206DC-4E9F-4A32-AFF8-E14A8C21C8BB} => key not found.
0292131434039498mcinstcleanup => Service not found.
"C:\Users\Štěpán\Downloads\Nepotvrzeno 186022.crdownload" => File/Folder not found.
C:\Users\Štěpán\Downloads\FRSTLauncher.exe.eoprr3k.partial => moved successfully.
C:\Users\Štěpán\Downloads\Nepotvrzeno 597869.crdownload => moved successfully.
C:\Users\Štěpán\Downloads\Nepotvrzeno 336556.crdownload => moved successfully.
C:\AdwCleaner => moved successfully.
C:\Users\Štěpán\Desktop\adwcleaner_4.207.exe => moved successfully.
C:\ProgramData\Rising => moved successfully.
C:\Users\Štěpán\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 => moved successfully.
C:\Users\妕靝醤 => moved successfully.
C:\Program Files (x86)\Rising => moved successfully.
C:\Program Files\trend micro => moved successfully.
C:\rsit => moved successfully.
C:\Users\Štěpán\AppData\Local\3021 => moved successfully.
C:\Qiyi => moved successfully.
C:\Program Files (x86)\CinemaP-1.9cV06.07 => moved successfully.
C:\Users\Public\QiYi => moved successfully.
C:\Users\Štěpán\AppData\Roaming\ys90tYj0ZLuDCwVvbVX => moved successfully.
C:\ProgramData\DP45977C.lfl => moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F39DD04B-F12E-4627-B2AD-86C166A62705} => key not found.
C:\Windows\System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Auto Maintenance Task Agent => key not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d09613b71a48e5.job => moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully.
Hosts restored successfully.
EmptyTemp: => 454.1 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 18:33:57 ====

[vyosek]

Jak se chova PC?

[Steve89]

Ja bych rěkl, že je vše v pořádku. Problémy vyřešěny. Děkuji za pomoc, kdyžtak lock

[vyosek]

Tak jeste uklidime

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner https://www.piriform.com/ccleaner/download/standard
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse