Zdravím,
poprosím o pomoc, včera jsem asi stáhl nějakou potvoru a stále mi při prohlížení vyskakují nějaká okna.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Marek at 2015-11-18 09:59:06
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 5 GB (7%) free of 65 GB
Total RAM: 4010 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:59:07, on 18.11.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17280)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-10.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Users\Marek\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Genius\DeathTaker White Edition\mousehid.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Marek.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1 ... l0728l0728
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://at.search.yahoo.com?fr=hp-avast&type=avastbcl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://at.search.yahoo.com/yhs/search? ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hp&ts=1 ... l0728l0728
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1 ... l0728l0728
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://at.search.yahoo.com?fr=hp-avast&type=avastbcl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hp&ts=1 ... l0728l0728
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe" /s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [DeathTaker] C:\Program Files (x86)\Genius\DeathTaker White Edition\mousehid.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Zoner Photo Studio Service 16] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXEC:\Program Files\Zoner\Photo Studio 16\Program32\ZPSService.exe"
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE"
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Marek\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Marek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll, C:\Windows\SysWOW64\nvinit.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: ihpmServer - Unknown owner - C:\Program Files (x86)\RayDld\ihpmServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RtLedService Installer (RtLedService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtLED\RtLEDService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 13772 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
winlogon.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 28092432
\??\C:\Windows\system32\conhost.exe "1736814909-800383114767862271-607956490138210082-799217527787054282-1703907021
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
taskeng.exe {3688FA18-CE3F-4C20-BF44-63B606C98173}
taskeng.exe {06718403-EADB-4948-81B2-EA0366CFFF1F}
"C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-10.exe" /rawdata=W6RMZMjQeZg2hn1GhYNJi+Ob5Dcla/896ZY3jUQz9HUITYb9l7I/1yCaOL7LbqDl+PPJl1rv+iZ+bmOh/YSo03BegLWdNvcNHTpBWX/t2FgcVDVHtRg8u4moCZRL0Fq3fIU9GNJk4BvhX/Dyw2SYLTk4EAi4dIXogWVT2SCs0XWOpzzKOp+m24yQLVtjyuwjIZ377W/qNp11klgwotF1X2jm6jBHm6eRMuTTQkyjNmbk1wi1bj7TOLIgfr8+aAFgrGBtdzG3IK21Diuq/QWF3qW0rSRBWfdZZ8U3vYJ7k7zw2FIGG/r1uY131k8EZfGzoWh0x1xIDSDlhPUZRXhOC3+qZd2O7oBOXLAzt3XxrzksEYNvRv9syXl5ahrgVq2RsLu+ypePGbGIrtVqWRJTXQdWl2+ipDfo8rVkSUsm/YYSFeAlHOTbjrbQEin+kapTNvnRF/7tYvmpaRx7WT9u5AQTBGmVgEcg4uK4U/oVJwAUj60vInu+g/P0u3u75MHWhHrnPyp8ddMULNVvh0s6+Zy5OOX9cT3J5YFQdJimjw0KTef3TFSZqtzJEEPrXBXdy3AkLWqz22gn0ZFQLuhAm0z1yZNiANdtI3q4KI9fO7ePb93NkuuP/hmjy1YC4GHW0CYdhuWdugarIWrCo1vfs4TSSzTLPAsu9AwU63zvBeUbE2y0rWtfo1OsSWoL0tPQQ8fVAQ/uZpz0lM7RqVOOLEAFaqdJqgfQuKvCHMLt68V2cvahF875mZE/6xqBkAjWwKgHjbGfKzDrn1CYG2S0CIlwBB7ZJmceTqfAbKtlo0xVDMxRvqO/aWoPEow7rtfNQ95gQJG4t9t+4aGagK2WUg==
"C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-1-6.exe" /rawdata=jWIagLVrz878W6ZF/pRADWuY0XrGUGya6NhGHREhSSbT560HLx0MQJL0Ze6TVEHZEiHKMxukRqrxzUHgi3X46CwYwFN6Xqn+7tH92utSSwYu1Go2863gvWhV1HxEmHnIcCXhuSbEQJREYZppMxapCcJkI2OmrHZzOn/T/I+8m1N8RTNTTaiFKyk8UOvqVax2bSguau4lXpRGMzKMYSqRHLMCA2ZFGfIc4oKRGUEUaubG8ihF+5Bg6FSf8UsyithCUBYu72QS/fqsPM5rAW5rORUStDQWRGHYhiHuv4G5WCiyWAehoaavgEzGxnA2zX2qYX8Ji4ix+kY28C5xn0Q5rLHIT9Ys+Sr4eW8kEi+/CBVpyFfBcyclhivC4rVVTUb5Brc1Ro2ZRxzrvty7sJts1lCDq/UxX+eUBt1VEdhNXnmT2wf5Pu8p3F7rvzgvSFRHkMzpL7gV6a5xghzG1S+gHU+WI1EmHOkQKUWyDqGEbVRCumkjYWfySfS+os8nm0ALNCTzUIM/F3+6fgbiJK1QRKEbcTpIv8zXVYUpU21yGz7vo9Z9tILaMJSXgRa/NlQDIa+Dbmt7S7+xch0t1folf99CKpupTOyj0TMoZfdPESjx8l5iZAXwrv7J3/VCaHH7r/92JsNm8qjPpklF84QJUnfxT/HoI27tNQq15Fbfy0WAeN7kixP2JkfFKZX8npmgnXSXX3lZ86TZV91vU13WJxRZ5ljwXluxtqzow69eZY4XZqMR9FOSNfOfU536Ag033h4bkq77RrgN6G53uWpxKk0nnYLfvQB+yIZfY9Do5OMoZXib5aeZt5iQwNfe5LzRBrkOgPBBA0q5skdZGHKWkp38OQZGPj4T7mhC5tanWHm/onm4WLjrW+ti75TiL50lbTAzsr75cD/HVwAcC44j5plWHSX22nB7EFmUUmXF1gwsJ0kFJsvR6dTn/tY/Hd9SPUBR1ZQLhCgobMOKuiInCxGqbNLNqL4JdmNwL5HflRQK7zkXzyuppDI0N0mPPEdGB1Zm3OUqkntofp0R8WAdCYL6Yt9Q4fLmI5fbfHRXS5O5eIn4Z0IywoA9RFEgCFb3PdorGEsqPE+NEZ0XaM+STswNuoxTGMGdzJ8LFajBA3jqQQCrGd/Wwc4R3EKZP/v+OE7v+jPz40dCdccsayGEuixS5y74CmcLKSQNxDB6xPNVKSZbezujDXzvxRIokProjqCoKv6VTBWJ/xe8BV6OLkcvvcydX7fo/i01Ywz4+FUEfb67lZ8HBEs8hbOBVjDb+r4ihwV3bT2XDCmw/hEYzkejTScGj5CCZ45CjukTnmvPUq1Kbv3URH2XuOkAdLw9kjkXf39DD4+BCZ64TEGJ7A==
"C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-6.exe" /rawdata=XjffwB76v772kFEStwFjM4QG+DKyKrdqeVES3WkCQP64GhC7lmEdN5CeADg2XkXqwLlZdK1hKlugBeaK9SUCCXS7/jOS3gbIX+dyzPdBTFfu1nms1F9dxXYub76CJzl6J/mwlquYI3zjYkAQb8RkkjRvCWCBTp5zG+VVeSVOFBSLTa8xmYmYe+621bZSgqD+iLRdG5g7fXUMOWMLJ6T4pojufmxJbw/jGnhqKdYo1ub5vHLzdptFjvfaHDwDJn59Ne8oZPj9OXNsXpcbG7zrLfyhje4l5kfI7Pi19EJCmqoZqyEjtX6fdtn6WSgE8/edSNUWPNGBgsIO3XPaKbTbrj8nLZ/qI8m5dntwOXuS6y05E9TmBuIRmYmGAPnqmfeKcAHDd7R63Fh3BI7YT5hfJg7XpWp2xzYl1p9MdEjD7DKWeEX/7PA4N22wQkHlJCx6GaoVj6O2UO3x+qjpskwGTV8FR8AjdZGb3TmlfikFtTZTtncJlnv+LQbK4KBdVbpQIuC+vuJ3KIh7aJBOzSZnwvx7CF2pClrOzq/3djeJhaYozFqs5TuW+4QBgwgYXsogXKAJbEER8x2Qfj1fndQrJB9AlueNoVw6tOMRJngBImZ2AxlrWhHEAVUAwYiLlUJLC//mUcmemdOVy3NEm9ulIaMKgSd6bhmak+cIHfSnSJc5k6JbhoROeXgOOOKhlmz9B8DPKzzIWJ7Wjooim9usIW6IgNgdwJ8fGUPr1JXAhIsR2DjJjJz/MkrA6EN10JHSYQ4O4Uq8BcwuKAk3snSoyF1A2WDMJmOg/oU24UOGJHNbg4rQW6O0ULJXO2tBRYv9ge0sacu0VQGYHUHIZgIdgGKroKb4a44CKy3kh7ou4VZv5uom93e5Gl0ASS66zGu3E+po6K5EuL7bQLm6oB4TCfL+zLrukqfvkaZwT/gN3bBGnzSnCdw9hH+gljn/Q04TdmlUPAgbIQ018UcAXElSBbXBFPVLV6c5idnpic0q8g2DZxYOJpy+MmVeRN3jxSNdWbnnsSRM7+CmQHZVZdCcV3RMUBhXqfzSyU4abZVWOxnK1uymQOnqJP0Q3Ohg9fmWfsUCpkQVa3F3Duvl4lsUfhjPFM2YLdIM4J8iDZVdrHi3hIom4Edrja1CtgH1dAPdwAPXn5iSZjMkPXycCleogxX0bWqLN5PgZ0P+If9cn6YAt/cJtx1Tpwn5po8vd2ZHGSksFbEL9RBjeBxfa6hQBUYCKk5w91X3dGcp1idW9/154tuQSE0rp+N4Qaj+9pSv3MYXADVPaJ1DykL2tF5NcicMaaXR+gRGdXqSOehAiuMEl0mHByglz8Lb5TsiXUrygO4M4gYlrkRhf6lfOlJ6fLHY9dEUKOSUGlCROCcgXR63tMoikea2VgTeLwD6rNZ4p1rbNtMevt9A4FYN4yY42xi8Vzhi2NCGpYXwybXy405Tx2PVJqWbd0WsWdtw1rM5YYIryDtvS3laYEWM9riVU6WNhJL151JZqpQjybXi+XEeQ/oSfwRMFShLkqjiPW+NG4cKZrmH4Rido3zzDjPvHN2hwEFuweXFJ710WDG6sTZxuuDTPsItDBETz3/PyjKrXu8j0/Fffjd0N6YFcMjW61yCJWuiuSU6ytrxlXw2isJHU59LA6/ft0u7HyptUetuQZyvZkrH1HX8SHfqG+UsHj8VO+kTz5ayb42pGbncgpW5P1JSObmZsFMJAiklaiNE33/itvbGS3LxmtmPpqr2uCSEc//tXannqqbz9whIxuPIGxDuTQiPUEvOak9aOA4LwxfpoO7abY5L5WBV0JXuo3WcOpTi1JcsWvq9v60pBCo8nzWH8s8gID5ElNfbfQOJ2CqYP3sVC/UY0J5BdAtkOQ2NZcA/j4nybHiBKPxKa0iYBrYa5G5DuXb4J4xk+wz1h+Cr1j93G5H41RoZmKG2AOJzGBJIThgG2tToL/ZJXFQEakyvaD/YTZZf4GrdoRfaKEh9rvZEeXTWnHU+zj6HQhZldCAwCZiZebR5l/eBeT/4NZqvffyAz7vijlnvzvk5sICDikZxmg3zHC8cUlqX1uNYkF1NsZhhwiWhMFm++rvylpC4iRqGjJA0Uj12oH0twpYu05Igw8cNbdjTppubHbP6CXfJXMQ4nq+S/ddfvZBGiip3kSlBWC2kPPNvd+fZlx/nH/N0lK7ECxLLIBCyze6oucCGivXCgX6uokq6BNO92BkdC269BLGL0OcB5720/qxKdudTFbi658dFX2MqNkzM1Gv/wuB6M2Ledu42RZNdleIqNl2ecuRl3VJmZJOZdUemWfc4wfPxpHt8SXsP+teVuXIQvG/OVY06JenVZ9NDFlz8OK0/844kNxT36Xw7kHcP27WsxqAlfjW4uvFMuHptH/weyFlbK17PUmxqCcMLtEi/x+4+Jb/GxkTSFtrh/qtxQsZJ3SMpW50VemVkjsb27CqVT953J5ShXwbLSMqsZ7RQxH8Cn270FYayTCxdz2hJ78TqNWh6TKXBG0IZh6G2TzrpPgU6BBCp50uOCiN0Fio+0vRYX+AdgduiQGIF
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files\Intel\WiFi\bin\EvtEng.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe"
"C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe"
"C:\Program Files (x86)\RayDld\ihpmServer.exe"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
"C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe"
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
"C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" 8c6e86b2-0dce-48bb-a85a-d4300bfb95c4 1
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
"C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
szndesktop.exe default start
"C:\Users\Marek\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "1421069389-938357926-11310877661634789671592647626170721213-2063216627-337611046
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Genius\DeathTaker White Edition\mousehid.exe"
"C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe" serviceapp
\??\C:\Windows\system32\conhost.exe "1874100658-427686310-1357975534630474558644033196478727949-4791033041918907114
\??\C:\Windows\system32\conhost.exe "6542098781915996624-155502921520148186242067530153-6210473576181083921973628354
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe"
"C:\Program Files\Realtek\RtLED\RtLEDService.exe"
"C:\Program Files\Realtek\RtLED\RtLED.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
WLIDSvcM.exe 4584
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\unsecapp.exe -Embedding
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3460.0.965833553\1256624718" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0126 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2932 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3460.2.466161926\352078982" --font-cache-shared-handle=2692 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3460.3.275035506\698334387" --font-cache-shared-handle=2728 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3460.4.696841664\1763324997" --font-cache-shared-handle=2872 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3460.6.1147957617\389544569" --font-cache-shared-handle=4496 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3460.13.313402897\1612815057" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutofillClassifier/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/ChromotingQUIC/Disabled/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/StableHQPFrequencyBugFix_PrePeriod_4/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledForLargePopulation/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Disabled/SafeBrowsingSocialEngineeringStrings/Enabled/*SdchPersistence/Enabled/SessionRestoreBackgroundLoading/Restore/*SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="3460.18.1086061299\304155681" --font-cache-shared-handle=8052 /prefetch:673131151
C:\Windows\system32\sppsvc.exe
"C:\Users\Marek\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\Windows\tasks\40db1533-f551-4998-8bca-934da85073e3-1-6.job - C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-1-6.exe /rawdata=jWIagLVrz878W6ZF/pRADWuY0XrGUGya6NhGHREhSSbT560HLx0MQJL0Ze6TVEHZEiHKMxukRqrxzUHgi3X46CwYwFN6Xqn+7tH92utSSwYu1Go2863gvWhV1HxEmHnIcCXhuSbEQJREYZppMxapCcJkI2OmrHZzOn/T/I+8m1N8RTNTTaiFKyk8UOvqVax2bSguau4lXpRGMzKMYSqRHLMCA2ZFGfIc4oKRGUEUaubG8ihF+5Bg6FSf8UsyithCUBYu72QS/fqsPM5rAW5rORUStDQWRGHYhiHuv4G5WCiyWAehoaavgEzGxnA2zX2qYX8Ji4ix+kY28C5xn0Q5rLHIT9Ys+Sr4eW8kEi+/CBVpyFfBcyclhivC4rVVTUb5Brc1Ro2ZRxzrvty7sJts1lCDq/UxX+eUBt1VEdhNXnmT2wf5Pu8p3F7rvzgvSFRHkMzpL7gV6a5xghzG1S+gHU+WI1EmHOkQKUWyDqGEbVRCumkjYWfySfS+os8nm0ALNCTzUIM/F3+6fgbiJK1QRKEbcTpIv8zXVYUpU21yGz7vo9Z9tILaMJSXgRa/NlQDIa+Dbmt7S7+xch0t1folf99CKpupTOyj0TMoZfdPESjx8l5iZAXwrv7J3/VCaHH7r/92JsNm8qjPpklF84QJUnfxT/HoI27tNQq15Fbfy0WAeN7kixP2JkfFKZX8npmgnXSXX3lZ86TZV91vU13WJxRZ5ljwXluxtqzow69eZY4XZqMR9FOSNfOfU536Ag033h4bkq77RrgN6G53uWpxKk0nnYLfvQB+yIZfY9Do5OMoZXib5aeZt5iQwNfe5LzRBrkOgPBBA0q5skdZGHKWkp38OQZGPj4T7mhC5tanWHm/onm4WLjrW+ti75TiL50lbTAzsr75cD/HVwAcC44j5plWHSX22nB7EFmUUmXF1gwsJ0kFJsvR6dTn/tY/Hd9SPUBR1ZQLhCgobMOKuiInCxGqbNLNqL4JdmNwL5HflRQK7zkXzyuppDI0N0mPPEdGB1Zm3OUqkntofp0R8WAdCYL6Yt9Q4fLmI5fbfHRXS5O5eIn4Z0IywoA9RFEgCFb3PdorGEsqPE+NEZ0XaM+STswNuoxTGMGdzJ8LFajBA3jqQQCrGd/Wwc4R3EKZP/v+OE7v+jPz40dCdccsayGEuixS5y74CmcLKSQNxDB6xPNVKSZbezujDXzvxRIokProjqCoKv6VTBWJ/xe8BV6OLkcvvcydX7fo/i01Ywz4+FUEfb67lZ8HBEs8hbOBVjDb+r4ihwV3bT2XDCmw/hEYzkejTScGj5CCZ45CjukTnmvPUq1Kbv3URH2XuOkAdLw9kjkXf39DD4+BCZ64TEGJ7A==
C:\Windows\tasks\40db1533-f551-4998-8bca-934da85073e3-1-7.job - C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-1-7.exe /rawdata=hk82oamUSVMxUsc8pEVucclhq+ziTGPl+/Jyymz24/JZTcmQcczHIjjZlKtKJrVZr3yDjZQ3poBbdZk+UXeOMkpH+QY9+LiKgDbQG70uoUasiv7gP7MtBElfIuDdkDGDym5Z1WFPGZW63k1h9ToyYz0hP8R4TV5H4nW+bCSZprq0OLsnNpSxMGgctBSs/JbZdS/C0Af7/9j9lMAL0W2OlUlnF9U1Gqi3v1lyJx5x4/Yqb8qMAp7dkeP61ecvH+brlZXkhf15ts2q19ketIB3qwY37idyBFw+Nd5dOaFK5RWlcAPd+OPksp1UuUS9sDtJ9ZPwymUXZlYhJ9PcZJtimIzxs7Nvy/JdAJQb0zuhXPsImPsmsV5l8i1tvtEng3K3q8lUY7wyH0uRCGxcTsTWELSLeraOFM0U4cJ/N9wXav0xdKZY0bkENB5QcB2FIycvm6w59MX1J/HgpZcwQZSdq8RISuCG1W5lGzDTykK1RZjgJTQrNXhVJgJZ4ysYEFXGcdl5RRdtsLVPwqXjexfbvGEFze2XNiVkHBcA4lwKEQVBemTtzJGGPYCzOdFUaJaPoh5GrypgQfdkacpW61rLBceAJ9//NFa7T3y850ggrVMJafbGoigtrdHaXR7O/rZKjxsUSvcIglhVas5fc4m5tRhWlbRDtWoFTvtNgfz9mUoQVjAEpv76uVA8nFdr1MGF1kgi382AC9BT145wmT2qcIac7r0gMr1NDniMNQ3elWkVG+tnTbf4ANF1KFcHgnoK5B5hX3vph+RysDvYoi/S9lvBt4J3ofypM1G3aCTMCYopFYWif+kX/7WpFC0jsY0p3C3QTg1Ypn8hj1mB68JaUwV9JXYr8T0sa+2vqHRGDTFkV0Vqcb60/fruZQaROIhtaQ2AI/q2tZ3GvA4R/gNW4/F2O/WvQHlLBmIqlnKs1QrbZKAmMAE8sB1nWl47VoyWHBF4x6+AjtkGWv7G+PacHlJkOiGL4SQylf7y+MjkUqTNCDhkUBf3d0jBq9IXvHdaHoMzSgX26dLlOIzv6zDmb6OZKGXfQNNaV4sux+GoIdt83L4E3m/Klhq5URkX92KuTeOOHzfurjVm+oUqZ//NHjU20VNyF58xz236q6ezlkInfl7zO8RTwoJ8cJA2VYKVYvbVyYS7nbUtWuUEnlN/4qNUWDNMNZ4NM9np8yWHmU8Kv5kemTU2GUccHmxEp4ubln14BbD61nsoNjUjcq8xvCFMB3hHEYdBfGnIxr3sZ3NjjIxDgiUKRyGcpQMWtbyEoebw358LSDshvrUqYv8Uw8mHmEF8VKITddLRw1M4Q3ZwBe4rqG5qUUOklnG9z0AF3BJUfh3Ru/oHabUNE/QjMQ==
C:\Windows\tasks\40db1533-f551-4998-8bca-934da85073e3-10_user.job - C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-10.exe /rawdata=W6RMZMjQeZg2hn1GhYNJi+Ob5Dcla/896ZY3jUQz9HUITYb9l7I/1yCaOL7LbqDl+PPJl1rv+iZ+bmOh/YSo03BegLWdNvcNHTpBWX/t2FgcVDVHtRg8u4moCZRL0Fq3fIU9GNJk4BvhX/Dyw2SYLTk4EAi4dIXogWVT2SCs0XWOpzzKOp+m24yQLVtjyuwjIZ377W/qNp11klgwotF1X2jm6jBHm6eRMuTTQkyjNmbk1wi1bj7TOLIgfr8+aAFgrGBtdzG3IK21Diuq/QWF3qW0rSRBWfdZZ8U3vYJ7k7zw2FIGG/r1uY131k8EZfGzoWh0x1xIDSDlhPUZRXhOC3+qZd2O7oBOXLAzt3XxrzksEYNvRv9syXl5ahrgVq2RsLu+ypePGbGIrtVqWRJTXQdWl2+ipDfo8rVkSUsm/YYSFeAlHOTbjrbQEin+kapTNvnRF/7tYvmpaRx7WT9u5AQTBGmVgEcg4uK4U/oVJwAUj60vInu+g/P0u3u75MHWhHrnPyp8ddMULNVvh0s6+Zy5OOX9cT3J5YFQdJimjw0KTef3TFSZqtzJEEPrXBXdy3AkLWqz22gn0ZFQLuhAm0z1yZNiANdtI3q4KI9fO7ePb93NkuuP/hmjy1YC4GHW0CYdhuWdugarIWrCo1vfs4TSSzTLPAsu9AwU63zvBeUbE2y0rWtfo1OsSWoL0tPQQ8fVAQ/uZpz0lM7RqVOOLEAFaqdJqgfQuKvCHMLt68V2cvahF875mZE/6xqBkAjWwKgHjbGfKzDrn1CYG2S0CIlwBB7ZJmceTqfAbKtlo0xVDMxRvqO/aWoPEow7rtfNQ95gQJG4t9t+4aGagK2WUg==
C:\Windows\tasks\40db1533-f551-4998-8bca-934da85073e3-3.job - C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-3.exe /rawdata=MxSvmyJl7+l3k5AbdcC4a/4VpmCIYhPyowgxHtWlOyojR5xO360gACtXDINQvpzozLP9Ju/B0bliQOly25iDj8kMUfYFJirkBda3laxOJuSj8xDe/L94vhgmslxAxLsk+J49QIKQai5+Y1Rw1vLBJ01QCGyB9mVAG+VrkngvovlY5WmXh9wN4JZLQljYAKg/nnRlRHYGT/jVvUfZQxOrj4BhySX7IGgNujK5J9mO4z6U46ynzhVJAXKw0UFbrXBkKbY28jcft+IeIRHQ3cPiPWZS5KMk/4zxH2zoRe+RtjD4P+vKxPHFusoPd1nLAYUNM1hh9VhUOS+z4y2i8h/oGzntAlA7ubvlF0t7FKfB2aG6ppVBGT1V8YHmTipuqVvtpon5tSx4cBioTZ4qFk2mrsZ5P6QKzlKiYnHF/Q7Z767bgq99MtNa0isG066qgVfIDMrKmN7g1beVhJ3UzDAFT7DKd/S2UtQSTcTHRxre/VMZNhIQQHQG84ndcVn6qI6UHoQCy5VuCIDyW4J9PMP7pQrNonHktPMAvAIWCEfWW6vJ05H88GLGc8uIsuzfUJfy2Hqn0EmaSVP2XJiSCDYmHaynVxM4RbSBVjAajgrKv4nHfnA+tJnLgqgJeutERvgpso4t7NDtUnCbqSJb90KeWfojYxf3awBU2+4N3xoo/oZlnalGGvqCzmM/Fi+vMcPTKJbm0mHWC81vaJW9udnzeo/b7cFKlByGOztkP5NBSWTIU9tnvnFtdNSRjIMVYGIM+VY3bqV3eV5qQazcAnjMosHN0M3BSmkJgwDiZegJQZreTQgzxa8bT7feU1CNp3NsJww674X+bqz9/eQEt1+6BJ38OQZGPj4T7mhC5tanWHm/onm4WLjrW+ti75TiL50lbTAzsr75cD/HVwAcC44j5plWHSX22nB7EFmUUmXF1gwsJ0kFJsvR6dTn/tY/Hd9SPUBR1ZQLhCgobMOKuiInCxGqbNLNqL4JdmNwL5HflRQK7zkXzyuppDI0N0mPPEdGB1Zm3OUqkntofp0R8WAdCYL6Yt9Q4fLmI5fbfHRXS5O5eIn4Z0IywoA9RFEgCFb3PdorGEsqPE+NEZ0XaM+STswNuoxTGMGdzJ8LFajBA3jqQQCrGd/Wwc4R3EKZP/v+OE7v+jPz40dCdccsayGEuixS5y74CmcLKSQNxDB6xPNUFUzeFG+niQT9WFkhcI4PNuLRvD3xkUXZu1aNC+q5pVyaRsjWSC9WhpRYeFzhT/ZXnztpDkTaClYXLY/YpT62ZUQHoazXkTqLKdagdZFYS6Mm/qZ0Vqzf/3Wq2+4EJywdcSsD43dUv0TsdgI750MaGGIwdeMCYFkC15Rbzds63J0KxfZ0KFGMJHNfhd9HPt4D0fwTD2DSQViX87bGFPrpXNLJF63//Y8h++RBJ7SHJBNZYFJG7EBbdifC9XVHXSvmd5Sss4BoNHWMzSudCj8ujr8xmNGDoXHdaji+yGLkFG50FLwwk1vb7zv/xlV6CNse//rozAo4YzNCWH1XJg47J24f2G7H94+lbrEMOdoW+sA/wgcg6mVkjmNBk70amVeE2FnxPdLJjwTEn7kcF8fIzA8WiZkmse9YChUhw+uqqm9QDtxbtESyvJv3Svn0OafHEkR3eeA2Z6ETzqZ0D09v3xI854pSwgWKQmD3YDBaDQfYY26KJSEjtChWVsd4nt/HJu287QIdAN+2xpEK0Sn+Gd1QJhrEqxiPxsN57sYaJ8X1mom65p603x1b2Mw9HZTS7UZtLnls1MHQWut9Sj7hs54g9ECklggoY/vNvspLtil6sOvvpkS8nREIrYRUIm0GoADQVN4+6UGDD6HdVRcjMOb9OuhBHarAy8vWUg+MqQ==
C:\Windows\tasks\40db1533-f551-4998-8bca-934da85073e3-5.job - C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-5.exe /rawdata=bi4ycwFnmQRXTS7uesDVD5/aDkk50B/y7XAIwJwPcX8NZW7MjYN0U6/IYeQl3JfVc9dF2iiE7X7gWEvcT6CZYd0UgXcERrgWHVhVS9WW9vqS9jMb1R6qGI+kVF9uAtgvAAc4noMzz12yb5VfnAM6haKPYoAx3/9M1ADy6BKNfPZnn42HtD48Shhn46ACAUXoCX/vR4HsEds0RfeetewQl++FwXWhGEe0bciQoqN2TOYh0RXY+4Cco4uIFdJW7C2CDYcySYY8DpcKfd0OlCgQ9hga0FlI5W84hpxkw3LyTacf5CQwbVxKOYDnNenkW+DhCeWPoCrS6Z2bcodPAg8iVLmSoPi5Lez3kpChQPSG/imMW5K1/IPrV+Mq6xfOqi6/LAD7iTJa5FiqZMAjnMBbtQAfCsVr5I7IR4xNzf7uE47RxHo0Kg4YRcgxFocloUnwRBJtJ1PuQyqF/8MAdmr6c3jwxGr6TsKma0fwaN2o2zsNMoxgogu6/EKaqrS4avL7HNaki51pGJtMvVAYznfF741z7wePQWUPtSN4o106fXrMNOREGBJJxPYQj5z/Sim8mEZerKH+evPWzp9ijUpT9QndSQsXn+8pHsWH+xitGSlPnij2v352kgFN6ej6waE+QGlsXIlnuv61OPP0ZbzGNGzWEyJwo3IZ3UhIj2909G4qXS4fh4bdOpkX4n+oi3xnNxy5ZGiTMmHHVJGZvbr6VpZMm5WErjnCYuubfmA9U7z7YPPCAVDF78RlFTZuqGqEeWsFaVybeg6Gi78yE8A6A9nUeugJtuAttxzDhsW/lb8bW/ZX7dZbD6WOnz0JhEJnzbsQhNQ5Uhzu/Fuv196OsWuYkR8DN6GFcJ3+gUdiFovW+As3STXCp8rlBfRO5TRRuCA05YKYZDivaPG8+hgCGUz2kuX1u/D1ieAx+d5d1vqiTge++/iODieRVFYz+r1yaH3HzCmRvu/KjbqaGUubDer2+IPuBnm4zwbEEPcdbPlqi1bAgHAAvDQSD+xe0ris
C:\Windows\tasks\40db1533-f551-4998-8bca-934da85073e3-5_user.job - C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-5.exe /rawdata=bi4ycwFnmQRXTS7uesDVD5/aDkk50B/y7XAIwJwPcX8NZW7MjYN0U6/IYeQl3JfVc9dF2iiE7X7gWEvcT6CZYd0UgXcERrgWHVhVS9WW9vqS9jMb1R6qGI+kVF9uAtgvAAc4noMzz12yb5VfnAM6haKPYoAx3/9M1ADy6BKNfPZnn42HtD48Shhn46ACAUXoCX/vR4HsEds0RfeetewQl++FwXWhGEe0bciQoqN2TOYh0RXY+4Cco4uIFdJW7C2CDYcySYY8DpcKfd0OlCgQ9hga0FlI5W84hpxkw3LyTacf5CQwbVxKOYDnNenkW+DhCeWPoCrS6Z2bcodPAg8iVLmSoPi5Lez3kpChQPSG/imMW5K1/IPrV+Mq6xfOqi6/LAD7iTJa5FiqZMAjnMBbtQAfCsVr5I7IR4xNzf7uE47RxHo0Kg4YRcgxFocloUnwRBJtJ1PuQyqF/8MAdmr6c3jwxGr6TsKma0fwaN2o2zsNMoxgogu6/EKaqrS4avL7HNaki51pGJtMvVAYznfF741z7wePQWUPtSN4o106fXrMNOREGBJJxPYQj5z/Sim8mEZerKH+evPWzp9ijUpT9QndSQsXn+8pHsWH+xitGSlPnij2v352kgFN6ej6waE+QGlsXIlnuv61OPP0ZbzGNGzWEyJwo3IZ3UhIj2909G4qXS4fh4bdOpkX4n+oi3xnNxy5ZGiTMmHHVJGZvbr6VpZMm5WErjnCYuubfmA9U7z7YPPCAVDF78RlFTZuqGqEeWsFaVybeg6Gi78yE8A6A9nUeugJtuAttxzDhsW/lb8bW/ZX7dZbD6WOnz0JhEJnzbsQhNQ5Uhzu/Fuv196OsSJa0yzsgCOu+DbC2TnJrDu9XxeBrJGClBkgU1ZBGx/55rmE0fKy5S9qFN9wArsbBPCVlybz2NrLC0qsLdHFfH3USl/zBRVWqNaKqpTZRXx7uVeAPNTmxn4Cymc4JGkdfd6OXYyL7PXMrYGxz6x8alAoRw3PNqmYJqVCD07Cdwrf
C:\Windows\tasks\40db1533-f551-4998-8bca-934da85073e3-6.job - C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-6.exe /rawdata=XjffwB76v772kFEStwFjM4QG+DKyKrdqeVES3WkCQP64GhC7lmEdN5CeADg2XkXqwLlZdK1hKlugBeaK9SUCCXS7/jOS3gbIX+dyzPdBTFfu1nms1F9dxXYub76CJzl6J/mwlquYI3zjYkAQb8RkkjRvCWCBTp5zG+VVeSVOFBSLTa8xmYmYe+621bZSgqD+iLRdG5g7fXUMOWMLJ6T4pojufmxJbw/jGnhqKdYo1ub5vHLzdptFjvfaHDwDJn59Ne8oZPj9OXNsXpcbG7zrLfyhje4l5kfI7Pi19EJCmqoZqyEjtX6fdtn6WSgE8/edSNUWPNGBgsIO3XPaKbTbrj8nLZ/qI8m5dntwOXuS6y05E9TmBuIRmYmGAPnqmfeKcAHDd7R63Fh3BI7YT5hfJg7XpWp2xzYl1p9MdEjD7DKWeEX/7PA4N22wQkHlJCx6GaoVj6O2UO3x+qjpskwGTV8FR8AjdZGb3TmlfikFtTZTtncJlnv+LQbK4KBdVbpQIuC+vuJ3KIh7aJBOzSZnwvx7CF2pClrOzq/3djeJhaYozFqs5TuW+4QBgwgYXsogXKAJbEER8x2Qfj1fndQrJB9AlueNoVw6tOMRJngBImZ2AxlrWhHEAVUAwYiLlUJLC//mUcmemdOVy3NEm9ulIaMKgSd6bhmak+cIHfSnSJc5k6JbhoROeXgOOOKhlmz9B8DPKzzIWJ7Wjooim9usIW6IgNgdwJ8fGUPr1JXAhIsR2DjJjJz/MkrA6EN10JHSYQ4O4Uq8BcwuKAk3snSoyF1A2WDMJmOg/oU24UOGJHNbg4rQW6O0ULJXO2tBRYv9ge0sacu0VQGYHUHIZgIdgGKroKb4a44CKy3kh7ou4VZv5uom93e5Gl0ASS66zGu3E+po6K5EuL7bQLm6oB4TCfL+zLrukqfvkaZwT/gN3bBGnzSnCdw9hH+gljn/Q04TdmlUPAgbIQ018UcAXElSBbXBFPVLV6c5idnpic0q8g2DZxYOJpy+MmVeRN3jxSNdWbnnsSRM7+CmQHZVZdCcV3RMUBhXqfzSyU4abZVWOxnK1uymQOnqJP0Q3Ohg9fmWfsUCpkQVa3F3Duvl4lsUfhjPFM2YLdIM4J8iDZVdrHi3hIom4Edrja1CtgH1dAPdwAPXn5iSZjMkPXycCleogxX0bWqLN5PgZ0P+If9cn6YAt/cJtx1Tpwn5po8vd2ZHGSksFbEL9RBjeBxfa6hQBUYCKk5w91X3dGcp1idW9/154tuQSE0rp+N4Qaj+9pSv3MYXADVPaJ1DykL2tF5NcicMaaXR+gRGdXqSOehAiuMEl0mHByglz8Lb5TsiXUrygO4M4gYlrkRhf6lfOlJ6fLHY9dEUKOSUGlCROCcgXR63tMoikea2VgTeLwD6rNZ4p1rbNtMevt9A4FYN4yY42xi8Vzhi2NCGpYXwybXy405Tx2PVJqWbd0WsWdtw1rM5YYIryDtvS3laYEWM9riVU6WNhJL151JZqpQjybXi+XEeQ/oSfwRMFShLkqjiPW+NG4cKZrmH4Rido3zzDjPvHN2hwEFuweXFJ710WDG6sTZxuuDTPsItDBETz3/PyjKrXu8j0/Fffjd0N6YFcMjW61yCJWuiuSU6ytrxlXw2isJHU59LA6/ft0u7HyptUetuQZyvZkrH1HX8SHfqG+UsHj8VO+kTz5ayb42pGbncgpW5P1JSObmZsFMJAiklaiNE33/itvbGS3LxmtmPpqr2uCSEc//tXannqqbz9whIxuPIGxDuTQiPUEvOak9aOA4LwxfpoO7abY5L5WBV0JXuo3WcOpTi1JcsWvq9v60pBCo8nzWH8s8gID5ElNfbfQOJ2CqYP3sVC/UY0J5BdAtkOQ2NZcA/j4nybHiBKPxKa0iYBrYa5G5DuXb4J4xk+wz1h+Cr1j93G5H41RoZmKG2AOJzGBJIThgG2tToL/ZJXFQEakyvaD/YTZZf4GrdoRfaKEh9rvZEeXTWnHU+zj6HQhZldCAwCZiZebR5l/eBeT/4NZqvffyAz7vijlnvzvk5sICDikZxmg3zHC8cUlqX1uNYkF1NsZhhwiWhMFm++rvylpC4iRqGjJA0Uj12oH0twpYu05Igw8cNbdjTppubHbP6CXfJXMQ4nq+S/ddfvZBGiip3kSlBWC2kPPNvd+fZlx/nH/N0lK7ECxLLIBCyze6oucCGivXCgX6uokq6BNO92BkdC269BLGL0OcB5720/qxKdudTFbi658dFX2MqNkzM1Gv/wuB6M2Ledu42RZNdleIqNl2ecuRl3VJmZJOZdUemWfc4wfPxpHt8SXsP+teVuXIQvG/OVY06JenVZ9NDFlz8OK0/844kNxT36Xw7kHcP27WsxqAlfjW4uvFMuHptH/weyFlbK17PUmxqCcMLtEi/x+4+Jb/GxkTSFtrh/qtxQsZJ3SMpW50VemVkjsb27CqVT953J5ShXwbLSMqsZ7RQxH8Cn270FYayTCxdz2hJ78TqNWh6TKXBG0IZh6G2TzrpPgU6BBCp50uOCiN0Fio+0vRYX+AdgduiQGIF
C:\Windows\tasks\40db1533-f551-4998-8bca-934da85073e3-7.job - C:\Program Files (x86)\CinemaP-1.9cV09.11\40db1533-f551-4998-8bca-934da85073e3-7.exe /rawdata=O1B7z8C3LtHpu28vMpoygEhEI2AvOQjZ9dJ8N7oNYexYpfI79N7ymoJG+skQeP/E9OhBf9jYCCPkWx1oq2dsFOet+msSlPpn9Rquc/aoLRB4pKrsPS7dMstWvz7FCI7upXPMmSgizEFnZyeHBVjHgs/G7rTO94tNKY1dm8Ex7k0/dDxUseDjVv+IyH8ZU1TMkV6yKXh4cNd7fzKD9k1SO19T7EYXSQoBILPKrJgbiBn961Q3QH4XTesQRXG44+5epH3M6KST2PVOX/oigSq9gRIKv9Ck8Tc/Zf7qwWQMYdqUoL0X0RZhfk5j9BjctZlLeM283LtwXCRJaJDcoJBecka/z4yX6eamZAje5Km5K6jpskE6pLlW0feLxAE9XiIkUaK0hsZ7dmPn/jYYCgAsSqNG11hkJF92R1KpmvvdWj04stXOUTbLpUOLtZ9faZSzhZ2pB2MdHn1jTyKJdaP8LQl/wmkmbGjmph+3yHHjGqYHftOytJs7u5y5o/C2kk+9dOUxwew6xdVyRiiSp5HA8Zi5KGooAJbWxr7PebB5npwAVTYgV6H+bB95EV1vT2XjFJze4JFAwLZz+WvxEUZpGHr5Zzm3U15kNaqRjkYx5digD/ZznkQD5jHK93CWGj0Cey+3PBuzhMZmAGSZV3SUxxfLTj4ex7+iehcneNFOavV0XdyZMUfxCnWipcqNh93OeZKywegQZfyaWgcobxlqYhFUPYx2SFRZRJVMnN1ml+NfHwpmtUxrYQ33604Wu8HLw4eX3a5gCtxLIlEp1umQl69OxjgXzTuc4o8rzDJCox6/0bJB0aM7GZe9LisD+qZkNP/3ZL4ZFdY3q28NUO/qFSrsSEsrwkS/uF8/HatTuIwR62aI7AxMXN1WYIXkEiHoD9w3BHj3h/7+6a4LU/3e4jkOdMPMrmDSfwtPnJvtthL2GCTykDTt9zeKs0KQ8wgWxDzh2OA4XOZRsIX87axze3/2Wp/l83T+9rjkBRqIKVeDzyUOMNULF0r167LvkdbJOXEFhMLG4eWwRgrO7p/WyHDW3OYtPn+0kRaWDuOybxqd37pjguosRLTiNpRVepZg4+tlLkgwHOm1g+GDdz7GqAs4RrFkPEG7Q06DFo1/evoxzWJlAxc4/i18Ndx3Xs7FjkkjAglQUqryDuTNAQez7NIn5Vmlb/A8InrWnUcrzjYSUc5ulfYLHoSEl1TdkRWnf6vRxS5sOORThHf/A4cRJxOSjIZ+L/rkcmMS8x92PgdGp2FMD3NjFBGDg/C2+iaeyA/BoIABcTvNtEUSgQPOLi5iwWuGtliQ0BO6PSKDD6CTmwnGjR0Y/xmL1+avljot1ormCTepVEJzSgJdKStU/3/zi4H/I7U+T/AeWrVuyiq9h+vTL65Av1iO9RyB6+bYwKc7d7omfe6kMDcY2rO14P0j2oVqopsuUWgvBgDZHR0ODajs0dVFcuQYrMVq/kHeP9aAz9bCnUKYBD7tmqsOhEecCF3J5/WNVgW7+pGUlfJS96zKLZmd0Yf2yBiuUj1ZrTkpiwhXwb2Dof9GNEptf8cyYEE0mDlLcsCP+mmSdRB68quOPhHxwhryVlo/msr+2KuydekxSFzau1ZyS8kpZJ7pb1/HrTJOv6bp7MFqiNWTLn66Mj95GyWirwqNtcdBrNcQy4+AIBbdY4oboS2+6HKFtMNN1Qj36LDeoU7DGF5kqWTTWTJDCiS7AgOul4A+tP1evCiOgvCtnszOj9pQuE1zRL7ePww9PiK74AIpqWj1koms5w3ikBxNXxf0dJROx31q2Ey3g6L2xmxSIOgc0qojuVXD4ZyPur1u48YRELHiLGad7kQzQOFz/P0Bl1MX7yg8LY69n2MPFXL2VWQ3BVsKyn8KyaMe0J0q4JPKoqxQG0g6+qG2FPPDURU7zNv3NVbgp/uh1ljQw7usnEygsvygzXUaODGXiRYpsz260BFK/ms3+SING3neruGfonfhaPbqsQPlpQeUJY0LhwY9ZhYx6Lqk4UXwCurCKbtf4LAUkE/6TPR+QmCxexaonBglU3iBzTkoIdIEtkak8w7QD+C7FysRSpcLtPWppFHw8oZdmomoHZpQR40DWVnWXzeaBAx+QX+lJ8UOeb/5/WbRuERwa0v0meGs19K+H7fT9O5BRTZIcz9ABe4wjtsmL0DZ1cvlbgb2yXEI4EJFtUzxADulYZN6d1FOtxLwEtuJZvq0ZTJNj/z/Zsih1H+YSJw2HQvIKUi3BWsyMZ6P4e09ngntViNLpVYPDeB2kYW+hN1NZtdytH7SLTJirzGi0dIjgYy5QrniWJRxFGQ0SOcqZc+Q95Y9oo8Gn3vQzGe6YNjeDETyu7g0t0zY+4qtMfgKJaTTgUv3yznF71e2h4eIwQ==
C:\Windows\tasks\AlJvJwX6B.job - C:\Users\Marek\AppData\Roaming\AlJvJwX6B.exe --c=ZtLSZKA5SX6mtXl0P1NjRmV7wRLXO5HKS4V7ByhVKvcz7fid0vCBp1osox3qGVRd0Mry9SUpdFTeEfmcS7sC6EFO4t1kBs4SPyVXgdPd44QsliNaz78EnyjZSVplXOSYkluJGdahdsCXEFvER5xFQAZ/zegPPvoE0xxDFEIq3CESIzMQs0FTPQBVwrAhsVaaISjhHMBOg1gILv+McymLIK/8T+zkOvtbjjAQRjN8CX22AafSgGWHqq1rPcG9jI2B8Er9e9BltQwJKPOUcbSM2GJfTlSgOeYG5ZC0nSqEaZqNmzUS94Zhuksjl+8gvQL0gO5/1JOi9iPxJWni8i3F8g==
C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /c
C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-17 885152]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-15 460712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-17 664184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-15 172968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-12-22 2538280]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-12-14 11697768]
"IntelPAN"=C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [2011-07-27 1935120]
"ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2015-06-24 1571696]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2012-12-14 172144]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2012-12-14 399984]
"Persistence"=C:\Windows\system32\igfxpers.exe [2012-12-14 441968]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2013-11-17 9745312]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2013-11-17 5374880]
"OnekeyStudio"=C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe [2013-11-17 789920]
"NvBackend"=C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2015-06-24 2754704]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"Zoner Photo Studio Service 16"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-10-18 801816]
"Zoner Photo Studio Autoupdate"=C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [2013-10-18 801816]
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2015-11-14 3638256]
"OfficeSyncProcess"=C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [2013-04-22 720064]
"Sony PC Companion"=C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [2015-09-23 457088]
"cz.seznam.software.autoupdate"=C:\Users\Marek\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Marek\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2015-05-26 103080]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"YouCam Mirage"=C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2010-12-05 136488]
"YouCam Tray"=C:\Program Files (x86)\Lenovo\YouCam\YouCam.exe [2010-12-05 224352]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2015-11-17 7004376]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]
"DeathTaker"=C:\Program Files (x86)\Genius\DeathTaker White Edition\mousehid.exe [2013-04-09 303616]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\Windows\system32\nvinitx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2012-12-14 442880]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux6"=wdmaud.drv
"wave8"=wdmaud.drv
"midi8"=wdmaud.drv
"mixer8"=wdmaud.drv
"aux7"=wdmaud.drv
"wave9"=wdmaud.drv
"midi9"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux8"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2015-11-18 09:59:06 ----D---- C:\rsit
2015-11-17 19:25:44 ----D---- C:\Program Files\GOG.com
2015-11-17 18:13:48 ----D---- C:\Program Files (x86)\Adobe
2015-11-17 17:52:51 ----A---- C:\Windows\system32\aswBoot.exe
2015-11-17 17:52:44 ----A---- C:\Windows\avastSS.scr
2015-11-17 17:40:05 ----D---- C:\Program Files (x86)\ca373d01-2b6e-4153-b669-af6ed8d41ee2
2015-11-17 17:39:57 ----D---- C:\Program Files (x86)\globalUpdate
2015-11-17 17:39:46 ----D---- C:\Program Files (x86)\RayDld
2015-11-17 17:39:46 ----D---- C:\Program Files (x86)\CinemaP-1.9cV09.11
2015-11-15 11:13:00 ----D---- C:\Impressions Games
2015-11-15 11:09:34 ----D---- C:\Program Files (x86)\GOG.com
2015-11-15 07:44:08 ----A---- C:\Windows\AlienNations_usa.ini
2015-10-21 20:44:21 ----D---- C:\Program Files (x86)\FBReader
======List of files/folders modified in the last 1 month======
2015-11-18 09:59:07 ----D---- C:\Windows\Prefetch
2015-11-18 09:59:06 ----D---- C:\Program Files\trend micro
2015-11-18 09:59:03 ----D---- C:\Windows\Temp
2015-11-18 09:50:53 ----D---- C:\Windows\System32
2015-11-18 09:50:53 ----D---- C:\Windows\inf
2015-11-18 09:50:53 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-11-18 09:47:55 ----D---- C:\Users\Marek\AppData\Roaming\Seznam.cz
2015-11-18 09:44:22 ----D---- C:\ProgramData\Origin
2015-11-17 19:25:44 ----D---- C:\Program Files
2015-11-17 19:21:56 ----D---- C:\Windows\system32\config
2015-11-17 19:10:24 ----SHD---- C:\System Volume Information
2015-11-17 18:26:01 ----D---- C:\Windows\system32\Tasks
2015-11-17 18:15:29 ----SHD---- C:\Windows\Installer
2015-11-17 18:14:54 ----D---- C:\Windows\SysWOW64
2015-11-17 18:13:48 ----RD---- C:\Program Files (x86)
2015-11-17 18:13:33 ----D---- C:\ProgramData\Adobe
2015-11-17 17:59:46 ----D---- C:\Windows\system32\drivers
2015-11-17 17:52:50 ----D---- C:\Windows
2015-11-17 17:49:36 ----D---- C:\Program Files (x86)\SpeedFan
2015-11-17 17:40:56 ----D---- C:\Windows\Tasks
2015-11-17 17:40:25 ----D---- C:\Program Files (x86)\AGEIA Technologies
2015-11-17 17:35:51 ----D---- C:\Program Files (x86)\Common Files
2015-11-16 16:32:21 ----D---- C:\Users\Marek\AppData\Roaming\Webshare
2015-11-15 21:09:13 ----D---- C:\Users\Marek\AppData\Roaming\Skype
2015-11-15 07:43:17 ----D---- C:\Users\Marek\AppData\Roaming\DAEMON Tools Lite
2015-11-14 09:06:27 ----D---- C:\Program Files (x86)\Origin
2015-11-12 20:14:28 ----D---- C:\Users\Marek\AppData\Roaming\vlc
2015-11-09 20:41:38 ----D---- C:\Program Files (x86)\TeamViewer
2015-11-04 13:23:15 ----D---- C:\Windows\system32\catroot2
2015-10-31 09:17:45 ----D---- C:\Users\Marek\AppData\Roaming\LolClient
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2015-11-17 65224]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2015-11-17 273784]
R0 LHDmgr;LHDmgr; C:\Windows\System32\DRIVERS\LhdX64.sys [2013-11-17 39008]
R0 nvpciflt;nvpciflt; C:\Windows\system32\DRIVERS\nvpciflt.sys [2015-06-17 31376]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 speedfan;speedfan; C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2015-11-17 93528]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2015-11-17 1059656]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2015-11-17 449992]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-11-20 283064]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2015-11-17 28656]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2015-11-17 97648]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2015-11-17 154256]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\Windows\system32\DRIVERS\AcpiVpc.sys [2013-11-17 29792]
R3 clwvd;CyberLink WebCam Virtual Driver; C:\Windows\system32\DRIVERS\clwvd.sys [2010-12-05 31088]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2012-12-14 5353888]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-12-14 2677864]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]
R3 NETwNs64;___ Ovladač adaptéru řady Intel(R) Wireless WiFi Link 5000 pro systém Windows 7 64 Bit; C:\Windows\system32\DRIVERS\NETwNs64.sys [2011-08-03 8604672]
R3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-06-24 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2015-05-19 46768]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUVStor.sys [2010-11-30 307304]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2010-12-22 1407024]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 HTCAND64;HTC Device Driver; C:\Windows\System32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2013-10-17 36928]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-11-17 174416]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-07-27 1517328]
R2 GfExperienceService;NVIDIA GeForce Experience Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-06-24 1152656]
R2 ihpmServer;ihpmServer; C:\Program Files (x86)\RayDld\ihpmServer.exe [2015-11-10 271464]
R2 NvNetworkService;NVIDIA Network Service; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-06-24 1868432]
R2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-06-24 23007376]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2015-06-17 937616]
R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-03-02 75136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-07-27 844560]
R2 RtLedService;RtLedService Installer; C:\Program Files\Realtek\RtLED\RtLEDService.exe [2010-09-30 311296]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-09-11 5702416]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 2291568]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 globalUpdate;globalUpdate Update Service (globalUpdate); C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-11-17 68608]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2012-12-14 277616]
S3 globalUpdatem;globalUpdate Update Service (globalUpdatem); C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-11-17 68608]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-08-18 111616]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-07-27 340240]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-11-14 2099720]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-06-10 155520]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2014-02-25 568512]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-11-16 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyskakovací okna
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Vyskakovací okna
ahoj,
vycisti PC s ADWCleanerom
vycisti PC s ADWCleanerom
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Vyskakovací okna
log z adwcleaner:
# AdwCleaner v5.021 - Logfile created 18/11/2015 at 11:54:42
# Updated 14/11/2015 by Xplode
# Database : 2015-11-17.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Marek - MAREK-PC
# Running from : E:\Downloads\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : ihpmServer
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\RayDld
[-] Folder Deleted : C:\Program Files (x86)\CinemaP-1.9cV09.11
[-] Folder Deleted : C:\Users\Marek\AppData\Local\globalUpdate
***** [ Files ] *****
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage-journal
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal
[-] File Deleted : C:\Users\Marek\AppData\Local\Temp\task.vbs
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-1-6
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-1-7
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-10_user
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-3
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-5
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-5_user
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-6
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-7
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-1-6
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-1-7
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-10_user
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-3
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-5
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-5_user
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-6
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-7
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKLM\SOFTWARE\829d1f93-71a5-4522-8aba-58d0756b7541
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\CinemaP-1.9cV09.11
[-] Key Deleted : HKCU\Software\CinemaP-1.9cV09.11-nv
[-] Key Deleted : HKCU\Software\CinemaP-1.9cV09.11-nv-ie
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\oursurfingSoftware
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\RayDld
[-] Key Deleted : HKLM\SOFTWARE\ihpmserver
[-] Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV09.11
[-] Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV09.11-nv
[-] Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV09.11-nv-ie
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV09.11
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaP-1.9cV09.11-nv
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaP-1.9cV09.11-nv-ie
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
***** [ Web browsers ] *****
[-] [C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.oursurfing.com/?type=hp&ts=14477783 ... l0728l0728
[-] [C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.oursurfing.com/?type=hp&ts=14477783 ... l0728l0728
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [14642 bytes] ##########
# AdwCleaner v5.021 - Logfile created 18/11/2015 at 11:54:42
# Updated 14/11/2015 by Xplode
# Database : 2015-11-17.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : Marek - MAREK-PC
# Running from : E:\Downloads\adwcleaner_5.021.exe
# Option : Cleaning
# Support : http://toolslib.net/forum
***** [ Services ] *****
[-] Service Deleted : ihpmServer
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\RayDld
[-] Folder Deleted : C:\Program Files (x86)\CinemaP-1.9cV09.11
[-] Folder Deleted : C:\Users\Marek\AppData\Local\globalUpdate
***** [ Files ] *****
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0.localstorage-journal
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_lkadffjmnaiokkdncgdlecdegajoiemi_0
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkadffjmnaiokkdncgdlecdegajoiemi
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_hdapp1008-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage
[-] File Deleted : C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.oursurfing.com_0.localstorage-journal
[-] File Deleted : C:\Users\Marek\AppData\Local\Temp\task.vbs
***** [ DLLs ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : amiupdaterExd
[-] Task Deleted : amiupdaterExi
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-1-6
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-1-7
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-10_user
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-3
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-5
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-5_user
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-6
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-7
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-1-6
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-1-7
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-10_user
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-3
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-5
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-5_user
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-6
[-] Task Deleted : 40db1533-f551-4998-8bca-934da85073e3-7
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
[-] Task Deleted : globalUpdateUpdateTaskMachineCore
[-] Task Deleted : globalUpdateUpdateTaskMachineUA
***** [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe
[-] Key Deleted : HKLM\SOFTWARE\829d1f93-71a5-4522-8aba-58d0756b7541
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\YorkNewCin
[-] Key Deleted : HKCU\Software\HighDefAction
[-] Key Deleted : HKCU\Software\ArenaHD
[-] Key Deleted : HKCU\Software\CinemaP-1.9cV09.11
[-] Key Deleted : HKCU\Software\CinemaP-1.9cV09.11-nv
[-] Key Deleted : HKCU\Software\CinemaP-1.9cV09.11-nv-ie
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\Crossrider
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : HKLM\SOFTWARE\oursurfingSoftware
[-] Key Deleted : HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKLM\SOFTWARE\RayDld
[-] Key Deleted : HKLM\SOFTWARE\ihpmserver
[-] Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV09.11
[-] Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV09.11-nv
[-] Key Deleted : HKLM\SOFTWARE\CinemaP-1.9cV09.11-nv-ie
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinemaP-1.9cV09.11
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\YorkNewCin
[-] Key Deleted : [x64] HKLM\SOFTWARE\HighDefAction
[-] Key Deleted : [x64] HKLM\SOFTWARE\ArenaHD
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaP-1.9cV09.11-nv
[-] Key Deleted : HKU\.DEFAULT\Software\CinemaP-1.9cV09.11-nv-ie
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GLOBALUPDATE.EXE
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
***** [ Web browsers ] *****
[-] [C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://www.oursurfing.com/?type=hp&ts=14477783 ... l0728l0728
[-] [C:\Users\Marek\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.oursurfing.com/?type=hp&ts=14477783 ... l0728l0728
*************************
:: "Tracing" keys removed
:: Winsock settings cleared
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [14642 bytes] ##########
Re: Vyskakovací okna
je este nejaky problem 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: Vyskakovací okna
s těma reklama už ne, děkuji 
Re: Vyskakovací okna
za malo
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?