Prosím o kotrolu logu - part1
Napsal: 04 zář 2015 11:12
Logfile of random's system information tool 1.10 (written by random/random)
Run by Ondra at 2015-09-04 11:42:09
Microsoft Windows 8
System drive C: has 271 GB (63%) free of 428 GB
Total RAM: 3960 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:42:21, on 4. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17377)
Boot mode: Normal
Running processes:
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
C:\Users\Ondra\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\USB Camera2\VM332STI.EXE
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Program Files (x86)\Coupon Time\bin\CouponTime.BrowserAdapter.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Ask.com\UpdateTask.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Program Files\trend micro\Ondra.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1 ... XXW0V22PZY
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchsimple-a.akamaihd.net/?affID=mt-re
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1 ... XXW0V22PZY
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hp&ts=1 ... XXW0V22PZY
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Winamp Toolbar Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {2A836234-186C-41A0-9863-40BECDEDED9F} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Speed Analysis 3 - {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files (x86)\Speed Analysis 3\ScriptHost.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Coupon Time 1.0.0.7 - {b7f975e4-2467-475f-9cfd-994f39ab5bb5} - C:\Program Files (x86)\Coupon Time\CouponTimebho.dll
O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - (no file)
O2 - BHO: SecureWebBHO - {D3C24E2B-C820-4492-9B69-11BF7163F998} - C:\Program Files (x86)\Softcomp Software\jpie.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - (no file)
O3 - Toolbar: (no name) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Ondra\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Ondra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Ondra\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Ondra\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4A843355F8030D5EB910D792C116EA6D] "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
O4 - Startup: crossbrowse.lnk = C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
O4 - Startup: Dropbox.lnk = Ondra\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Privoxy (PrivoxyService) (PrivoxyService) - The Privoxy team - www.privoxy.org - C:\Program Files (x86)\Softcomp Software\privoxy.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Coupon Time - Unknown owner - C:\Program Files (x86)\Coupon Time\updateCouponTime.exe
O23 - Service: Util Coupon Time - Unknown owner - C:\Program Files (x86)\Coupon Time\bin\utilCouponTime.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - DTools LIMITED - C:\ProgramData\2WinManPro2\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 21784 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\ProgramData\2WinManPro2\ProtectWindowsManager.exe -service
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe"
dashost.exe {e7b0cdc0-a0ac-40b1-a0c6e04b28f9bc8f}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Softcomp Software\privoxy.exe" --service
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tor\tor.exe" --nt-service "-ControlPort" "9051"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e41a949f-8de1-40fd-9dfb-0769ad135b0e -SystemEventPortName:HostProcess-e94aa0be-4267-4a88-90c9-240eb01bfbeb -IoCancelEventPortName:HostProcess-bf027e9e-bfbf-4427-a8c7-3af537b98da3 -NonStateChangingEventPortName:HostProcess-e2581f29-30f7-4b98-bdb5-ab4b1414432c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fc7c19bc-8c71-4723-9fce-af3c93eb66ec -DeviceGroupId:
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
taskeng.exe {66BA95BC-B7DD-4C84-942F-1023899A3627}
"C:\Program Files (x86)\CinemaP-1.9cV14.08\be818199-9f84-451e-b8d9-88604ee38008-1-6.exe" /rawdata=LGWzbAXYemtHFRrzqE0pnuoz/gI/B7nvya4X5XaxT/J6CQvDEcUKf8Z12whCcDuH8wk2kyx4RFAJSfl+eXpw0T/k3pTHoNYE+t2xrAa5Kv/XJ0icDJ3pUNIVqtM+8rXIyyVIASFMgz1JDXGs0v4ucAhYMW5F9RYzrjVhncaJEZme+MXxmYYlU45tAu06h9oWMff07RF+TqhcBxmSoVGjuScX7jxrkBHRjYTeRE32+iUCxqu1gtjYNpBOuYAoSkqCEqS/m/wq1SCQAJOsw5Pw/7uzUly2Y73T703XEZU3vkicHmBVQnMoVtLo/5TWb/Aq47pB+IDyIJaY3/0Ce/wSZUcN/P5pLwKzy0r/VnCsXTwUkvRsUQeF02K12o0XADJxm4pSgZt0KhxqZbd0JW6VXIed8m6CggggGDM/b2eE8Nlao9I9S03F+vnEZ0Br+YInKIR3W5PToAbty92O9LbcyVHbL+Xr/cfCkvbyv6Ib75zs4hc0n6LACCDRH7Se1HoJDk/S33KbsXoBwW2UI7pOulls9b5LeyBCPaz/+YZNx2pEg7wauJrX/PcSv2v5gBiUsM2yaSbcNfVih8iqnsdvIKaJMOvrwKjAiWQkJ4ZbiPHkGJR+6zSyXr3eEMh6tKVX0SDaaJJE5iVpNs8epOmWQxra+q+lTryVfLZyErO/IsNVMDksweKSQYwh9f3GSTAK53YUlT5m5BUoi37NHqFRsZZbXk4mJi/104pFib0QJ9jeV//9E4fIMtnyIBCbtvmErRE+9XW5S803DTrY9kXk+5gPh1rfMsYoA9zz6OWl34QE6I20jC4H2851+nBEiKK7oBUcEl88nGBLkWGiJw/JGJX/rmNUu73G3M3MFpaP2uj8jTUme9P1QO3OpI1SP80IQdCbCcQ9IvLil+9pbPX32oRTN76lfXu+Gd1TemuLgthUxBeMcCdcXGFa5daJAlJ9OZUJPxgMnvAjsLkOYtTNgP9E+G9rSuBAPMtESCFaGHFRNrsHUV0n7XCXnXoARQ2nodxzSafQC3CEy0ML513r3r2qjUJdLU9Wtp6XaP7BVN+oEzkkbZpl4hRiE6x8lPQ65PvhQdalRr5cgvcjxmqudOtX5UJuDVdWPz8akvl6YxAtH6dDatQsFdQ5S/owdlVLXvIaVIdUF1HJjw50znHKeiYmILlfF9Ics9LwVQsUfFBqfoFwdY0WSxF5adusEINfRWoYnFhZNmEZ8c2aZ25rVomIynKqfhwia7EyOAS38GcPhjTTI7zJAj1wB4XZ010DuBZdfH+YGKMT8e60gu+vC1A6ZaafaJre5FRKY99QrKvsQkTaD2tNZXHTgBTunJ6gGQ8wWg8sFgbTtLper7vMZg==
"C:\Program Files (x86)\CinemaP-1.9cV14.08\be818199-9f84-451e-b8d9-88604ee38008-6.exe" /rawdata=O4ELq//bBlmO15r9LCM8WTUQNtEZEIrcutEnfslL6doy3N/aTapi0yhp9J0GQAkhiTSTmCmnq3fvaVQK+hCrdbhvgvnjSulGuIw4u2SZdWQB97pOR5a6Zmqjlwp8IoddYoZuT4HdG6CchML3uk7CxCqXNsFNESgO1OY91K1cfjFN6mqHIIc7TRbbsaBM8D35NwxoqYX6vrMvCo249926Xkfh0zcSUwA3VJC81Cq7fgs/gJMByWf1LWWmlGmmtRaYlduIp7stBDEoVjmYwT6R7l0i2O9NzJuqI+MhHR9LrpX5b4ScY1Q5CpbXGFE8hWC7xEv0Wm3qm62DsyhNI11yQDFKXRUQ/xAiFDKUW0fePgleUkd9l9yJO69yHAiM5yPsMdN8qChrtQ9XZ1x8sFW8lsyfhgYCez77+UQVdH0V6I6JHqYhrrM22PADEDN6NW9OrB9PTjEMItDVzS1U9/abH9ItTKFN7wKEiPYoZ8cej49i+A6SK5uEFVGZiAYsis0NuL7Zkx4NgV+Lvp7/wFUoLWzU028jE65+dVW5M2fvRBM7ELprd55GBmoWAokYAlq7/eV/sKW6pMC7KEYdMkDUL4ovJR8k6Dcu4nTHLDUqUrI8lLfVhM0ABubXRtx8b3xS6DDOz0yf5rTPS+YFhQFIKJUirrQ0pprpsNnGeFAEbNq+blFiMqMMU4V/dFfOEsnY0/9t/fXc3VkHdORY9ImefblGbo8/QTy7qL3Zm8oYIqsEN5ICb92fTPNp8qy5RXXzo3xB/9X0d9nU//uW86N+LDQbSdroxf6Ee00NcOHy/wUjo1RYCkUtFkP3W4JmyWEHcH2UYIpWcxbO4UESiBwUYKS/tF6EHzlUbqZjlkWRCA3sJBpSPI9aptC0neg2aSonvGxevIrf/kGUMOo9rWbYy+q43wGMf420vuHszOMCrhBcb47ABB6CQ7Tr/nT5r9ByU4wZvXFrC9DoAHV0pnQbgh0da3i7ZQWpOD+ktRVpflR3ivsmd5fYgJXZx/ZC5w6iNXpTCpsUfjoH/gEWsDtROeHsLEx+gkKHIoB2HCYT0dPuBw3M5NXUK3S15n5BMuS57RM671hTMKBR0E824ZxqOjOIrOhLvkqDy9jF31WNH1Vc5WO05zCgjgvtOuSisJ2V54K3K7Zxyx8WFUZY4Tkk1KtwsBnrLOKtMGlvsRXr7Hs76RivKZ6rH9FJxpzmSRXc0BAhmxHh3hiYHp1RCpX/kZFWMXyE0xFISsoxsWqsY3Ekl7TQiligM8J7TNseGtKW8UjRPySRreTbkM7UY43Mg/eknTb1l/iuxGGqopf8YkVthSh1UnbagLZ12o1jD3RtwqV93tU41rB8YY8a/7eQDSyStC/VC6V1Z/rmafvlqrVB0JOuy5dml9HZyXoU9BTmJMnQbTd/bYnwWgFRSQDwFR9BpBbsukCW14q8rb1z6Mlz7AjyCk+998V1APytdIkGJP7DrIXWE148e+7YtGIEgR6bHKMwgaROjIPxG7a761CkUL/7NCi8axLtgAdv/CEuVTMbbBpT1wrXSwUXFd3B5CruTju8IUE2n75t7Alfkx1wR8UpbNphwdGMBBzEbyt9QIB1NGXtSLJEoG5b9BsGfqlMq+KVls929qBaifaz9EIu+0lNWjNYOoAOX9hAEO1G0LQXurgV15RdBaovYOK6lnDqPj2Yx+6iLSZNX/BvCmAvqb9/75uwg++DXsUIpc1iOpjdxQwsiAtukHw/h2U9dFoYs+hyL1m7YRGk/J0J8Q1cqzVq3sZjyH6wekCOOt0SD3ZtxfPbbXi2d9GUIMPV9AgYvUEBqH+SL+CsAEdP/2huzeNzJsMFzxBK27aA3Q7F59Do9iQcnAQpXzr++fr2V3zRSm16NVf6iAUAoMcYEoBv5bHxyKvFsTfkDr13LDaWCLTPNvUJHSHcmlsOh8rNHn4wrbbQ9O5PFFZsysnGRBpqqDdFjFOq9sGZJ/DaYgPFvvluiCYEFjxdeWM+ukz4jQPIhUpYhnZLwwO4YaclUD3/8XfwDyEVMbVkg/3s8ZzkNpUeAaX7lQpEGtXuhu9flIw6rp9wxnT/z/FRy9NPZvK//Q1wOMV8Rw+YeIw9oePL8OjU/Hf6AVBiiHwb6GUB8hZ00JbQTPrQd9fPtVX+93bCQre1P1tAlskGXQxRZO1tXdiMQvOfne6yZsUx4GmPHSXpQ5LdSP8QCBEQ0baDyH5e7laCe0FTZSIoTWPrdu2Da81lFL13b1EohUXucleOqTX3LzLmz6UTKexw9yjSvTLZnKUSOBQ8fTiAFpuFZNYfUN6ZJpJDSZM5/g9YWAJdjjS3KeVyF7ihl9wj9TfDY2I4QAxQ7cZEjxbQT0WTPOtPavQ/VadnsBaRr0iV/kYkzEVIG+Z4PTrgbAMpCwWDeX+T0DHGripBtxsP0XTfBz++h+ysnP2wvIvQJCT0IhTWOk5ogi5frncuKCZF3JN4/cqlNIf+Ml8vlOeGXGjfj+nVDMPDALXF+W/JCr0JmJlfGrr2u9f8t8HK/5U8ASpX29GIH+V/Yr1JhelQmSEdgewk
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskhostex.exe
C:\windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe"
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe"
"C:\Users\Ondra\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\USB Camera2\VM332STI.EXE"
"C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --type=gpu-process --channel="5780.0.2103910020\153846135" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2828 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Ondra\AppData\Local\Steam\htmlcache" -steampid 5764 -buildid 1439401440 -steamid "0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\windows\system32\wbem\unsecapp.exe -Embedding
taskhost.exe $(Arg0)
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 1f0 -InterruptEvent 0 -NGENProcess 12c -Pipe 124 -Comment "NGen Worker Process"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
taskeng.exe {EC909CA7-F3A4-42F8-9F75-591E58EA6485}
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Program Files (x86)\Coupon Time\updateCouponTime.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Program Files (x86)\Coupon Time\bin\utilCouponTime.exe"
/ch 8cff0b56-4b93-4b4e-95ba-c566928ab2a0 /ie 3c8c22ec-8272-47e3-9b51-bf53b784838b /z "n=CouponTime&is=reamrsCZ&dpt=20"
/ch 8cff0b56-4b93-4b4e-95ba-c566928ab2a0 /ie 3c8c22ec-8272-47e3-9b51-bf53b784838b /z "n=CouponTime&is=reamrsCZ&dpt=20"
"C:\windows\System32\Taskmgr.exe" /3
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\windows\system32\backgroundTaskHost.exe" -ServerName:AppexFinance.AppXkf55n7dtthta2mns6eq299x0n82sxq98.mca
"C:\Program Files\Internet Explorer\iexplore.exe" http://www.oursurfing.com/?type=sc&ts=1 ... XXW0V22PZY
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="16296.0.1538328031\326473168" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2828 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/DisableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="16296.2.830183218\1386003067" --font-cache-shared-handle=2164 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/DisableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="16296.3.1139506230\2100574174" --font-cache-shared-handle=2248 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/DisableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="16296.4.23721481\1779773366" --font-cache-shared-handle=2176 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/DisableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="16296.5.815833467\2135479872" --font-cache-shared-handle=2348 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/DisableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="16296.8.546764986\1099143718" --font-cache-shared-handle=6372 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="16296.9.2115803431\587114264" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:12884 CREDAT:2757899 /prefetch:2
"C:\windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
wscript.exe //B "C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\..\updt.js"
"C:\Program Files (x86)\Ask.com\UpdateTask.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\windows\system32\backgroundTaskHost.exe" -ServerName:AppexTravel.AppXzhp7et9szc37245rrdmnxvs7hhpmh8rv.mca
taskhost.exe
taskhost.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
C:\windows\System32\sdclt.exe /CONFIGNOTIFICATION
C:\windows\system32\wermgr.exe -queuereporting
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
C:\windows\System32\AutoUpdate.exe /Auto
"C:\windows\system32\backgroundTaskHost.exe" -ServerName:AppexSports.AppXpgfzkkax0p24b53pgd813d7zpchsy299.mca
"C:\windows\system32\backgroundTaskHost.exe" -ServerName:App.AppX42r8evwg359fn5xfrxhj5nv2n3dnya3e.mca
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\Ondra\Desktop\RSITx64 (2).exe"
======Scheduled tasks folder======
Run by Ondra at 2015-09-04 11:42:09
Microsoft Windows 8
System drive C: has 271 GB (63%) free of 428 GB
Total RAM: 3960 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:42:21, on 4. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.17377)
Boot mode: Normal
Running processes:
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
C:\Users\Ondra\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\USB Camera2\VM332STI.EXE
C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Program Files (x86)\Coupon Time\bin\CouponTime.BrowserAdapter.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Ask.com\UpdateTask.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe
C:\Program Files\trend micro\Ondra.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1 ... XXW0V22PZY
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchsimple-a.akamaihd.net/?affID=mt-re
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oursurfing.com/?type=hp&ts=1 ... XXW0V22PZY
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.oursurfing.com/web/?type=ds& ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.oursurfing.com/?type=hp&ts=1 ... XXW0V22PZY
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8118
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
R3 - URLSearchHook: Winamp Toolbar Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {2A836234-186C-41A0-9863-40BECDEDED9F} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Speed Analysis 3 - {A66261FC-B82E-4EC7-9F6D-C2F36B871DF0} - C:\Program Files (x86)\Speed Analysis 3\ScriptHost.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Coupon Time 1.0.0.7 - {b7f975e4-2467-475f-9cfd-994f39ab5bb5} - C:\Program Files (x86)\Coupon Time\CouponTimebho.dll
O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - (no file)
O2 - BHO: SecureWebBHO - {D3C24E2B-C820-4492-9B69-11BF7163F998} - C:\Program Files (x86)\Softcomp Software\jpie.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: (no name) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - (no file)
O3 - Toolbar: (no name) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
O4 - HKLM\..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332STI.EXE
O4 - HKLM\..\Run: [YouCam Mirage] "C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
O4 - HKLM\..\Run: [YouCam Tray] "C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files (x86)\GameforgeLive\Games\CZE_ces\4Story\PrePatch.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Ondra\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Ondra\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Ondra\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [MK LOL] "C:\Program Files (x86)\MKJogo\MK IM\Bin\MKIM.exe" -auto
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Ondra\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4A843355F8030D5EB910D792C116EA6D] "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --no-startup-window
O4 - HKCU\..\Run: [Yahoo! Search] C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrlte.exe
O4 - Startup: crossbrowse.lnk = C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
O4 - Startup: Dropbox.lnk = Ondra\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Privoxy (PrivoxyService) (PrivoxyService) - The Privoxy team - www.privoxy.org - C:\Program Files (x86)\Softcomp Software\privoxy.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Tor Win32 Service (tor) - Unknown owner - C:\Program Files (x86)\Tor\tor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: Update Coupon Time - Unknown owner - C:\Program Files (x86)\Coupon Time\updateCouponTime.exe
O23 - Service: Util Coupon Time - Unknown owner - C:\Program Files (x86)\Coupon Time\bin\utilCouponTime.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: WindowsMangerProtect Service (WindowsMangerProtect) - DTools LIMITED - C:\ProgramData\2WinManPro2\ProtectWindowsManager.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 21784 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\nvvsvc.exe
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
"dwm.exe"
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\ProgramData\2WinManPro2\ProtectWindowsManager.exe -service
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
C:\windows\system32\CxAudMsg64.exe
"C:\Program Files (x86)\Movies App\Datamngr\DatamngrCoordinator.exe"
dashost.exe {e7b0cdc0-a0ac-40b1-a0c6e04b28f9bc8f}
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe"
"C:\Program Files (x86)\Softcomp Software\privoxy.exe" --service
C:\windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Tor\tor.exe" --nt-service "-ControlPort" "9051"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e41a949f-8de1-40fd-9dfb-0769ad135b0e -SystemEventPortName:HostProcess-e94aa0be-4267-4a88-90c9-240eb01bfbeb -IoCancelEventPortName:HostProcess-bf027e9e-bfbf-4427-a8c7-3af537b98da3 -NonStateChangingEventPortName:HostProcess-e2581f29-30f7-4b98-bdb5-ab4b1414432c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fc7c19bc-8c71-4723-9fce-af3c93eb66ec -DeviceGroupId:
C:\windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\windows\system32\nvvsvc.exe -session -first
C:\windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
taskeng.exe {66BA95BC-B7DD-4C84-942F-1023899A3627}
"C:\Program Files (x86)\CinemaP-1.9cV14.08\be818199-9f84-451e-b8d9-88604ee38008-1-6.exe" /rawdata=LGWzbAXYemtHFRrzqE0pnuoz/gI/B7nvya4X5XaxT/J6CQvDEcUKf8Z12whCcDuH8wk2kyx4RFAJSfl+eXpw0T/k3pTHoNYE+t2xrAa5Kv/XJ0icDJ3pUNIVqtM+8rXIyyVIASFMgz1JDXGs0v4ucAhYMW5F9RYzrjVhncaJEZme+MXxmYYlU45tAu06h9oWMff07RF+TqhcBxmSoVGjuScX7jxrkBHRjYTeRE32+iUCxqu1gtjYNpBOuYAoSkqCEqS/m/wq1SCQAJOsw5Pw/7uzUly2Y73T703XEZU3vkicHmBVQnMoVtLo/5TWb/Aq47pB+IDyIJaY3/0Ce/wSZUcN/P5pLwKzy0r/VnCsXTwUkvRsUQeF02K12o0XADJxm4pSgZt0KhxqZbd0JW6VXIed8m6CggggGDM/b2eE8Nlao9I9S03F+vnEZ0Br+YInKIR3W5PToAbty92O9LbcyVHbL+Xr/cfCkvbyv6Ib75zs4hc0n6LACCDRH7Se1HoJDk/S33KbsXoBwW2UI7pOulls9b5LeyBCPaz/+YZNx2pEg7wauJrX/PcSv2v5gBiUsM2yaSbcNfVih8iqnsdvIKaJMOvrwKjAiWQkJ4ZbiPHkGJR+6zSyXr3eEMh6tKVX0SDaaJJE5iVpNs8epOmWQxra+q+lTryVfLZyErO/IsNVMDksweKSQYwh9f3GSTAK53YUlT5m5BUoi37NHqFRsZZbXk4mJi/104pFib0QJ9jeV//9E4fIMtnyIBCbtvmErRE+9XW5S803DTrY9kXk+5gPh1rfMsYoA9zz6OWl34QE6I20jC4H2851+nBEiKK7oBUcEl88nGBLkWGiJw/JGJX/rmNUu73G3M3MFpaP2uj8jTUme9P1QO3OpI1SP80IQdCbCcQ9IvLil+9pbPX32oRTN76lfXu+Gd1TemuLgthUxBeMcCdcXGFa5daJAlJ9OZUJPxgMnvAjsLkOYtTNgP9E+G9rSuBAPMtESCFaGHFRNrsHUV0n7XCXnXoARQ2nodxzSafQC3CEy0ML513r3r2qjUJdLU9Wtp6XaP7BVN+oEzkkbZpl4hRiE6x8lPQ65PvhQdalRr5cgvcjxmqudOtX5UJuDVdWPz8akvl6YxAtH6dDatQsFdQ5S/owdlVLXvIaVIdUF1HJjw50znHKeiYmILlfF9Ics9LwVQsUfFBqfoFwdY0WSxF5adusEINfRWoYnFhZNmEZ8c2aZ25rVomIynKqfhwia7EyOAS38GcPhjTTI7zJAj1wB4XZ010DuBZdfH+YGKMT8e60gu+vC1A6ZaafaJre5FRKY99QrKvsQkTaD2tNZXHTgBTunJ6gGQ8wWg8sFgbTtLper7vMZg==
"C:\Program Files (x86)\CinemaP-1.9cV14.08\be818199-9f84-451e-b8d9-88604ee38008-6.exe" /rawdata=O4ELq//bBlmO15r9LCM8WTUQNtEZEIrcutEnfslL6doy3N/aTapi0yhp9J0GQAkhiTSTmCmnq3fvaVQK+hCrdbhvgvnjSulGuIw4u2SZdWQB97pOR5a6Zmqjlwp8IoddYoZuT4HdG6CchML3uk7CxCqXNsFNESgO1OY91K1cfjFN6mqHIIc7TRbbsaBM8D35NwxoqYX6vrMvCo249926Xkfh0zcSUwA3VJC81Cq7fgs/gJMByWf1LWWmlGmmtRaYlduIp7stBDEoVjmYwT6R7l0i2O9NzJuqI+MhHR9LrpX5b4ScY1Q5CpbXGFE8hWC7xEv0Wm3qm62DsyhNI11yQDFKXRUQ/xAiFDKUW0fePgleUkd9l9yJO69yHAiM5yPsMdN8qChrtQ9XZ1x8sFW8lsyfhgYCez77+UQVdH0V6I6JHqYhrrM22PADEDN6NW9OrB9PTjEMItDVzS1U9/abH9ItTKFN7wKEiPYoZ8cej49i+A6SK5uEFVGZiAYsis0NuL7Zkx4NgV+Lvp7/wFUoLWzU028jE65+dVW5M2fvRBM7ELprd55GBmoWAokYAlq7/eV/sKW6pMC7KEYdMkDUL4ovJR8k6Dcu4nTHLDUqUrI8lLfVhM0ABubXRtx8b3xS6DDOz0yf5rTPS+YFhQFIKJUirrQ0pprpsNnGeFAEbNq+blFiMqMMU4V/dFfOEsnY0/9t/fXc3VkHdORY9ImefblGbo8/QTy7qL3Zm8oYIqsEN5ICb92fTPNp8qy5RXXzo3xB/9X0d9nU//uW86N+LDQbSdroxf6Ee00NcOHy/wUjo1RYCkUtFkP3W4JmyWEHcH2UYIpWcxbO4UESiBwUYKS/tF6EHzlUbqZjlkWRCA3sJBpSPI9aptC0neg2aSonvGxevIrf/kGUMOo9rWbYy+q43wGMf420vuHszOMCrhBcb47ABB6CQ7Tr/nT5r9ByU4wZvXFrC9DoAHV0pnQbgh0da3i7ZQWpOD+ktRVpflR3ivsmd5fYgJXZx/ZC5w6iNXpTCpsUfjoH/gEWsDtROeHsLEx+gkKHIoB2HCYT0dPuBw3M5NXUK3S15n5BMuS57RM671hTMKBR0E824ZxqOjOIrOhLvkqDy9jF31WNH1Vc5WO05zCgjgvtOuSisJ2V54K3K7Zxyx8WFUZY4Tkk1KtwsBnrLOKtMGlvsRXr7Hs76RivKZ6rH9FJxpzmSRXc0BAhmxHh3hiYHp1RCpX/kZFWMXyE0xFISsoxsWqsY3Ekl7TQiligM8J7TNseGtKW8UjRPySRreTbkM7UY43Mg/eknTb1l/iuxGGqopf8YkVthSh1UnbagLZ12o1jD3RtwqV93tU41rB8YY8a/7eQDSyStC/VC6V1Z/rmafvlqrVB0JOuy5dml9HZyXoU9BTmJMnQbTd/bYnwWgFRSQDwFR9BpBbsukCW14q8rb1z6Mlz7AjyCk+998V1APytdIkGJP7DrIXWE148e+7YtGIEgR6bHKMwgaROjIPxG7a761CkUL/7NCi8axLtgAdv/CEuVTMbbBpT1wrXSwUXFd3B5CruTju8IUE2n75t7Alfkx1wR8UpbNphwdGMBBzEbyt9QIB1NGXtSLJEoG5b9BsGfqlMq+KVls929qBaifaz9EIu+0lNWjNYOoAOX9hAEO1G0LQXurgV15RdBaovYOK6lnDqPj2Yx+6iLSZNX/BvCmAvqb9/75uwg++DXsUIpc1iOpjdxQwsiAtukHw/h2U9dFoYs+hyL1m7YRGk/J0J8Q1cqzVq3sZjyH6wekCOOt0SD3ZtxfPbbXi2d9GUIMPV9AgYvUEBqH+SL+CsAEdP/2huzeNzJsMFzxBK27aA3Q7F59Do9iQcnAQpXzr++fr2V3zRSm16NVf6iAUAoMcYEoBv5bHxyKvFsTfkDr13LDaWCLTPNvUJHSHcmlsOh8rNHn4wrbbQ9O5PFFZsysnGRBpqqDdFjFOq9sGZJ/DaYgPFvvluiCYEFjxdeWM+ukz4jQPIhUpYhnZLwwO4YaclUD3/8XfwDyEVMbVkg/3s8ZzkNpUeAaX7lQpEGtXuhu9flIw6rp9wxnT/z/FRy9NPZvK//Q1wOMV8Rw+YeIw9oePL8OjU/Hf6AVBiiHwb6GUB8hZ00JbQTPrQd9fPtVX+93bCQre1P1tAlskGXQxRZO1tXdiMQvOfne6yZsUx4GmPHSXpQ5LdSP8QCBEQ0baDyH5e7laCe0FTZSIoTWPrdu2Da81lFL13b1EohUXucleOqTX3LzLmz6UTKexw9yjSvTLZnKUSOBQ8fTiAFpuFZNYfUN6ZJpJDSZM5/g9YWAJdjjS3KeVyF7ihl9wj9TfDY2I4QAxQ7cZEjxbQT0WTPOtPavQ/VadnsBaRr0iV/kYkzEVIG+Z4PTrgbAMpCwWDeX+T0DHGripBtxsP0XTfBz++h+ysnP2wvIvQJCT0IhTWOk5ogi5frncuKCZF3JN4/cqlNIf+Ml8vlOeGXGjfj+nVDMPDALXF+W/JCr0JmJlfGrr2u9f8t8HK/5U8ASpX29GIH+V/Yr1JhelQmSEdgewk
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
taskhostex.exe
C:\windows\Explorer.EXE
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\igfxtray.exe"
"C:\Windows\System32\hkcmd.exe"
"C:\Windows\System32\igfxpers.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
"C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe"
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
"C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe"
"C:\Users\Ondra\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
"C:\Program Files (x86)\USB Camera2\VM332STI.EXE"
"C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" --type=gpu-process --channel="5780.0.2103910020\153846135" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,6,17,38 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2828 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe" /s
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files (x86)\Winamp\winampa.exe"
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\Ondra\AppData\Local\Steam\htmlcache" -steampid 5764 -buildid 1439401440 -steamid "0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
C:\windows\system32\wbem\unsecapp.exe -Embedding
taskhost.exe $(Arg0)
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe -StartupEvent 1f0 -InterruptEvent 0 -NGENProcess 12c -Pipe 124 -Comment "NGen Worker Process"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
taskeng.exe {EC909CA7-F3A4-42F8-9F75-591E58EA6485}
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Program Files (x86)\Coupon Time\updateCouponTime.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Program Files (x86)\Coupon Time\bin\utilCouponTime.exe"
/ch 8cff0b56-4b93-4b4e-95ba-c566928ab2a0 /ie 3c8c22ec-8272-47e3-9b51-bf53b784838b /z "n=CouponTime&is=reamrsCZ&dpt=20"
/ch 8cff0b56-4b93-4b4e-95ba-c566928ab2a0 /ie 3c8c22ec-8272-47e3-9b51-bf53b784838b /z "n=CouponTime&is=reamrsCZ&dpt=20"
"C:\windows\System32\Taskmgr.exe" /3
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\windows\system32\backgroundTaskHost.exe" -ServerName:AppexFinance.AppXkf55n7dtthta2mns6eq299x0n82sxq98.mca
"C:\Program Files\Internet Explorer\iexplore.exe" http://www.oursurfing.com/?type=sc&ts=1 ... XXW0V22PZY
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="16296.0.1538328031\326473168" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,20,45 --gpu-vendor-id=0x8086 --gpu-device-id=0x0106 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=9.17.10.2828 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/DisableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="16296.2.830183218\1386003067" --font-cache-shared-handle=2164 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/DisableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="16296.3.1139506230\2100574174" --font-cache-shared-handle=2248 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/DisableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="16296.4.23721481\1779773366" --font-cache-shared-handle=2176 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/DisableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="16296.5.815833467\2135479872" --font-cache-shared-handle=2348 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/AutofillEnabled/Default/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*ClientSideDetectionModel/Model0/*DomRel-Enable/enable/*EmbeddedSearch/Group7 pct:10g stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/InstanceID/Enabled/*IntelligentSessionRestore/Disabled/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PluginPowerSaver/Disabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingSocialEngineeringStrings/Disabled/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SlimmingPaint/DisableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_91/*UMA-Uniformity-Trial-10-Percent/group_06/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-delegated-renderer --num-raster-threads=1 --gpu-rasterization-msaa-sample-count=8 --content-image-texture-target=3553 --video-image-texture-target=3553 --channel="16296.8.546764986\1099143718" --font-cache-shared-handle=6372 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="16296.9.2115803431\587114264" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:12884 CREDAT:2757899 /prefetch:2
"C:\windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe" -Embedding
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
"C:\windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
wscript.exe //B "C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\..\updt.js"
"C:\Program Files (x86)\Ask.com\UpdateTask.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
"C:\windows\system32\backgroundTaskHost.exe" -ServerName:AppexTravel.AppXzhp7et9szc37245rrdmnxvs7hhpmh8rv.mca
taskhost.exe
taskhost.exe
"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
C:\windows\System32\sdclt.exe /CONFIGNOTIFICATION
C:\windows\system32\wermgr.exe -queuereporting
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
C:\windows\System32\AutoUpdate.exe /Auto
"C:\windows\system32\backgroundTaskHost.exe" -ServerName:AppexSports.AppXpgfzkkax0p24b53pgd813d7zpchsy299.mca
"C:\windows\system32\backgroundTaskHost.exe" -ServerName:App.AppX42r8evwg359fn5xfrxhj5nv2n3dnya3e.mca
"C:\Users\Ondra\AppData\Local\Pay-By-Ads\Yahoo! Search\1.3.26.12\dsrsetup.exe"
C:\windows\System32\svchost.exe -k WerSvcGroup
"C:\windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe17_ Global\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\windows\system32\SearchFilterHost.exe" 0 576 580 588 65536 584
"C:\Users\Ondra\Desktop\RSITx64 (2).exe"
======Scheduled tasks folder======
