snapdo
Napsal: 07 zář 2015 18:45
dobrý den,prosím.stáhl sem si do pc nakej humus jmenem snopdo.dělá to bordel v prohlížeči a buh ví kde ješte 
prosím jestli bylo možné že by jste se mi na to podívaly....a pomohli mi nějak celkově ten pc vyčistit jestli tu něco bude 
Logfile of random's system information tool 1.10 (written by random/random)
Run by michal at 2015-09-07 19:39:43
Microsoft Windows 10 Home
System drive C: has 618 GB (68%) free of 912 GB
Total RAM: 7375 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:39:47, on 7. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal
Running processes:
C:\Users\michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\GameforgeLive\gfl_client.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2FcBxkvHPRrtnErSaxd7ue8heSKF-e17q934ATryFfgU0z7EZ4EwOGO-Vi1--xMGE9HGC0LjoNKn8ZaIOWZzjHMp0LolhFjE-WB3lPT8jaGQv0r8CiM6EYYokQEVqWepCRBoABeWS2e2efM&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2FcBxkvHPRrtnErSaxd7ue8heSKF-e17q934ATryFfgU0z7EZ4EwOGO-Vi1--xMGE9HGC0LjoNKn8ZaIOWZzjHMp0LolhFjE-WB3lPT8jaGQv0r8CiM6EYYokQEVqWepCRBoABeWS2e2efM&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\michal\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [MurGee.com Auto Clicker] C:\Users\michal\AppData\Roaming\Auto Clicker\AutoClicker.exe :silent
O4 - HKCU\..\Run: [OneDrive] "C:\Users\michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\michal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\michal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: crossbrowse.lnk = C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
O4 - Startup: Metin2Mod_PL_12032015_5154.lnk = C:\ProgramData\{2539c2a8-58b8-d03a-2539-9c2a858b0aa1}\Metin2Mod_PL_12032015_5154.exe
O4 - Startup: Metin2Mod_PL_17032015_5211.lnk = C:\ProgramData\{e7d1bd39-3f12-001b-e7d1-1bd393f1f4e4}\Metin2Mod_PL_17032015_5211.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Application Hosting service (Application Hosting) - Unknown owner - C:\ProgramData\Application Hosting\Application Hosting.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Compliant Host Controller (cohci1394) - Unknown owner - C:\Program Files\Controller\cohc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 13182 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-70658e7c-f5ab-4a17-a4c0-18693712c85d -SystemEventPortName:HostProcess-06c6e71a-7f09-4784-9d3e-c255a643b8e7 -IoCancelEventPortName:HostProcess-10664c9f-da4d-48ef-8e50-6a912de088b8 -NonStateChangingEventPortName:HostProcess-2c20dd50-1d4a-493f-ac21-5bdcca70aada -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:eeee3e06-83ba-4810-a815-5fc5bad1e9cf -DeviceGroupId:WudfDefaultDevicePool
atieclxx
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
dashost.exe {67a37218-7b61-4965-bdb8320a84edb5c6}
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\WINDOWS\system32\CxAudMsg64.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
sihost.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\RTFTrack.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
"C:\Users\michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\michal\AppData\Local\Steam\htmlcache" -steampid 13876 -buildid 1441333420 -steamid "0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=7484 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-gpu-compositing --channel="7484.0.1841625091\620579024" /prefetch:673131151
"C:\Program Files (x86)\GameforgeLive\gfl_client.exe" "/noautopatch"
taskhostw.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Users\michal\AppData\Local\Voltfase.exe downloadx proiuctpro
"C:\Program Files\Controller\cohc.exe" /s iid=1561578 did=APSnapdoAMRev sid=3 ref=a5923999-c859-e48c-acb8-53f07f99a33b-PolicyMac id=5f3fed685ac490886d0e7272fc9ac0e0b087307775ebc5e8cacd67b679b52a41
"C:\ProgramData\Application Hosting\Application Hosting.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
consent.exe 1012 348 0000009F25004160
C:\WINDOWS\system32\browser_broker.exe -Embedding
consent.exe 1012 372 0000009F23CB74C0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\michal\Desktop\RSITx64.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe27_ Global\UsGthrCtrlFltPipeMssGthrPipe27 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 596 600 608 8192 604
======Scheduled tasks folder======
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-1-6.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-1-6.exe /rawdata=scvoYS9jcheyGacd/9ylc2eq+cxaYJYQ2GPU3MyvSGN8wXyVAd1IOmOSjloDJ2Shtu5wcBLs6nRPFJ2/l6IXNHWyjmknU/OIY+wd5LFshePOvIy4dxbvqaQ8KA1+qDPE0CVyT33lgV7owDKulJXxEzSU1rJtEOhlgm7EFh2kwTAzIRTJ76eopQeujUXxbUcQYoxMhF6G29FDwRXSYPHdG2xO5O8canyJq3Lvv7HacOqHDlk5ccyUXeTnEtPRxm4Mvf9OPepiDisqbGYp8TK/81rdn/v/RIKVB1GAjzcfltcFVESeJtmfujgXmebxpFCzRwv5ZSCFD48Kd64opKjquWdeUPiQ6t8JidPakdpu7yEvWaHJPszLngZq9/FWzQ/6e4tJuE4zsY/M8p24oWYQkRv0kQjiy6PPxEgCK51z+zsLKF4KwbKN4mqf5kePttKy+sT8XuQrQjFnLq1eQGVN82wnTCd/hN3JUxDWQI0dacszOjQw0GWSow9/qR7E5eVuLYoIM16kvTFBNfnOBUOd3OmOP2pXlPewFpuxsbzszoyAPgPIBDojNI4xckLLANanqbTpJ/KoWeZ65hEs5kWY2eltLnHk06pZc3YbyjpBHJC6nNbXbjv3EDcsTkazEqtqYxrUru+ew/w8Qfs4nyMLTmjflrzm0iVjJWwXye3uw+U9T2pJxSxtehndui/3PQnePSxT0lRH8ws1PtgWGN/ValtshkgWhv18wdfwmcUtXGaL6qfXis0G7Js5AXROZByC+D0CloZekfkBGpDbDxZw8vn5wUypBdJN96TztiUFIP6t4IWM+Ui3AnYGaO8B/RRkNfoiR8SWdOzhberxtNmcgJbwbioglVPyYeHHDgIKU2JoOmEqmYCP8VZ0Yc33Vk5/5Y2A0lEFSgpiBhVVK2I4wIml+Hucoktlo0wa8tHxi6iydyLMlKGvkj0OoDhA67Fi4maMSr2zkUyXS7YzuuVaHSp62IHCn2PTI4Jkls+m1EeZPipwm22Zu7mkxD6aYuYrjp0teAgx2ElLAK5dvwQkVbweYGl5fhhRqi4X//5XBcvKL63ZrACAql+Qc8Nx3l6qeRPaGip7Ve1Ow0i+NY3ZfpEn0UiJYuHqQ5v7yFhKSkej+PE3rrt0vRLeuWyKy2vU4+zfHnGKO92FAMcQ+Gt4915vNgLB5iyH7SQkj15XmoFqfoFwdY0WSxF5adusEINfRWoYnFhZNmEZ8c2aZ25rVomIynKqfhwia7EyOAS38GcPhjTTI7zJAj1wB4XZ010DuBZdfH+YGKMT8e60gu+vC1A6ZaafaJre5FRKY99QrKvsQkTaD2tNZXHTgBTunJ6gGQ8wWg8sFgbTtLper7vMZg==
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-1-7.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-1-7.exe /rawdata=ejYQ02li3nWpCykXvOa7XjkIaRe4RbCd9eH/houjaLA56GunJOW23AX4F0g9kNqloIHbuZVnhin7jiqt1NurHakGl2h6UFoN7S/7t8XafYFvOYF1jYKp450T2CYkmb6ttObO6pHdFL4AsFa7El2H+/g809E42340xB/vnuSMzyA0QkWs6myiTnUCNhdijXLWrnmawgP2i5am13wKrj6itd8QSaWIXccUY2s/bxvW24oTlmkXAIP9bHpQAwB0fHwwqJM1/SCknDGYWJYnbvTuroZUYHsVoXcWzvbFpmetmWLm/OUdOkjACJ+H7nOcafPLc4dwpT7r0ySTK0+cgiK6mp2AK6Ng9GlbaR001GNnyhj9O6VHEdRsr2Tla/S00MvPDjsvKZLZ5NuJiNSDnLWiYrc12N36HArXWfyxyC/epysHVUDGGIxS0wv+vtW71b8QOB87Kyb1LhObxk8CVPEyL0LPMzDJLUd5WrlgOwAC4zHW5pOeyFAygK158cVrAnOCk7RTFHwcUSTHYrT1AB09ouAvqUHPSCzYrF/fjOZGq7CC5L6RkDmJsWhKAL/JyGMer28Hr25R/rxax+qP1VG1LRpXjtFxQ1RHRp60tnPQAsyjp/Ka0x/Ha4owlK1nmU8N135x8atjkD3M8/hJ6xNxC9T4VaycjbltC5IHEoWzlAgk3VJUTclUq1/Dfbx9KbHv3TQTkU0UETBJzfqG7AwYzcj+JpEZq1gOpa1PKAI2deeRaAcfsUxOixlQa2JSRmOeV53RB29kxzaK/dGOY3m+iZmdRRV/MB9KGi1Qjix+fw1GyLpRHEcHmUp98JYV4wIwhWAEns1mVb/5PcLd9z/ZdivsVe22zLmpk5TuZ+4jpIWFdIkZXfIQTNd9rHLtFJRaSEQ+GvLVye3pI70aDyWwt4usZGC0PP1oYeda1dnIsFDdLbOS2d/0S5CoJfLDv63UNenj8u79RVpEZyJlB5BJwmWF4731SIKKxoaudsj0c6HuMiKCASV9i0CppkE0V38BnM6UdlZORJzbFZbEUfiTHgmH0tVetco8/1mWxenXdmE44tgr/SObzum/oW2AYFeJIkEZpAoB7GKvX2jKajOzFQjzXd5WUBdkQZWxuSduVeEN7B/+BbII1TcB2QVlCHUiuYcSDooLncjKenmpmyJwI5mV6qwl/O74zkAVz1NV/rGK0uqZsFV4h8p5dFeyHKy/LOQQCH0RuSqq++D6MjJEclj9EYXysUpBb6zh6DdSClkHiqFx0Uk7jZuLwcV5haXeZ1ViPkJ0VYt9ybY9b3407Y6A/zmvm6MbJbXnScFDhcN19TYoTBOm1MBq9hr7BcbyX/HLxiL6Xh5BhEJDw2pYfQ==
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-10_user.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-10.exe /rawdata=JDKokA9bJmsxrWSBoWw2wBWyz/6KA2w09yWAAaGs3sTg6Qjr7m4wm0uZpLbwpW8xuR51wp7DalYTJu8A7JgzVe6WBPi3APZcI9wbaUQxvVfzT3hl5tF0LsQdoMJKPu5tRdX1HmVj/oS2wzGiZNNWmZ1mDwBzINYQYMh+5JSVJCqs2CK2Lamh/I5NLRcJogEy9y2/T3KGH70YnK5xxlN/21a8q7CVMq1z4vTMstgC/QlDT7wOGrnXK0NESVtqwr5woiKRPqAqs8GjaleguEw78EL8+ZTo1s1Ld6pNbJ0aB6EkGV55hcXrBso6bXonHwCP+J7Z0xCUMeSkoPSMfiuPQ7ODA0FUvhnOjLX5HsjpS6puKrE0Ea/EBklKXot/CH+yIBNUrVyMyp7GxR58X35qf6TtraeBpSihlWIaLVmSrprzge0iBIjx9G+D1nZWTRBF3MXGVP1mApQTGNoqNi4ViQnN+noGdlr4qs1Oup2WSpGCttSKEfQ+fjKWFP1/kbFoo24MUj9rK6Dh2gXkN8yzjWSD8LqNi9JMJdV4i10r8Hj3hGNPGGlRWCjhnHEB7lMCID3CmWrMebgD/xIiJ6M9FDZIP04kIHPFlmMNirwF5x9V2ENSoIOmtpRtj+Zw9+CK4RK/VVJSV3Oalt4bPPwbq3jwg0ivzMDJcidWI/YhacfAZavbgMCWAUX203TIYqpwFyXic0uZDoRoxMkjc5C3v0p7t2rg0Kc9oyhck32bGF7qgFbXqcY4dB3i0ayQRgaJzlBtDdBBqyfC3jFRS6b7aBmVoGLpAt/rgVeox1fE6pyKMVebV5EzWPKMLcx7vyrY/jW8qUb+mhFikkOxCul/2A==
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-13.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-13.exe /rawdata=xb0DNu5wzYDQqeIcpkdXyAyN00vhWKQ17jbfzK9i5ZQk5VIqPwK1vlvNS4IBEXbd3c+UXZKo1A8b/i6vrqMV5JXG9nnVyY8Kwn86kR8Jnfvr0lUJI1oy0UHAchPmvEIX5ZhJwMW9u0wjdpaGPQI+hDBcxnmhbaXkqtJwJLuG5kSxEKwz20WiYvOccZK/NFxr0TnjM5tb5rImHwhOmuo6gVceeDiSe+wERcdKMR8XcmJUpcRlnPM0cp77jUiKn8+MxkLPk7mu2tgWInNdJh/KRdOqJKynERdhWv0yrQfNipiQxBD/HOV2vuIGtmsRnD5dj5Cy0Ecd09bjHvf8j2awS3Ye6XSAR6i/TzWP0E2TE7MOeFdxjhb1rB8GFp0hqyNbIAWFDG5E7w8jMv4bDOgjiF3k35M6rZKOodWvZsPQCMt436jsa1p+95aj5xtlhO8V3vqVnqnyCxs4fciqPaiYklhpk6GudeRZ+Jw5gwdLq+sGYb4AJSdlqm49i9f/dGlUs6XIeDRsJpxjc8qGqMP+DRFP7nCOp70Hc9LRn2xaNk1V8pmW8G5ZH60XZDLLctmEm0k661QHMfngfkkG2JKfBdmwqzG/RvzOONBrYEhXAq+cROt/rFrAIsg3E+OHc4/c6ZPZ9hz0E9F26qS5jg+sfCPFmCnquKnysNB2sDZjM2upknezHMSk4GjEbSp9myDR80UXqVMQS2nk3uGfNO0zb0xMcOGRGmaa01cgU58oNgLr1enM6ZCj5YOTkiIjKMN1Qz2rkqF2JNsT5uU8NCaX5glBxGedlmTe8SfG56aBmqhl5LBZT6XBm/3ITwxC5//BH2lqvj+DXBJEEti7BqzCyiuJG5yTV/ECD6HKWGnXnfaeAbPf15ISXh6J4/tC8+0ST7n8egYWAV4sOWOrICxZ5ojraUkxsdQT+LvODfNuRPytVRotLIXez71GHpn4RY2Vw22mkMA8BmKyFsWTkU7aHoBOLbsIX8nxfM4tIp3hQJ0Vl/CW7apn8oPvkolLm2NBtigadtP6WC3tikbXAomluDIpKaPkAf70MGgO+VLd4rdZqV9+7ro6peEFpl9VfqqOQtLAGZ9ZidMpnNxQ+qvBXttiZicyjBfv3QLk4xMdFNfSLhlaOHR35kAdLfBTZjdqKia4/sQ6F9pwhtnYvJby3SNb4faBltypu6w+Ta/kDjaA1BMjCW2bWqqzQbQmQz1gAEPYUdf4OZyfWUsUwb2uxPCuCyLrVSFwc6h48/Q5y+TBARYZGx105gNtHjcHz0Dep0YtCr6y4rTTiZ0ThcbYoM83af0eYoDsQfxDlVFZpbm8f3XZHPBheCLyiH7K5vXaXgezFXNzsFaJbciiEtNEu59Ht0DIrHmDWK/8oVPZihHZTu2bv2CKq0bZWRFtbvLml0OX0SO885y1E4pZli4jMnO1n3DuulDvDGsZvabWmK0C/reEuE6vuaZ1jJIvNqj/th2TU4oPVBgZT6Sw7XUo4p0EYWs2zUiAOaQ7O5WiEYOErfg55ofqO/q4PqiO+IGq
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-14.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-14.exe /rawdata=JbFrtOlXCwcjnfS8TECwiVlT/cuZm4FITv+bmBBB3wswXVKIyeq8gpZjUemkI1UP4f5LWb6WY1howPfKMIWTMXwJVOsF/OCkc//zZpVRHgDNLYYQzrc9uRnXSb7xeVDwiBS1yKvEVjZhhL0jUa7Nz3T+XYJKlPrdWLt6M4C4kGgqpeLlmGdv65tCyTuP+gMUCI7wHm30SV4SWjmq7Wx0wzrymctQlbmtIayKWjJMBFXiMCDRsiL3V+gMkVsh5nUSkVeVnRfu7L1e6db+hbdjDM6zdnu2inqBHLoZnP4Vh4ID0aIY8CbQae7EPbYPB2RVpkZ3+Kfp3UjQWk7qC9cjTD56JHKD+XzuP+uWdYuKuox/GrimBxkeDEAyNnl7xs8QmEtKdF0tVAegL7AoMKAaTzxwF/GqpXbXRcI+KNx2QXyEXxDOxmQ2a39lECX8/20kzD78KS5NXYltx3Y7nossTaSfcPuweup9G5toI0meZkI/cpE7qjVdM06RW4ugqvCjQrcCCJuGoZCsTeMTVj7wiHYP7XxSK2iHActQtB+tRhDSEOUm7oqEcfMYOcVjNhje+X16SiTrXGRTwVejpSmHLCRSeyj1nMchY0hFyyHXIdDYbEmVJxW8YOozmQvAoGuumq7NXcDh8rPiQz/YYms9Xj16/MchT/sXMwfhUBwWm7hkn0JdqV8p1MNqie0V2JTt1ru/UVuww8ofJgSUkADKiFv7xfUv9uWhVXP59aW4LA4Cs+4iP7Qf6zb6hpTlEb77Jut7H7MCmcHfqjYeptdL2zj2vo5NcejChHfx7S5QFQauvUI2Fd/HZu5zPcYby7IbD7s6yYAp5GPr55Q6tyFVKSKkocsGoH2vhD6QXkDCPJWo4zMP6RHSJK2xO0wuzjqDbNf6BocTT4EaEC4mLMTbPqLBAEXuu+74YTayxqmMtWkm7w83yHWzVfjrP0cLY305EOoFNzp1bCeRqFGAlKcR3FDpTAEMQOdox2zBICDPhsW8qcrG4jxhb3xOgOWGtKn1SA3FdV+oSyZylLu9isgCishsnOqh3gXDDSL2lt09D/m71kiBSUTya95z59k58fCsLS4axqWuLANDajsSkQX7o9rQHAoAarF//A/9h0FUSlvCPCeMh83WG+5VBlqdaDKKcjWYdrsIeajzW1v+p+nK138+FuTlxlL4D3AFlFCJn++3Kx4vCZVeBDgmhSnVjgUy18mIqJxGOsMFmbd7bZryfqDxlebdxqkggVLrffXO6+HpRuhqyn9HRbUCDqObsbQ/UPci/PY6QfmsEdy2ZWhOoSNu1CjofGcL7vEcsJYYy0842Tv02sQr8RklYsMV00zPktGrQiOnGhTHyWBM6uC18A==
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-3.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-3.exe /rawdata=kwM8RcsuUT/B5npFGtq7pyolaAmpQ6kY1DCD6pITTz4VFXAwo6nXhdLT1EZSgwRkKX2tKP1ld/N1DHndgsG9yzYzLLne4gIU6I0Emxclbubj2KZlMXrLDbpE8mj/qo8wHwK+XQcxI40CJrkwltP2mH5+o1xS+OhBunwayGPtP1A6igGVL5K2fFtqS4ZRpc8fEXFZ1v0iJu6xIcb/azDoWNeTuMjjZA1ZxoZwqfZ5tUc92F5xT7818fzlYLr5s8KQy84hbhJ4bsqepc/lbbNB/c//zBwu+ugu/d8U5Mg/z5GBjtEW5J2uGGLwXCvJ022sfdtfd1psdOyFGTLrLQ9C2ie+AAQ93z/AyyEN7EBFA/qQqNj3D3q8mog7kDzRTO50zVXRoBBApHzX7DWdbkzbfuTeB4L1M84YMpTZSJU4EbDIwpdI4ILfo3J4iox5d6giMESJz5aHAppinEJxgOeDQ1StLo2zVasyN7dUKzcxJAA+l5N6W1Js/iTkYqF8Z470wBOekwGctPC3LPUZgPUnEiCMqtF9SMwDnOoF6B7iVpssLGep3V+AiMVQ+xXeemrdNZd+srNu5QSbS7ETkUye5Zg7dxosm/VOnAorLsD9bFdJoYvSBOx9t/i+jZLT7FJQeAUbbtHjtcskO2TjgdXyNXyrDuFGJ6gUFIZ58XYIwkO9e+0vmh149VLxB9ljBZRrM4aCnyhrQLSOqBo5Si/P+8PcMHV+wPCPXLpBPvUMEPXXvwJLkuPOK1R6aLaEqSruXpyAmrOedhZoJfFqyuFwqRoNYh5l3xl++1/3BUDlvfR7H8FLdu2m6fnU5i4pYldAyzEZppeHGOePUDJrgWTVqU+LWDL2tguVacuqtYCbuBDt8YNN/wpUPvLG3pl1/PKQAu9uT7QPBf5LRU0n8tCdA45POzVV87A4vlczB9KB7Dtoat7uCjbcT8D0QXfq+oPQx5gS7o+N7DdD+lxKIEK6dVLG/pI629BwmTYnex7CvWR3j8oDhaP/iiprGWd69W7beSDh5Dv6SR1s1W7Ni7nPm9gbq7nsecwOliPBHHe05ldWRRvDv+BJZashx3A26o+eItKCJJjvZ7MdZ7MxLRHZwh5X5mqs1kKS4J+Of2+oJ2QnNTldl0xrtclBPA7oAt3x+FiA7Cv7ax/6J0BBTz0mr+UrjtYMqJijedqMPIyEX8Y7d/DrVwELS8z1L+8bqHW2geCXEUeO6/XKFx6iPMi/c7+bRv9bL0b6hVWOKOOW0lKdvChXDCar8zy+aZi1NZxfIXONCZQsbgvdS3DyZ7bhvX4krdifD7wd/tgsJzbBuccEkYZT5WPbXdOgp6I/dOkXexBOsyuPNvVRsSDox0ZSuRe1bOmZscLd7rDKM3QOGBf90QDrlgXg5tDfOMJSWt3B58imjayr5ps2si44E6GSec/zUg08NUYakRNfaVjOpkxX/+J15JASE/+yfCr0ezEWe9XER0Cs0DarqolX2CtNIB6GHTX5trkcD7LmyKkVEO6TQqpAQARP8Ih8iDHIBqSvI4xl8jsZX8O6r/SSBMGJvr4Dhm/Sq1RC0eszsPxvSPfVWCBT0sQzNSxbCjFpnRunxzQNpOcQlR/tvNIuUtavI2Ud3NhIE29I99iAZxywcXiSf/jZ958qf649bHwJ4y7gHKk2iojXGfO+QLu7OSsDq+wVf/3aH/uF8nDpGRWWA+koNgR+f26mBHqiqgBq0K/pucbO7MAU6zFVPClLff7uOWoJhl2SdJbJavT+VYxBps0utD3jbJZNT9FK/malHNKTDKne4/Cbl1EWCneCRqg8GZbFldtzfKW1WJ2Jxn4GG6RNnkUVhP3c73NsfLxKZHk7aChMaZ9nQ94PWENzWHAGCw==
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-4.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-4.exe /rawdata=pGWxpruiE+lmRxcTvPB1dLvYJXS5MeiAG04HpPkj1hcuGUykG2hHtTO67YViVFOVum+fjnhDu9H61XHG+ylsU+PuxniIHdXJx0UBFKaINnfPgS/WwIL0u96/fzy9gpy4Id0CrV+JWUVUvYAuDDFSNoZzcY0mIN/1GPb07rp3K6zGs9JpUUAB2RrnoRikrr17y7s63w14P+2ziehuR/lrafnALB/7YF0//Unv85R/FfCXYLyDKaE2Kx9ZjdhsOmcvEtFoRXxZRzRQToUsNhYU87hXRhi8sRDdaFmOCajHlIKhrzVPNdXnpqK35w628zN9sZyjllECTJ1oWfodBiL9KWmZH1vEBSs91hW26/WYT84bq1uRDZ1vQvXv8M0H+nuYzlTgvyOs1vD3jyqedY8aXL4L/d7l2frWcHDvgrTIIBuTzNuuiQNTUz4VSqPbK0CfBpp8QDljLVyPf00jhPtGIgrf1Nt2WjNUp1EdRTcS9/gxipMikI+L9Vr9jV2O3xxVhObrFV2VLK7tO5qROTcX63ccJbbl2EaVuhgmJQz3vWGcIDvyaggk0Qrudr6oZFysBARv5WUUakYeulqMGDR2TuJxQeV7lEflkiSACv3ExYX+Bo72IYmgcSteDQM6pAWhmRN6WNHEhwbC7tygKpMQfQkHmk5veAXAqYVcW5Pzm9tPYOX2hk+B1xmMS5hTfRgsXGCqNXNFeuonIcievdZwXFbomfXqQu7jltSl43XzOOwLh9/wjkN0ElL5yMXk62UidWRFUNKi54YtxODMQrivNot0Mvn+Wp6HGUe1v/iJhGpDXolImPjCdoQidHawiS27jZvVc2fiC8uHwFqDo3nHeqvfLoUKCLhGClYhM6Wx5LH/l1bvkZS7WP8DgwaEJUu0+qRTFAwG/mm/+4S/wKyiQlqIbBTHOazHl/waMSkjywB6unIIs96auc04opVfDpZp1kwEfnQ3XI5sn7V/KhGEhOF3tS7OICCcoCIruAu0QfNeJb4Kb/w/m553VHNTDq41ClhGYy6hLnlUjzhxDj7D4neqdSHlF0QOpbgfSJMpvSJ4l3F9N/evY4fzf3OPk5FaMnzdnLcTjI0KKHy2hbK2qcWUgihcO9w3+eThrG8rKTIAgtvFdoXiN0DVQWfIc7CoTiYRqo60AEE2zdMxa+L6OH90jP5TRVCXkC2k/AUZ9moYu3N9y4UfY9td0jz4eU44gTEapyqQTjhakHroyd2+vkB605SyxR1bIITk4zZo8n1wxfRjEH98paelv9B3Br5Ksesfmhg7UnedNo5c1lGPYIVcnn/pyXEqgl+Kdcpz9/uhZ/bjTQT8tayD4zwzglgYM+N301mbkdGGFlYadx1uLI4zMOD74hPx8h9gkcT8yQqtrKJEucTjLNT+6NoxpptwrkIMwSDLvScNV9Qt9fX3If7UMDsaxg2M7U+AhG08WfcgoSJN7eegPVULr8+nkHQ2AeQ1yb4+e0O7g7qo1FbKwKTF2hs6OnP++gsT5J/fuwvfy2z04jsJI11Inasgz1EfEm+vFctxFOeb2JLLdmLJfZvfwJb/wxJLFBW3B/pkh++CGSErTzS7Qxvq6fgnnpfqepHdVSEkJbiHx5WQ/fcvg1mhavf1aynqxX2CwYejL2Db1Pl6ZaHfxEBQfLG0/XhOFTJByBgbTmU306ijDeplwP33oDtq6Tq4JyNvqv05dXSphLkCvOEUuwfgcOpI4ONPt0fE8Fn1SbY7CRHBPnDphwExL6x/MqF5drmUQikQAS4BypF/OqIwtEHAEFbwPv8p3lZgZIbbUosHLIrc0XGA72KiCh1CEGVSsG71+Wdt9Hr6VvoLqYykaUqumIu0+c2tWbDOHvIgw5EPY1u7s/zdHw==
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-5.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-5.exe /rawdata=m4wARbL2wYkrR/iZnjzA/BQhYJYorlsTSDrUej991lFDNxeXEPCYCgTiR6P/sbI4Igw9ceHR7vlxSfE3iCLvmXuAVepjv7DIzCDCGBM9tyK5Y1bZRcXqtV9j+9sh4sfhCCi1v5xShxyChaaIXpziFH+ZNivPJYK/QsVkphf1xbYDUs7GypVL8ELqZ8wj6spkKFCHqtqvbLuGIXzSMdqcwCSFSPrs6tH8nEbNIQpX+o25EYZFHAtOGxfEDSt54KwtHW+I/xNgMXxsYFtuURjkn9URAtXA0OhPPFgQ7ggvioK+ibAnJ0/y8cClyNetxwNNVl86Rr+qDJnL1Azt4+21ry+OH8J9QwYT+Y4ENVa6ZDySiYTXcESxrh1vsMAx5ZSYMO7ySHhJosN9zyCSsic7xSyGN8Yfsv1Pxyv+/WJ3DVkntUbcKSUe7hZiQOFvHKoxMGACCULbWSmDRTDe4eSprQzcvqx01jCP1GufrPofPjJhL/OwSSbbIV/vOlBpXr1rjsdSsj3cgW1NyU+RLm2wCU46cnPRoNPoe2fpzE0XvJiOgqjGc0fZFJFMOAMKESE37i3hq3WzrjX1wVabiWOMHT9eYClG1o4vi7xAmpZHciPpasoM2hdvZgdY+go2I4Bn0N+Xzh3J6sFlVc0An45uobanA/2chGzVp/Qop+uhzNdcdzjFlDDD8XGdNU7OPt9a/0MEkPwnq2+ZHVtXjXLLhnrZ95+t8k2+hfLz2A37s7n9ub6UH3IHGgE+3zWYMSUaLqrEt2mHDZZr7KzqaPR3UaaLqPBfc0aWeoclNRIKY9+nPo6hvLypnBVIWGLP7WE0W8u6vf/G/tKEQSv+dDGcTsWvD1inaYyzh0JCb0EmtSAMEYFUE2a4YCEoyTuQhAV2VN87/ZGHUgM2cLn6+OTn2mi9DLsOA4+o2FJbEZqK0yo3FL2XtB+eZshy4e8nbtmI22iZ45nVxn6iBbmwEf3YxzId/F4D36wOAHTg/OxHew3OrHwsl4OWtG4yZszEJJQm
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-5_user.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-5.exe /rawdata=m4wARbL2wYkrR/iZnjzA/BQhYJYorlsTSDrUej991lFDNxeXEPCYCgTiR6P/sbI4Igw9ceHR7vlxSfE3iCLvmXuAVepjv7DIzCDCGBM9tyK5Y1bZRcXqtV9j+9sh4sfhCCi1v5xShxyChaaIXpziFH+ZNivPJYK/QsVkphf1xbYDUs7GypVL8ELqZ8wj6spkKFCHqtqvbLuGIXzSMdqcwCSFSPrs6tH8nEbNIQpX+o25EYZFHAtOGxfEDSt54KwtHW+I/xNgMXxsYFtuURjkn9URAtXA0OhPPFgQ7ggvioK+ibAnJ0/y8cClyNetxwNNVl86Rr+qDJnL1Azt4+21ry+OH8J9QwYT+Y4ENVa6ZDySiYTXcESxrh1vsMAx5ZSYMO7ySHhJosN9zyCSsic7xSyGN8Yfsv1Pxyv+/WJ3DVkntUbcKSUe7hZiQOFvHKoxMGACCULbWSmDRTDe4eSprQzcvqx01jCP1GufrPofPjJhL/OwSSbbIV/vOlBpXr1rjsdSsj3cgW1NyU+RLm2wCU46cnPRoNPoe2fpzE0XvJiOgqjGc0fZFJFMOAMKESE37i3hq3WzrjX1wVabiWOMHT9eYClG1o4vi7xAmpZHciPpasoM2hdvZgdY+go2I4Bn0N+Xzh3J6sFlVc0An45uobanA/2chGzVp/Qop+uhzNdcdzjFlDDD8XGdNU7OPt9a/0MEkPwnq2+ZHVtXjXLLhnrZ95+t8k2+hfLz2A37s7n9ub6UH3IHGgE+3zWYMSUaLqrEt2mHDZZr7KzqaPR3UaaLqPBfc0aWeoclNRIKY9+nPo6hvLypnBVIWGLP7WE0W8u6vf/G/tKEQSv+dDGcTm2RaqzHw/EVwJDLbMbb2SkV0VOMgMDGH9dfKLEvjuC1uyqwkxJH73Wt8I6IuwFj2tJsO/nmNHnU64H/UXy0zZCvkMxTTadat4SMMr5NVrep4wtW99o8GGSoX/FMDM2Qna7srstfsBa28BOGuyWDQR43rQhZSppHz4ZeakM8TV7+
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-6.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-6.exe /rawdata=lHDFZUHmlyZOA0iVye234g/NL5WjcZBeRIJ5cHFhS7Svunyx6XGm9YwPTGdbyXAG28l0QEloaNXeJR3AgngRZNSppt0Nle2kaXXvkL8MysKxtZ3mFW+fof+sXfb9J5hOWzQdbmSQ1pCWM7k5d46E/Ff3bbo97NIV8W0thTjrwvcwNRIg1suRdjT6eTHREql2DMlhUmIpedl9qsyeYcbb2pRhf3Hx1XGYwI6TYqitFZaPx+LI0Op40F24DqlXN20+DXWtfGn87ZZG0GKWBEWwcZQtuTtVO5NVVQibpflwWUinmcKBQe7atrBEf4AEgQg1a0zgPxkCSWOfwMxQgxC3q3peiXZDsB43IQzc/Cmr5GLF0UEnDm82Wb/L/0bNZCUMZETRyeTI9oI+GJFqrIJ652d72poAH3YpqBKk4Ze6fUq8z/XEMA4abVqRYH39MuINB6TSVhdjg2krC0BeHZPuNQN2U34vGwefq/QlZRDNTs8E/2Hj+GRPmYj/cx99yin7BokKlVOxjAjlm1BrDymObCKAqu2NEPzNfhNqS9D5bU+RjqYIoFB5m2RJ1fmfg4DHEcrTOALn9a9HbRHT9QCYmZlE5DBwSQrCTUjOfxoMs4fnKXrHPmEhb/FbaY+MuzXxbrUYL9RnGVfKa/O000+R0kdni7GIFnzIQYRSECCUm1YclKbQ3u8z/SV/UW4w/9UoPrMQlyloO/+gguDh61j6ChqvYDHfy056MhvVbYhbhWBnrWS0rWm4IoOUH+G47BxKtRRam4K6RFT3vHNm7UdDOL3JBy/stAoFpXlu6x93Xpi9wMlvzXVM0Z9dqQE7UDg4hshM6xYDn45sBp83qu8fEVLdBmVHddV1rJ5lj8ZDaLSdes6K36ic+HHyVb1miU2aO7+f0j8k6IGh6jbfDVEuXR2e0hdlM7pJzKXg0lcUD891sBTB5wqt2tiUvGa+YQlhEEzd2hJWyAntbNZMUkftT80xooihJ6Kup4hdfXhlrme1w3z/X4HZ/Bor3AclcAn2QvLtnMBbZr/97ayAyZg7bsdNU5V4Q70O3ANNjb5u6erpn/1LkYKvt8cX1LAIvL0KBUVx776nMYocntEVCeZnksVmhGlqx6D5WPaJfSMKnJSBoIIFPKYaa1L1YjbQn6oGygLI0OnA4kAN0KrQXF5qunM222uZ8Gn+cE6pu2pw7Q8rW6i2zg7qWbqzahsWeuM6OfCWmTWfsGQli4fF/A8BuiUf2spZ4kdj9/0pjUMnhR3TLBiMwolYqgle3HrJzS0vbtRmmSBIt/9XSLptymrtG5Y4mby6am/2WHFKz0iGI5c/GqGWPnKgclKNaqv6SdKwYwO4tWO6L8ckS6ocVz4FI4uW1CoYala/NJwbQ6glhQH8KbXBeWslhslTF6BaVpu0ok9pSdvlBhV/K3ul9u3SgxcUKCxavIqyrP1U/zSPZDf3kP6WhLBQy0pVLsmo1iDwfKubI0kaVC3b5DOh3oEXtLEoVdivMkwQzc+Ic7pJn66kLfLl5DtPRhsHgQmegJH0G7l2WZdVBGQnLd9D/s1P2RjY5406dK0ZirILF+oXlmbLhsz0UQeVXz9FWSJyhFmLwx78qzo4m4jOpGVD9Q0WjNM86qs+Wqf4xdQdisAWoXQOLjuE840ltASTH9GnWS8kjRFcTep9WJSVTKmst72qz9Sr5i4prSFAxDjmx4RnL+Vdy5ugvyCS2SnaOsNZgHz7la+cnRxXkGqIZmfWANKNDrFD0N6f8dlayrDd0CEmH5/B0EcwVQMzt4m6jmhwoTXqqOPT3xlNZ6Uq0aP1AT9Uyg/8mViNoqkZysncsPENVD+P3dR4//yjyEdd43OAVvrUL46WT9n1g0sEae1AykTetMPq0GdWs0nnHNOnWhnEivwjua5KHPZbyTItf4px9Ri25jE5706XggJUTCin0RvUUjWN158NCX+/y/zPP9OeqjlvB7PXOI3W7qI4ML+4Ica6T6TLgz5FekwlZJ5hSzfvJDyZSMWF1msaQaTr9UijgdwT7rMgJ1do9sGsPvnuyNH9sJ+AM7agFT1A7biLUzRvK2AoOChqJCQMFkdaB2ctTEdFxSskKTRyAlVW0A5EtVjiMyz50s609CkiAyu38GlqdwoCr67azr3zAhy0sRRPHSHexi0Rbs7tQb2E/u5+FGe629yc/axMnIfj8GjWV8zDJNZY4KlCmKqqNmbcN1bsDdEZjTjTztvnGCymE86LyJ4/Je/exr2p4kXoL+FEe+kPiK0v/X4MM/YlrTqPfZzwyRF3FCsJkq14xWxa6VkEL8UlapovBMydcqcZiehJy6QlkmEiAcsI+yTNR6dhvarzj954Wa3xx/g3bkQArvLUPyzLlb8pSmtip4jYnRZ+9TQVi0VIG+Z4PTrgbAMpCwWDeX+T0DHGripBtxsP0XTfBz++h+ysnP2wvIvQJCT0IhTWOk5ogi5frncuKCZF3JN4/cqlNIf+Ml8vlOeGXGjfj+nVDMPDALXF+W/JCr0JmJlfGrr2u9f8t8HK/5U8ASpX29GIH+V/Yr1JhelQmSEdgewk
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-7.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-7.exe /rawdata=R/YrXSQHDJMQy/SmJEOJ4QzKTLcIMmfV6Vo/athpPtBvxA/ewXzbKbzHNvJCohsfUKzZ+7qAeHiVdifVfGtxuFalGy1RScNFsXHHRs6Coer5DE4qk8jF33fx8/NVA5Yx5Hq01ObzBaVtWbpfYUlB8OcoxPicPBB8Hx5jiqnqbYceq5n1bduVQHmBFsIU8JTkZ5k6QR2f5V2JcxPPV3tufFRGUepRAVHM2Z/wJ9OoCq7uA5vEd7vd3mEGzvcPAaiK7WueovigGveKHPVr0DuayRzUBSb7Jaux1qoQ2J3TdaCTrXCN2z2UKOwe+kQlz6Kv8fLZ3y4QlJb39WQufAwTuyO5paKHIcWMSxAFJBKIXljZM5VoUisWioC5Lab1RNiXu+H9ytGJFivDr29HaP9guHxpw5a0yqPopHJxGILAu0cRfWulC8E/Etabm3biWfwHzL/YzjkfcAUMEtDEjprqChZu28bROaYw7K4HWs8TJFkfxtUoQ3EjsIRmXDmqF2V4D8P7Ppq/Mn1HNc3nFllUouFOOvlYqnvnxdNi4ISrXfKDArrGauoC/FlXq8J1JkdGme9LYUa7S3GE2sXvvRIbdytBrbRJoXDsLd9Wbqq3x6lPEQKxSUWVM86BjWrFrENyol6hGHbmVpWt0Azd/9EVvnibzXFVhqMrBYUl6SWpX0CqeAgY/CiuJIeHbwrc7hT7WP+Kadf87G+J1dwLltkAAZk0B6OfcalvB7oCFyZU7quOIb3zYb0CmLJbkgCqYypOrCPoKbFtJPmAor61YhNspyPQwHblCs5+89Zcnb21pvsg6HAvcDjEWoCurtHQfiRrP49GwiOFX76LW5dOCbqemhBfh+gSY/Hm2lTANrIuAg9bazG6VAtJQLc+6PEwYb0U02LvRKCO1PQG6fWMBfGihLZ8k4GCEWny1uBp62jVrB9sG/LBRBzg+uqtCK2S/PiPLtvauJbWI9qrOSM82jwrV7Ud59CCgN+uGg93x4kvbLppCS4G/4DIItq3ssPKmT/NPDNVFZ4g/MRGoz6LAFEejV+y22nA0Z4eKQQQGb2TCH9w5SKSJLuZosetz2ksmwBJo9m5mVAGsr8Qg8qEQrwUtJIYErwW4RxWYKebdkj8YUIqx0ORC+fbocFd6xP/stT+CLCzB8xfJlQc9eXUZOAjH87cmuoSkmWKuUGFM/0Joi4VvC1Jfzi1ZKOra5VREg3w7SLg0PSshXvOjK7VoBMzwLxsNxguMPgyzzy54+CS5qs9AByUz4TSTw7xrU3GtsDCZua5vCyRnCB31ODhDaPnqneSlr1jk1IM0U+TNP4p9yWWM2xO1ActP5mTTJ90wImfZn4hbFwbsElMF0rSBDi773kP2rIkcsBRX4wPlSV8yAIkGpGX4st00uj7Ny9rZUlvutMKATqh+mi6bCTeipnCI5eCmg2cI+ARW04al+AAsTf8tBqccSqV+MVe4hJzvls/+91r9siMCPwBDbkwy7p/gwVXZvVJQrOhf4uCgw+GkvMdGkX0oOWELYhP2GCLK6opvPGZ4uGrtRVX5bDysIy8RJmtXJvr+Y+m8z7kqX74UsBil2F6z24g+SfjJ69iDz/1r032kSHrRmRTwZCE9GkktF9xW0PRmPwgwIiGvd4HsOI16z+PM40fCt7UzlEU+JidpasIRSTU72cU4ohleGVaOAuLYGLjTA4TFdHZeVC8LajEr+sTwTh1REy8DzUXsun/CGGSJW9JLhhXSELQV0ZktOkvayK7fEBLYke1zGCr8TH5lgFl9c60EH0Pa79T+Yld2KiV97Nwbr5wqFKDL2R3k7FjoD8ZtTc5l6yYc2B0fTfxszDfgzc8yvqmrqqsWu1J2B4tNN1sEqiK6wvkzSrTKsK+WCqNSqVJtdXcxHBZuOCIRvyS0HjSseclrefB/ElJs/zpVPNrPmi9uXu6ZdkcGgicP21yBwruq0wO9Hu/6FaL1RiSDcPTjlaKKhAN0BOLVkbvTBa4G+mYeZC15/zUW9+zp0vnTwjyLAagcT14bY04ii7OdnV065r5pBmXzRjiQnQuud0m4IJlT6PCBLipxzXI9QHMXn8T3+llGcIXsa/+0iyINHKCjgISOVzy+o+ope8QLjVSdR4jC4bxEUiaqsHvzIq+9Krxm/xGkk4zY1XEOC8o9maSS08USHySSEXVF5QFK4AEHlnUdkvjmwjOki7JXJJlDtCtWe18XvkrO1UhB/bGZn/B1xcuytxSzRQDtQpyME8oN7SrK3+vnzRShEP4zjTu8G6Qt7wReuAnHbr/72AyXWH59NiQAU7iT/2Rpmuyn5M87Neiq8RVChw/qaxZ9cjiPjqIzhXvpV9yDRUFJkNCKYyRYzfBqEsbhT8DLW5hMcdEge8y6v9Yiq03mA==
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Crossbrowse.job - C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe /rawdata='RX3L8b6e3NLYEOEKkxFVnGlq3JfktOjfS1RV4YkOfEqlbHbIVHme+J92eVHpJAGrPvgezMsmuApsZmK+5P0xmxZtpEPxLLRNFlmGEmG1BgKuqt640zde/AgBff6MyjF0OBwDEFfrADG+hXpDXAALsXePPbd2OekPesaJuJyLPmOOJlJxzHbdN1UU2NWRmwAzni18LVv9vNx3M33KPDR3bJ9s0bUgp7DjbkLiI1oWbWs6zlH/ELysBsNS7A8JypQJ76JsqicGDL5u4irVc5im61BdW3dRu1F7Py+VuhyThYBiwaRN3jYRN8duk5A4u5kzpDnoyUynMN3uDpT+kgH1Uw=='
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /c
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Rb7rBO2AfXZhtnTTXsG.job - C:\Users\michal\AppData\Roaming\Rb7rBO2AfXZhtnTTXsG.exe --c=iiONm+N4KibwDft6UZy+xPblb01WhiiRTKQOe2dD9dJoiX3ti9vd5sTR88FTzcCI9RnCPjAG4xe3HkjJn5ixaEfbt6VKAzsYoduSDfLpMAIoGtx5aUSQUzGJGKYcK+pQv2UexaQnzLjXt+J5+DXjkK1DxhwU+H6l368tD57fDvpi3W/E3E1hFwgWHJzr2Kx7JOd+FD7as41GynN0GvoZBLJJv0JIfWXR69WZmyBOhenHbwT907iGOufngw8QyWocAoIpoBOeIMayEOINEH6gfYusTeZpI3KBL1a2Bd6Xki5A5GrIKvwwQsecG/6qT4aM8hHuazCZgcWyPTcew6iAcQ==
C:\WINDOWS\tasks\XnL3u4RkmDn7W2JFbjoXWc.job - C:\Users\michal\AppData\Roaming\XnL3u4RkmDn7W2JFbjoXWc.exe --c=prs82rrcaNZVbzoM6gv2Eh4Yrw0+u3oR4Ud0dFLphKX00QykIM6xABQg58mLRbgJljCK3Swdlo+hZCB+2E1PEffHxFKVF9U0DY6YKx6/wY78VffvqAuTkRRBR8OM2xSpBlKC2h75gmF41eAsbBPvYSFaNze3wapNav6I8VUWa5+tzQeKv5TEhNPQw7ZneCQKhqUYN/ldEkmo4IsVYCnxCYCzimFsmaYjHDH9lB089ZXx+uJjFTe8YPQkfRirqQz1VrxxVZnIjNrc9loBawYeYYmSwm8wktZ2087D5howSXYKzX0ThFmdCclpgBZmGNsmerFo+IVXDvdHviRnkPomDg==
=========Mozilla firefox=========
ProfilePath - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\0u7af830.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\0u7af830.default\searchplugins\
findit.xml
seznam-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-16 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d4670e84-fb30-4d9b-80c3-caf5bbee23d8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-07 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-16 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-07 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-08-23 3743648]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-02 9308416]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2013-11-30 17097200]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2013-11-30 193008]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-25 935104]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"cz.seznam.software.autoupdate"=C:\Users\michal\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2015-04-06 488640]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27 22041192]
"MurGee.com Auto Clicker"=C:\Users\michal\AppData\Roaming\Auto Clicker\AutoClicker.exe [2015-03-29 120304]
"OneDrive"=C:\Users\michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-08-23 404064]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
prosím jestli bylo možné že by jste se mi na to podívaly....a pomohli mi nějak celkově ten pc vyčistit jestli tu něco bude Logfile of random's system information tool 1.10 (written by random/random)
Run by michal at 2015-09-07 19:39:43
Microsoft Windows 10 Home
System drive C: has 618 GB (68%) free of 912 GB
Total RAM: 7375 MB (60% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:39:47, on 7. 9. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16412)
Boot mode: Normal
Running processes:
C:\Users\michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\GameforgeLive\gfl_client.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\michal.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2FcBxkvHPRrtnErSaxd7ue8heSKF-e17q934ATryFfgU0z7EZ4EwOGO-Vi1--xMGE9HGC0LjoNKn8ZaIOWZzjHMp0LolhFjE-WB3lPT8jaGQv0r8CiM6EYYokQEVqWepCRBoABeWS2e2efM&q={searchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=s ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWqICWRlg5p-Tqs2FcBxkvHPRrtnErSaxd7ue8heSKF-e17q934ATryFfgU0z7EZ4EwOGO-Vi1--xMGE9HGC0LjoNKn8ZaIOWZzjHMp0LolhFjE-WB3lPT8jaGQv0r8CiM6EYYokQEVqWepCRBoABeWS2e2efM&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup
O4 - HKLM\..\Run: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\michal\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [AppEx Accelerator UI] C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [MurGee.com Auto Clicker] C:\Users\michal\AppData\Roaming\Auto Clicker\AutoClicker.exe :silent
O4 - HKCU\..\Run: [OneDrive] "C:\Users\michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\michal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\michal\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64"
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: crossbrowse.lnk = C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
O4 - Startup: Metin2Mod_PL_12032015_5154.lnk = C:\ProgramData\{2539c2a8-58b8-d03a-2539-9c2a858b0aa1}\Metin2Mod_PL_12032015_5154.exe
O4 - Startup: Metin2Mod_PL_17032015_5211.lnk = C:\ProgramData\{e7d1bd39-3f12-001b-e7d1-1bd393f1f4e4}\Metin2Mod_PL_17032015_5211.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: Application Hosting service (Application Hosting) - Unknown owner - C:\ProgramData\Application Hosting\Application Hosting.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Compliant Host Controller (cohci1394) - Unknown owner - C:\Program Files\Controller\cohc.exe
O23 - Service: @C:\WINDOWS\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\WINDOWS\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.163\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Razer Game Scanner (Razer Game Scanner Service) - Unknown owner - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: RzKLService - Razer Inc. - C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\WINDOWS\system32\SAsrv.exe
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 13182 bytes
======Listing Processes======
C:\WINDOWS\system32\lsass.exe
winlogon.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-70658e7c-f5ab-4a17-a4c0-18693712c85d -SystemEventPortName:HostProcess-06c6e71a-7f09-4784-9d3e-c255a643b8e7 -IoCancelEventPortName:HostProcess-10664c9f-da4d-48ef-8e50-6a912de088b8 -NonStateChangingEventPortName:HostProcess-2c20dd50-1d4a-493f-ac21-5bdcca70aada -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:eeee3e06-83ba-4810-a815-5fc5bad1e9cf -DeviceGroupId:WudfDefaultDevicePool
atieclxx
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
dashost.exe {67a37218-7b61-4965-bdb8320a84edb5c6}
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\WINDOWS\system32\CxAudMsg64.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Elantech\ETDService.exe"
"C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
C:\WINDOWS\system32\svchost.exe -k appmodel
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files\Elantech\ETDCtrl.exe"
sihost.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Program Files\Elantech\ETDIntelligent.exe"
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe" -autostart
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\RTFTrack.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe"
"C:\Program Files (x86)\Lenovo\Energy Management\utility.exe"
"C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe"
"C:\Program Files\AMD Quick Stream\AMDQuickStream.exe" -h
"C:\Users\michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files\McAfee Security Scan\3.11.163\SSScheduler.exe"
"C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"fontdrvhost.exe"
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\Steam\Steam.exe"
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Users\michal\AppData\Local\Steam\htmlcache" -steampid 13876 -buildid 1441333420 -steamid "0" --disable-gpu-compositing --disable-gpu --process-per-tab --enable-system-flash --disable-spell-checking --enable-direct-write
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" --type=renderer --disable-gpu-compositing --enable-pinch --no-sandbox --enable-deferred-image-decoding --lang=en-US --lang=en-US --product-version="Valve Steam Client" --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=7484 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --use-image-texture-target=3553 --disable-gpu-compositing --channel="7484.0.1841625091\620579024" /prefetch:673131151
"C:\Program Files (x86)\GameforgeLive\gfl_client.exe" "/noautopatch"
taskhostw.exe
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\Users\michal\AppData\Local\Voltfase.exe downloadx proiuctpro
"C:\Program Files\Controller\cohc.exe" /s iid=1561578 did=APSnapdoAMRev sid=3 ref=a5923999-c859-e48c-acb8-53f07f99a33b-PolicyMac id=5f3fed685ac490886d0e7272fc9ac0e0b087307775ebc5e8cacd67b679b52a41
"C:\ProgramData\Application Hosting\Application Hosting.exe"
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
consent.exe 1012 348 0000009F25004160
C:\WINDOWS\system32\browser_broker.exe -Embedding
consent.exe 1012 372 0000009F23CB74C0
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\michal\Desktop\RSITx64.exe"
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe27_ Global\UsGthrCtrlFltPipeMssGthrPipe27 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 596 600 608 8192 604
======Scheduled tasks folder======
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-1-6.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-1-6.exe /rawdata=scvoYS9jcheyGacd/9ylc2eq+cxaYJYQ2GPU3MyvSGN8wXyVAd1IOmOSjloDJ2Shtu5wcBLs6nRPFJ2/l6IXNHWyjmknU/OIY+wd5LFshePOvIy4dxbvqaQ8KA1+qDPE0CVyT33lgV7owDKulJXxEzSU1rJtEOhlgm7EFh2kwTAzIRTJ76eopQeujUXxbUcQYoxMhF6G29FDwRXSYPHdG2xO5O8canyJq3Lvv7HacOqHDlk5ccyUXeTnEtPRxm4Mvf9OPepiDisqbGYp8TK/81rdn/v/RIKVB1GAjzcfltcFVESeJtmfujgXmebxpFCzRwv5ZSCFD48Kd64opKjquWdeUPiQ6t8JidPakdpu7yEvWaHJPszLngZq9/FWzQ/6e4tJuE4zsY/M8p24oWYQkRv0kQjiy6PPxEgCK51z+zsLKF4KwbKN4mqf5kePttKy+sT8XuQrQjFnLq1eQGVN82wnTCd/hN3JUxDWQI0dacszOjQw0GWSow9/qR7E5eVuLYoIM16kvTFBNfnOBUOd3OmOP2pXlPewFpuxsbzszoyAPgPIBDojNI4xckLLANanqbTpJ/KoWeZ65hEs5kWY2eltLnHk06pZc3YbyjpBHJC6nNbXbjv3EDcsTkazEqtqYxrUru+ew/w8Qfs4nyMLTmjflrzm0iVjJWwXye3uw+U9T2pJxSxtehndui/3PQnePSxT0lRH8ws1PtgWGN/ValtshkgWhv18wdfwmcUtXGaL6qfXis0G7Js5AXROZByC+D0CloZekfkBGpDbDxZw8vn5wUypBdJN96TztiUFIP6t4IWM+Ui3AnYGaO8B/RRkNfoiR8SWdOzhberxtNmcgJbwbioglVPyYeHHDgIKU2JoOmEqmYCP8VZ0Yc33Vk5/5Y2A0lEFSgpiBhVVK2I4wIml+Hucoktlo0wa8tHxi6iydyLMlKGvkj0OoDhA67Fi4maMSr2zkUyXS7YzuuVaHSp62IHCn2PTI4Jkls+m1EeZPipwm22Zu7mkxD6aYuYrjp0teAgx2ElLAK5dvwQkVbweYGl5fhhRqi4X//5XBcvKL63ZrACAql+Qc8Nx3l6qeRPaGip7Ve1Ow0i+NY3ZfpEn0UiJYuHqQ5v7yFhKSkej+PE3rrt0vRLeuWyKy2vU4+zfHnGKO92FAMcQ+Gt4915vNgLB5iyH7SQkj15XmoFqfoFwdY0WSxF5adusEINfRWoYnFhZNmEZ8c2aZ25rVomIynKqfhwia7EyOAS38GcPhjTTI7zJAj1wB4XZ010DuBZdfH+YGKMT8e60gu+vC1A6ZaafaJre5FRKY99QrKvsQkTaD2tNZXHTgBTunJ6gGQ8wWg8sFgbTtLper7vMZg==
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-1-7.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-1-7.exe /rawdata=ejYQ02li3nWpCykXvOa7XjkIaRe4RbCd9eH/houjaLA56GunJOW23AX4F0g9kNqloIHbuZVnhin7jiqt1NurHakGl2h6UFoN7S/7t8XafYFvOYF1jYKp450T2CYkmb6ttObO6pHdFL4AsFa7El2H+/g809E42340xB/vnuSMzyA0QkWs6myiTnUCNhdijXLWrnmawgP2i5am13wKrj6itd8QSaWIXccUY2s/bxvW24oTlmkXAIP9bHpQAwB0fHwwqJM1/SCknDGYWJYnbvTuroZUYHsVoXcWzvbFpmetmWLm/OUdOkjACJ+H7nOcafPLc4dwpT7r0ySTK0+cgiK6mp2AK6Ng9GlbaR001GNnyhj9O6VHEdRsr2Tla/S00MvPDjsvKZLZ5NuJiNSDnLWiYrc12N36HArXWfyxyC/epysHVUDGGIxS0wv+vtW71b8QOB87Kyb1LhObxk8CVPEyL0LPMzDJLUd5WrlgOwAC4zHW5pOeyFAygK158cVrAnOCk7RTFHwcUSTHYrT1AB09ouAvqUHPSCzYrF/fjOZGq7CC5L6RkDmJsWhKAL/JyGMer28Hr25R/rxax+qP1VG1LRpXjtFxQ1RHRp60tnPQAsyjp/Ka0x/Ha4owlK1nmU8N135x8atjkD3M8/hJ6xNxC9T4VaycjbltC5IHEoWzlAgk3VJUTclUq1/Dfbx9KbHv3TQTkU0UETBJzfqG7AwYzcj+JpEZq1gOpa1PKAI2deeRaAcfsUxOixlQa2JSRmOeV53RB29kxzaK/dGOY3m+iZmdRRV/MB9KGi1Qjix+fw1GyLpRHEcHmUp98JYV4wIwhWAEns1mVb/5PcLd9z/ZdivsVe22zLmpk5TuZ+4jpIWFdIkZXfIQTNd9rHLtFJRaSEQ+GvLVye3pI70aDyWwt4usZGC0PP1oYeda1dnIsFDdLbOS2d/0S5CoJfLDv63UNenj8u79RVpEZyJlB5BJwmWF4731SIKKxoaudsj0c6HuMiKCASV9i0CppkE0V38BnM6UdlZORJzbFZbEUfiTHgmH0tVetco8/1mWxenXdmE44tgr/SObzum/oW2AYFeJIkEZpAoB7GKvX2jKajOzFQjzXd5WUBdkQZWxuSduVeEN7B/+BbII1TcB2QVlCHUiuYcSDooLncjKenmpmyJwI5mV6qwl/O74zkAVz1NV/rGK0uqZsFV4h8p5dFeyHKy/LOQQCH0RuSqq++D6MjJEclj9EYXysUpBb6zh6DdSClkHiqFx0Uk7jZuLwcV5haXeZ1ViPkJ0VYt9ybY9b3407Y6A/zmvm6MbJbXnScFDhcN19TYoTBOm1MBq9hr7BcbyX/HLxiL6Xh5BhEJDw2pYfQ==
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-10_user.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-10.exe /rawdata=JDKokA9bJmsxrWSBoWw2wBWyz/6KA2w09yWAAaGs3sTg6Qjr7m4wm0uZpLbwpW8xuR51wp7DalYTJu8A7JgzVe6WBPi3APZcI9wbaUQxvVfzT3hl5tF0LsQdoMJKPu5tRdX1HmVj/oS2wzGiZNNWmZ1mDwBzINYQYMh+5JSVJCqs2CK2Lamh/I5NLRcJogEy9y2/T3KGH70YnK5xxlN/21a8q7CVMq1z4vTMstgC/QlDT7wOGrnXK0NESVtqwr5woiKRPqAqs8GjaleguEw78EL8+ZTo1s1Ld6pNbJ0aB6EkGV55hcXrBso6bXonHwCP+J7Z0xCUMeSkoPSMfiuPQ7ODA0FUvhnOjLX5HsjpS6puKrE0Ea/EBklKXot/CH+yIBNUrVyMyp7GxR58X35qf6TtraeBpSihlWIaLVmSrprzge0iBIjx9G+D1nZWTRBF3MXGVP1mApQTGNoqNi4ViQnN+noGdlr4qs1Oup2WSpGCttSKEfQ+fjKWFP1/kbFoo24MUj9rK6Dh2gXkN8yzjWSD8LqNi9JMJdV4i10r8Hj3hGNPGGlRWCjhnHEB7lMCID3CmWrMebgD/xIiJ6M9FDZIP04kIHPFlmMNirwF5x9V2ENSoIOmtpRtj+Zw9+CK4RK/VVJSV3Oalt4bPPwbq3jwg0ivzMDJcidWI/YhacfAZavbgMCWAUX203TIYqpwFyXic0uZDoRoxMkjc5C3v0p7t2rg0Kc9oyhck32bGF7qgFbXqcY4dB3i0ayQRgaJzlBtDdBBqyfC3jFRS6b7aBmVoGLpAt/rgVeox1fE6pyKMVebV5EzWPKMLcx7vyrY/jW8qUb+mhFikkOxCul/2A==
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-13.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-13.exe /rawdata=xb0DNu5wzYDQqeIcpkdXyAyN00vhWKQ17jbfzK9i5ZQk5VIqPwK1vlvNS4IBEXbd3c+UXZKo1A8b/i6vrqMV5JXG9nnVyY8Kwn86kR8Jnfvr0lUJI1oy0UHAchPmvEIX5ZhJwMW9u0wjdpaGPQI+hDBcxnmhbaXkqtJwJLuG5kSxEKwz20WiYvOccZK/NFxr0TnjM5tb5rImHwhOmuo6gVceeDiSe+wERcdKMR8XcmJUpcRlnPM0cp77jUiKn8+MxkLPk7mu2tgWInNdJh/KRdOqJKynERdhWv0yrQfNipiQxBD/HOV2vuIGtmsRnD5dj5Cy0Ecd09bjHvf8j2awS3Ye6XSAR6i/TzWP0E2TE7MOeFdxjhb1rB8GFp0hqyNbIAWFDG5E7w8jMv4bDOgjiF3k35M6rZKOodWvZsPQCMt436jsa1p+95aj5xtlhO8V3vqVnqnyCxs4fciqPaiYklhpk6GudeRZ+Jw5gwdLq+sGYb4AJSdlqm49i9f/dGlUs6XIeDRsJpxjc8qGqMP+DRFP7nCOp70Hc9LRn2xaNk1V8pmW8G5ZH60XZDLLctmEm0k661QHMfngfkkG2JKfBdmwqzG/RvzOONBrYEhXAq+cROt/rFrAIsg3E+OHc4/c6ZPZ9hz0E9F26qS5jg+sfCPFmCnquKnysNB2sDZjM2upknezHMSk4GjEbSp9myDR80UXqVMQS2nk3uGfNO0zb0xMcOGRGmaa01cgU58oNgLr1enM6ZCj5YOTkiIjKMN1Qz2rkqF2JNsT5uU8NCaX5glBxGedlmTe8SfG56aBmqhl5LBZT6XBm/3ITwxC5//BH2lqvj+DXBJEEti7BqzCyiuJG5yTV/ECD6HKWGnXnfaeAbPf15ISXh6J4/tC8+0ST7n8egYWAV4sOWOrICxZ5ojraUkxsdQT+LvODfNuRPytVRotLIXez71GHpn4RY2Vw22mkMA8BmKyFsWTkU7aHoBOLbsIX8nxfM4tIp3hQJ0Vl/CW7apn8oPvkolLm2NBtigadtP6WC3tikbXAomluDIpKaPkAf70MGgO+VLd4rdZqV9+7ro6peEFpl9VfqqOQtLAGZ9ZidMpnNxQ+qvBXttiZicyjBfv3QLk4xMdFNfSLhlaOHR35kAdLfBTZjdqKia4/sQ6F9pwhtnYvJby3SNb4faBltypu6w+Ta/kDjaA1BMjCW2bWqqzQbQmQz1gAEPYUdf4OZyfWUsUwb2uxPCuCyLrVSFwc6h48/Q5y+TBARYZGx105gNtHjcHz0Dep0YtCr6y4rTTiZ0ThcbYoM83af0eYoDsQfxDlVFZpbm8f3XZHPBheCLyiH7K5vXaXgezFXNzsFaJbciiEtNEu59Ht0DIrHmDWK/8oVPZihHZTu2bv2CKq0bZWRFtbvLml0OX0SO885y1E4pZli4jMnO1n3DuulDvDGsZvabWmK0C/reEuE6vuaZ1jJIvNqj/th2TU4oPVBgZT6Sw7XUo4p0EYWs2zUiAOaQ7O5WiEYOErfg55ofqO/q4PqiO+IGq
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-14.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-14.exe /rawdata=JbFrtOlXCwcjnfS8TECwiVlT/cuZm4FITv+bmBBB3wswXVKIyeq8gpZjUemkI1UP4f5LWb6WY1howPfKMIWTMXwJVOsF/OCkc//zZpVRHgDNLYYQzrc9uRnXSb7xeVDwiBS1yKvEVjZhhL0jUa7Nz3T+XYJKlPrdWLt6M4C4kGgqpeLlmGdv65tCyTuP+gMUCI7wHm30SV4SWjmq7Wx0wzrymctQlbmtIayKWjJMBFXiMCDRsiL3V+gMkVsh5nUSkVeVnRfu7L1e6db+hbdjDM6zdnu2inqBHLoZnP4Vh4ID0aIY8CbQae7EPbYPB2RVpkZ3+Kfp3UjQWk7qC9cjTD56JHKD+XzuP+uWdYuKuox/GrimBxkeDEAyNnl7xs8QmEtKdF0tVAegL7AoMKAaTzxwF/GqpXbXRcI+KNx2QXyEXxDOxmQ2a39lECX8/20kzD78KS5NXYltx3Y7nossTaSfcPuweup9G5toI0meZkI/cpE7qjVdM06RW4ugqvCjQrcCCJuGoZCsTeMTVj7wiHYP7XxSK2iHActQtB+tRhDSEOUm7oqEcfMYOcVjNhje+X16SiTrXGRTwVejpSmHLCRSeyj1nMchY0hFyyHXIdDYbEmVJxW8YOozmQvAoGuumq7NXcDh8rPiQz/YYms9Xj16/MchT/sXMwfhUBwWm7hkn0JdqV8p1MNqie0V2JTt1ru/UVuww8ofJgSUkADKiFv7xfUv9uWhVXP59aW4LA4Cs+4iP7Qf6zb6hpTlEb77Jut7H7MCmcHfqjYeptdL2zj2vo5NcejChHfx7S5QFQauvUI2Fd/HZu5zPcYby7IbD7s6yYAp5GPr55Q6tyFVKSKkocsGoH2vhD6QXkDCPJWo4zMP6RHSJK2xO0wuzjqDbNf6BocTT4EaEC4mLMTbPqLBAEXuu+74YTayxqmMtWkm7w83yHWzVfjrP0cLY305EOoFNzp1bCeRqFGAlKcR3FDpTAEMQOdox2zBICDPhsW8qcrG4jxhb3xOgOWGtKn1SA3FdV+oSyZylLu9isgCishsnOqh3gXDDSL2lt09D/m71kiBSUTya95z59k58fCsLS4axqWuLANDajsSkQX7o9rQHAoAarF//A/9h0FUSlvCPCeMh83WG+5VBlqdaDKKcjWYdrsIeajzW1v+p+nK138+FuTlxlL4D3AFlFCJn++3Kx4vCZVeBDgmhSnVjgUy18mIqJxGOsMFmbd7bZryfqDxlebdxqkggVLrffXO6+HpRuhqyn9HRbUCDqObsbQ/UPci/PY6QfmsEdy2ZWhOoSNu1CjofGcL7vEcsJYYy0842Tv02sQr8RklYsMV00zPktGrQiOnGhTHyWBM6uC18A==
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-3.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-3.exe /rawdata=kwM8RcsuUT/B5npFGtq7pyolaAmpQ6kY1DCD6pITTz4VFXAwo6nXhdLT1EZSgwRkKX2tKP1ld/N1DHndgsG9yzYzLLne4gIU6I0Emxclbubj2KZlMXrLDbpE8mj/qo8wHwK+XQcxI40CJrkwltP2mH5+o1xS+OhBunwayGPtP1A6igGVL5K2fFtqS4ZRpc8fEXFZ1v0iJu6xIcb/azDoWNeTuMjjZA1ZxoZwqfZ5tUc92F5xT7818fzlYLr5s8KQy84hbhJ4bsqepc/lbbNB/c//zBwu+ugu/d8U5Mg/z5GBjtEW5J2uGGLwXCvJ022sfdtfd1psdOyFGTLrLQ9C2ie+AAQ93z/AyyEN7EBFA/qQqNj3D3q8mog7kDzRTO50zVXRoBBApHzX7DWdbkzbfuTeB4L1M84YMpTZSJU4EbDIwpdI4ILfo3J4iox5d6giMESJz5aHAppinEJxgOeDQ1StLo2zVasyN7dUKzcxJAA+l5N6W1Js/iTkYqF8Z470wBOekwGctPC3LPUZgPUnEiCMqtF9SMwDnOoF6B7iVpssLGep3V+AiMVQ+xXeemrdNZd+srNu5QSbS7ETkUye5Zg7dxosm/VOnAorLsD9bFdJoYvSBOx9t/i+jZLT7FJQeAUbbtHjtcskO2TjgdXyNXyrDuFGJ6gUFIZ58XYIwkO9e+0vmh149VLxB9ljBZRrM4aCnyhrQLSOqBo5Si/P+8PcMHV+wPCPXLpBPvUMEPXXvwJLkuPOK1R6aLaEqSruXpyAmrOedhZoJfFqyuFwqRoNYh5l3xl++1/3BUDlvfR7H8FLdu2m6fnU5i4pYldAyzEZppeHGOePUDJrgWTVqU+LWDL2tguVacuqtYCbuBDt8YNN/wpUPvLG3pl1/PKQAu9uT7QPBf5LRU0n8tCdA45POzVV87A4vlczB9KB7Dtoat7uCjbcT8D0QXfq+oPQx5gS7o+N7DdD+lxKIEK6dVLG/pI629BwmTYnex7CvWR3j8oDhaP/iiprGWd69W7beSDh5Dv6SR1s1W7Ni7nPm9gbq7nsecwOliPBHHe05ldWRRvDv+BJZashx3A26o+eItKCJJjvZ7MdZ7MxLRHZwh5X5mqs1kKS4J+Of2+oJ2QnNTldl0xrtclBPA7oAt3x+FiA7Cv7ax/6J0BBTz0mr+UrjtYMqJijedqMPIyEX8Y7d/DrVwELS8z1L+8bqHW2geCXEUeO6/XKFx6iPMi/c7+bRv9bL0b6hVWOKOOW0lKdvChXDCar8zy+aZi1NZxfIXONCZQsbgvdS3DyZ7bhvX4krdifD7wd/tgsJzbBuccEkYZT5WPbXdOgp6I/dOkXexBOsyuPNvVRsSDox0ZSuRe1bOmZscLd7rDKM3QOGBf90QDrlgXg5tDfOMJSWt3B58imjayr5ps2si44E6GSec/zUg08NUYakRNfaVjOpkxX/+J15JASE/+yfCr0ezEWe9XER0Cs0DarqolX2CtNIB6GHTX5trkcD7LmyKkVEO6TQqpAQARP8Ih8iDHIBqSvI4xl8jsZX8O6r/SSBMGJvr4Dhm/Sq1RC0eszsPxvSPfVWCBT0sQzNSxbCjFpnRunxzQNpOcQlR/tvNIuUtavI2Ud3NhIE29I99iAZxywcXiSf/jZ958qf649bHwJ4y7gHKk2iojXGfO+QLu7OSsDq+wVf/3aH/uF8nDpGRWWA+koNgR+f26mBHqiqgBq0K/pucbO7MAU6zFVPClLff7uOWoJhl2SdJbJavT+VYxBps0utD3jbJZNT9FK/malHNKTDKne4/Cbl1EWCneCRqg8GZbFldtzfKW1WJ2Jxn4GG6RNnkUVhP3c73NsfLxKZHk7aChMaZ9nQ94PWENzWHAGCw==
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-4.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-4.exe /rawdata=pGWxpruiE+lmRxcTvPB1dLvYJXS5MeiAG04HpPkj1hcuGUykG2hHtTO67YViVFOVum+fjnhDu9H61XHG+ylsU+PuxniIHdXJx0UBFKaINnfPgS/WwIL0u96/fzy9gpy4Id0CrV+JWUVUvYAuDDFSNoZzcY0mIN/1GPb07rp3K6zGs9JpUUAB2RrnoRikrr17y7s63w14P+2ziehuR/lrafnALB/7YF0//Unv85R/FfCXYLyDKaE2Kx9ZjdhsOmcvEtFoRXxZRzRQToUsNhYU87hXRhi8sRDdaFmOCajHlIKhrzVPNdXnpqK35w628zN9sZyjllECTJ1oWfodBiL9KWmZH1vEBSs91hW26/WYT84bq1uRDZ1vQvXv8M0H+nuYzlTgvyOs1vD3jyqedY8aXL4L/d7l2frWcHDvgrTIIBuTzNuuiQNTUz4VSqPbK0CfBpp8QDljLVyPf00jhPtGIgrf1Nt2WjNUp1EdRTcS9/gxipMikI+L9Vr9jV2O3xxVhObrFV2VLK7tO5qROTcX63ccJbbl2EaVuhgmJQz3vWGcIDvyaggk0Qrudr6oZFysBARv5WUUakYeulqMGDR2TuJxQeV7lEflkiSACv3ExYX+Bo72IYmgcSteDQM6pAWhmRN6WNHEhwbC7tygKpMQfQkHmk5veAXAqYVcW5Pzm9tPYOX2hk+B1xmMS5hTfRgsXGCqNXNFeuonIcievdZwXFbomfXqQu7jltSl43XzOOwLh9/wjkN0ElL5yMXk62UidWRFUNKi54YtxODMQrivNot0Mvn+Wp6HGUe1v/iJhGpDXolImPjCdoQidHawiS27jZvVc2fiC8uHwFqDo3nHeqvfLoUKCLhGClYhM6Wx5LH/l1bvkZS7WP8DgwaEJUu0+qRTFAwG/mm/+4S/wKyiQlqIbBTHOazHl/waMSkjywB6unIIs96auc04opVfDpZp1kwEfnQ3XI5sn7V/KhGEhOF3tS7OICCcoCIruAu0QfNeJb4Kb/w/m553VHNTDq41ClhGYy6hLnlUjzhxDj7D4neqdSHlF0QOpbgfSJMpvSJ4l3F9N/evY4fzf3OPk5FaMnzdnLcTjI0KKHy2hbK2qcWUgihcO9w3+eThrG8rKTIAgtvFdoXiN0DVQWfIc7CoTiYRqo60AEE2zdMxa+L6OH90jP5TRVCXkC2k/AUZ9moYu3N9y4UfY9td0jz4eU44gTEapyqQTjhakHroyd2+vkB605SyxR1bIITk4zZo8n1wxfRjEH98paelv9B3Br5Ksesfmhg7UnedNo5c1lGPYIVcnn/pyXEqgl+Kdcpz9/uhZ/bjTQT8tayD4zwzglgYM+N301mbkdGGFlYadx1uLI4zMOD74hPx8h9gkcT8yQqtrKJEucTjLNT+6NoxpptwrkIMwSDLvScNV9Qt9fX3If7UMDsaxg2M7U+AhG08WfcgoSJN7eegPVULr8+nkHQ2AeQ1yb4+e0O7g7qo1FbKwKTF2hs6OnP++gsT5J/fuwvfy2z04jsJI11Inasgz1EfEm+vFctxFOeb2JLLdmLJfZvfwJb/wxJLFBW3B/pkh++CGSErTzS7Qxvq6fgnnpfqepHdVSEkJbiHx5WQ/fcvg1mhavf1aynqxX2CwYejL2Db1Pl6ZaHfxEBQfLG0/XhOFTJByBgbTmU306ijDeplwP33oDtq6Tq4JyNvqv05dXSphLkCvOEUuwfgcOpI4ONPt0fE8Fn1SbY7CRHBPnDphwExL6x/MqF5drmUQikQAS4BypF/OqIwtEHAEFbwPv8p3lZgZIbbUosHLIrc0XGA72KiCh1CEGVSsG71+Wdt9Hr6VvoLqYykaUqumIu0+c2tWbDOHvIgw5EPY1u7s/zdHw==
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-5.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-5.exe /rawdata=m4wARbL2wYkrR/iZnjzA/BQhYJYorlsTSDrUej991lFDNxeXEPCYCgTiR6P/sbI4Igw9ceHR7vlxSfE3iCLvmXuAVepjv7DIzCDCGBM9tyK5Y1bZRcXqtV9j+9sh4sfhCCi1v5xShxyChaaIXpziFH+ZNivPJYK/QsVkphf1xbYDUs7GypVL8ELqZ8wj6spkKFCHqtqvbLuGIXzSMdqcwCSFSPrs6tH8nEbNIQpX+o25EYZFHAtOGxfEDSt54KwtHW+I/xNgMXxsYFtuURjkn9URAtXA0OhPPFgQ7ggvioK+ibAnJ0/y8cClyNetxwNNVl86Rr+qDJnL1Azt4+21ry+OH8J9QwYT+Y4ENVa6ZDySiYTXcESxrh1vsMAx5ZSYMO7ySHhJosN9zyCSsic7xSyGN8Yfsv1Pxyv+/WJ3DVkntUbcKSUe7hZiQOFvHKoxMGACCULbWSmDRTDe4eSprQzcvqx01jCP1GufrPofPjJhL/OwSSbbIV/vOlBpXr1rjsdSsj3cgW1NyU+RLm2wCU46cnPRoNPoe2fpzE0XvJiOgqjGc0fZFJFMOAMKESE37i3hq3WzrjX1wVabiWOMHT9eYClG1o4vi7xAmpZHciPpasoM2hdvZgdY+go2I4Bn0N+Xzh3J6sFlVc0An45uobanA/2chGzVp/Qop+uhzNdcdzjFlDDD8XGdNU7OPt9a/0MEkPwnq2+ZHVtXjXLLhnrZ95+t8k2+hfLz2A37s7n9ub6UH3IHGgE+3zWYMSUaLqrEt2mHDZZr7KzqaPR3UaaLqPBfc0aWeoclNRIKY9+nPo6hvLypnBVIWGLP7WE0W8u6vf/G/tKEQSv+dDGcTsWvD1inaYyzh0JCb0EmtSAMEYFUE2a4YCEoyTuQhAV2VN87/ZGHUgM2cLn6+OTn2mi9DLsOA4+o2FJbEZqK0yo3FL2XtB+eZshy4e8nbtmI22iZ45nVxn6iBbmwEf3YxzId/F4D36wOAHTg/OxHew3OrHwsl4OWtG4yZszEJJQm
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-5_user.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-5.exe /rawdata=m4wARbL2wYkrR/iZnjzA/BQhYJYorlsTSDrUej991lFDNxeXEPCYCgTiR6P/sbI4Igw9ceHR7vlxSfE3iCLvmXuAVepjv7DIzCDCGBM9tyK5Y1bZRcXqtV9j+9sh4sfhCCi1v5xShxyChaaIXpziFH+ZNivPJYK/QsVkphf1xbYDUs7GypVL8ELqZ8wj6spkKFCHqtqvbLuGIXzSMdqcwCSFSPrs6tH8nEbNIQpX+o25EYZFHAtOGxfEDSt54KwtHW+I/xNgMXxsYFtuURjkn9URAtXA0OhPPFgQ7ggvioK+ibAnJ0/y8cClyNetxwNNVl86Rr+qDJnL1Azt4+21ry+OH8J9QwYT+Y4ENVa6ZDySiYTXcESxrh1vsMAx5ZSYMO7ySHhJosN9zyCSsic7xSyGN8Yfsv1Pxyv+/WJ3DVkntUbcKSUe7hZiQOFvHKoxMGACCULbWSmDRTDe4eSprQzcvqx01jCP1GufrPofPjJhL/OwSSbbIV/vOlBpXr1rjsdSsj3cgW1NyU+RLm2wCU46cnPRoNPoe2fpzE0XvJiOgqjGc0fZFJFMOAMKESE37i3hq3WzrjX1wVabiWOMHT9eYClG1o4vi7xAmpZHciPpasoM2hdvZgdY+go2I4Bn0N+Xzh3J6sFlVc0An45uobanA/2chGzVp/Qop+uhzNdcdzjFlDDD8XGdNU7OPt9a/0MEkPwnq2+ZHVtXjXLLhnrZ95+t8k2+hfLz2A37s7n9ub6UH3IHGgE+3zWYMSUaLqrEt2mHDZZr7KzqaPR3UaaLqPBfc0aWeoclNRIKY9+nPo6hvLypnBVIWGLP7WE0W8u6vf/G/tKEQSv+dDGcTm2RaqzHw/EVwJDLbMbb2SkV0VOMgMDGH9dfKLEvjuC1uyqwkxJH73Wt8I6IuwFj2tJsO/nmNHnU64H/UXy0zZCvkMxTTadat4SMMr5NVrep4wtW99o8GGSoX/FMDM2Qna7srstfsBa28BOGuyWDQR43rQhZSppHz4ZeakM8TV7+
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-6.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-6.exe /rawdata=lHDFZUHmlyZOA0iVye234g/NL5WjcZBeRIJ5cHFhS7Svunyx6XGm9YwPTGdbyXAG28l0QEloaNXeJR3AgngRZNSppt0Nle2kaXXvkL8MysKxtZ3mFW+fof+sXfb9J5hOWzQdbmSQ1pCWM7k5d46E/Ff3bbo97NIV8W0thTjrwvcwNRIg1suRdjT6eTHREql2DMlhUmIpedl9qsyeYcbb2pRhf3Hx1XGYwI6TYqitFZaPx+LI0Op40F24DqlXN20+DXWtfGn87ZZG0GKWBEWwcZQtuTtVO5NVVQibpflwWUinmcKBQe7atrBEf4AEgQg1a0zgPxkCSWOfwMxQgxC3q3peiXZDsB43IQzc/Cmr5GLF0UEnDm82Wb/L/0bNZCUMZETRyeTI9oI+GJFqrIJ652d72poAH3YpqBKk4Ze6fUq8z/XEMA4abVqRYH39MuINB6TSVhdjg2krC0BeHZPuNQN2U34vGwefq/QlZRDNTs8E/2Hj+GRPmYj/cx99yin7BokKlVOxjAjlm1BrDymObCKAqu2NEPzNfhNqS9D5bU+RjqYIoFB5m2RJ1fmfg4DHEcrTOALn9a9HbRHT9QCYmZlE5DBwSQrCTUjOfxoMs4fnKXrHPmEhb/FbaY+MuzXxbrUYL9RnGVfKa/O000+R0kdni7GIFnzIQYRSECCUm1YclKbQ3u8z/SV/UW4w/9UoPrMQlyloO/+gguDh61j6ChqvYDHfy056MhvVbYhbhWBnrWS0rWm4IoOUH+G47BxKtRRam4K6RFT3vHNm7UdDOL3JBy/stAoFpXlu6x93Xpi9wMlvzXVM0Z9dqQE7UDg4hshM6xYDn45sBp83qu8fEVLdBmVHddV1rJ5lj8ZDaLSdes6K36ic+HHyVb1miU2aO7+f0j8k6IGh6jbfDVEuXR2e0hdlM7pJzKXg0lcUD891sBTB5wqt2tiUvGa+YQlhEEzd2hJWyAntbNZMUkftT80xooihJ6Kup4hdfXhlrme1w3z/X4HZ/Bor3AclcAn2QvLtnMBbZr/97ayAyZg7bsdNU5V4Q70O3ANNjb5u6erpn/1LkYKvt8cX1LAIvL0KBUVx776nMYocntEVCeZnksVmhGlqx6D5WPaJfSMKnJSBoIIFPKYaa1L1YjbQn6oGygLI0OnA4kAN0KrQXF5qunM222uZ8Gn+cE6pu2pw7Q8rW6i2zg7qWbqzahsWeuM6OfCWmTWfsGQli4fF/A8BuiUf2spZ4kdj9/0pjUMnhR3TLBiMwolYqgle3HrJzS0vbtRmmSBIt/9XSLptymrtG5Y4mby6am/2WHFKz0iGI5c/GqGWPnKgclKNaqv6SdKwYwO4tWO6L8ckS6ocVz4FI4uW1CoYala/NJwbQ6glhQH8KbXBeWslhslTF6BaVpu0ok9pSdvlBhV/K3ul9u3SgxcUKCxavIqyrP1U/zSPZDf3kP6WhLBQy0pVLsmo1iDwfKubI0kaVC3b5DOh3oEXtLEoVdivMkwQzc+Ic7pJn66kLfLl5DtPRhsHgQmegJH0G7l2WZdVBGQnLd9D/s1P2RjY5406dK0ZirILF+oXlmbLhsz0UQeVXz9FWSJyhFmLwx78qzo4m4jOpGVD9Q0WjNM86qs+Wqf4xdQdisAWoXQOLjuE840ltASTH9GnWS8kjRFcTep9WJSVTKmst72qz9Sr5i4prSFAxDjmx4RnL+Vdy5ugvyCS2SnaOsNZgHz7la+cnRxXkGqIZmfWANKNDrFD0N6f8dlayrDd0CEmH5/B0EcwVQMzt4m6jmhwoTXqqOPT3xlNZ6Uq0aP1AT9Uyg/8mViNoqkZysncsPENVD+P3dR4//yjyEdd43OAVvrUL46WT9n1g0sEae1AykTetMPq0GdWs0nnHNOnWhnEivwjua5KHPZbyTItf4px9Ri25jE5706XggJUTCin0RvUUjWN158NCX+/y/zPP9OeqjlvB7PXOI3W7qI4ML+4Ica6T6TLgz5FekwlZJ5hSzfvJDyZSMWF1msaQaTr9UijgdwT7rMgJ1do9sGsPvnuyNH9sJ+AM7agFT1A7biLUzRvK2AoOChqJCQMFkdaB2ctTEdFxSskKTRyAlVW0A5EtVjiMyz50s609CkiAyu38GlqdwoCr67azr3zAhy0sRRPHSHexi0Rbs7tQb2E/u5+FGe629yc/axMnIfj8GjWV8zDJNZY4KlCmKqqNmbcN1bsDdEZjTjTztvnGCymE86LyJ4/Je/exr2p4kXoL+FEe+kPiK0v/X4MM/YlrTqPfZzwyRF3FCsJkq14xWxa6VkEL8UlapovBMydcqcZiehJy6QlkmEiAcsI+yTNR6dhvarzj954Wa3xx/g3bkQArvLUPyzLlb8pSmtip4jYnRZ+9TQVi0VIG+Z4PTrgbAMpCwWDeX+T0DHGripBtxsP0XTfBz++h+ysnP2wvIvQJCT0IhTWOk5ogi5frncuKCZF3JN4/cqlNIf+Ml8vlOeGXGjfj+nVDMPDALXF+W/JCr0JmJlfGrr2u9f8t8HK/5U8ASpX29GIH+V/Yr1JhelQmSEdgewk
C:\WINDOWS\tasks\2598067e-87eb-469f-b105-c760181e53cf-7.job - C:\Program Files (x86)\CinemaP-1.9cV07.09\2598067e-87eb-469f-b105-c760181e53cf-7.exe /rawdata=R/YrXSQHDJMQy/SmJEOJ4QzKTLcIMmfV6Vo/athpPtBvxA/ewXzbKbzHNvJCohsfUKzZ+7qAeHiVdifVfGtxuFalGy1RScNFsXHHRs6Coer5DE4qk8jF33fx8/NVA5Yx5Hq01ObzBaVtWbpfYUlB8OcoxPicPBB8Hx5jiqnqbYceq5n1bduVQHmBFsIU8JTkZ5k6QR2f5V2JcxPPV3tufFRGUepRAVHM2Z/wJ9OoCq7uA5vEd7vd3mEGzvcPAaiK7WueovigGveKHPVr0DuayRzUBSb7Jaux1qoQ2J3TdaCTrXCN2z2UKOwe+kQlz6Kv8fLZ3y4QlJb39WQufAwTuyO5paKHIcWMSxAFJBKIXljZM5VoUisWioC5Lab1RNiXu+H9ytGJFivDr29HaP9guHxpw5a0yqPopHJxGILAu0cRfWulC8E/Etabm3biWfwHzL/YzjkfcAUMEtDEjprqChZu28bROaYw7K4HWs8TJFkfxtUoQ3EjsIRmXDmqF2V4D8P7Ppq/Mn1HNc3nFllUouFOOvlYqnvnxdNi4ISrXfKDArrGauoC/FlXq8J1JkdGme9LYUa7S3GE2sXvvRIbdytBrbRJoXDsLd9Wbqq3x6lPEQKxSUWVM86BjWrFrENyol6hGHbmVpWt0Azd/9EVvnibzXFVhqMrBYUl6SWpX0CqeAgY/CiuJIeHbwrc7hT7WP+Kadf87G+J1dwLltkAAZk0B6OfcalvB7oCFyZU7quOIb3zYb0CmLJbkgCqYypOrCPoKbFtJPmAor61YhNspyPQwHblCs5+89Zcnb21pvsg6HAvcDjEWoCurtHQfiRrP49GwiOFX76LW5dOCbqemhBfh+gSY/Hm2lTANrIuAg9bazG6VAtJQLc+6PEwYb0U02LvRKCO1PQG6fWMBfGihLZ8k4GCEWny1uBp62jVrB9sG/LBRBzg+uqtCK2S/PiPLtvauJbWI9qrOSM82jwrV7Ud59CCgN+uGg93x4kvbLppCS4G/4DIItq3ssPKmT/NPDNVFZ4g/MRGoz6LAFEejV+y22nA0Z4eKQQQGb2TCH9w5SKSJLuZosetz2ksmwBJo9m5mVAGsr8Qg8qEQrwUtJIYErwW4RxWYKebdkj8YUIqx0ORC+fbocFd6xP/stT+CLCzB8xfJlQc9eXUZOAjH87cmuoSkmWKuUGFM/0Joi4VvC1Jfzi1ZKOra5VREg3w7SLg0PSshXvOjK7VoBMzwLxsNxguMPgyzzy54+CS5qs9AByUz4TSTw7xrU3GtsDCZua5vCyRnCB31ODhDaPnqneSlr1jk1IM0U+TNP4p9yWWM2xO1ActP5mTTJ90wImfZn4hbFwbsElMF0rSBDi773kP2rIkcsBRX4wPlSV8yAIkGpGX4st00uj7Ny9rZUlvutMKATqh+mi6bCTeipnCI5eCmg2cI+ARW04al+AAsTf8tBqccSqV+MVe4hJzvls/+91r9siMCPwBDbkwy7p/gwVXZvVJQrOhf4uCgw+GkvMdGkX0oOWELYhP2GCLK6opvPGZ4uGrtRVX5bDysIy8RJmtXJvr+Y+m8z7kqX74UsBil2F6z24g+SfjJ69iDz/1r032kSHrRmRTwZCE9GkktF9xW0PRmPwgwIiGvd4HsOI16z+PM40fCt7UzlEU+JidpasIRSTU72cU4ohleGVaOAuLYGLjTA4TFdHZeVC8LajEr+sTwTh1REy8DzUXsun/CGGSJW9JLhhXSELQV0ZktOkvayK7fEBLYke1zGCr8TH5lgFl9c60EH0Pa79T+Yld2KiV97Nwbr5wqFKDL2R3k7FjoD8ZtTc5l6yYc2B0fTfxszDfgzc8yvqmrqqsWu1J2B4tNN1sEqiK6wvkzSrTKsK+WCqNSqVJtdXcxHBZuOCIRvyS0HjSseclrefB/ElJs/zpVPNrPmi9uXu6ZdkcGgicP21yBwruq0wO9Hu/6FaL1RiSDcPTjlaKKhAN0BOLVkbvTBa4G+mYeZC15/zUW9+zp0vnTwjyLAagcT14bY04ii7OdnV065r5pBmXzRjiQnQuud0m4IJlT6PCBLipxzXI9QHMXn8T3+llGcIXsa/+0iyINHKCjgISOVzy+o+ope8QLjVSdR4jC4bxEUiaqsHvzIq+9Krxm/xGkk4zY1XEOC8o9maSS08USHySSEXVF5QFK4AEHlnUdkvjmwjOki7JXJJlDtCtWe18XvkrO1UhB/bGZn/B1xcuytxSzRQDtQpyME8oN7SrK3+vnzRShEP4zjTu8G6Qt7wReuAnHbr/72AyXWH59NiQAU7iT/2Rpmuyn5M87Neiq8RVChw/qaxZ9cjiPjqIzhXvpV9yDRUFJkNCKYyRYzfBqEsbhT8DLW5hMcdEge8y6v9Yiq03mA==
C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\Crossbrowse.job - C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe /rawdata='RX3L8b6e3NLYEOEKkxFVnGlq3JfktOjfS1RV4YkOfEqlbHbIVHme+J92eVHpJAGrPvgezMsmuApsZmK+5P0xmxZtpEPxLLRNFlmGEmG1BgKuqt640zde/AgBff6MyjF0OBwDEFfrADG+hXpDXAALsXePPbd2OekPesaJuJyLPmOOJlJxzHbdN1UU2NWRmwAzni18LVv9vNx3M33KPDR3bJ9s0bUgp7DjbkLiI1oWbWs6zlH/ELysBsNS7A8JypQJ76JsqicGDL5u4irVc5im61BdW3dRu1F7Py+VuhyThYBiwaRN3jYRN8duk5A4u5kzpDnoyUynMN3uDpT+kgH1Uw=='
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineCore.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /c
C:\WINDOWS\tasks\globalUpdateUpdateTaskMachineUA.job - C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\Rb7rBO2AfXZhtnTTXsG.job - C:\Users\michal\AppData\Roaming\Rb7rBO2AfXZhtnTTXsG.exe --c=iiONm+N4KibwDft6UZy+xPblb01WhiiRTKQOe2dD9dJoiX3ti9vd5sTR88FTzcCI9RnCPjAG4xe3HkjJn5ixaEfbt6VKAzsYoduSDfLpMAIoGtx5aUSQUzGJGKYcK+pQv2UexaQnzLjXt+J5+DXjkK1DxhwU+H6l368tD57fDvpi3W/E3E1hFwgWHJzr2Kx7JOd+FD7as41GynN0GvoZBLJJv0JIfWXR69WZmyBOhenHbwT907iGOufngw8QyWocAoIpoBOeIMayEOINEH6gfYusTeZpI3KBL1a2Bd6Xki5A5GrIKvwwQsecG/6qT4aM8hHuazCZgcWyPTcew6iAcQ==
C:\WINDOWS\tasks\XnL3u4RkmDn7W2JFbjoXWc.job - C:\Users\michal\AppData\Roaming\XnL3u4RkmDn7W2JFbjoXWc.exe --c=prs82rrcaNZVbzoM6gv2Eh4Yrw0+u3oR4Ud0dFLphKX00QykIM6xABQg58mLRbgJljCK3Swdlo+hZCB+2E1PEffHxFKVF9U0DY6YKx6/wY78VffvqAuTkRRBR8OM2xSpBlKC2h75gmF41eAsbBPvYSFaNze3wapNav6I8VUWa5+tzQeKv5TEhNPQw7ZneCQKhqUYN/ldEkmo4IsVYCnxCYCzimFsmaYjHDH9lB089ZXx+uJjFTe8YPQkfRirqQz1VrxxVZnIjNrc9loBawYeYYmSwm8wktZ2087D5howSXYKzX0ThFmdCclpgBZmGNsmerFo+IVXDvdHviRnkPomDg==
=========Mozilla firefox=========
ProfilePath - C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\0u7af830.default
prefs.js - "browser.search.useDBForOrder" - "false"
prefs.js - "browser.startup.homepage" - "http://seznam.cz/"
prefs.js - "keyword.URL" - "http://search.seznam.cz/?sourceid=quick ... earchTerms}&"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4]
"Description"=globalUpdate Update
"Path"=C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 18.0.0.232 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll
C:\Users\michal\AppData\Roaming\Mozilla\Firefox\Profiles\0u7af830.default\searchplugins\
findit.xml
seznam-avast.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-16 655480]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d4670e84-fb30-4d9b-80c3-caf5bbee23d8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-07 460384]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-16 559624]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-07 172640]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-08-23 3743648]
"RtsFT"=C:\WINDOWS\RTFTrack.exe [2015-06-02 9308416]
"Energy Management"=C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [2013-11-30 17097200]
"EnergyUtility"=C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [2013-11-30 193008]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2014-11-25 935104]
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SACpl.exe [2014-04-10 1830616]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]
"cz.seznam.software.autoupdate"=C:\Users\michal\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\michal\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"AppEx Accelerator UI"=C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [2015-04-06 488640]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-08-27 22041192]
"MurGee.com Auto Clicker"=C:\Users\michal\AppData\Roaming\Auto Clicker\AutoClicker.exe [2015-03-29 120304]
"OneDrive"=C:\Users\michal\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-08-23 404064]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-08-20 8455960]
