Doubleclick - prosim o reseni

[asasina]

Zdravim,

v posledni dobe, bohuzel jiz je to dele, jsem vypozoroval "doubleclick", tzn. kliknu na cokoliv a kliknuti je opakovano, tzn. kliknuti je 2x. Je to obcas VELMI obtezujici a cas to resit mam az nyni....

Prikladam log s RSIT a z adwcleaner

Dekuji za pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by HOME at 2016-04-01 07:42:38
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 10 GB (9%) free of 114 GB
Total RAM: 3988 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:42:39, on 1.4.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18231)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
C:\Users\HOME\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\HOME\AppData\Roaming\Spotify\Spotify.exe
C:\Users\HOME\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\WhatPulse2\whatpulse.exe
C:\Users\HOME\AppData\Local\Viber\Viber.exe
C:\Users\HOME\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\HOME\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Users\HOME\AppData\Roaming\Spotify\Spotify.exe
C:\Users\HOME\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\WhatPulse2\whatpulse-watchdog.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\HOME.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\Microsoft Office\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\Microsoft Office\Office15\GROOVEEX.DLL
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll" (file missing)
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\HOME\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\HOME\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [OneDrive] "C:\Users\HOME\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [WhatPulse] "C:\Program Files (x86)\WhatPulse2\whatpulse.exe"
O4 - HKCU\..\Run: [Viber] "C:\Users\HOME\AppData\Local\Viber\Viber.exe" StartMinimized
O4 - HKCU\..\Run: [f.lux] "C:\Users\HOME\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_794A8B03028DB7152639742D9AD96F69] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE"
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\Microsoft Office\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {76A99961-126B-48C5-AADB-E239EECF71D5} (H264 Video + Raw Audio Class) - http://192.168.1.159/H264PlugLiteDL.cab
O16 - DPF: {D9305048-DD6B-4EDF-8706-096EBE24E1D7} (ZMODOOCX Control) - http://88.101.101.220/IPCWeb.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 12 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.12.0) - ABBYY Production LLC - C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ACP User Service (amdacpusrsvc) - Advanced Micro Devices - C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\Windows\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12695 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe"
C:\Windows\system32\svchost.exe -k apphost
"C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\Skype\Updater\Updater.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
"C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe"
C:\Windows\system32\svchost.exe -k iissvcs
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-5b47c972-85c0-4321-b873-ca23c16b2b68 -SystemEventPortName:HostProcess-5b1185c6-27bf-4b76-9bb6-700b23cf6f83 -IoCancelEventPortName:HostProcess-36052566-9a83-4a85-8a0a-1b4ee3739483 -NonStateChangingEventPortName:HostProcess-719d4022-54bc-4c47-a80b-3eaeee7944d0 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:21e953c4-fa6c-42ca-9562-c6fcf8c4c426 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
taskeng.exe {F09E5614-8A1B-4DD8-A270-5B493943FBB9}
"taskhost.exe"
"C:\Program Files (x86)\TeamViewer\TeamViewer.exe"
"C:\Program Files (x86)\TeamViewer\tv_w32.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
"C:\Program Files (x86)\TeamViewer\tv_x64.exe" --action hooks --log C:\Program Files (x86)\TeamViewer\TeamViewer11_Logfile.log
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
igfxEM.exe
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
"C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
"C:\Users\HOME\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"C:\Users\HOME\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
"C:\Users\HOME\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\WhatPulse2\whatpulse.exe"
"C:\Users\HOME\AppData\Local\Viber\Viber.exe" StartMinimized
"C:\Users\HOME\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTray.exe"
"C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Skillbrains\lightshot\5.3.0.0\Lightshot.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5 --flag-switches-begin --flag-switches-end
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\HOME\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=49.0.2623.110 --handshake-handle=0xcc
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="1152.0.1321207373\1523177559" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,9,11,25,54 --gpu-vendor-id=0x1002 --gpu-device-id=0x665d --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.300.1025.1001 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Default/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1152.1.2087259384\991398504" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Default/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1152.2.372120013\1000884816" /prefetch:1
"C:\Users\HOME\AppData\Roaming\Spotify\SpotifyCrashService.exe"
"C:\Users\HOME\AppData\Roaming\Spotify\Spotify.exe" --type=gpu-process --channel="2980.0.1356115757\885173142" --no-sandbox --disable-d3d11 --enable-crash-reporter --lang=en-US --log-file="C:\Users\HOME\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.25.127 --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,8,23,51 --gpu-vendor-id=0x1002 --gpu-device-id=0x665d --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.300.1025.1001 --enable-crash-reporter --lang=en-US --log-file="C:\Users\HOME\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.25.127 /prefetch:822062411
"C:\Users\HOME\AppData\Roaming\Spotify\Spotify.exe" --type=renderer --disable-pinch --no-sandbox --lang=en-US --enable-crash-reporter --lang=en-US --log-file="C:\Users\HOME\AppData\Roaming\Spotify\debug.log" --log-severity=disable --product-version=Spotify/1.0.25.127 --disable-extensions --disable-spell-checking --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="2980.1.1813247117\856727960" /prefetch:673131151
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\WhatPulse2\whatpulse-watchdog.exe"
"C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE15\CSISYNCCLIENT.EXE" -Embedding
"C:\Program Files\Microsoft Office\Office15\MsoSync.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Default/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1152.9.624604414\198971023" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Default/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1152.10.196077454\871961093" /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --lang=cs --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/*ChromeSuggestions/Freud/*ClientSideDetectionModel/Model0/*CrossDevicePromo/28DaySingleProfile/*DataReductionProxyConfigService/Control_Enabled/*DirectWriteFontProxy/UseDirectWriteFontProxy/*ExtensionActionRedesign/Enabled/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GFE/Default/InstanceID/Enabled/IntelligentSessionRestore/Enabled2/*MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PreRead/Default/*QUIC/EnabledNoId/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/*SpdyEnableDependencies/Default/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_55/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_04/*UMA-Uniformity-Trial-5-Percent/group_10/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/WebFontsIntervention/Default/WebRTC-LocalIPPermissionCheck/Enabled/WebRTC-PeerConnectionDTLS1.2/Enabled/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1152.11.1760521854\1617470129" /prefetch:1
"D:\!download\!chrome\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3018086396-876866186-908971257-1000.job - C:\Program Files (x86)\Citrix\GoToMeeting\4732\g2mupdate.exe
C:\Windows\tasks\G2MUploadTask-S-1-5-21-3018086396-876866186-908971257-1000.job - C:\Program Files (x86)\Citrix\GoToMeeting\4732\g2mupload.exe
C:\Windows\tasks\Norton Security Scan for HOME.job - C:\PROGRA~2\Norton Security Scan\Engine\4.1.0.28\Nss.exe /scan-quick /scheduled

=========Mozilla firefox=========

ProfilePath - C:\Users\HOME\AppData\Roaming\Mozilla\Firefox\Profiles\cprke0ru.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@DVR/npmedia,version=3.1.0.4]
"Description"=
"Path"=C:\Program Files\webrec\WEB30\WebPlugin\npmedia.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@DVR/npTimeGrid,version=3.1.0.4]
"Description"=
"Path"=C:\Program Files\webrec\WEB30\WebPlugin\npTimeGrid.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@itstructures.com/ffactivex]
"Description"=Firefox ActiveX Plugin r39
"Path"=C:\Program Files\Firefox ActiveX Plugin\npffax.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.66.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.66.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@spoon.net/Spoon Plugin 3.33]
"Description"=Spoon Plugin 3.33
"Path"=C:\Program Files (x86)\Spoon\3.33.732.0\npMozillaSpoonPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 21.0.0.197 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\Microsoft Office\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll
np_hoem_x.dll

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09 228552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09 2348336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09 163016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2016-01-06 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09 1741096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2016-01-06 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13 1307928]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-20 14040792]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-04-11 36352]
"StartCN"=C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-12-04 4867784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"=C:\Users\HOME\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2016-03-18 1524336]
"Spotify"=C:\Users\HOME\AppData\Roaming\Spotify\Spotify.exe [2016-03-18 6805616]
"OneDrive"=C:\Users\HOME\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-11 551104]
"WhatPulse"=C:\Program Files (x86)\WhatPulse2\whatpulse.exe [2016-02-25 3942400]
"Viber"=C:\Users\HOME\AppData\Local\Viber\Viber.exe [2016-03-03 59171920]
"f.lux"=C:\Users\HOME\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-24 1017224]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17 8418584]
"GoogleChromeAutoLaunch_794A8B03028DB7152639742D9AD96F69"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2016-03-27 874136]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-03-31 833024]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27 558496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [2012-03-09 1073312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingDesktop]
C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bloody2]
C:\Program Files (x86)\Bloody5\Bloody5\Bloody5.exe [2015-05-19 18912256]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BloodyKeyboard]
C:\Program Files (x86)\KeyDominator1\KeyDominator1\KeyDominator1.exe [2015-05-22 11975168]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17 8418584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Cobian Backup 11 interface]
C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe -service []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\Program Files (x86)\Raptr\raptrstub.exe [2015-12-12 56080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SdediBox]
C:\Users\HOME\AppData\Local\Apps\2.0\7B8JLOVL.B9E\YZ0WT2V4.NPO\sded..tion_c9aa49ad66ea64ed_0001.0000_8e87478ec269b7b9\SdediBox Remote.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\XMouseButtonControl]
C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe /notportable []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [2014-03-31 833024]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"Lightshot"=C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [2014-11-18 226560]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-02-21 292848]
"Raptr"=C:\Program Files (x86)\Raptr\raptrstub.exe [2015-12-12 56080]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux3"=wdmaud.drv
"msacm.bdmpeg"=bdmpega64.acm
"vidc.mpeg"=bdmpegv64.dll
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2016-03-29 13:23:54 ----D---- C:\Program Files (x86)\Cheat Engine 6.5
2016-03-29 09:30:44 ----D---- C:\Windows\temp
2016-03-29 09:30:43 ----A---- C:\ComboFix.txt
2016-03-29 09:28:44 ----SHD---- C:\$RECYCLE.BIN
2016-03-29 09:21:19 ----A---- C:\Windows\zip.exe
2016-03-29 09:21:19 ----A---- C:\Windows\SWSC.exe
2016-03-29 09:21:19 ----A---- C:\Windows\SWREG.exe
2016-03-29 09:21:19 ----A---- C:\Windows\sed.exe
2016-03-29 09:21:19 ----A---- C:\Windows\PEV.exe
2016-03-29 09:21:19 ----A---- C:\Windows\NIRCMD.exe
2016-03-29 09:21:19 ----A---- C:\Windows\MBR.exe
2016-03-29 09:21:19 ----A---- C:\Windows\grep.exe
2016-03-29 09:21:18 ----SD---- C:\ComboFix
2016-03-29 09:21:16 ----D---- C:\Qoobox
2016-03-29 09:21:10 ----D---- C:\Windows\erdnt
2016-03-29 09:15:34 ----D---- C:\rsit
2016-03-29 09:15:34 ----D---- C:\Program Files\trend micro
2016-03-29 08:49:41 ----ASH---- C:\pagefile.sys
2016-03-28 22:01:21 ----D---- C:\Users\HOME\AppData\Roaming\TD COMBO
2016-03-28 22:01:21 ----A---- C:\Windows\Metasetup.dll
2016-03-21 15:48:20 ----D---- C:\ProgramData\TECHFASS
2016-03-21 15:04:38 ----D---- C:\Program Files (x86)\TechFass
2016-03-20 12:15:19 ----D---- C:\ProgramData\HitmanPro
2016-03-20 12:02:10 ----D---- C:\Program Files (x86)\AdwCleaner
2016-03-20 10:54:25 ----D---- C:\Program Files\Reason
2016-03-20 09:36:03 ----A---- C:\Windows\system32\FNTCACHE.DAT
2016-03-18 18:29:32 ----A---- C:\Users\HOME\AppData\Roaming\HOME34-PC.MTBF.txt
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\ucrtbase.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 21:03:11 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 21:03:10 ----A---- C:\Windows\system32\win32k.sys
2016-03-09 21:03:06 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2016-03-09 21:03:06 ----A---- C:\Windows\SYSWOW64\wups.dll
2016-03-09 21:03:06 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2016-03-09 21:03:06 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2016-03-09 21:03:06 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2016-03-09 21:03:06 ----A---- C:\Windows\system32\wuwebv.dll
2016-03-09 21:03:06 ----A---- C:\Windows\system32\wups2.dll
2016-03-09 21:03:06 ----A---- C:\Windows\system32\wups.dll
2016-03-09 21:03:06 ----A---- C:\Windows\system32\wudriver.dll
2016-03-09 21:03:06 ----A---- C:\Windows\system32\wucltux.dll
2016-03-09 21:03:06 ----A---- C:\Windows\system32\wuaueng.dll
2016-03-09 21:03:06 ----A---- C:\Windows\system32\wuauclt.exe
2016-03-09 21:03:06 ----A---- C:\Windows\system32\wuapp.exe
2016-03-09 21:03:06 ----A---- C:\Windows\system32\wuapi.dll
2016-03-09 21:03:06 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 21:03:06 ----A---- C:\Windows\system32\WinSetupUI.dll
2016-03-09 21:03:06 ----A---- C:\Windows\system32\drivers\ntfs.sys
2016-03-09 21:03:05 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-03-09 21:03:05 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-03-09 21:03:05 ----A---- C:\Windows\system32\oleaut32.dll
2016-03-09 21:03:05 ----A---- C:\Windows\system32\drivers\USBSTOR.SYS
2016-03-09 21:03:05 ----A---- C:\Windows\system32\asycfilt.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-03-09 21:03:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-03-09 21:03:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 21:03:04 ----A---- C:\Windows\system32\inseng.dll
2016-03-09 21:03:04 ----A---- C:\Windows\system32\iertutil.dll
2016-03-09 21:03:04 ----A---- C:\Windows\system32\iernonce.dll
2016-03-09 21:03:04 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-03-09 21:03:04 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-03-09 21:03:04 ----A---- C:\Windows\system32\ie4uinit.exe
2016-03-09 21:03:03 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-03-09 21:03:03 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-03-09 21:03:03 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-03-09 21:03:03 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-03-09 21:03:03 ----A---- C:\Windows\system32\urlmon.dll
2016-03-09 21:03:03 ----A---- C:\Windows\system32\occache.dll
2016-03-09 21:03:03 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 21:03:03 ----A---- C:\Windows\system32\iedkcs32.dll
2016-03-09 21:03:02 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-03-09 21:03:02 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-03-09 21:03:02 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-03-09 21:03:02 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-03-09 21:03:02 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 21:03:02 ----A---- C:\Windows\system32\msfeeds.dll
2016-03-09 21:03:02 ----A---- C:\Windows\system32\iesetup.dll
2016-03-09 21:03:02 ----A---- C:\Windows\system32\ieapfltr.dll
2016-03-09 21:03:02 ----A---- C:\Windows\system32\dxtrans.dll
2016-03-09 21:03:01 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-03-09 21:03:01 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-03-09 21:03:01 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-03-09 21:03:01 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-03-09 21:03:01 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-03-09 21:03:01 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-03-09 21:03:01 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-03-09 21:03:01 ----A---- C:\Windows\system32\vbscript.dll
2016-03-09 21:03:01 ----A---- C:\Windows\system32\jsproxy.dll
2016-03-09 21:03:00 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-03-09 21:03:00 ----A---- C:\Windows\system32\mshtmled.dll
2016-03-09 21:03:00 ----A---- C:\Windows\system32\ieUnatt.exe
2016-03-09 21:03:00 ----A---- C:\Windows\system32\ieui.dll
2016-03-09 21:03:00 ----A---- C:\Windows\system32\ieframe.dll
2016-03-09 21:03:00 ----A---- C:\Windows\system32\dxtmsft.dll
2016-03-09 21:02:59 ----A---- C:\Windows\system32\webcheck.dll
2016-03-09 21:02:59 ----A---- C:\Windows\system32\jscript9diag.dll
2016-03-09 21:02:59 ----A---- C:\Windows\system32\jscript9.dll
2016-03-09 21:02:59 ----A---- C:\Windows\system32\jscript.dll
2016-03-09 21:02:58 ----A---- C:\Windows\system32\wininet.dll
2016-03-09 21:02:57 ----A---- C:\Windows\system32\msrating.dll
2016-03-09 21:02:57 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-03-09 21:02:57 ----A---- C:\Windows\system32\mshtml.dll
2016-03-09 21:02:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-03-09 21:02:33 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-03-09 21:02:33 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-03-09 21:02:33 ----A---- C:\Windows\system32\ntdll.dll
2016-03-09 21:02:33 ----A---- C:\Windows\system32\KernelBase.dll
2016-03-09 21:02:33 ----A---- C:\Windows\system32\kerberos.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 21:02:32 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-03-09 21:02:32 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\wow64win.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\wow64cpu.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\wow64.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\winsrv.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\wdigest.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\TSpkg.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\sspisrv.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\sspicli.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\srcore.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\srclient.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\smss.exe
2016-03-09 21:02:32 ----A---- C:\Windows\system32\schannel.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\secur32.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\rstrui.exe
2016-03-09 21:02:32 ----A---- C:\Windows\system32\rpchttp.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\rpcrt4.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\ntvdm64.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\ncrypt.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\msv1_0.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\lsass.exe
2016-03-09 21:02:32 ----A---- C:\Windows\system32\lsasrv.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\kernel32.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-03-09 21:02:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-03-09 21:02:32 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-03-09 21:02:32 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-03-09 21:02:32 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-03-09 21:02:32 ----A---- C:\Windows\system32\drivers\appid.sys
2016-03-09 21:02:32 ----A---- C:\Windows\system32\csrsrv.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\cryptbase.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\credssp.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\conhost.exe
2016-03-09 21:02:32 ----A---- C:\Windows\system32\certcli.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\auditpol.exe
2016-03-09 21:02:32 ----A---- C:\Windows\system32\appidsvc.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-03-09 21:02:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-03-09 21:02:32 ----A---- C:\Windows\system32\appidapi.dll
2016-03-09 21:02:32 ----A---- C:\Windows\system32\advapi32.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 21:02:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 21:02:31 ----A---- C:\Windows\SYSWOW64\user.exe
2016-03-09 21:02:31 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-03-09 21:02:31 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-03-09 21:02:31 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-03-09 21:02:31 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-03-09 21:02:31 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-03-09 21:02:31 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-03-09 21:02:31 ----A---- C:\Windows\system32\msobjs.dll
2016-03-09 21:02:31 ----A---- C:\Windows\system32\msaudite.dll
2016-03-09 21:02:31 ----A---- C:\Windows\system32\apisetschema.dll
2016-03-09 21:02:31 ----A---- C:\Windows\system32\adtschema.dll
2016-03-09 21:02:28 ----A---- C:\Windows\SYSWOW64\mfds.dll
2016-03-09 21:02:28 ----A---- C:\Windows\system32\mfds.dll
2016-03-09 21:02:27 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-03-09 21:02:27 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-03-09 21:02:27 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-03-09 21:02:27 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-03-09 21:02:27 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-03-09 21:02:27 ----A---- C:\Windows\system32\wmp.dll
2016-03-09 21:02:27 ----A---- C:\Windows\system32\seclogon.dll
2016-03-09 21:02:27 ----A---- C:\Windows\system32\lpk.dll
2016-03-09 21:02:27 ----A---- C:\Windows\system32\fontsub.dll
2016-03-09 21:02:27 ----A---- C:\Windows\system32\dciman32.dll
2016-03-09 21:02:27 ----A---- C:\Windows\system32\atmlib.dll
2016-03-09 21:02:27 ----A---- C:\Windows\system32\atmfd.dll
2016-03-09 21:02:26 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2016-03-09 21:02:26 ----A---- C:\Windows\SYSWOW64\wmp.dll
2016-03-09 21:02:26 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2016-03-09 21:02:26 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2016-03-09 21:02:26 ----A---- C:\Windows\system32\wmploc.DLL
2016-03-09 21:02:26 ----A---- C:\Windows\system32\spwmp.dll
2016-03-09 21:02:26 ----A---- C:\Windows\system32\dxmasf.dll
2016-03-09 21:02:25 ----A---- C:\Windows\system32\invagent.dll
2016-03-09 21:02:25 ----A---- C:\Windows\system32\generaltel.dll
2016-03-09 21:02:25 ----A---- C:\Windows\system32\devinv.dll
2016-03-09 21:02:25 ----A---- C:\Windows\system32\CompatTelRunner.exe
2016-03-09 21:02:25 ----A---- C:\Windows\system32\appraiser.dll
2016-03-09 21:02:25 ----A---- C:\Windows\system32\aeinv.dll
2016-03-09 21:02:25 ----A---- C:\Windows\system32\acmigration.dll

======List of files/folders modified in the last 1 month======

2016-04-01 07:41:59 ----D---- C:\Users\HOME\AppData\Roaming\Spotify
2016-04-01 07:41:56 ----D---- C:\Users\HOME\AppData\Roaming\ViberPC
2016-04-01 07:41:50 ----D---- C:\Windows\System32
2016-04-01 07:40:43 ----D---- C:\Program Files\KMSpico
2016-03-31 23:26:54 ----D---- C:\Program Files (x86)\Steam
2016-03-31 20:53:10 ----D---- C:\Users\HOME\AppData\Roaming\Skype
2016-03-31 19:58:39 ----RSD---- C:\Windows\Fonts
2016-03-31 18:53:00 ----D---- C:\Users\HOME\AppData\Roaming\uTorrent
2016-03-31 14:11:08 ----D---- C:\Users\HOME\AppData\Roaming\vlc
2016-03-30 16:15:18 ----D---- C:\Windows\Tasks
2016-03-29 21:37:07 ----D---- C:\Program Files\Swissquote Trading Station123
2016-03-29 13:23:54 ----RD---- C:\Program Files (x86)
2016-03-29 09:58:27 ----SHD---- C:\System Volume Information
2016-03-29 09:53:43 ----D---- C:\Windows\inf
2016-03-29 09:53:43 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-03-29 09:50:55 ----D---- C:\Windows\system32\config
2016-03-29 09:47:42 ----D---- C:\Windows\SysWOW64
2016-03-29 09:47:42 ----D---- C:\Windows\system32\wfp
2016-03-29 09:47:41 ----D---- C:\Windows\system32\wbem
2016-03-29 09:47:41 ----D---- C:\Windows
2016-03-29 09:47:19 ----SHD---- C:\Windows\Installer
2016-03-29 09:47:19 ----HD---- C:\ProgramData
2016-03-29 09:47:19 ----D---- C:\Windows\system32\Tasks
2016-03-29 09:47:19 ----D---- C:\Windows\system32\DriverStore
2016-03-29 09:47:19 ----D---- C:\Windows\system32\drivers\etc
2016-03-29 09:47:19 ----D---- C:\Windows\system32\catroot2
2016-03-29 09:47:19 ----D---- C:\Program Files (x86)\Mozilla Firefox
2016-03-29 09:47:18 ----D---- C:\Users\HOME\AppData\Roaming\GHISLER
2016-03-29 09:47:16 ----D---- C:\Windows\system32\drivers
2016-03-29 09:47:16 ----D---- C:\Windows\registration
2016-03-29 09:47:15 ----RD---- C:\Program Files
2016-03-29 09:47:15 ----D---- C:\Users
2016-03-29 09:47:15 ----D---- C:\Program Files (x86)\NinjaTrader 7
2016-03-28 22:03:09 ----D---- C:\Program Files (x86)\MetaTrader FIX
2016-03-28 22:02:03 ----D---- C:\Program Files (x86)\BOSSAFX11
2016-03-28 22:01:21 ----D---- C:\Program Files (x86)\BOSSAFX
2016-03-27 23:28:25 ----D---- C:\Program Files (x86)\TeamViewer
2016-03-26 20:18:46 ----RSD---- C:\Windows\assembly
2016-03-26 20:18:01 ----D---- C:\Windows\Logs
2016-03-25 16:23:43 ----D---- C:\Windows\system32\catroot
2016-03-24 04:00:18 ----D---- C:\Windows\winsxs
2016-03-24 04:00:17 ----SD---- C:\Windows\SYSWOW64\GWX
2016-03-24 04:00:17 ----SD---- C:\Windows\system32\GWX
2016-03-23 22:28:05 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-03-22 14:13:49 ----D---- C:\Users\HOME\AppData\Roaming\TeamViewer
2016-03-21 14:53:17 ----D---- C:\ProgramData\Pinnacle
2016-03-21 14:53:17 ----D---- C:\Program Files (x86)\Common Files
2016-03-21 14:38:17 ----D---- C:\Users\HOME\AppData\Roaming\Anvsoft
2016-03-20 12:13:18 ----D---- C:\Users\HOME\AppData\Roaming\IObit
2016-03-19 11:37:25 ----D---- C:\Windows\debug
2016-03-14 22:30:23 ----D---- C:\ProgramData\Microsoft Help
2016-03-14 20:16:21 ----D---- C:\Program Files\DIFX
2016-03-12 01:08:10 ----D---- C:\Windows\rescache
2016-03-11 11:59:24 ----D---- C:\Users\HOME\AppData\Roaming\FxPro-cTraderUsers
2016-03-11 11:59:24 ----D---- C:\Users\HOME\AppData\Roaming\FxPro-cTraderCommon
2016-03-10 21:29:01 ----D---- C:\Windows\Microsoft.NET
2016-03-10 20:26:39 ----D---- C:\Windows\SYSWOW64\en-US
2016-03-10 20:26:39 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-03-10 20:26:39 ----D---- C:\Windows\system32\en-US
2016-03-10 20:26:39 ----D---- C:\Windows\system32\cs-CZ
2016-03-10 20:26:39 ----D---- C:\Program Files\Internet Explorer
2016-03-10 20:26:39 ----D---- C:\Program Files (x86)\Internet Explorer
2016-03-10 20:26:38 ----D---- C:\Windows\system32\Boot
2016-03-10 20:26:38 ----D---- C:\Windows\AppPatch
2016-03-10 20:26:38 ----D---- C:\Program Files\Windows Media Player
2016-03-10 20:26:38 ----D---- C:\Program Files (x86)\Windows Media Player
2016-03-09 23:15:55 ----A---- C:\Windows\win.ini
2016-03-09 23:15:15 ----D---- C:\Windows\system32\MRT
2016-03-09 23:11:58 ----A---- C:\Windows\system32\MRT.exe
2016-03-09 23:11:53 ----D---- C:\Windows\system32\appraiser
2016-03-04 16:17:53 ----D---- C:\Windows\system32\wdi
2016-03-02 12:07:15 ----D---- C:\Users\HOME\AppData\Roaming\Pepperstone-cTraderCommon
2016-03-02 09:10:57 ----D---- C:\Windows\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2015-09-20 1455552]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2015-09-20 31144]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-02-21 20464]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2014-12-23 26528]
R1 truecrypt;truecrypt; C:\Windows\System32\drivers\truecrypt.sys [2014-06-06 231376]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 amdacpksd;ACP Kernel Service Driver; \??\C:\Windows\system32\drivers\amdacpksd.sys [2015-12-04 296648]
R2 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600]
R2 RtNdPt60;Realtek NDIS Protocol Driver; C:\Windows\system32\DRIVERS\RtNdPt60.sys [2011-06-15 32544]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2015-12-04 23961088]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2015-12-04 671232]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2015-09-18 96256]
R3 busenum;Synology Virtual USB Hub; C:\Windows\system32\DRIVERS\busenum.sys [2012-08-03 55776]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2014-03-31 3785216]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-09-20 4514008]
R3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2015-09-29 473864]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-02-21 370672]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2015-09-20 814376]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2015-10-05 25816]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2015-05-23 129312]
R3 netr28ux;RT2870 USB Wireless LAN Card Driver pro systém Windows Vista; C:\Windows\system32\DRIVERS\netr28ux.sys [2009-06-10 867328]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-09-20 986368]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2014-05-03 34816]
R3 WinDriver6;WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [2013-09-17 267776]
S3 anvsnddrv;AnvSoft Virtual Sound Device; C:\Windows\system32\drivers\anvsnddrv.sys [2011-11-28 33872]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus; C:\Windows\system32\DRIVERS\dtlitescsibus.sys [2015-07-27 30264]
S3 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2014-09-18 487216]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2015-05-23 25640]
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2015-10-05 63704]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2013-12-17 19456]
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys [2009-12-30 31800]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20); C:\Windows\system32\DRIVERS\RtTeam620.sys [2012-07-03 58512]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2); C:\Windows\system32\DRIVERS\RtVlan620.sys [2012-09-01 32400]
S3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2015-09-20 33448]
S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2013-12-17 29696]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2013-12-17 30208]
S3 usb_rndisx;Adaptér USB RNDIS; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-12-17 19968]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2014-11-21 141440]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\Windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
S3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\Windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
S3 WinUsb;WinUSB Driver; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Professional.12.0;ABBYY FineReader 12 PE Licensing Service; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [2014-01-23 925904]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-12-14 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2015-12-04 246272]
R2 amdacpusrsvc;ACP User Service; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [2015-12-04 121856]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [2012-02-13 193816]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\Windows\system32\igfxCUIService.exe [2014-04-09 296432]
R2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
R2 TeamViewer;TeamViewer 11; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-03-02 6942480]
R2 UsbClientService;UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [2014-02-25 248736]
R2 W3SVC;@%windir%\system32\inetsrv\iisres.dll,-30003; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
R3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-04-11 16232]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2014-06-29 997568]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-23 269504]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376]
S3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [2012-02-13 240408]
S3 cphs;Intel(R) Content Protection HECI Service; C:\Windows\SysWow64\IntelCpHeciSvc.exe [2014-04-09 279024]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30 144200]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-05-23 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-02-08 114688]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-09-20 148080]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-02-28 1910640]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-12-19 732648]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-05-08 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848]

-----------------EOF-----------------


# AdwCleaner v5.108 - Log soubor vytvořen 01/04/2016 o 07:45:25
# Aktualizováno 30/03/2016 by Xplode
# Databáze : 2016-03-30.1 [Server]
# Operační systém : Windows 7 Home Premium Service Pack 1 (x64)
# Jméno uživatele : HOME - HOME34-PC
# Spuštěno z : C:\Users\HOME\Downloads\adwcleaner_5.108.exe
# Volba : Skenovat
# Podpora : http://toolslib.net/forum

***** [ Služby ] *****


***** [ Složky ] *****


***** [ Soubory ] *****


***** [ DLL ] *****


***** [ Zástupci ] *****


***** [ Naplánované úkoly ] *****


***** [ Registr ] *****


***** [ Webové prohlížeče ] *****


*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [660 bytes] - [01/04/2016 07:45:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [732 bytes] ##########

[JaRon]

ahoj,
mozes PC vycistit s CCleanerom - hlavne registre
ziadny virovy problem tam nie je
skus pozriet nastavenia mysi prip. inu mys

[asasina]

Vycisteno ccleanerem.

Nastaveni mysi:
http://prntscr.com/amo6j5
http://prntscr.com/amo6l5


Situace stale stejna.

[JaRon]

- skus odobrat mys cez ovladaci panel - HW ,,,, restart
- ak nepomoze, tak inu mys
je ten system legalny, alebo nejaky paskvil

[asasina]

Vyzkousena jina mys do jineho USB portu a problem je stale stejny.

Vyporozovana dalsi anomalie, pokud otevru novou kartu v chrome tak se me otevre nova karta, ale az po kliknuti na novou kartu se stranka nacte. Dale se stava, ze pokud kliknu jiz na drivejsi otevrenou kartu, tak stranka se automaticky znovu nacte.

Zkousel jsem smazat kompletne chrome a znovu nainstalovat, ale bez uspechu.....

[JaRon]

Prescanuj s avptool

[asasina]

Dnes rano na cokoliv jsem kliknul, tak byl doubleclick.....zkusil jsem vymenit USB port a je to TROCHU lepsi...ale zadna slava. Prijde me, ze jak neco s tim DELAME, tak se to horsi .

Vysledek AVPTOOL:

nic nenalezeno.....

[JaRon]

- nie je tam ziadny virovy problem
- svojvolne si pouzil Combofix
- bezi tam aktivator nelegal produktov MS
Takze odomna konecna