Jedna preventivní...

[Luki951]

Zdravím, rád bych poprosil o kontrolu. Předem, díky

Logfile of random's system information tool 1.14 (written by random/random)
Run by User007 at 2016-11-15 09:07:28
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 69 GB (30%) free of 229 GB
Total RAM: 8134 MB (36% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:07:30, on 15.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Normal

Running processes:
C:\Users\User007\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\User007\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_207.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_207.exe
C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\Klaudi\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\upgrade.exe
C:\Users\User007\AppData\Local\Temp\ese8580.tmp.exe
C:\Users\User007\AppData\Local\Temp\eset\bts.session\{02D83BBE-E65B-AB4F-4A01-72CFB9211AE3}\ese8580.tmp.exe
C:\Users\User007\AppData\Local\Temp\eset\bts.session\{02D83BBE-E65B-AB4F-4A01-72CFB9211AE3}\BootHelper.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\trend micro\User007_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://127.0.0.1:9614/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\User007\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [f.lux] "C:\Users\User007\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4219553082-3292414727-2818567259-1004\..\Run: [Dropbox Update] "C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c (User 'Klaudi')
O4 - HKUS\S-1-5-18\..\Run: [script_fcbd] "D:\Games\Far Cry 3 Blood Dragon\fcbd.bat" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [script_fcbd] "D:\Games\Far Cry 3 Blood Dragon\fcbd.bat" (User 'Default user')
O4 - S-1-5-21-4219553082-3292414727-2818567259-1004 Startup: Dropbox.lnk = Klaudi\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Klaudi')
O4 - S-1-5-21-4219553082-3292414727-2818567259-1004 User Startup: Dropbox.lnk = Klaudi\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Klaudi')
O4 - Startup: Dropbox.lnk = User007\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: fcbd.bat
O4 - Global Startup: O&O Defrag Tray.lnk = ?
O4 - Global Startup: Samsung Network PC Fax.lnk = C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6AC92F68-1704-401E-90C1-11EE9A70F83D}: NameServer = 195.113.144.194
O17 - HKLM\System\CS1\Services\Tcpip\..\{6AC92F68-1704-401E-90C1-11EE9A70F83D}: NameServer = 195.113.144.194
O17 - HKLM\System\CS2\Services\Tcpip\..\{6AC92F68-1704-401E-90C1-11EE9A70F83D}: NameServer = 195.113.144.194
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: DAEMON Tools USB Service (DTUSBService) - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools USB\DTUSBSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13793 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\DAEMON Tools USB\DTUSBSrv.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
"C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe"
C:\Windows\SysWOW64\SecUPDUtilSvc.exe
"C:\Program Files\KMSpico\Service_KMS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Users\User007\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Windows\System32\StikyNot.exe"
"C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Users\User007\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="2224.4.1401978841\2051941302" "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" E7CF176E110C211B 2224 "\\.\pipe\gecko-crash-server-pipe.2224" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_207.exe" --proxy-stub-channel=Flash6936.5B556DB8.23503 --host-broker-channel=Flash6936.5B556DB8.17562 --host-pid=6936 --host-npapi-version=29 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_23_0_0_207.exe" --channel=6992.0042F128.698761604 --proxy-stub-channel=Flash6936.5B556DB8.23503 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll" --host-npapi-version=29 --type=renderer
C:\Windows\system32\taskhost.exe
C:\Program Files\AMD\CNext\CNext\cnext.exe atlogon
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\OO Software\Defrag\oodtray.exe"
"C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Users\Klaudi\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="7656.0.1292559055\564890472" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 7656 "\\.\pipe\gecko-crash-server-pipe.7656" tab
C:\Windows\system32\LogonUI.exe
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\upgrade.exe" /legacy /lang 1029 /show
"C:\Users\User007\AppData\Local\Temp\ese8580.tmp.exe" --reduced --msi-property ANALYTICS_INSTALL_CODE=UPG_2016_V9
"C:\Users\User007\AppData\Local\Temp\eset\bts.session\{02D83BBE-E65B-AB4F-4A01-72CFB9211AE3}\ese8580.tmp.exe" --bts-container 6668 "C:\Users\User007\AppData\Local\Temp\ese8580.tmp.exe" --reduced --msi-property ANALYTICS_INSTALL_CODE=UPG_2016_V9
C:\Users\User007\AppData\Local\Temp\eset\bts.session\{02D83BBE-E65B-AB4F-4A01-72CFB9211AE3}\BootHelper.exe
C:\Windows\system32\msiexec.exe /V
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\taskeng.exe
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\log.txt
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
C:\Windows\SysWOW64\DllHost.exe /Processid:{1EF75F33-893B-4E8F-9655-C3D602BA4897}
"D:\Plocha\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe scan
C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe -updatecheck
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1000Core.job - C:\Users\User007\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1000UA.job - C:\Users\User007\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1004Core.job - C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1004UA.job - C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\AMD Updater - "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN
C:\Windows\system32\tasks\AutoPico Daily Restart - "C:\Program Files\KMSpico\AutoPico.exe" /silent
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\Core Temp Autostart User007 - "C:\Program Files\Core Temp\Core Temp.exe"
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\DLL-files.com Fixer - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe -rem
C:\Windows\system32\tasks\DLL-Files.Com Fixer_MONTHLY - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe scan
C:\Windows\system32\tasks\DLL-files.com Fixer_UPDATES - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe -updatecheck
C:\Windows\system32\tasks\Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe /scheduler
C:\Windows\system32\tasks\Driver Booster SkipUAC (User007) - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe /skipuac
C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1000Core - C:\Users\User007\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1000UA - C:\Users\User007\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1004Core - C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1004UA - C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Microsoft Office 15 Sync Maintenance for User007-PC-User007 User007-PC - C:\Program Files\Microsoft Office\Office15\MsoSync.exe
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1418737780 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\RDReminder - C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe -rem
C:\Windows\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\tasks\User_Feed_Synchronization-{AD4CBF64-DA1A-4090-B4E4-50136BF03827} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\{1DBCBE76-801C-4BC6-B7FD-AE01D03CECC6} - C:\vag IHR3040n\IHR3040n.exe
C:\Windows\system32\tasks\{76204E0C-15E0-4C9A-B2C7-0D4680BB18C6} - C:\vag IHR3040n\IHR3040n.exe
C:\Windows\system32\tasks\{7D790346-907D-4EA5-83D2-0F0A794E7C28} - C:\vag IHR3040n\IHR3040n.exe
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-4219553082-3292414727-2818567259-1004 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload

=========Mozilla firefox=========

ProfilePath - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Bulk Image Downloader - extension - {524B8EF8-C312-11DB-8039-536F56D89593}

C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\extensions.json
Free Download Manager extension - extension - fdm_ffext@freedownloadmanager.org - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.14
Bulk Image Downloader - extension - {524B8EF8-C312-11DB-8039-536F56D89593} - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi
Firefox Hotfix - extension - firefox-hotfix@mozilla.org - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\extensions\firefox-hotfix@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Asynchronous Plugin Rendering - extension - asyncrendering@mozilla.org - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\features\{76cddd8b-0635-4725-aaab-a4bf4734ebe4}\asyncrendering@mozilla.org.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\pluginreg.dat
Plugin - Adobe Acrobat - 15.20.20039.7108 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - Microsoft Office 2013 - 15.0.4514.1000 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.50901.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Microsoft Office 2013 - 15.0.4545.1000 - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
Plugin - Adobe Acrobat - 15.20.20039.7108 - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
Plugin - Java(TM) Platform SE 8 U45 - 11.45.2.14 - C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.450.14 - 11.45.2.14 - C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2014-09-16 2334416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-09-25 153240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-26 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-07-08 737896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2014-09-16 1729232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-26 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-06-15 8822528]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2015-09-14 4468984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"=C:\Users\User007\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
"f.lux"=C:\Users\User007\AppData\Local\FluxSoftware\Flux\flux.exe [2013-10-23 1017224]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-10-19 8551848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-07-18 518424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor]
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-10-19 8551848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer]
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
C:\Program Files\Eraser\Eraser.exe /atRestart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\Program Files (x86)\Raptr\raptrstub.exe --startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCN]
C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-11-18 4859592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-10-13 2860832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-10-24 7805824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON]
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
fcbd.bat
O&O Defrag Tray.lnk - C:\Windows\Installer\{6F9CDC3F-27D8-4A38-B81D-7E2DE3AF8434}\app_icon.ico
Samsung Network PC Fax.lnk - C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe

C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\User007\AppData\Roaming\Dropbox\bin\Dropbox.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=177

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutorun"=158

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave9"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-15 09:02:28 ----D---- C:\ProgramData\ESET
2016-11-15 09:02:24 ----SHD---- C:\Config.Msi
2016-11-08 23:42:36 ----A---- C:\Windows\system32\mshtml.dll
2016-11-08 23:42:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-08 23:42:35 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-08 23:42:35 ----A---- C:\Windows\system32\ieframe.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\wininet.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\win32spl.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\win32k.sys
2016-11-08 23:42:34 ----A---- C:\Windows\system32\urlmon.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-08 23:42:34 ----A---- C:\Windows\system32\ntdll.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\jscript9.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\iertutil.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\clfs.sys
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\webcheck.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-08 23:42:33 ----A---- C:\Windows\system32\msrating.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\msctf.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\input.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-08 23:42:33 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-08 23:42:33 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-08 23:42:33 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-08 23:42:33 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-08 23:42:33 ----A---- C:\Windows\system32\certcli.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\atmfd.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\wow64win.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\wow64.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\winsrv.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\wdigest.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\vbscript.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\tzres.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\sspicli.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\srcore.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\srclient.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\smss.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\schannel.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\secur32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\rstrui.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\occache.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\msobjs.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\msaudite.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\lsass.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\lpk.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\kernel32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\kerberos.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\jscript.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\inseng.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\INETRES.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ieui.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\iesetup.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\iernonce.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\fontsub.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-08 23:42:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-08 23:42:32 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-08 23:42:32 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-08 23:42:32 ----A---- C:\Windows\system32\dciman32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\credssp.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\conhost.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\auditpol.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\atmlib.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\appidapi.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\apisetschema.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\advapi32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\adtschema.dll
2016-11-08 23:42:29 ----A---- C:\Windows\system32\diagtrack.dll
2016-10-22 08:23:49 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2016-11-15 09:07:29 ----D---- C:\Windows\Temp
2016-11-15 09:07:29 ----D---- C:\Program Files\trend micro
2016-11-15 09:04:40 ----D---- C:\Windows\system32\DriverStore
2016-11-15 09:04:40 ----D---- C:\Windows\inf
2016-11-15 09:04:38 ----D---- C:\Windows\system32\config
2016-11-15 09:02:47 ----SHD---- C:\Windows\Installer
2016-11-15 09:02:46 ----SD---- C:\Windows\system32\Microsoft
2016-11-15 09:02:37 ----SHD---- C:\System Volume Information
2016-11-15 09:02:28 ----HD---- C:\ProgramData
2016-11-15 08:24:02 ----D---- C:\Windows\system32\Tasks
2016-11-14 23:05:56 ----D---- C:\Windows\System32
2016-11-14 23:05:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-14 21:47:21 ----D---- C:\Program Files (x86)\SpeedFan
2016-11-13 11:33:37 ----D---- C:\Program Files (x86)\Steam
2016-11-12 20:05:44 ----RSD---- C:\Windows\assembly
2016-11-12 10:06:11 ----D---- C:\Users\User007\AppData\Roaming\Dropbox
2016-11-10 15:10:00 ----D---- C:\Program Files (x86)\Opera
2016-11-09 21:44:13 ----D---- C:\Windows\SysWOW64
2016-11-09 21:44:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-09 21:44:07 ----D---- C:\Windows\system32\Macromed
2016-11-09 21:44:05 ----D---- C:\Windows\SYSWOW64\Macromed
2016-11-09 12:51:21 ----D---- C:\Windows\rescache
2016-11-09 10:43:28 ----D---- C:\Windows\winsxs
2016-11-09 10:42:41 ----D---- C:\Program Files\Internet Explorer
2016-11-09 10:42:40 ----D---- C:\Windows\SYSWOW64\migration
2016-11-09 10:42:40 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-09 10:42:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-09 10:42:40 ----D---- C:\Windows\system32\migration
2016-11-09 10:42:40 ----D---- C:\Windows\system32\en-US
2016-11-09 10:42:40 ----D---- C:\Windows\system32\drivers
2016-11-09 10:42:40 ----D---- C:\Windows\system32\cs-CZ
2016-11-09 10:42:40 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-09 10:42:39 ----D---- C:\Windows\system32\Boot
2016-11-09 10:42:39 ----D---- C:\Windows\AppPatch
2016-11-09 00:11:49 ----D---- C:\Windows\system32\MRT
2016-11-09 00:11:45 ----AC---- C:\Windows\system32\MRT.exe
2016-11-08 23:30:57 ----D---- C:\Windows\system32\catroot2
2016-11-06 13:59:20 ----D---- C:\ProgramData\boost_interprocess
2016-10-26 16:29:06 ----N---- C:\Windows\system32\MpSigStub.exe
2016-10-23 19:33:52 ----D---- C:\Windows
2016-10-23 19:12:49 ----D---- C:\Windows\system32\catroot
2016-10-22 18:38:36 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-22 13:32:39 ----RD---- C:\Program Files (x86)

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2016-11-15 199304]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2014-09-13 118560]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2016-06-15 1469952]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2016-06-15 31712]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-08-25 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2014-09-13 276256]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2014-09-13 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2014-09-13 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2014-09-13 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2014-09-13 117024]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2014-07-23 15232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-09-13 283064]
R1 dtusbbus;DAEMON Tools Virtual USB Bus Driver; C:\Windows\system32\DRIVERS\dtusbbus.sys [2016-05-15 112824]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-11-15 262792]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2016-11-15 197248]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-06-08 27552]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2015-08-16 110720]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2015-08-16 214368]
R2 DTUsbMon;DT USB Monitor Driver; \??\C:\Program Files (x86)\DAEMON Tools USB\dtusbmon.sys [2016-05-15 220928]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-11-15 181384]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2015-08-16 350552]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2014-05-07 11576]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2014-09-13 367200]
R3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2015-08-16 77912]
R3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2015-08-16 322560]
R3 ALSysIO;ALSysIO; \??\C:\Users\User007\AppData\Local\Temp\ALSysIO64.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-09-17 27003904]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-09-17 498176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-06-15 96256]
R3 BEHRINGER_2902;usb-audio.de driver for BEHRINGER USB AUDIO; C:\Windows\System32\Drivers\BUSB2902.sys [2014-09-12 460864]
R3 BUSB_AUDIO_WDM;BEHRINGER USB WDM AUDIO; C:\Windows\system32\drivers\busbwdm.sys [2014-09-12 49728]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2016-09-17 511952]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-06-15 5085952]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2016-09-17 181304]
R3 multikey;Virtual USB multikey; C:\Windows\system32\DRIVERS\multikey.sys [2015-09-10 883424]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\D:\Software\AIDA64 Extreme & Engineer Edition 5.75.3970 Portable Beta (CZ,SK)\AIDA64 Extreme Edition Portable 5.75.3970 Beta\AIDA64 Extreme Edition Portable 5.75.3970 Beta\kerneld.x64 [2016-09-21 45728]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-04-24 129152]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GPUZ;GPUZ; \??\C:\Windows\TEMP\GPUZ.sys []
S3 CH341SER;CH341SER; C:\Windows\System32\Drivers\CH341S64.SYS [2014-09-20 58368]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-08-20 192216]
S3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-11-26 888536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-04-24 221824]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2014-09-13 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-07-18 1142584]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-09-13 3873784]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-09-17 306688]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-07-23 936728]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-07-23 1360016]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 DTUSBService;DAEMON Tools USB Service; C:\Program Files (x86)\DAEMON Tools USB\DTUSBSrv.exe [2014-01-21 813784]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-06-10 2542216]
R2 hasplms;Sentinel LDK License Manager; C:\Windows\system32\hasplms.exe [2015-08-16 4665168]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-17 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-17 390616]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2015-09-14 1711352]
R2 Samsung Network Fax Server;Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [2015-03-10 801472]
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [2014-11-26 118576]
R2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2015-08-13 734400]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142320]
R3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-09 270016]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-27 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-22 172488]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-10 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Luki951]

Tak jsem provedl nějakou čistku již sám a dávám aktualní log:

Logfile of random's system information tool 1.14 (written by random/random)
Run by User007 at 2016-11-15 10:41:20
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 69 GB (30%) free of 229 GB
Total RAM: 8134 MB (51% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:41:20, on 15.11.2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18525)
Boot mode: Normal

Running processes:
C:\Users\User007\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\User007\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\Klaudi\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files\trend micro\User007_RSITx64.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://127.0.0.1:9614/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\User007\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4219553082-3292414727-2818567259-1004\..\Run: [Dropbox Update] "C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c (User 'Klaudi')
O4 - HKUS\S-1-5-18\..\Run: [script_fcbd] "D:\Games\Far Cry 3 Blood Dragon\fcbd.bat" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [script_fcbd] "D:\Games\Far Cry 3 Blood Dragon\fcbd.bat" (User 'Default user')
O4 - S-1-5-21-4219553082-3292414727-2818567259-1004 Startup: Dropbox.lnk = Klaudi\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Klaudi')
O4 - S-1-5-21-4219553082-3292414727-2818567259-1004 User Startup: Dropbox.lnk = Klaudi\AppData\Roaming\Dropbox\bin\Dropbox.exe (User 'Klaudi')
O4 - Startup: Dropbox.lnk = User007\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: SpeedFan.lnk = C:\Program Files (x86)\SpeedFan\speedfan.exe
O4 - Global Startup: fcbd.bat
O4 - Global Startup: O&O Defrag Tray.lnk = ?
O4 - Global Startup: Samsung Network PC Fax.lnk = C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O17 - HKLM\System\CCS\Services\Tcpip\..\{6AC92F68-1704-401E-90C1-11EE9A70F83D}: NameServer = 195.113.144.194
O17 - HKLM\System\CS1\Services\Tcpip\..\{6AC92F68-1704-401E-90C1-11EE9A70F83D}: NameServer = 195.113.144.194
O17 - HKLM\System\CS2\Services\Tcpip\..\{6AC92F68-1704-401E-90C1-11EE9A70F83D}: NameServer = 195.113.144.194
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
O23 - Service: DAEMON Tools USB Service (DTUSBService) - Disc Soft Ltd - C:\Program Files (x86)\DAEMON Tools USB\DTUSBSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\Windows\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: O&O Defrag (OODefragAgent) - O&O Software GmbH - C:\Program Files\OO Software\Defrag\oodag.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Samsung Network Fax Server - Samsung Electronics Co., Ltd. - C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
O23 - Service: Samsung UPD Utility Service (SamsungUPDUtilSvc) - Unknown owner - C:\Windows\SysWOW64\SecUPDUtilSvc.exe
O23 - Service: Service KMSELDI - @ByELDI - C:\Program Files\KMSpico\Service_KMS.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13136 bytes

======Enumerating Processes======

C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe"
"C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\DAEMON Tools USB\DTUSBSrv.exe"
C:\Windows\system32\hasplms.exe -run
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
"C:\Program Files\OO Software\Defrag\oodag.exe"
"C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe"
C:\Windows\SysWOW64\SecUPDUtilSvc.exe
"C:\Program Files\KMSpico\Service_KMS.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhost.exe
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\OO Software\Defrag\oodtray.exe"
"C:\Users\User007\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe"
"C:\Users\User007\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\SpeedFan\speedfan.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\CCleaner\CCleaner64.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "http://www.piriform.com/go/app_cc_reg_p ... l=1029&t=1"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe"
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Program Files\OO Software\Defrag\oodtray.exe"
"C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
"C:\Windows\System32\StikyNot.exe"
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Users\Klaudi\AppData\Roaming\Dropbox\bin\Dropbox.exe" /systemstartup
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel="2560.0.2002454210\227538149" -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" -appomni "C:\Program Files (x86)\Mozilla Firefox\browser\omni.ja" -appdir "C:\Program Files (x86)\Mozilla Firefox\browser" 2560 "\\.\pipe\gecko-crash-server-pipe.2560" tab
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{1EF75F33-893B-4E8F-9655-C3D602BA4897}
"D:\Plocha\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1000Core.job - C:\Users\User007\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1000UA.job - C:\Users\User007\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1004Core.job - C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1004UA.job - C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\tasks\Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\system32\tasks\AMD Updater - "C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe" /AUTOUPDATEIN
C:\Windows\system32\tasks\AutoPico Daily Restart - "C:\Program Files\KMSpico\AutoPico.exe" /silent
C:\Windows\system32\tasks\CCleanerSkipUAC - "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
C:\Windows\system32\tasks\Core Temp Autostart User007 - "C:\Program Files\Core Temp\Core Temp.exe"
C:\Windows\system32\tasks\CreateChoiceProcessTask - C:\Windows\System32\browserchoice.exe /launch
C:\Windows\system32\tasks\Driver Booster Scheduler - C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe /scheduler
C:\Windows\system32\tasks\Driver Booster SkipUAC (User007) - C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe /skipuac
C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1000Core - C:\Users\User007\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1000UA - C:\Users\User007\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1004Core - C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c
C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-4219553082-3292414727-2818567259-1004UA - C:\Users\Klaudi\AppData\Local\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
C:\Windows\system32\tasks\Microsoft Office 15 Sync Maintenance for User007-PC-User007 User007-PC - C:\Program Files\Microsoft Office\Office15\MsoSync.exe
C:\Windows\system32\tasks\Opera scheduled Autoupdate 1418737780 - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate $(Arg0)
C:\Windows\system32\tasks\SidebarExecute - C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\tasks\User_Feed_Synchronization-{AD4CBF64-DA1A-4090-B4E4-50136BF03827} - C:\Windows\system32\msfeedssync.exe sync
C:\Windows\system32\tasks\{1DBCBE76-801C-4BC6-B7FD-AE01D03CECC6} - C:\vag IHR3040n\IHR3040n.exe
C:\Windows\system32\tasks\{76204E0C-15E0-4C9A-B2C7-0D4680BB18C6} - C:\vag IHR3040n\IHR3040n.exe
C:\Windows\system32\tasks\{7D790346-907D-4EA5-83D2-0F0A794E7C28} - C:\vag IHR3040n\IHR3040n.exe
C:\Windows\system32\tasks\WPD\SqmUpload_S-1-5-21-4219553082-3292414727-2818567259-1004 - %windir%\system32\rundll32.exe portabledeviceapi.dll,#1
C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask - %systemroot%\system32\sc.exe start osppsvc
C:\Windows\system32\tasks\Microsoft\Windows Defender\MP Scheduled Scan - c:\program files\windows defender\MpCmdRun.exe Scan -ScheduleJob -WinTask -RestrictPrivilegesScan
C:\Windows\system32\tasks\Microsoft\Windows\WindowsBackup\ConfigNotification - %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
C:\Windows\system32\tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary - "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
C:\Windows\system32\tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange - %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange
C:\Windows\system32\tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting - %windir%\system32\wermgr.exe -queuereporting
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask - %SystemRoot%\system32\Wat\WatAdminSvc.exe /run
C:\Windows\system32\tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
C:\Windows\system32\tasks\Microsoft\Windows\UPnP\UPnPHostConfig - sc.exe config upnphost start= auto
C:\Windows\system32\tasks\Microsoft\Windows\Time Synchronization\SynchronizeTime - %windir%\system32\sc.exe start w32time task_started
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 - %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
C:\Windows\system32\tasks\Microsoft\Windows\SystemRestore\SR - %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
C:\Windows\system32\tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask - sc.exe start sppsvc
C:\Windows\system32\tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask - %windir%\system32\RAServer.exe /offerraupdate
C:\Windows\system32\tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem - %SystemRoot%\System32\powercfg.exe -energy -auto
C:\Windows\system32\tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo - %windir%\system32\gatherNetworkInfo.vbs
C:\Windows\system32\tasks\Microsoft\Windows\MUI\LPRemove - %windir%\system32\lpremove.exe
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService - %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks - %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ehDRMInit - %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\InstallPlayReady - %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\mcupdate - %SystemRoot%\ehome\mcupdate $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURActivate - %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\OCURDiscovery - %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscovery - %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 - %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 - %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PeriodicScanRetry - %windir%\ehome\MCUpdate.exe -pscn 0
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\PvrScheduleTask - %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RecordingRestart - %SystemRoot%\ehome\ehrec /RestartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\RegisterSearch - %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\ReindexSearchRoot - %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask - %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\StartRecording - %SystemRoot%\ehome\ehrec /StartRecording
C:\Windows\system32\tasks\Microsoft\Windows\Media Center\UpdateRecordPath - %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Location\Notifications - %windir%\System32\LocationNotifications.exe
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector - %windir%\system32\rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART
C:\Windows\system32\tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver - %windir%\system32\DFDWiz.exe
C:\Windows\system32\tasks\Microsoft\Windows\Defrag\ScheduledDefrag - %windir%\system32\defrag.exe -c
C:\Windows\system32\tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator - %SystemRoot%\System32\wsqmcons.exe
C:\Windows\system32\tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask - BthUdTask.exe $(Arg0)
C:\Windows\system32\tasks\Microsoft\Windows\Autochk\Proxy - %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\AitAgent - aitagent
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - %windir%\system32\compattel\DiagTrackRunner.exe /UploadEtlFilesOnly
C:\Windows\system32\tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater - %windir%\system32\compattelrunner.exe -maintenance
C:\Windows\system32\tasks\Microsoft\Windows\AppID\PolicyConverter - %windir%\system32\appidpolicyconverter.exe
C:\Windows\system32\tasks\Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck - %windir%\system32\appidcertstorecheck.exe
C:\Windows\system32\tasks\Microsoft\Office\Office 15 Subscription Heartbeat - %ProgramFiles%\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentFallBack - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload mininterval:2880
C:\Windows\system32\tasks\Microsoft\Office\OfficeTelemetryAgentLogOn - "C:\Program Files\Microsoft Office\Office15\msoia.exe" scan upload

=========Mozilla firefox=========

ProfilePath - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 23.0.0.207 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL


C:\Program Files (x86)\Mozilla Firefox\plugins\
npMeetingJoinPluginOC.dll
nppdf32.dll

C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\addons.json
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
Bulk Image Downloader - extension - {524B8EF8-C312-11DB-8039-536F56D89593}

C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\extensions.json
Free Download Manager extension - extension - fdm_ffext@freedownloadmanager.org - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.14
Bulk Image Downloader - extension - {524B8EF8-C312-11DB-8039-536F56D89593} - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\extensions\{524B8EF8-C312-11DB-8039-536F56D89593}.xpi
Firefox Hotfix - extension - firefox-hotfix@mozilla.org - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\extensions\firefox-hotfix@mozilla.org.xpi
Multi-process staged rollout - extension - e10srollout@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi
Pocket - extension - firefox@getpocket.com - C:\Program Files (x86)\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi
Web Compat - extension - webcompat@mozilla.org - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
Asynchronous Plugin Rendering - extension - asyncrendering@mozilla.org - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\features\{76cddd8b-0635-4725-aaab-a4bf4734ebe4}\asyncrendering@mozilla.org.xpi
Adblock Plus - extension - {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

C:\Users\User007\AppData\Roaming\Mozilla\Firefox\Profiles\bb4f2o9z.default\pluginreg.dat
Plugin - Adobe Acrobat - 15.20.20039.7108 - C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
Plugin - Microsoft Office 2013 - 15.0.4514.1000 - C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL
Plugin - Silverlight Plug-In - 5.1.50901.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll
Plugin - Microsoft Office 2013 - 15.0.4545.1000 - C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
Plugin - Adobe Acrobat - 15.20.20039.7108 - C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
Plugin - Java(TM) Platform SE 8 U45 - 11.45.2.14 - C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
Plugin - Java Deployment Toolkit 8.0.450.14 - 11.45.2.14 - C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
Plugin - Intel® Identity Protection Technology - 4.0.5.0 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
Plugin - Shockwave Flash - 23.0.0.207 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll

======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-09-25 218784]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office15\URLREDIR.DLL [2014-01-23 881880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2014-09-16 2334416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-09-25 153240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-26 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office15\URLREDIR.DLL [2014-01-22 707800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
Free Download Manager - C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-07-08 737896]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~3\Office15\GROOVEEX.DLL [2014-09-16 1729232]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-26 172968]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2016-06-15 8822528]
"OODefragTray"=C:\Program Files\OO Software\Defrag\oodtray.exe [2015-09-14 4468984]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"=C:\Users\User007\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05 143144]
"RESTART_STICKY_NOTES"=C:\Windows\System32\StikyNot.exe [2009-07-14 427520]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [2013-07-18 518424]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTibMounterMonitor]
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [2013-10-10 1102192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2015-10-19 8551848]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer]
C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [2014-09-08 464608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2014-03-04 3696912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eraser]
C:\Program Files\Eraser\Eraser.exe /atRestart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon]
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2013-08-07 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr]
C:\Program Files (x86)\Raptr\raptrstub.exe --startup []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RGSC]
C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCN]
C:\Program Files\AMD\CNext\CNext\cnext.exe [2015-11-18 4859592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files (x86)\Steam\steam.exe [2016-10-13 2860832]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrueImageMonitor.exe]
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [2013-10-24 7805824]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB3MON]
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2014-08-25 293872]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
fcbd.bat
O&O Defrag Tray.lnk - C:\Windows\Installer\{6F9CDC3F-27D8-4A38-B81D-7E2DE3AF8434}\app_icon.ico
Samsung Network PC Fax.lnk - C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe

C:\Users\User007\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\User007\AppData\Roaming\Dropbox\bin\Dropbox.exe
SpeedFan.lnk - C:\Program Files (x86)\SpeedFan\speedfan.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=177

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoDriveTypeAutorun"=158

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux3"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave7"=wdmaud.drv
"mixer7"=wdmaud.drv
"wave8"=wdmaud.drv
"mixer8"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave9"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer9"=wdmaud.drv
"aux4"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2016-11-15 09:02:28 ----D---- C:\ProgramData\ESET
2016-11-15 09:02:24 ----SHD---- C:\Config.Msi
2016-11-08 23:42:36 ----A---- C:\Windows\system32\mshtml.dll
2016-11-08 23:42:35 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2016-11-08 23:42:35 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2016-11-08 23:42:35 ----A---- C:\Windows\system32\ieframe.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\wininet.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\UIAnimation.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2016-11-08 23:42:34 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\wininet.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\win32spl.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\win32k.sys
2016-11-08 23:42:34 ----A---- C:\Windows\system32\urlmon.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\UIAnimation.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2016-11-08 23:42:34 ----A---- C:\Windows\system32\ntdll.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\MSVidCtl.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\msv1_0.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\mshtmlmedia.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\lsasrv.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\jscript9.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\iertutil.dll
2016-11-08 23:42:34 ----A---- C:\Windows\system32\clfs.sys
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\msrating.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\msctf.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\input.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\certcli.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2016-11-08 23:42:33 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\webcheck.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\UtcResources.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\oleaut32.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-08 23:42:33 ----A---- C:\Windows\system32\msrating.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\mshtmled.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\msfeeds.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\msctf.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\input.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\inetcomm.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\IMJP10K.DLL
2016-11-08 23:42:33 ----A---- C:\Windows\system32\iedkcs32.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\ie4uinit.exe
2016-11-08 23:42:33 ----A---- C:\Windows\system32\dxtrans.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\dxtmsft.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2016-11-08 23:42:33 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2016-11-08 23:42:33 ----A---- C:\Windows\system32\drivers\bowser.sys
2016-11-08 23:42:33 ----A---- C:\Windows\system32\certcli.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\atmfd.dll
2016-11-08 23:42:33 ----A---- C:\Windows\system32\asycfilt.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-08 23:42:32 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\user.exe
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\tzres.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\srclient.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\schannel.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\setup16.exe
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\secur32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\occache.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\lpk.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\jscript.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\inseng.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\INETRES.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\ieui.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\credssp.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\wow64win.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\wow64cpu.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\wow64.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\winsrv.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\wdigest.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\vbscript.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\tzres.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\TSpkg.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\sspisrv.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\sspicli.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\srcore.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\srclient.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\smss.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\schannel.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\setbcdlocale.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\secur32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\rstrui.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\rpchttp.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\rpcrt4.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\occache.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ntvdm64.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ncrypt.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\msobjs.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\MshtmlDac.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\msaudite.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\lsass.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\lpk.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\KernelBase.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\kernel32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\kerberos.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\jsproxy.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\jscript9diag.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\jscript.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\inseng.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\INETRES.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ieUnatt.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ieui.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\iesetup.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\iernonce.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ieetwproxystub.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ieetwcollector.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\ieapfltr.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\fontsub.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2016-11-08 23:42:32 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2016-11-08 23:42:32 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2016-11-08 23:42:32 ----A---- C:\Windows\system32\drivers\appid.sys
2016-11-08 23:42:32 ----A---- C:\Windows\system32\dciman32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\csrsrv.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\cryptbase.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\credssp.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\conhost.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\auditpol.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\atmlib.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\appidsvc.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2016-11-08 23:42:32 ----A---- C:\Windows\system32\appidapi.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\apisetschema.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\advapi32.dll
2016-11-08 23:42:32 ----A---- C:\Windows\system32\adtschema.dll
2016-11-08 23:42:29 ----A---- C:\Windows\system32\diagtrack.dll
2016-10-22 08:23:49 ----D---- C:\Program Files (x86)\Mozilla Firefox

======List of files/folders modified in the last 1 month======

2016-11-15 10:41:20 ----D---- C:\Windows\Temp
2016-11-15 10:41:20 ----D---- C:\Program Files\trend micro
2016-11-15 10:16:46 ----D---- C:\Windows\system32\Tasks
2016-11-15 09:55:51 ----D---- C:\Windows\system32\config
2016-11-15 09:30:12 ----D---- C:\Windows\System32
2016-11-15 09:30:12 ----A---- C:\Windows\system32\PerfStringBackup.INI
2016-11-15 09:27:08 ----RD---- C:\Program Files (x86)
2016-11-15 09:27:08 ----D---- C:\Windows\Tasks
2016-11-15 09:25:12 ----D---- C:\Program Files (x86)\SpeedFan
2016-11-15 09:24:40 ----D---- C:\Windows\system32\drivers
2016-11-15 09:23:59 ----D---- C:\Windows\Resources
2016-11-15 09:04:40 ----D---- C:\Windows\system32\DriverStore
2016-11-15 09:04:40 ----D---- C:\Windows\inf
2016-11-15 09:02:47 ----SHD---- C:\Windows\Installer
2016-11-15 09:02:46 ----SD---- C:\Windows\system32\Microsoft
2016-11-15 09:02:37 ----SHD---- C:\System Volume Information
2016-11-15 09:02:28 ----HD---- C:\ProgramData
2016-11-13 11:33:37 ----D---- C:\Program Files (x86)\Steam
2016-11-12 20:05:44 ----RSD---- C:\Windows\assembly
2016-11-12 10:06:11 ----D---- C:\Users\User007\AppData\Roaming\Dropbox
2016-11-10 15:10:00 ----D---- C:\Program Files (x86)\Opera
2016-11-09 21:44:13 ----D---- C:\Windows\SysWOW64
2016-11-09 21:44:11 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-11-09 21:44:07 ----D---- C:\Windows\system32\Macromed
2016-11-09 21:44:05 ----D---- C:\Windows\SYSWOW64\Macromed
2016-11-09 12:51:21 ----D---- C:\Windows\rescache
2016-11-09 10:43:28 ----D---- C:\Windows\winsxs
2016-11-09 10:42:41 ----D---- C:\Program Files\Internet Explorer
2016-11-09 10:42:40 ----D---- C:\Windows\SYSWOW64\migration
2016-11-09 10:42:40 ----D---- C:\Windows\SYSWOW64\en-US
2016-11-09 10:42:40 ----D---- C:\Windows\SYSWOW64\cs-CZ
2016-11-09 10:42:40 ----D---- C:\Windows\system32\migration
2016-11-09 10:42:40 ----D---- C:\Windows\system32\en-US
2016-11-09 10:42:40 ----D---- C:\Windows\system32\cs-CZ
2016-11-09 10:42:40 ----D---- C:\Program Files (x86)\Internet Explorer
2016-11-09 10:42:39 ----D---- C:\Windows\system32\Boot
2016-11-09 10:42:39 ----D---- C:\Windows\AppPatch
2016-11-09 00:11:49 ----D---- C:\Windows\system32\MRT
2016-11-09 00:11:45 ----AC---- C:\Windows\system32\MRT.exe
2016-11-08 23:30:57 ----D---- C:\Windows\system32\catroot2
2016-11-06 13:59:20 ----D---- C:\ProgramData\boost_interprocess
2016-10-26 16:29:06 ----N---- C:\Windows\system32\MpSigStub.exe
2016-10-23 19:33:52 ----D---- C:\Windows
2016-10-23 19:12:49 ----D---- C:\Windows\system32\catroot
2016-10-22 18:38:36 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

File C:\Windows\system32\winlogon.exe is digitally signed
File C:\Windows\system32\wininit.exe is digitally signed
File C:\Windows\explorer.exe is digitally signed
File C:\Windows\SysWOW64\explorer.exe is digitally signed
File C:\Windows\system32\svchost.exe is digitally signed
File C:\Windows\SysWOW64\svchost.exe is digitally signed
File C:\Windows\system32\services.exe is digitally signed
File C:\Windows\system32\User32.dll is digitally signed
File C:\Windows\SysWOW64\User32.dll is digitally signed
File C:\Windows\system32\userinit.exe is digitally signed
File C:\Windows\SysWOW64\userinit.exe is digitally signed
File C:\Windows\system32\rpcss.dll is digitally signed
File C:\Windows\system32\Drivers\volsnap.sys is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2016-11-15 199304]
R0 fltsrv;Acronis Storage Filter Management; C:\Windows\system32\DRIVERS\fltsrv.sys [2014-09-13 118560]
R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2016-06-15 1469952]
R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2016-06-15 31712]
R0 iusb3hcs;Ovladač přepínání hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hcs.sys [2014-08-25 20464]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2014-09-13 276256]
R0 tib;Acronis TIB Manager; C:\Windows\system32\DRIVERS\tib.sys [2014-09-13 1120032]
R0 tib_mounter;Acronis TIB Mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [2014-09-13 198432]
R0 vididr;Acronis Virtual Disk; C:\Windows\system32\DRIVERS\vididr.sys [2014-09-13 161568]
R0 vidsflt;Acronis Disk Storage Filter; C:\Windows\system32\DRIVERS\vidsflt.sys [2014-09-13 117024]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2014-07-23 15232]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-09-13 283064]
R1 dtusbbus;DAEMON Tools Virtual USB Bus Driver; C:\Windows\system32\DRIVERS\dtusbbus.sys [2016-05-15 112824]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2016-11-15 262792]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2016-11-15 197248]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2016-06-08 27552]
R2 aksdf;aksdf; \??\C:\Windows\system32\drivers\aksdf.sys [2015-08-16 110720]
R2 aksfridge;aksfridge; \??\C:\Windows\system32\drivers\aksfridge.sys [2015-08-16 214368]
R2 DTUsbMon;DT USB Monitor Driver; \??\C:\Program Files (x86)\DAEMON Tools USB\dtusbmon.sys [2016-05-15 220928]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2016-11-15 181384]
R2 hardlock;hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2015-08-16 350552]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys [2014-05-07 11576]
R3 afcdp;afcdp; C:\Windows\system32\DRIVERS\afcdp.sys [2014-09-13 367200]
R3 akshasp;SafeNet Inc. HASP Key; C:\Windows\system32\DRIVERS\akshasp.sys [2015-08-16 77912]
R3 aksusb;SafeNet Inc. USB Key; C:\Windows\system32\DRIVERS\aksusb.sys [2015-08-16 322560]
R3 ALSysIO;ALSysIO; \??\C:\Users\User007\AppData\Local\Temp\ALSysIO64.sys []
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-09-17 27003904]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-09-17 498176]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-06-15 96256]
R3 BEHRINGER_2902;usb-audio.de driver for BEHRINGER USB AUDIO; C:\Windows\System32\Drivers\BUSB2902.sys [2014-09-12 460864]
R3 BUSB_AUDIO_WDM;BEHRINGER USB WDM AUDIO; C:\Windows\system32\drivers\busbwdm.sys [2014-09-12 49728]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D; C:\Windows\system32\DRIVERS\e1d62x64.sys [2016-09-17 511952]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2016-06-15 5085952]
R3 iusb3hub;Ovladač rozbočovače Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3hub.sys [2014-08-25 383984]
R3 iusb3xhc;Ovladač rozšiřitelného hostitelského řadiče Intel(R) USB 3.0; C:\Windows\system32\DRIVERS\iusb3xhc.sys [2014-08-25 795120]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-11-15 192216]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [2016-09-17 181304]
R3 multikey;Virtual USB multikey; C:\Windows\system32\DRIVERS\multikey.sys [2015-09-10 883424]
R3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S2 NSHE;Guardant Emulator Driver; \??\C:\Windows\system32\Drivers\NSHE.SYS []
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\D:\Software\AIDA64 Extreme & Engineer Edition 5.75.3970 Portable Beta (CZ,SK)\AIDA64 Extreme Edition Portable 5.75.3970 Beta\AIDA64 Extreme Edition Portable 5.75.3970 Beta\kerneld.x64 [2016-09-21 45728]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-04-24 129152]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GPUZ;GPUZ; \??\C:\Windows\TEMP\GPUZ.sys []
S3 CH341SER;CH341SER; C:\Windows\System32\Drivers\CH341S64.SYS [2014-09-20 58368]
S3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2009-11-18 32344]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-11-26 888536]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-04-24 221824]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 tdrpman;Acronis Try&Decide and Restore Points filter; C:\Windows\system32\DRIVERS\tdrpman.sys [2014-09-13 1464096]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [2013-07-18 1142584]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-10-21 82128]
R2 afcdpsrv;Acronis Nonstop Backup Service; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2014-09-13 3873784]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-09-17 306688]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2014-07-23 936728]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2014-07-23 1360016]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\cscsvc.dll
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; %SystemRoot%\System32\svchost.exe -k utcsvc;"ServiceDll"=%SystemRoot%\system32\diagtrack.dll
R2 DTUSBService;DAEMON Tools USB Service; C:\Program Files (x86)\DAEMON Tools USB\DTUSBSrv.exe [2014-01-21 813784]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2016-11-15 2771848]
R2 hasplms;Sentinel LDK License Manager; C:\Windows\system32\hasplms.exe [2015-08-16 4665168]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-08-07 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-17 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-17 390616]
R2 OODefragAgent;O&O Defrag; C:\Program Files\OO Software\Defrag\oodag.exe [2015-09-14 1711352]
R2 Samsung Network Fax Server;Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [2015-03-10 801472]
R2 SamsungUPDUtilSvc;Samsung UPD Utility Service; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [2014-11-26 118576]
R2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [2015-08-13 734400]
R2 syncagentsrv;Acronis Sync Agent Service; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-10-22 7142320]
R3 AppMgmt;@appmgmts.dll,-3250; %SystemRoot%\system32\svchost.exe -k netsvcs;"ServiceDll"=%SystemRoot%\System32\appmgmts.dll
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-09 270016]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-10-27 114688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-10-22 172488]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-12-08 178760]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 5132888]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; %SystemRoot%\System32\svchost.exe -k PeerDist;"ServiceDll"=%SystemRoot%\system32\peerdistsvc.dll
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-06-04 837312]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\system32\storsvc.dll
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted;"ServiceDll"=%SystemRoot%\System32\umrdp.dll
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2014-09-10 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]

-----------------EOF-----------------

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Luki951]

# AdwCleaner v6.030 - Log soubor vytvořen 17/11/2016 na 23:32:07
# Aktualizováno dne 19/10/2016 z Malwarebytes
# Databáze : 2016-11-16.1 [Server]
# Operační systém : Windows 7 Professional Service Pack 1 (X64)
# Uživatelské jméno : User007 - USER007-PC
# Beží od : D:\Plocha\adwcleaner_6.030.exe
# Mod: Čištění
# Podpora : hxxps://www.malwarebytes.com/support



***** [ Služby ] *****



***** [ Adresáře ] *****



***** [ Soubory ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Zástupce ] *****



***** [ Plánovač úloh ] *****



***** [ Registry ] *****

[-] Klíč smazán:HKU\S-1-5-21-4219553082-3292414727-2818567259-1000\Software\Conduit
[#] Klíč smazán po restartování:HKCU\Software\Conduit
[#] Klíč smazán po restartování:[x64] HKCU\Software\Conduit


***** [ Prohlížeče ] *****



*************************

:: "Tracing" klíč smazán
:: Winsock nastavení vyčištěno

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1276 Bajtů] - [02/11/2015 18:38:14]
C:\AdwCleaner\AdwCleaner[C2].txt - [1090 Bajtů] - [17/11/2016 23:32:07]
C:\AdwCleaner\AdwCleaner[S1].txt - [1155 Bajtů] - [02/11/2015 18:37:43]
C:\AdwCleaner\AdwCleaner[S2].txt - [1663 Bajtů] - [17/11/2016 23:31:52]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1312 Bajtů] ##########

[Rudy]

Dejte nový log RSIT.