VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

csrss.exe

https://forum.viry.cz:443/viewtopic.php?t=145679

Stránka 1 z 2

csrss.exe

Napsal: 16 srp 2015 11:26
od LosMajos_
Zdravím! Našel jsem v Aida64 extreme v běžících procesech 2x csrss.exe .. nevede k ním žádná cesta a je divné že tam je 2x.. četl jsem že to něco může být, tak píšu sem :) + mám tam dvanáct svchost.exe což mi přijde divné.. tady je log z RSIT..

Logfile of random's system information tool 1.10 (written by random/random)
Run by Pepa7 at 2015-08-16 12:22:17
Microsoft Windows 8.1
System drive C: has 543 GB (57%) free of 954 GB
Total RAM: 3992 MB (44% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:22:37, on 16. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Pepa7.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [Imperator] C:\Program Files (x86)\Genius\Imperator\IMhid.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: Dual Smart Solution.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_LiveUpdate_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SuperRAIDSvc - Micro-Star International - C:\MSI\Smart Utilities\SuperRAIDSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

--
End of file - 8293 bytes

======Listing Processes======





wininit.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe"
dashost.exe {04a27faa-0dbd-450a-a0bd5aab63b62a25}
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
"C:\MSI\Smart Utilities\SuperRAIDSvc.exe"

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
taskeng.exe {4F89D8B1-B2F6-4A6E-A299-B78B942D1706}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe" /hw
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 18EC6E1B-F6B3-A844-8245-2144A4F24348 -Reinvoke

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
-hiberboot
atieclxx
taskhostex.exe
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
raptr_im.exe
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5504.0.1185687441\910402349" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,9,22,45 --gpu-vendor-id=0x1002 --gpu-device-id=0x679a --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.1003 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5504.10.1267490564\1527542046" --font-cache-shared-handle=3936 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5504.18.125317954\1131644279" --font-cache-shared-handle=6572 /prefetch:673131151
"C:\Program Files (x86)\FinalWire\AIDA64 Extreme\aida64.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5504.22.1895357025\268905828" --font-cache-shared-handle=3852 /prefetch:673131151
"C:\WINDOWS\system32\RunDll32.exe" "C:\WINDOWS\system32\WerConCpl.dll", LaunchErcApp -queuereporting
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5504.40.899145906\1376373580" --font-cache-shared-handle=2908 /prefetch:673131151
"C:\WINDOWS\System32\perfmon.exe" /res
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5504.46.1249208797\158672443" --font-cache-shared-handle=6340 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5504.66.1170759247\1211866554" --font-cache-shared-handle=8196 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5504.67.754105036\1874433090" --font-cache-shared-handle=11120 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="*AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoId/*RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="5504.68.529955986\1890893209" --font-cache-shared-handle=10692 /prefetch:673131151
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe149_ Global\UsGthrCtrlFltPipeMssGthrPipe149 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 572 576 584 65536 580

"C:\Users\Pepa7\Downloads\RSITx64.exe"


======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\RtlNetworkGenieVistaStart.job - C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe /hw

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-08-04 36352]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-30 13672664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [2012-03-20 3340288]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17 8418584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Imperator"=C:\Program Files (x86)\Genius\Imperator\IMhid.exe [2012-03-01 281600]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-01-07 2694320]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2015-07-30 3458728]
"Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2015-07-27 56080]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-28 767176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dual Smart Solution.lnk - C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-16 12:22:17 ----D---- C:\rsit
2015-08-16 12:22:17 ----D---- C:\Program Files\trend micro
2015-08-15 15:04:39 ----D---- C:\Users\Pepa7\AppData\Roaming\.technic
2015-08-13 16:11:56 ----D---- C:\ProgramData\ATI
2015-08-13 15:54:20 ----D---- C:\Program Files (x86)\AMD
2015-08-12 22:11:21 ----D---- C:\WINDOWS\LastGood
2015-08-12 22:09:45 ----D---- C:\Program Files\ATI Technologies
2015-08-12 22:06:44 ----D---- C:\Users\Pepa7\AppData\Roaming\Raptr
2015-08-12 21:55:27 ----D---- C:\WINDOWS\LastGood.Tmp
2015-08-12 11:59:06 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:59:06 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:31:01 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-08-12 11:31:01 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 11:31:01 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-08-12 11:31:01 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-08-12 11:31:01 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-12 11:31:01 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-08-12 11:31:01 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-08-12 11:31:00 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-08-12 11:31:00 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-08-12 11:31:00 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-08-12 11:31:00 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-08-12 11:31:00 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-08-12 11:30:18 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-12 11:30:17 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-12 11:30:16 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-08-12 11:30:16 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-12 11:30:15 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-08-12 11:30:15 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-12 11:30:14 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-08-12 11:30:14 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-08-12 11:30:14 ----A---- C:\WINDOWS\system32\wininet.dll
2015-08-12 11:30:14 ----A---- C:\WINDOWS\system32\ieui.dll
2015-08-12 11:30:13 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-08-12 11:30:13 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 11:30:13 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-08-12 11:30:12 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-08-12 11:30:12 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-12 11:30:12 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-08-12 11:30:12 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-08-12 11:30:12 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-12 11:30:11 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-08-12 11:30:11 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-08-12 11:30:11 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\system32\jscript.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-08-12 11:29:37 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-12 11:29:37 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 11:29:37 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-12 11:29:37 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 11:29:37 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-12 11:29:37 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-12 11:29:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-12 11:29:35 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2015-08-12 11:29:35 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2015-08-12 11:29:35 ----A---- C:\WINDOWS\system32\WebClnt.dll
2015-08-12 11:29:35 ----A---- C:\WINDOWS\system32\davclnt.dll
2015-08-12 11:29:34 ----A---- C:\WINDOWS\system32\invagent.dll
2015-08-12 11:29:34 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-08-12 11:29:34 ----A---- C:\WINDOWS\system32\devinv.dll
2015-08-12 11:29:34 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-08-12 11:29:33 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 11:29:33 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-08-12 11:29:33 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-12 11:29:32 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-08-12 11:29:31 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-08-12 11:29:31 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-08-12 11:29:03 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2015-08-12 11:29:03 ----A---- C:\WINDOWS\system32\netcfgx.dll
2015-08-12 11:29:03 ----A---- C:\WINDOWS\system32\csrsrv.dll
2015-08-12 11:29:03 ----A---- C:\WINDOWS\system32\basesrv.dll
2015-08-12 11:29:02 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-12 11:29:02 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-12 11:29:02 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 11:29:02 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-08-12 11:29:02 ----A---- C:\WINDOWS\notepad.exe
2015-08-12 11:29:01 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-08-12 11:29:01 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-08-12 11:29:01 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-08-12 11:29:01 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-08-12 11:29:00 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2015-08-12 11:29:00 ----A---- C:\WINDOWS\system32\mstscax.dll
2015-08-12 11:28:59 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2015-08-12 11:28:59 ----A---- C:\WINDOWS\system32\win32k.sys
2015-08-12 11:28:59 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 11:28:59 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-12 11:28:59 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-12 11:28:59 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-08-12 11:28:59 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-08-12 11:28:58 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-12 11:28:58 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-08-12 11:28:58 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-12 11:28:58 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-08-12 11:28:58 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-10 19:32:20 ----D---- C:\Users\Pepa7\AppData\Roaming\Mozilla
2015-08-10 18:34:50 ----SHD---- C:\$RECYCLE.BIN
2015-08-10 18:31:52 ----D---- C:\WINDOWS\Temp
2015-08-10 18:31:52 ----A---- C:\WINDOWS\zoek-delete.exe
2015-08-08 02:22:40 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-08-06 11:01:22 ----D---- C:\Program Files\CCleaner
2015-08-05 20:36:53 ----D---- C:\Program Files (x86)\Counter-Strike
2015-07-29 05:44:06 ----A---- C:\WINDOWS\system32\amdave64.dll
2015-07-29 05:44:02 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2015-07-29 05:43:28 ----A---- C:\WINDOWS\system32\amdhcp64.dll
2015-07-29 05:43:26 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll
2015-07-29 05:43:24 ----A---- C:\WINDOWS\system32\atimpc64.dll
2015-07-29 05:42:52 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2015-07-29 05:42:12 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2015-07-29 05:42:10 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2015-07-29 05:42:06 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll
2015-07-29 05:40:36 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2015-07-29 05:26:10 ----A---- C:\WINDOWS\system32\drivers\amdacpksd.sys
2015-07-29 05:15:48 ----A---- C:\WINDOWS\system32\drivers\atikmdag.sys
2015-07-29 05:09:56 ----A---- C:\WINDOWS\system32\clinfo.exe
2015-07-29 05:09:50 ----A---- C:\WINDOWS\system32\amdocl64.dll
2015-07-29 05:07:36 ----A---- C:\WINDOWS\system32\OpenCL.dll
2015-07-29 05:07:34 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2015-07-29 05:06:04 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll
2015-07-29 05:05:56 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll
2015-07-29 04:41:26 ----A---- C:\WINDOWS\system32\mantle64.dll
2015-07-29 04:41:20 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
2015-07-29 04:41:14 ----A---- C:\WINDOWS\system32\amdmantle64.dll
2015-07-29 04:36:42 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll
2015-07-29 04:34:58 ----A---- C:\WINDOWS\system32\amdhdl64.dll
2015-07-29 04:34:56 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll
2015-07-29 04:34:40 ----A---- C:\WINDOWS\system32\amdmmcl6.dll
2015-07-29 04:34:38 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll
2015-07-29 04:34:14 ----A---- C:\WINDOWS\system32\atio6axx.dll
2015-07-29 04:33:04 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
2015-07-29 04:33:00 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
2015-07-29 04:30:28 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2015-07-29 04:30:26 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll
2015-07-29 04:30:26 ----A---- C:\WINDOWS\system32\aticalrt64.dll
2015-07-29 04:30:24 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll
2015-07-29 04:30:24 ----A---- C:\WINDOWS\system32\aticalcl64.dll
2015-07-29 04:30:18 ----A---- C:\WINDOWS\system32\aticaldd64.dll
2015-07-29 04:29:26 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll
2015-07-29 04:28:30 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll
2015-07-29 04:26:08 ----A---- C:\WINDOWS\system32\atieah64.exe
2015-07-29 04:26:06 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2015-07-29 04:26:06 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2015-07-29 04:26:04 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2015-07-29 04:26:04 ----A---- C:\WINDOWS\system32\atimuixx.dll
2015-07-29 04:26:02 ----A---- C:\WINDOWS\system32\atieclxx.exe
2015-07-29 04:25:54 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2015-07-29 04:25:40 ----A---- C:\WINDOWS\system32\atitmm64.dll
2015-07-29 04:24:42 ----A---- C:\WINDOWS\system32\atisamu64.dll
2015-07-29 04:24:40 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll
2015-07-29 04:23:44 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2015-07-29 04:22:16 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll
2015-07-29 04:22:12 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll
2015-07-29 04:22:12 ----A---- C:\WINDOWS\system32\atiglpxx.dll
2015-07-29 04:22:12 ----A---- C:\WINDOWS\system32\atig6pxx.dll
2015-07-29 04:22:10 ----A---- C:\WINDOWS\system32\atig6txx.dll
2015-07-29 04:22:04 ----A---- C:\WINDOWS\system32\drivers\atikmpag.sys
2015-07-29 04:19:48 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2015-07-29 04:19:46 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2015-07-29 04:17:34 ----A---- C:\WINDOWS\system32\coinst_15.20.dll
2015-07-27 19:17:58 ----A---- C:\WINDOWS\SYSWOW64\EasyAntiCheat.exe
2015-07-22 18:50:10 ----D---- C:\Users\Pepa7\AppData\Roaming\Trove
2015-07-18 17:43:12 ----D---- C:\Program Files (x86)\File Recovery

======List of files/folders modified in the last 1 month======

2015-08-16 12:22:17 ----RD---- C:\Program Files
2015-08-16 12:08:33 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-16 12:00:00 ----D---- C:\WINDOWS\system32\sru
2015-08-16 01:36:15 ----D---- C:\Program Files (x86)\Steam
2015-08-15 19:13:14 ----SHD---- C:\WINDOWS\Installer
2015-08-15 19:13:14 ----D---- C:\Windows
2015-08-15 19:12:22 ----RSD---- C:\WINDOWS\assembly
2015-08-15 19:11:38 ----SHD---- C:\System Volume Information
2015-08-15 18:44:18 ----D---- C:\WINDOWS\System32
2015-08-15 18:44:17 ----D---- C:\WINDOWS\Inf
2015-08-15 18:44:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-15 17:06:10 ----D---- C:\Users\Pepa7\AppData\Roaming\.minecraft
2015-08-15 00:12:26 ----D---- C:\Users\Pepa7\AppData\Roaming\Skype
2015-08-13 16:11:56 ----HD---- C:\ProgramData
2015-08-13 15:56:36 ----D---- C:\WINDOWS\SysWOW64
2015-08-13 15:54:20 ----RD---- C:\Program Files (x86)
2015-08-13 15:52:02 ----D---- C:\WINDOWS\system32\drivers
2015-08-13 15:51:49 ----D---- C:\WINDOWS\system32\catroot
2015-08-13 15:51:47 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-13 15:51:18 ----D---- C:\Program Files\AMD
2015-08-13 15:49:26 ----D---- C:\AMD
2015-08-13 13:09:09 ----D---- C:\WINDOWS\AppReadiness
2015-08-13 05:29:07 ----HD---- C:\Program Files\WindowsApps
2015-08-13 05:27:24 ----D---- C:\WINDOWS\system32\wdi
2015-08-12 22:22:09 ----D---- C:\Program Files (x86)\Battle.net
2015-08-12 22:07:08 ----D---- C:\Program Files (x86)\Raptr
2015-08-12 20:12:50 ----D---- C:\ProgramData\Adobe
2015-08-12 20:12:35 ----D---- C:\Program Files\Common Files\Adobe
2015-08-12 13:38:12 ----D---- C:\WINDOWS\rescache
2015-08-12 12:53:25 ----D---- C:\WINDOWS\system32\config
2015-08-12 12:46:28 ----D---- C:\WINDOWS\WinSxS
2015-08-12 12:44:38 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-12 12:44:37 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 12:42:26 ----SD---- C:\WINDOWS\system32\CompatTel
2015-08-12 12:42:26 ----D---- C:\WINDOWS\system32\appraiser
2015-08-12 12:42:26 ----D---- C:\WINDOWS\apppatch
2015-08-12 12:42:26 ----D---- C:\Program Files\Windows Defender
2015-08-12 12:42:26 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-12 12:42:25 ----D---- C:\Program Files\Internet Explorer
2015-08-12 12:42:25 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-12 12:42:24 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-08-12 11:59:34 ----D---- C:\WINDOWS\CbsTemp
2015-08-12 11:57:55 ----D---- C:\WINDOWS\system32\MRT
2015-08-12 11:52:13 ----A---- C:\WINDOWS\system32\MRT.exe
2015-08-12 11:28:07 ----D---- C:\WINDOWS\system32\catroot2
2015-08-11 12:18:12 ----D---- C:\WINDOWS\Tasks
2015-08-11 12:14:12 ----D---- C:\Program Files (x86)\Google
2015-08-11 12:13:50 ----D---- C:\WINDOWS\system32\Tasks
2015-08-11 12:08:12 ----A---- C:\DelFix.txt
2015-08-10 18:25:36 ----D---- C:\WINDOWS\system32\drivers\etc
2015-08-09 19:32:59 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-08 17:52:05 ----D---- C:\ProgramData\Blizzard Entertainment
2015-08-08 15:55:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-08-08 02:36:17 ----D---- C:\Program Files (x86)\Hearthstone
2015-08-05 18:12:22 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2015-08-05 12:32:44 ----D---- C:\ProgramData\Origin
2015-08-05 12:12:35 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrB.exe
2015-08-05 12:02:43 ----D---- C:\Program Files (x86)\Origin
2015-08-01 18:50:31 ----D---- C:\MSI
2015-07-29 05:44:06 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll
2015-07-29 05:42:08 ----A---- C:\WINDOWS\system32\atiuxp64.dll
2015-07-29 05:42:02 ----A---- C:\WINDOWS\system32\atiu9p64.dll
2015-07-29 05:42:00 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll
2015-07-29 05:41:58 ----A---- C:\WINDOWS\system32\aticfx64.dll
2015-07-29 05:41:52 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
2015-07-29 05:41:14 ----A---- C:\WINDOWS\system32\atidxx64.dll
2015-07-29 05:40:28 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll
2015-07-29 05:40:20 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll
2015-07-29 05:39:40 ----A---- C:\WINDOWS\system32\atiumd6a.dll
2015-07-29 05:39:06 ----A---- C:\WINDOWS\system32\atiumd64.dll
2015-07-29 05:08:40 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll
2015-07-29 04:26:10 ----A---- C:\WINDOWS\system32\atidemgy.dll
2015-07-29 04:22:18 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2015-07-29 04:22:16 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2015-07-29 04:22:08 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2015-07-25 11:21:26 ----SD---- C:\WINDOWS\system32\GWX
2015-07-23 19:19:21 ----D---- C:\Users\Pepa7\AppData\Roaming\Origin
2015-07-23 02:05:24 ----D---- C:\Program Files (x86)\SpeedFan

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-08-04 670568]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 157016]
R1 ndisrd;@oem18.inf,%ndisrd_Desc%;WinpkFilter LightWeight Filter; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [2011-09-14 32360]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2014-06-18 28912]
R2 speedfan;speedfan; \??\C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 AcpiCtlDrv;AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver; \??\C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [2014-12-08 34136]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-07-29 21622784]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-07-29 665088]
R3 athur;@oem7.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw8x.sys [2013-06-02 2919936]
R3 AtiHDAudioService;@oem29.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2015-07-15 102912]
R3 ICCWDT;@oem22.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2013-08-13 27608]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-05-29 4892088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-07-15 4012632]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-03-20 30512]
R3 KYEGKB;@oem13.inf,%KYEGKB.SvcDesc%;IMPERATOR Gaming Keyboard; C:\WINDOWS\system32\drivers\KYEGKB.sys [2011-09-05 25600]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MEIx64;@oem15.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2015-01-06 129312]
R3 NTIOLib_MSI_RAID;NTIOLib_MSI_RAID; \??\C:\MSI\Smart Utilities\NTIOLib_X64.sys [2014-03-17 13808]
R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-07-18 874712]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 amdkmafd;@oem1.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2015-01-20 44296]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-03-20 42288]
S3 IntcDAud;@oem10.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-05-29 460048]
S3 LGDDCDevice;LGDDCDevice; \??\C:\WINDOWS\system32\LGI2CDriver.sys []
S3 LGII2CDevice;LGII2CDevice; \??\C:\WINDOWS\system32\LGPII2CDriver.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-07-29 246784]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2014-12-25 23504]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-08-04 16232]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-05-29 344168]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2015-07-30 1741992]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-12-26 76152]
R2 SuperRAIDSvc;SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [2014-08-13 29648]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-02-18 171480]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11 107848]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-05-29 279144]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2015-07-27 245544]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2015-03-20 344288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-08-05 2007048]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-12 838336]

-----------------EOF-----------------

Re: csrss.exe

Napsal: 16 srp 2015 15:07
od Márty84
Zdravim :)

Spustte spravce uloh, najdete oba csrss.exe (Client Server Runtime Subsystem), kliknete na ne pravym mysidlem a zvolte vlastnosti. Objevi se vam jejich umisteni. Jinak csrss.exe je systemovy soubor a to ze bezi 2x je v poradku. Spravne umisteni je C:\Windows\System32\csrss.exe

Stejne tak svchost.exe je v poradku. To, ze bezi vicekrat je taky OK http://windows.microsoft.com/cs-cz/wind ... =windows-7

Samozrejme muzou byt nakazeny, ale to by treba zraly extremne moc systemovych prostredku, nebo by se to projevilo nejakymi jinymi problemy. Je tedy nejaky problem?


:arrow: Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Cleaning
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner[C?].txt ). Ten mi sem zkopirujte.

Re: csrss.exe

Napsal: 16 srp 2015 15:46
od LosMajos_
Děkuji za odpověď :) Client Server Runtime Process jsou oba v C:\Windows\System32 jeden žere 1,1 MB a druhý 1,0 :) občas se mi stane že projíždím FB a najednou se to obraz sekne, oba dva monitory černě probliknou a odsekne se.. často mi v Chromu padají pluginy nebo co to je .. a někdy se mi ukazatel myši změní na takové tři tečky.. jenom na hlavním monitoru, zjistil jsem že stačí myškou sjet dolů doprava a myška je normální.. ale to se stává málokdy.. jenže to nesouvisí se csrss .. zkusíte mi poradit prosím? :)

Re: csrss.exe

Napsal: 16 srp 2015 15:51
od LosMajos_
# AdwCleaner v5.000 - Logfile created 16/08/2015 at 16:47:53
# Updated 14/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Pepa7 - PEPA
# Running from : C:\Users\Pepa7\Desktop\adwcleaner_5.000.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

[-] [C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : bandicam.en.softonic.com
[-] [C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : hradby.cz

*************************

:: Proxy settings cleared
:: Winsock settings cleared

*************************

C:\AdwCleaner[C1].txt - [862 octets] - [16/08/2015 16:47:53]
C:\AdwCleaner[S1].txt - [889 octets] - [16/08/2015 16:47:15]

########## EOF - C:\AdwCleaner[C1].txt - [986 octets] ##########

Re: csrss.exe

Napsal: 16 srp 2015 15:52
od Márty84
Procistime to a uvidime.

Vidim tam MBAM...

:arrow: Udelejte novou kontrolu s MBAM. Test nastavte podle tohoto navodu (cili Vlastni sken vsech disku) http://forum.viry.cz/viewtopic.php?f=29&t=144868 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

Re: csrss.exe

Napsal: 16 srp 2015 18:09
od LosMajos_
Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 16. 8. 2015
Čas skenování: 16:59
Protokol: mbam.txt
Správce: Ano

Verze: 2.1.8.1057
Databáze malwaru: v2015.08.16.01
Databáze rootkitů: v2015.08.06.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Pepa7

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 651449
Uplynulý čas: 2 hod, 8 min, 44 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 0
(Nenalezeny žádné škodlivé položky)

Hodnoty registru: 0
(Nenalezeny žádné škodlivé položky)

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 0
(Nenalezeny žádné škodlivé položky)

Soubory: 2
HackTool.Agent.AIM, C:\Users\Pepa7\Desktop\Složky\Leis\Leis.exe, , [fd840603e5a6cb6bf1da3b52629f926e],
HackTool.Agent.AIM, C:\Users\Pepa7\Desktop\Složky\MPH Leis\Leis.exe, , [8ff2c2473e4d5fd7715a3d50dc25a060],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Re: csrss.exe

Napsal: 16 srp 2015 19:24
od LosMajos_
Dodám ještě nějaké chyby.. tohle mi občas vyskočí když jsem a fb.. když dám ok facebook problikne a můžu pokračovat... https://ctrlv.cz/48vx .. zrovna teď spadl nějakej WebGL.. https://ctrlv.cz/F791

Re: csrss.exe

Napsal: 16 srp 2015 20:56
od Márty84
:arrow: Nalezy MBAM nechte odstranit, pak muzete MBAM odinstalovat.
LosMajos_ píše:Dodám ještě nějaké chyby.. tohle mi občas vyskočí když jsem a fb.. když dám ok facebook problikne a můžu pokračovat... https://ctrlv.cz/48vx .. zrovna teď spadl nějakej WebGL.. https://ctrlv.cz/F791
:???: Dela to i v jinych prohlizecich?



:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

:arrow: Postupujte podle navodu kolegy
vyosek píše: :arrow: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
  • Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
  • Do okna vlozte skript nize

  • Kód: Vybrat vše

    autoclean;
autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;
  • Nasledne kliknete na Run Script
  • PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

Re: csrss.exe

Napsal: 16 srp 2015 22:08
od LosMajos_
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 8.1 x64
Ran by Pepa7 on ne 16. 08. 2015 at 23:05:43,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\Pepa7\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Pepa7\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Pepa7\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Pepa7\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 16. 08. 2015 at 23:07:57,16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: csrss.exe

Napsal: 16 srp 2015 22:22
od LosMajos_
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Pepa7 on ne 16. 08. 2015 at 23:09:28,86.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pepa7\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

16. 8. 2015 23:10:40 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Empty Folders Check ======================

C:\Program Files\ATI Technologies deleted successfully
C:\Users\Pepa7\AppData\Roaming\.technic deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Pepa7\AppData\Roaming\Mozilla\Firefox\Profiles\0QVy95eW.default\prefs.js:

Added to C:\Users\Pepa7\AppData\Roaming\Mozilla\Firefox\Profiles\0QVy95eW.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\Users\Pepa7\AppData\Roaming\Mozilla\Firefox\Profiles\0QVy95eW.default\extensions\abs@avira.com deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Pepa7\AppData\Roaming\Mozilla\Firefox\Profiles\0QVy95eW.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 44.0.2403.155

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]

Northern Lights - Pepa7\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbnkklencjcmkepldaineciclcheaoef

==== Chromium Startpages ======================

C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Preferences
.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\44.0.2403.130\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13083761667573972","lastpingday":"13084182000985719","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"cs","default_locale":"en","description":"Rychlý e-mail s možností vyhledávání a menším množstvím spamu.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/upda ... artup_urls":["http://www.seznam.cz/"]},"sync":{"remaining_rollback_tries":0}}


==== Chromium Fix ======================

C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Old Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Old Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... urceid=ie7"

==== Reset Google Chrome ======================

C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pepa7\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Pepa7\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Pepa7\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Pepa7\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=114 folders=25 2229470 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Pepa7\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Pepa7\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ne 16. 08. 2015 at 23:21:23,81 ======================

Re: csrss.exe

Napsal: 16 srp 2015 22:43
od LosMajos_
Používám jenom chrome.. zkusím na pár dní přejít na explorer a pak napíši :)

EDIT: NE! Na exploreru jsem byl jednou a naposled :-D Hrůza pustím si stream na twitch a hned adobe flash player vyhodí nějakou chybu! https://ctrlv.cz/LrPG ..

Re: csrss.exe

Napsal: 17 srp 2015 06:21
od Márty84
No IE neni zrovna neni dobra volba :-D Zkuste jeste mozillu.


:arrow: Dejte novy log z RSIT

a k tomu

:arrow: Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach :)

Re: csrss.exe

Napsal: 17 srp 2015 14:59
od LosMajos_
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pepa7 at 2015-08-17 15:58:45
Microsoft Windows 8.1
System drive C: has 545 GB (57%) free of 954 GB
Total RAM: 3992 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:58:48, on 17. 8. 2015
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\PROGRA~2\Raptr\raptr.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\Pepa7.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [Imperator] C:\Program Files (x86)\Genius\Imperator\IMhid.exe
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Live Update] C:\Program Files (x86)\MSI\Live Update\Live Update.exe /REMINDER
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [OscarEditor] "C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe" Minimum
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Global Startup: Dual Smart Solution.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark - C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
O23 - Service: GamingApp_Service - Micro-Star Int'l Co., Ltd. - C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_LiveUpdate_Service - Micro-Star INT'L CO., LTD. - C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SuperRAIDSvc - Micro-Star International - C:\MSI\Smart Utilities\SuperRAIDSvc.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel(R) Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

--
End of file - 8074 bytes

======Listing Processes======






wininit.exe
winlogon.exe

C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
"dwm.exe"
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
atieclxx
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k utcsvc
dashost.exe {0d96162e-8fbb-4ed2-a917670583c0f42f}
"C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe"
C:\WINDOWS\SysWOW64\PnkBstrA.exe
"C:\MSI\Smart Utilities\SuperRAIDSvc.exe"

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

taskhostex.exe
taskeng.exe {85C254F1-15C3-4E42-A205-F6302E1FB318}
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
"C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe" /hw
igfxEM.exe
igfxHK.exe
igfxTray.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\skydrive.exe -Embedding
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe" 0
"C:\PROGRA~2\Raptr\raptr.exe" --log_to_file --from_stub --startup
raptr_im.exe
"C:\Program Files (x86)\Raptr\raptr_ep64.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe"
"C:\Windows\System32\SettingSyncHost.exe" -Embedding
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3844.60.1288063151\1528794056" --ppapi-flash-args=enable_hw_video_decode=1 --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\WINDOWS\system32\RunDll32.exe" "C:\WINDOWS\system32\WerConCpl.dll", LaunchErcApp -queuereporting
"C:\Program Files\Windows Defender\MpCmdRun.exe" SpyNetServiceDss -RestrictPrivileges -AccessKey 0F3001CE-44E4-EF42-E966-7BEEBA479C62 -Reinvoke
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/*PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="3844.65.1046278763\2081356862" --font-cache-shared-handle=7896 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/*PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="3844.68.2055322627\1972430228" --font-cache-shared-handle=6704 /prefetch:673131151
C:\WINDOWS\system32\GWX\GWX.exe /updateconfig
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3844.82.989175498\607050957" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,9,22,45,49 --gpu-vendor-id=0x1002 --gpu-device-id=0x679a --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.200.1062.1003 --ignored=" --type=renderer " /prefetch:822062411
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/*PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="3844.95.591038356\177286741" --font-cache-shared-handle=7568 /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/*PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="3844.97.412168602\1278183639" --font-cache-shared-handle=3584 /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=cs --force-fieldtrials="AffiliationBasedMatching/Enabled/AudioProcessing48kHzSupport/Default/*AutofillEnabled/Default/*AutofillFieldMetadata/Enabled/*BrowserBlacklist/Enabled/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ChromeDashboard/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group9 pct:10i stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*IconNTP/Default/*NewProfileManagement/Enabled/*NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/*PasswordGeneration/Disabled/*PasswordLinkInSettings/Enabled/PermissionBubbleRollout/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/ReportCertificateErrors/ShowAndPossiblySend/*ReportCertificateErrorsOverHttp/UploadReportsOverHttp/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/*SafeBrowsingIncidentReportingService/Default/*SdchPersistence/Default/SessionRestoreBackgroundLoading/Restore/*SettingsEnforcement/enforce_always_with_extensions_and_dse/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_94/*UMA-Uniformity-Trial-10-Percent/group_08/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_17/*UMA-Uniformity-Trial-50-Percent/group_01/*UseDelayAgnosticAEC/DefaultEnabled/*VoiceTrigger/Install/WebRTC-UDPSocketNonBlockingIO/Default/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --gpu-rasterization-msaa-sample-count=8 --use-image-texture-target=3553 --channel="3844.98.684957854\198686030" --font-cache-shared-handle=5272 /prefetch:673131151
"C:\Users\Pepa7\Downloads\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\WINDOWS\tasks\RtlNetworkGenieVistaStart.job - C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe /hw

======Registry dump======

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-08-04 36352]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-06-30 13672664]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OscarEditor"=C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [2012-03-20 3340288]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2015-07-17 8418584]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Imperator"=C:\Program Files (x86)\Genius\Imperator\IMhid.exe [2012-03-01 281600]
"Adobe Creative Cloud"=C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2015-01-07 2694320]
"Live Update"=C:\Program Files (x86)\MSI\Live Update\Live Update.exe [2015-07-30 3458728]
"Raptr"=C:\PROGRA~2\Raptr\raptrstub.exe [2015-07-27 56080]
"StartCCC"=C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-07-28 767176]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Dual Smart Solution.lnk - C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"SoftwareSASGeneration"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.yuy2"=msyuv.dll
"vidc.i420"=iyuv_32.dll
"msacm.msgsm610"=msgsm32.acm
"msacm.msg711"=msg711.acm
"vidc.yvyu"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"wavemapper"=msacm32.drv
"midimapper"=midimap.dll
"vidc.uyvy"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"vidc.msvc"=msvidc32.dll
"VIDC.RTV1"=rtvcvfw64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-08-16 23:21:31 ----SHD---- C:\$RECYCLE.BIN
2015-08-16 23:17:56 ----D---- C:\WINDOWS\Temp
2015-08-16 23:17:56 ----A---- C:\WINDOWS\zoek-delete.exe
2015-08-16 23:09:26 ----D---- C:\zoek_backup
2015-08-16 16:47:53 ----A---- C:\AdwCleaner[C1].txt
2015-08-16 16:47:15 ----A---- C:\AdwCleaner[S1].txt
2015-08-16 16:47:14 ----D---- C:\AdwCleaner
2015-08-16 12:22:17 ----D---- C:\rsit
2015-08-16 12:22:17 ----D---- C:\Program Files\trend micro
2015-08-13 16:11:56 ----D---- C:\ProgramData\ATI
2015-08-13 15:54:20 ----D---- C:\Program Files (x86)\AMD
2015-08-12 22:06:44 ----D---- C:\Users\Pepa7\AppData\Roaming\Raptr
2015-08-12 11:59:06 ----A---- C:\WINDOWS\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:59:06 ----A---- C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:31:01 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2015-08-12 11:31:01 ----A---- C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 11:31:01 ----A---- C:\WINDOWS\system32\wudriver.dll
2015-08-12 11:31:01 ----A---- C:\WINDOWS\system32\wucltux.dll
2015-08-12 11:31:01 ----A---- C:\WINDOWS\system32\wuaueng.dll
2015-08-12 11:31:01 ----A---- C:\WINDOWS\system32\wuauclt.exe
2015-08-12 11:31:01 ----A---- C:\WINDOWS\system32\wuapi.dll
2015-08-12 11:31:00 ----A---- C:\WINDOWS\SYSWOW64\wuwebv.dll
2015-08-12 11:31:00 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2015-08-12 11:31:00 ----A---- C:\WINDOWS\SYSWOW64\wuapp.exe
2015-08-12 11:31:00 ----A---- C:\WINDOWS\system32\wuwebv.dll
2015-08-12 11:31:00 ----A---- C:\WINDOWS\system32\wuapp.exe
2015-08-12 11:30:18 ----A---- C:\WINDOWS\system32\mshtml.dll
2015-08-12 11:30:17 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2015-08-12 11:30:16 ----A---- C:\WINDOWS\system32\jscript9.dll
2015-08-12 11:30:16 ----A---- C:\WINDOWS\system32\ieframe.dll
2015-08-12 11:30:15 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2015-08-12 11:30:15 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2015-08-12 11:30:14 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2015-08-12 11:30:14 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll
2015-08-12 11:30:14 ----A---- C:\WINDOWS\system32\wininet.dll
2015-08-12 11:30:14 ----A---- C:\WINDOWS\system32\ieui.dll
2015-08-12 11:30:13 ----A---- C:\WINDOWS\system32\urlmon.dll
2015-08-12 11:30:13 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 11:30:13 ----A---- C:\WINDOWS\system32\actxprxy.dll
2015-08-12 11:30:12 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2015-08-12 11:30:12 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2015-08-12 11:30:12 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2015-08-12 11:30:12 ----A---- C:\WINDOWS\system32\msfeeds.dll
2015-08-12 11:30:12 ----A---- C:\WINDOWS\system32\iertutil.dll
2015-08-12 11:30:11 ----A---- C:\WINDOWS\SYSWOW64\inetcomm.dll
2015-08-12 11:30:11 ----A---- C:\WINDOWS\SYSWOW64\actxprxy.dll
2015-08-12 11:30:11 ----A---- C:\WINDOWS\system32\webcheck.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\system32\vbscript.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\system32\jscript.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\system32\inetcomm.dll
2015-08-12 11:30:10 ----A---- C:\WINDOWS\system32\iepeers.dll
2015-08-12 11:29:37 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2015-08-12 11:29:37 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 11:29:37 ----A---- C:\WINDOWS\system32\sysmain.dll
2015-08-12 11:29:37 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 11:29:37 ----A---- C:\WINDOWS\system32\ntdll.dll
2015-08-12 11:29:37 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys
2015-08-12 11:29:36 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2015-08-12 11:29:35 ----A---- C:\WINDOWS\SYSWOW64\WebClnt.dll
2015-08-12 11:29:35 ----A---- C:\WINDOWS\SYSWOW64\davclnt.dll
2015-08-12 11:29:35 ----A---- C:\WINDOWS\system32\WebClnt.dll
2015-08-12 11:29:35 ----A---- C:\WINDOWS\system32\davclnt.dll
2015-08-12 11:29:34 ----A---- C:\WINDOWS\system32\invagent.dll
2015-08-12 11:29:34 ----A---- C:\WINDOWS\system32\generaltel.dll
2015-08-12 11:29:34 ----A---- C:\WINDOWS\system32\devinv.dll
2015-08-12 11:29:34 ----A---- C:\WINDOWS\system32\appraiser.dll
2015-08-12 11:29:33 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 11:29:33 ----A---- C:\WINDOWS\system32\aeinv.dll
2015-08-12 11:29:33 ----A---- C:\WINDOWS\system32\acmigration.dll
2015-08-12 11:29:32 ----A---- C:\WINDOWS\system32\drivers\WdFilter.sys
2015-08-12 11:29:31 ----A---- C:\WINDOWS\system32\drivers\WdNisDrv.sys
2015-08-12 11:29:31 ----A---- C:\WINDOWS\system32\drivers\WdBoot.sys
2015-08-12 11:29:03 ----A---- C:\WINDOWS\SYSWOW64\netcfgx.dll
2015-08-12 11:29:03 ----A---- C:\WINDOWS\system32\netcfgx.dll
2015-08-12 11:29:03 ----A---- C:\WINDOWS\system32\csrsrv.dll
2015-08-12 11:29:03 ----A---- C:\WINDOWS\system32\basesrv.dll
2015-08-12 11:29:02 ----A---- C:\WINDOWS\SYSWOW64\notepad.exe
2015-08-12 11:29:02 ----A---- C:\WINDOWS\system32\notepad.exe
2015-08-12 11:29:02 ----A---- C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 11:29:02 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2015-08-12 11:29:02 ----A---- C:\WINDOWS\notepad.exe
2015-08-12 11:29:01 ----A---- C:\WINDOWS\SYSWOW64\msxml6.dll
2015-08-12 11:29:01 ----A---- C:\WINDOWS\SYSWOW64\msxml3.dll
2015-08-12 11:29:01 ----A---- C:\WINDOWS\system32\msxml6.dll
2015-08-12 11:29:01 ----A---- C:\WINDOWS\system32\msxml3.dll
2015-08-12 11:29:00 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2015-08-12 11:29:00 ----A---- C:\WINDOWS\system32\mstscax.dll
2015-08-12 11:28:59 ----A---- C:\WINDOWS\SYSWOW64\rdvidcrl.dll
2015-08-12 11:28:59 ----A---- C:\WINDOWS\system32\win32k.sys
2015-08-12 11:28:59 ----A---- C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 11:28:59 ----A---- C:\WINDOWS\system32\FntCache.dll
2015-08-12 11:28:59 ----A---- C:\WINDOWS\system32\DWrite.dll
2015-08-12 11:28:59 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2015-08-12 11:28:59 ----A---- C:\WINDOWS\system32\drivers\FWPKCLNT.SYS
2015-08-12 11:28:58 ----A---- C:\WINDOWS\SYSWOW64\DWrite.dll
2015-08-12 11:28:58 ----A---- C:\WINDOWS\SYSWOW64\atmlib.dll
2015-08-12 11:28:58 ----A---- C:\WINDOWS\SYSWOW64\atmfd.dll
2015-08-12 11:28:58 ----A---- C:\WINDOWS\system32\atmlib.dll
2015-08-12 11:28:58 ----A---- C:\WINDOWS\system32\atmfd.dll
2015-08-10 19:32:20 ----D---- C:\Users\Pepa7\AppData\Roaming\Mozilla
2015-08-08 02:22:40 ----D---- C:\Program Files (x86)\Heroes of the Storm
2015-08-06 11:01:22 ----D---- C:\Program Files\CCleaner
2015-08-05 20:36:53 ----D---- C:\Program Files (x86)\Counter-Strike
2015-07-29 05:44:06 ----A---- C:\WINDOWS\system32\amdave64.dll
2015-07-29 05:44:02 ----A---- C:\WINDOWS\system32\amdmiracast.dll
2015-07-29 05:43:28 ----A---- C:\WINDOWS\system32\amdhcp64.dll
2015-07-29 05:43:26 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll
2015-07-29 05:43:24 ----A---- C:\WINDOWS\system32\atimpc64.dll
2015-07-29 05:42:52 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll
2015-07-29 05:42:12 ----A---- C:\WINDOWS\system32\amdpcom64.dll
2015-07-29 05:42:10 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll
2015-07-29 05:42:06 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll
2015-07-29 05:40:36 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll
2015-07-29 05:26:10 ----A---- C:\WINDOWS\system32\drivers\amdacpksd.sys
2015-07-29 05:15:48 ----A---- C:\WINDOWS\system32\drivers\atikmdag.sys
2015-07-29 05:09:56 ----A---- C:\WINDOWS\system32\clinfo.exe
2015-07-29 05:09:50 ----A---- C:\WINDOWS\system32\amdocl64.dll
2015-07-29 05:07:36 ----A---- C:\WINDOWS\system32\OpenCL.dll
2015-07-29 05:07:34 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll
2015-07-29 05:06:04 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll
2015-07-29 05:05:56 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll
2015-07-29 04:41:26 ----A---- C:\WINDOWS\system32\mantle64.dll
2015-07-29 04:41:20 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll
2015-07-29 04:41:14 ----A---- C:\WINDOWS\system32\amdmantle64.dll
2015-07-29 04:36:42 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll
2015-07-29 04:34:58 ----A---- C:\WINDOWS\system32\amdhdl64.dll
2015-07-29 04:34:56 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll
2015-07-29 04:34:40 ----A---- C:\WINDOWS\system32\amdmmcl6.dll
2015-07-29 04:34:38 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll
2015-07-29 04:34:14 ----A---- C:\WINDOWS\system32\atio6axx.dll
2015-07-29 04:33:04 ----A---- C:\WINDOWS\system32\mantleaxl64.dll
2015-07-29 04:33:00 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll
2015-07-29 04:30:28 ----A---- C:\WINDOWS\system32\atiapfxx.exe
2015-07-29 04:30:26 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll
2015-07-29 04:30:26 ----A---- C:\WINDOWS\system32\aticalrt64.dll
2015-07-29 04:30:24 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll
2015-07-29 04:30:24 ----A---- C:\WINDOWS\system32\aticalcl64.dll
2015-07-29 04:30:18 ----A---- C:\WINDOWS\system32\aticaldd64.dll
2015-07-29 04:29:26 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll
2015-07-29 04:28:30 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll
2015-07-29 04:26:08 ----A---- C:\WINDOWS\system32\atieah64.exe
2015-07-29 04:26:06 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe
2015-07-29 04:26:06 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll
2015-07-29 04:26:04 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll
2015-07-29 04:26:04 ----A---- C:\WINDOWS\system32\atimuixx.dll
2015-07-29 04:26:02 ----A---- C:\WINDOWS\system32\atieclxx.exe
2015-07-29 04:25:54 ----A---- C:\WINDOWS\system32\atiesrxx.exe
2015-07-29 04:25:40 ----A---- C:\WINDOWS\system32\atitmm64.dll
2015-07-29 04:24:42 ----A---- C:\WINDOWS\system32\atisamu64.dll
2015-07-29 04:24:40 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll
2015-07-29 04:23:44 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll
2015-07-29 04:22:16 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll
2015-07-29 04:22:12 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll
2015-07-29 04:22:12 ----A---- C:\WINDOWS\system32\atiglpxx.dll
2015-07-29 04:22:12 ----A---- C:\WINDOWS\system32\atig6pxx.dll
2015-07-29 04:22:10 ----A---- C:\WINDOWS\system32\atig6txx.dll
2015-07-29 04:22:04 ----A---- C:\WINDOWS\system32\drivers\atikmpag.sys
2015-07-29 04:19:48 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll
2015-07-29 04:19:46 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll
2015-07-29 04:17:34 ----A---- C:\WINDOWS\system32\coinst_15.20.dll
2015-07-27 19:17:58 ----A---- C:\WINDOWS\SYSWOW64\EasyAntiCheat.exe
2015-07-22 18:50:10 ----D---- C:\Users\Pepa7\AppData\Roaming\Trove
2015-07-18 17:43:12 ----D---- C:\Program Files (x86)\File Recovery

======List of files/folders modified in the last 1 month======

2015-08-17 15:15:47 ----D---- C:\WINDOWS\system32\sru
2015-08-17 06:15:19 ----D---- C:\WINDOWS\system32\DriverStore
2015-08-17 06:15:01 ----D---- C:\WINDOWS\WinSxS
2015-08-17 06:14:21 ----D---- C:\Windows
2015-08-17 06:11:01 ----D---- C:\WINDOWS\Microsoft.NET
2015-08-17 06:10:53 ----D---- C:\WINDOWS\system32\config
2015-08-17 01:16:51 ----D---- C:\WINDOWS\System32
2015-08-17 01:16:51 ----D---- C:\WINDOWS\Inf
2015-08-17 01:16:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-16 23:11:22 ----RD---- C:\Program Files
2015-08-16 23:10:45 ----D---- C:\WINDOWS\system32\drivers\etc
2015-08-16 23:09:26 ----D---- C:\WINDOWS\SysWOW64
2015-08-16 23:06:24 ----SHD---- C:\System Volume Information
2015-08-16 22:40:09 ----D---- C:\WINDOWS\system32\drivers
2015-08-16 22:40:09 ----D---- C:\WINDOWS\System
2015-08-16 22:03:49 ----D---- C:\Users\Pepa7\AppData\Roaming\Skype
2015-08-16 01:36:15 ----D---- C:\Program Files (x86)\Steam
2015-08-15 19:13:14 ----SHD---- C:\WINDOWS\Installer
2015-08-15 19:12:22 ----RSD---- C:\WINDOWS\assembly
2015-08-15 17:06:10 ----D---- C:\Users\Pepa7\AppData\Roaming\.minecraft
2015-08-13 16:11:56 ----HD---- C:\ProgramData
2015-08-13 15:54:20 ----RD---- C:\Program Files (x86)
2015-08-13 15:51:49 ----D---- C:\WINDOWS\system32\catroot
2015-08-13 15:51:18 ----D---- C:\Program Files\AMD
2015-08-13 15:49:26 ----D---- C:\AMD
2015-08-13 13:09:09 ----D---- C:\WINDOWS\AppReadiness
2015-08-13 05:29:07 ----HD---- C:\Program Files\WindowsApps
2015-08-13 05:27:24 ----D---- C:\WINDOWS\system32\wdi
2015-08-12 22:22:09 ----D---- C:\Program Files (x86)\Battle.net
2015-08-12 22:07:08 ----D---- C:\Program Files (x86)\Raptr
2015-08-12 20:12:50 ----D---- C:\ProgramData\Adobe
2015-08-12 20:12:35 ----D---- C:\Program Files\Common Files\Adobe
2015-08-12 13:38:12 ----D---- C:\WINDOWS\rescache
2015-08-12 12:44:38 ----D---- C:\Program Files\Microsoft Silverlight
2015-08-12 12:44:37 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 12:42:26 ----SD---- C:\WINDOWS\system32\CompatTel
2015-08-12 12:42:26 ----D---- C:\WINDOWS\system32\appraiser
2015-08-12 12:42:26 ----D---- C:\WINDOWS\apppatch
2015-08-12 12:42:26 ----D---- C:\Program Files\Windows Defender
2015-08-12 12:42:26 ----D---- C:\Program Files (x86)\Windows Defender
2015-08-12 12:42:25 ----D---- C:\Program Files\Internet Explorer
2015-08-12 12:42:25 ----D---- C:\Program Files (x86)\Internet Explorer
2015-08-12 12:42:24 ----D---- C:\WINDOWS\system32\drivers\cs-CZ
2015-08-12 11:59:34 ----D---- C:\WINDOWS\CbsTemp
2015-08-12 11:57:55 ----D---- C:\WINDOWS\system32\MRT
2015-08-12 11:52:13 ----A---- C:\WINDOWS\system32\MRT.exe
2015-08-12 11:28:07 ----D---- C:\WINDOWS\system32\catroot2
2015-08-11 12:18:12 ----D---- C:\WINDOWS\Tasks
2015-08-11 12:14:12 ----D---- C:\Program Files (x86)\Google
2015-08-11 12:13:50 ----D---- C:\WINDOWS\system32\Tasks
2015-08-11 12:08:12 ----A---- C:\DelFix.txt
2015-08-09 19:32:59 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-08 17:52:05 ----D---- C:\ProgramData\Blizzard Entertainment
2015-08-08 15:55:07 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2015-08-08 02:36:17 ----D---- C:\Program Files (x86)\Hearthstone
2015-08-05 18:12:22 ----D---- C:\Program Files (x86)\Battlelog Web Plugins
2015-08-05 12:32:44 ----D---- C:\ProgramData\Origin
2015-08-05 12:12:35 ----A---- C:\WINDOWS\SYSWOW64\PnkBstrB.exe
2015-08-05 12:02:43 ----D---- C:\Program Files (x86)\Origin
2015-08-01 18:50:31 ----D---- C:\MSI
2015-07-29 05:44:06 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll
2015-07-29 05:42:08 ----A---- C:\WINDOWS\system32\atiuxp64.dll
2015-07-29 05:42:02 ----A---- C:\WINDOWS\system32\atiu9p64.dll
2015-07-29 05:42:00 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll
2015-07-29 05:41:58 ----A---- C:\WINDOWS\system32\aticfx64.dll
2015-07-29 05:41:52 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll
2015-07-29 05:41:14 ----A---- C:\WINDOWS\system32\atidxx64.dll
2015-07-29 05:40:28 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll
2015-07-29 05:40:20 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll
2015-07-29 05:39:40 ----A---- C:\WINDOWS\system32\atiumd6a.dll
2015-07-29 05:39:06 ----A---- C:\WINDOWS\system32\atiumd64.dll
2015-07-29 05:08:40 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll
2015-07-29 04:26:10 ----A---- C:\WINDOWS\system32\atidemgy.dll
2015-07-29 04:22:18 ----A---- C:\WINDOWS\system32\atiadlxx.dll
2015-07-29 04:22:16 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll
2015-07-29 04:22:08 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll
2015-07-25 11:21:26 ----SD---- C:\WINDOWS\system32\GWX
2015-07-23 19:19:21 ----D---- C:\Users\Pepa7\AppData\Roaming\Origin
2015-07-23 02:05:24 ----D---- C:\Program Files (x86)\SpeedFan

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-08-04 670568]
R0 Wof;Windows Overlay File System Filter Driver; C:\WINDOWS\system32\drivers\Wof.sys [2014-03-13 157016]
R1 ndisrd;@oem18.inf,%ndisrd_Desc%;WinpkFilter LightWeight Filter; C:\WINDOWS\system32\DRIVERS\ndisrd.sys [2011-09-14 32360]
R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\WINDOWS\system32\DRIVERS\vwififlt.sys [2014-04-30 71680]
R2 iocbios2;iocbios2; \??\C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2014-06-18 28912]
R2 speedfan;speedfan; \??\C:\WINDOWS\SysWOW64\speedfan.sys [2012-12-29 28664]
R3 AcpiCtlDrv;AcpiCtlDrv; C:\WINDOWS\System32\drivers\AcpiCtlDrv.sys [2012-07-17 25880]
R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-07-29 21622784]
R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-07-29 665088]
R3 athur;@oem7.inf,%ATHR.Service.DispName%;Qualcomm Atheros AR9271 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athuw8x.sys [2013-06-02 2919936]
R3 AtiHDAudioService;@oem29.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWB6.sys [2015-07-15 102912]
R3 ICCWDT;@oem22.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT); C:\WINDOWS\System32\drivers\ICCWDT.sys [2013-08-13 27608]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2015-05-29 4892088]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-07-15 4012632]
R3 iwdbus;@oem9.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys [2015-03-20 30512]
R3 KYEGKB;@oem13.inf,%KYEGKB.SvcDesc%;IMPERATOR Gaming Keyboard; C:\WINDOWS\system32\drivers\KYEGKB.sys [2011-09-05 25600]
R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-06-18 25816]
R3 MEIx64;@oem15.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [2015-01-06 129312]
R3 NTIOLib_MSI_RAID;NTIOLib_MSI_RAID; \??\C:\MSI\Smart Utilities\NTIOLib_X64.sys [2014-03-17 13808]
R3 RTL8168;@oem16.inf,%rtl8168.Service.DispName%;Realtek 8168 NT Driver; C:\WINDOWS\system32\DRIVERS\Rt630x64.sys [2014-07-18 874712]
R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\WINDOWS\system32\DRIVERS\vwifimp.sys [2014-04-30 38912]
S0 amdkmafd;@oem1.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-09-23 21160]
S3 Hamachi;LogMeIn Hamachi Virtual Miniport); C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [2015-01-20 44296]
S3 intaud_WaveExtensible;@oem8.inf,%INTAUD_WEX.SvcDesc%;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys [2015-03-20 42288]
S3 IntcDAud;@oem10.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2015-05-29 460048]
S3 LGDDCDevice;LGDDCDevice; \??\C:\WINDOWS\system32\LGI2CDriver.sys []
S3 LGII2CDevice;LGII2CDevice; \??\C:\WINDOWS\system32\LGPII2CDriver.sys []
S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-06-18 64216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-07-29 246784]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-08-04 16232]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2015-05-29 344168]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2015-07-30 1741992]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\syswow64\PnkBstrA.exe [2014-12-26 76152]
R2 SuperRAIDSvc;SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [2014-08-13 29648]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-03 43696]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-02-18 171480]
S2 GamingApp_Service;GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2014-12-25 23504]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11 107848]
S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-06-03 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11 269000]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2014-10-29 38792]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2015-05-29 279144]
S3 EasyAntiCheat;EasyAntiCheat; C:\WINDOWS\syswow64\EasyAntiCheat.exe [2015-07-27 245544]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2015-03-20 344288]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-11 107848]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-05-13 887256]
S3 Origin Client Service;Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2015-08-05 2007048]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-08-12 838336]

-----------------EOF-----------------

Re: csrss.exe

Napsal: 17 srp 2015 15:11
od LosMajos_
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-08-2015
Ran by Pepa7 (administrator) on PEPA (17-08-2015 16:07:56)
Running from C:\Users\Pepa7\Desktop
Loaded Profiles: Pepa7 (Available Profiles: Pepa7)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Micro-Star International) C:\MSI\Smart Utilities\SuperRAIDSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Realtek Semiconductor) C:\Program Files (x86)\MSI\NetworkGenie\NetworkGenie.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Pepa7\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-08-04] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM-x32\...\Run: [Imperator] => C:\Program Files (x86)\Genius\Imperator\IMhid.exe [281600 2012-03-01] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2015-01-07] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [3458728 2015-07-30] (Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-28] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1765931364-2895769979-1631063868-1001\...\Run: [OscarEditor] => C:\Program Files (x86)\OSCAR Editor X7\OscarEditor.exe [3340288 2012-03-20] ()
HKU\S-1-5-21-1765931364-2895769979-1631063868-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8418584 2015-07-17] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Dual Smart Solution.lnk [2015-05-07]
ShortcutTarget: Dual Smart Solution.lnk -> C:\Program Files (x86)\LG Soft India Pvt Ltd\Dual Smart Solution\bin\Dual Smart Solution.exe (LG Electronics)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2014-12-19] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1765931364-2895769979-1631063868-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1765931364-2895769979-1631063868-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
Tcpip\Parameters: [DhcpNameServer] 213.194.204.126 85.132.148.70
Tcpip\..\Interfaces\{87D0EC6C-D6FB-4148-8303-F6792D713566}: [DhcpNameServer] 213.194.204.126 85.132.148.70

FireFox:
========
FF ProfilePath: C:\Users\Pepa7\AppData\Roaming\Mozilla\Firefox\Profiles\0QVy95eW.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-01-07] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-08-11] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-01-07] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1765931364-2895769979-1631063868-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pepa7\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)
FF Extension: No Name - C:\Users\Pepa7\AppData\Roaming\Mozilla\Firefox\Profiles\0QVy95eW.default\extensions\abs@avira.com [not found]

Chrome:
=======
CHR Profile: C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-16]
CHR Extension: (Google Docs) - C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-16]
CHR Extension: (Google Drive) - C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-11]
CHR Extension: (YouTube) - C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-11]
CHR Extension: (Blue Nebula - Full HD - Axlg) - C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpbfcgopniakghhkjcnnmpfdemapblij [2015-08-17]
CHR Extension: (Google Search) - C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-11]
CHR Extension: (Google Sheets) - C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-16]
CHR Extension: (Avira Browser Safety) - C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-08-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR Extension: (Gmail) - C:\Users\Pepa7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [245544 2015-07-27] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [344288 2015-03-20] (Futuremark)
S2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [23504 2014-12-25] (Micro-Star Int'l Co., Ltd.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-08-04] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-05-29] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [1741992 2015-07-30] (Micro-Star INT'L CO., LTD.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-05] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-12-26] ()
R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [29648 2014-08-13] (Micro-Star International)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-08-07] (Intel(R) Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 athur; C:\Windows\system32\DRIVERS\athuw8x.sys [2919936 2013-06-02] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-01-20] (LogMeIn Inc.)
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [28912 2014-06-18] (Intel Corporation)
R3 KYEGKB; C:\Windows\system32\drivers\KYEGKB.sys [25600 2011-09-05] ( )
S3 LGDDCDevice; C:\WINDOWS\SysWOW64\LGI2CDriver.sys [16384 2012-10-17] (LG Soft India) [File not signed]
S3 LGII2CDevice; C:\WINDOWS\SysWOW64\LGPII2CDriver.sys [10752 2012-11-23] (LG Soft India) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-17 16:07 - 2015-08-17 16:08 - 00015387 _____ C:\Users\Pepa7\Desktop\FRST.txt
2015-08-17 16:07 - 2015-08-17 16:08 - 00000000 ____D C:\FRST
2015-08-17 16:07 - 2015-08-17 16:07 - 00029696 _____ C:\Users\Pepa7\AppData\Local\MSGBOX.EXE
2015-08-17 16:07 - 2015-08-17 16:07 - 00015327 _____ C:\Users\Pepa7\Desktop\LM.bat
2015-08-17 16:06 - 2015-08-17 16:06 - 00112640 _____ (forum.viry.cz) C:\Users\Pepa7\Desktop\FRSTLauncher.exe
2015-08-17 16:04 - 2015-08-17 16:04 - 00112640 _____ (forum.viry.cz) C:\Users\Pepa7\Downloads\Nepotvrzeno 259224.crdownload
2015-08-17 16:03 - 2015-08-17 16:01 - 02173440 _____ (Farbar) C:\Users\Pepa7\Desktop\FRST64.exe
2015-08-17 16:01 - 2015-08-17 16:01 - 02173440 _____ (Farbar) C:\Users\Pepa7\Downloads\FRST64.exe
2015-08-17 00:23 - 2015-08-17 00:23 - 00001479 _____ C:\Users\Pepa7\Desktop\Explorer.lnk
2015-08-16 23:17 - 2015-08-16 23:09 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-08-16 23:10 - 2015-08-16 23:21 - 00013273 _____ C:\zoek-results.log
2015-08-16 23:09 - 2015-08-16 23:17 - 00000000 ____D C:\zoek_backup
2015-08-16 23:08 - 2015-08-16 23:08 - 01308672 _____ C:\Users\Pepa7\Downloads\zoek.exe
2015-08-16 22:26 - 2015-08-16 22:26 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Pepa7\Downloads\JRT.exe
2015-08-16 16:47 - 2015-08-16 16:47 - 00001054 _____ C:\AdwCleaner[C1].txt
2015-08-16 16:47 - 2015-08-16 16:47 - 00000889 _____ C:\AdwCleaner[S1].txt
2015-08-16 16:47 - 2015-08-16 16:47 - 00000000 ____D C:\AdwCleaner
2015-08-16 16:46 - 2015-08-16 16:46 - 01563648 _____ C:\Users\Pepa7\Downloads\adwcleaner_5.000.exe
2015-08-16 12:22 - 2015-08-17 15:58 - 00000000 ____D C:\Program Files\trend micro
2015-08-16 12:22 - 2015-08-16 12:22 - 00000000 ____D C:\rsit
2015-08-16 12:21 - 2015-08-16 12:22 - 01222144 _____ C:\Users\Pepa7\Downloads\RSITx64.exe
2015-08-15 19:13 - 2015-08-15 19:13 - 00000000 ____D C:\Users\Pepa7\AppData\Local\2K Games
2015-08-15 18:58 - 2015-08-15 18:58 - 00288630 _____ C:\Users\Pepa7\Downloads\fulldamage.rar
2015-08-15 18:55 - 2015-08-15 18:55 - 04042064 _____ C:\Users\Pepa7\Downloads\volnajizda_v2.rar
2015-08-15 18:54 - 2015-08-15 18:54 - 04041856 _____ C:\Users\Pepa7\Downloads\freeride_v2.1 (1).rar
2015-08-13 16:11 - 2015-08-13 16:11 - 00000000 ____D C:\ProgramData\ATI
2015-08-13 15:54 - 2015-08-13 15:54 - 00053443 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508131554547172.log
2015-08-13 15:54 - 2015-08-13 15:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-08-13 15:54 - 2015-08-13 15:54 - 00000000 ____D C:\Program Files (x86)\AMD
2015-08-13 15:45 - 2015-08-13 15:49 - 300943104 _____ (AMD Inc.) C:\Users\Pepa7\Downloads\amd-catalyst-15.7.1-with-dotnet45-win8.1-64bit.exe
2015-08-12 22:14 - 2015-08-12 22:14 - 00061612 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508122214302742.log
2015-08-12 22:07 - 2015-08-12 22:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-08-12 22:06 - 2015-08-17 15:16 - 00000000 ____D C:\Users\Pepa7\AppData\Roaming\Raptr
2015-08-12 21:58 - 2015-08-12 21:58 - 00058247 _____ C:\WINDOWS\SysWOW64\CCCInstall_201508122158222031.log
2015-08-12 19:42 - 2015-08-12 19:45 - 368047855 _____ C:\Users\Pepa7\Downloads\amd_14.4_v78.zip
2015-08-12 19:41 - 2015-08-12 19:42 - 00192816 _____ C:\Users\Pepa7\Downloads\raptr_installer.exe
2015-08-12 11:59 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:59 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:31 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-12 11:31 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-12 11:31 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-12 11:31 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-12 11:31 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-12 11:31 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-12 11:31 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-12 11:31 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-12 11:31 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-12 11:31 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-12 11:31 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-12 11:31 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-12 11:30 - 2015-07-16 23:14 - 25192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-12 11:30 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-12 11:30 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-12 11:30 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-12 11:30 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-12 11:30 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-12 11:30 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-12 11:30 - 2015-07-16 22:20 - 19870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-12 11:30 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-12 11:30 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-12 11:30 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-12 11:30 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-12 11:30 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-12 11:30 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-12 11:30 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-12 11:30 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-12 11:30 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-12 11:30 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-12 11:30 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-12 11:30 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-12 11:30 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-12 11:30 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-12 11:30 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-12 11:30 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-12 11:30 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-12 11:30 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-12 11:30 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-12 11:30 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-12 11:30 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-12 11:30 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-12 11:30 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-12 11:30 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-12 11:29 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-12 11:29 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-12 11:29 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-12 11:29 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-12 11:29 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-12 11:29 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-12 11:29 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-12 11:29 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-12 11:29 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-12 11:29 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-12 11:29 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-12 11:29 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-12 11:29 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-12 11:29 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-12 11:29 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-12 11:29 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-12 11:29 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-12 11:29 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-12 11:29 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-12 11:29 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-12 11:29 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-12 11:29 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-12 11:29 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-12 11:29 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-12 11:29 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-12 11:29 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-12 11:29 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-12 11:29 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-12 11:29 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-12 11:29 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-12 11:29 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-12 11:29 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-12 11:29 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-12 11:29 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-12 11:29 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 11:29 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-08-12 11:28 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-12 11:28 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-12 11:28 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-12 11:28 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-12 11:28 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-12 11:28 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-12 11:28 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-12 11:28 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-12 11:28 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-12 11:28 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-12 11:28 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-12 11:28 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-11 12:14 - 2015-08-12 00:25 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-11 12:14 - 2015-08-11 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-11 12:13 - 2015-08-17 15:23 - 00000970 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-11 12:13 - 2015-08-17 01:13 - 00000966 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-11 12:13 - 2015-08-11 12:18 - 00003942 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-11 12:10 - 2015-08-11 12:10 - 00880208 _____ (Google Inc.) C:\Users\Pepa7\Downloads\ChromeSetup.exe
2015-08-11 12:06 - 2015-08-11 12:06 - 00781312 _____ C:\Users\Pepa7\Downloads\delfix_1.010.exe
2015-08-10 22:51 - 2015-08-10 22:52 - 112960695 _____ C:\Users\Pepa7\Downloads\HAWAIIAN MUSIC ALOHA BREEZE NON STOP VER.mp4
2015-08-10 19:32 - 2015-08-10 19:32 - 00000000 ____D C:\Users\Pepa7\AppData\Roaming\Mozilla
2015-08-10 19:26 - 2015-08-10 19:26 - 04721376 _____ (Avira Operations GmbH & Co. KG) C:\Users\Pepa7\Downloads\avira_en_av_55c8de6220d15__ws (1).exe
2015-08-10 19:25 - 2015-08-10 19:25 - 04721376 _____ (Avira Operations GmbH & Co. KG) C:\Users\Pepa7\Downloads\avira_en_av_55c8de6220d15__ws.exe
2015-08-10 19:24 - 2015-08-10 19:26 - 207206296 _____ C:\Users\Pepa7\Downloads\avira_antivirus_en-us.exe
2015-08-09 19:32 - 2015-08-09 19:32 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Pepa7\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-08 17:52 - 2015-08-12 22:19 - 00000000 ____D C:\Users\Pepa7\Documents\Heroes of the Storm
2015-08-08 02:37 - 2015-08-08 02:37 - 00001205 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-08-08 02:37 - 2015-08-08 02:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm
2015-08-08 02:22 - 2015-08-08 17:52 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-08-06 11:01 - 2015-08-06 11:01 - 00002782 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-08-06 11:01 - 2015-08-06 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-06 11:01 - 2015-08-06 11:01 - 00000000 ____D C:\Program Files\CCleaner
2015-08-06 11:00 - 2015-08-06 11:00 - 06609608 _____ (Piriform Ltd) C:\Users\Pepa7\Downloads\ccsetup508.exe
2015-08-05 23:14 - 2015-08-05 23:14 - 00001858 _____ C:\Users\Pepa7\Desktop\Counter-Strike 1.6.lnk
2015-08-05 23:14 - 2015-08-05 23:14 - 00001824 _____ C:\Users\Pepa7\Desktop\CS 1.6 Servery.lnk
2015-08-05 23:08 - 2015-08-05 23:20 - 00000000 ____D C:\Users\Pepa7\Counter-Strike 1.6
2015-08-05 23:02 - 2015-08-05 23:07 - 465941512 _____ () C:\Users\Pepa7\Downloads\CS16_install.exe
2015-08-05 22:08 - 2015-08-05 22:08 - 04041856 _____ C:\Users\Pepa7\Downloads\freeride_v2.1.rar
2015-08-05 20:38 - 2015-08-05 20:38 - 00001961 _____ C:\Users\Pepa7\Desktop\Counter-Strike v1.6 - 21.lnk
2015-08-05 20:38 - 2015-08-05 20:38 - 00000000 ____D C:\Users\Pepa7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike
2015-08-05 20:36 - 2015-08-05 23:28 - 00000000 ____D C:\Program Files (x86)\Counter-Strike
2015-08-05 20:25 - 2015-08-05 20:25 - 05012928 _____ (Adobe Systems Inc.) C:\Users\Pepa7\Downloads\Shockwave_Installer_Slim.exe
2015-08-05 20:17 - 2015-08-05 20:36 - 338161484 _____ C:\Users\Pepa7\Downloads\Counter_Strike_1.6_v21_15miki15.exe
2015-08-05 13:57 - 2015-08-05 13:57 - 00000000 ____D C:\Users\Pepa7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-07-31 12:56 - 2015-07-31 12:56 - 00053443 _____ C:\WINDOWS\SysWOW64\CCCInstall_201507311256234843.log
2015-07-29 05:44 - 2015-07-29 05:44 - 00458472 _____ C:\WINDOWS\system32\amdmiracast.dll
2015-07-29 05:44 - 2015-07-29 05:44 - 00107784 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2015-07-29 05:43 - 2015-07-29 05:43 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2015-07-29 05:43 - 2015-07-29 05:43 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2015-07-29 05:43 - 2015-07-29 05:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2015-07-29 05:42 - 2015-07-29 05:42 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2015-07-29 05:40 - 2015-07-29 05:40 - 10094152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2015-07-29 05:26 - 2015-07-29 05:26 - 00297672 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2015-07-29 05:15 - 2015-07-29 05:15 - 21622784 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2015-07-29 05:09 - 2015-07-29 05:09 - 47785472 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2015-07-29 05:09 - 2015-07-29 05:09 - 00235008 _____ C:\WINDOWS\system32\clinfo.exe
2015-07-29 05:07 - 2015-07-29 05:07 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2015-07-29 05:07 - 2015-07-29 05:07 - 00059392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2015-07-29 05:06 - 2015-07-29 05:06 - 27535872 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2015-07-29 05:05 - 2015-07-29 05:05 - 22318592 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2015-07-29 04:41 - 2015-07-29 04:41 - 06477312 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2015-07-29 04:41 - 2015-07-29 04:41 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2015-07-29 04:41 - 2015-07-29 04:41 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2015-07-29 04:36 - 2015-07-29 04:36 - 05068288 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 30752256 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2015-07-29 04:34 - 2015-07-29 04:34 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2015-07-29 04:33 - 2015-07-29 04:33 - 00093696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2015-07-29 04:33 - 2015-07-29 04:33 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2015-07-29 04:32 - 2015-07-29 04:32 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2015-07-29 04:30 - 2015-07-29 04:30 - 15716864 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00660928 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2015-07-29 04:30 - 2015-07-29 04:30 - 00660928 _____ C:\WINDOWS\system32\atiapfxx.blb
2015-07-29 04:30 - 2015-07-29 04:30 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2015-07-29 04:30 - 2015-07-29 04:30 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2015-07-29 04:30 - 2015-07-29 04:30 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2015-07-29 04:29 - 2015-07-29 04:29 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2015-07-29 04:28 - 2015-07-29 04:28 - 25299968 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2015-07-29 04:28 - 2015-07-29 04:28 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2015-07-29 04:26 - 2015-07-29 04:26 - 00672768 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2015-07-29 04:26 - 2015-07-29 04:26 - 00204800 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2015-07-29 04:26 - 2015-07-29 04:26 - 00189952 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2015-07-29 04:26 - 2015-07-29 04:26 - 00160256 _____ C:\WINDOWS\system32\atieah64.exe
2015-07-29 04:26 - 2015-07-29 04:26 - 00143872 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2015-07-29 04:26 - 2015-07-29 04:26 - 00029696 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2015-07-29 04:25 - 2015-07-29 04:25 - 00246784 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2015-07-29 04:25 - 2015-07-29 04:25 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2015-07-29 04:24 - 2015-07-29 04:24 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2015-07-29 04:24 - 2015-07-29 04:24 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2015-07-29 04:23 - 2015-07-29 04:23 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00665088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2015-07-29 04:22 - 2015-07-29 04:22 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2015-07-29 04:22 - 2015-07-29 04:22 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2015-07-29 04:19 - 2015-07-29 04:19 - 00102912 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2015-07-29 04:19 - 2015-07-29 04:19 - 00102400 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2015-07-29 04:17 - 2015-07-29 04:17 - 00865792 _____ (AMD) C:\WINDOWS\system32\coinst_15.20.dll
2015-07-27 19:17 - 2015-07-27 18:07 - 00245544 _____ (EasyAntiCheat Ltd) C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
2015-07-25 12:57 - 2015-07-25 12:57 - 00000222 _____ C:\Users\Pepa7\Desktop\Trove.url
2015-07-22 18:50 - 2015-07-22 18:50 - 00000000 ____D C:\Users\Pepa7\AppData\Roaming\Trove
2015-07-22 12:53 - 2015-07-22 12:53 - 00000000 ____D C:\Users\Pepa7\AppData\Local\CEF
2015-07-18 17:43 - 2015-07-18 17:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Undelete360
2015-07-18 17:43 - 2015-07-18 17:43 - 00000000 ____D C:\Program Files (x86)\File Recovery
2015-07-18 17:36 - 2015-07-18 17:36 - 00000000 ____D C:\Users\Pepa7\licman
2015-07-18 17:36 - 2015-07-18 17:36 - 00000000 ____D C:\Users\Pepa7\ERHome

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-17 16:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-08-17 15:32 - 2015-07-02 11:56 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-08-17 15:28 - 2014-12-24 23:47 - 02012987 _____ C:\WINDOWS\WindowsUpdate.log
2015-08-17 15:15 - 2013-08-22 16:46 - 00081542 _____ C:\WINDOWS\setupact.log
2015-08-17 01:16 - 2014-03-18 17:33 - 01749406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-17 01:16 - 2014-03-18 16:54 - 00739720 _____ C:\WINDOWS\system32\perfh005.dat
2015-08-17 01:16 - 2014-03-18 16:54 - 00151940 _____ C:\WINDOWS\system32\perfc005.dat
2015-08-17 01:13 - 2014-12-25 00:39 - 00000000 ___DO C:\Users\Pepa7\OneDrive
2015-08-17 01:12 - 2014-12-27 17:47 - 00000296 _____ C:\WINDOWS\Tasks\RtlNetworkGenieVistaStart.job
2015-08-17 01:12 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-08-17 01:11 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-17 01:10 - 2014-12-26 00:32 - 00007598 _____ C:\Users\Pepa7\AppData\Local\Resmon.ResmonCfg
2015-08-17 00:22 - 2015-05-08 23:05 - 00000000 ____D C:\Users\Pepa7\Desktop\PC testy
2015-08-17 00:22 - 2014-12-27 12:29 - 00000000 ____D C:\Users\Pepa7\Desktop\Složky
2015-08-16 23:20 - 2014-03-18 09:20 - 01267484 _____ C:\WINDOWS\PFRO.log
2015-08-16 22:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\System
2015-08-16 22:27 - 2015-05-23 23:32 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-08-16 22:03 - 2015-03-29 11:11 - 00000000 ____D C:\Users\Pepa7\AppData\Roaming\Skype
2015-08-16 01:36 - 2014-12-25 01:02 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-15 19:12 - 2014-12-25 11:31 - 00312931 _____ C:\WINDOWS\DirectX.log
2015-08-15 17:06 - 2015-03-21 18:39 - 00000000 ____D C:\Users\Pepa7\AppData\Roaming\.minecraft
2015-08-13 16:41 - 2015-05-25 16:26 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1765931364-2895769979-1631063868-1001
2015-08-13 15:51 - 2014-12-24 23:55 - 00000000 ____D C:\Program Files\AMD
2015-08-13 15:49 - 2014-12-27 18:09 - 00000000 ____D C:\AMD
2015-08-13 13:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-08-12 22:22 - 2015-01-13 19:11 - 00000000 ____D C:\Users\Pepa7\AppData\Local\Battle.net
2015-08-12 22:22 - 2015-01-13 19:11 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-12 22:07 - 2014-12-27 17:56 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-12 20:12 - 2015-01-26 15:02 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-12 20:12 - 2015-01-25 22:01 - 00000000 ____D C:\ProgramData\Adobe
2015-08-12 19:39 - 2015-02-12 16:57 - 00001975 _____ C:\Users\Public\Desktop\MSI Live Update 6.lnk
2015-08-12 19:39 - 2014-12-25 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2015-08-12 13:38 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-12 12:45 - 2013-08-22 16:44 - 00486120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-12 12:44 - 2015-03-29 11:11 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 12:44 - 2015-03-29 11:11 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 12:42 - 2014-12-25 21:59 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-12 12:42 - 2014-12-25 21:59 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-12 12:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 12:42 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 12:42 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 12:42 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 11:59 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-12 11:58 - 2015-03-29 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 11:57 - 2014-12-25 21:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-12 11:52 - 2014-12-25 21:49 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-12 11:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 11:51 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 02:00 - 2015-01-25 21:52 - 00000000 ____D C:\Users\Pepa7\AppData\Local\Adobe
2015-08-11 21:32 - 2015-07-02 11:56 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-08-11 12:18 - 2015-07-02 20:08 - 00003706 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-11 12:14 - 2014-12-25 00:21 - 00000000 ____D C:\Users\Pepa7\AppData\Local\Google
2015-08-11 12:14 - 2014-12-25 00:21 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-11 12:08 - 2015-05-24 12:54 - 00001162 _____ C:\DelFix.txt
2015-08-10 23:52 - 2014-12-24 23:47 - 00000000 ____D C:\Users\Pepa7
2015-08-10 18:03 - 2015-05-24 11:35 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-08-09 19:32 - 2015-05-23 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-09 19:32 - 2015-05-23 23:31 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-08 17:52 - 2015-01-13 19:11 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-08-08 17:22 - 2015-05-24 18:47 - 00000000 ____D C:\Users\Pepa7\AppData\Local\CrashDumps
2015-08-08 16:10 - 2015-01-17 17:29 - 00000000 ____D C:\Users\Pepa7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-08 15:55 - 2013-08-22 17:38 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2013-08-22 17:38 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 02:36 - 2015-01-13 19:16 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-06 13:12 - 2014-12-24 22:56 - 00000000 ____D C:\Users\Pepa7\AppData\Local\Packages
2015-08-05 18:12 - 2014-12-25 22:12 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-08-05 13:57 - 2015-06-29 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-08-05 12:59 - 2015-06-07 14:11 - 00000000 ____D C:\Users\Pepa7\AppData\Local\RabanSoft
2015-08-05 12:32 - 2014-12-25 16:12 - 00000000 ____D C:\ProgramData\Origin
2015-08-05 12:12 - 2014-12-25 22:15 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2015-08-05 12:12 - 2014-12-25 21:22 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-08-05 12:11 - 2014-12-25 21:22 - 00280904 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-08-05 12:02 - 2014-12-25 16:12 - 00000000 ____D C:\Program Files (x86)\Origin
2015-08-01 22:13 - 2015-02-24 23:05 - 00000000 ____D C:\Users\Pepa7\Documents\Bandicam
2015-08-01 18:50 - 2014-12-25 12:10 - 00000000 ____D C:\MSI
2015-08-01 14:57 - 2015-01-19 18:12 - 00000000 ____D C:\Users\Pepa7\Documents\TmForever
2015-07-29 05:44 - 2014-11-21 04:09 - 00100568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2015-07-29 05:42 - 2015-06-23 04:08 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2015-07-29 05:42 - 2014-12-27 17:52 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2015-07-29 05:42 - 2013-12-07 00:04 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2015-07-29 05:41 - 2013-12-07 00:01 - 01445224 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2015-07-29 05:41 - 2013-12-07 00:01 - 01193904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2015-07-29 05:41 - 2013-12-07 00:00 - 11948704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2015-07-29 05:40 - 2015-06-23 04:08 - 07408936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2015-07-29 05:40 - 2014-11-21 04:43 - 07929616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2015-07-29 05:39 - 2014-12-27 17:52 - 08893160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2015-07-29 05:39 - 2014-12-27 17:52 - 08779872 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2015-07-29 05:08 - 2014-11-21 04:32 - 39714816 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2015-07-29 04:26 - 2014-12-27 17:52 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2015-07-29 04:22 - 2014-12-27 17:52 - 01247744 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2015-07-29 04:22 - 2014-11-21 04:09 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2015-07-29 04:22 - 2014-11-21 04:08 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2015-07-25 11:21 - 2015-03-29 11:12 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-07-23 19:19 - 2014-12-25 16:16 - 00000000 ____D C:\Users\Pepa7\AppData\Roaming\Origin
2015-07-23 02:05 - 2015-03-03 22:53 - 00000000 ____D C:\Program Files (x86)\SpeedFan

==================== Files in the root of some directories =======

2015-03-21 18:39 - 2015-03-21 18:39 - 0001068 _____ () C:\Users\Pepa7\AppData\Roaming\.minecraft – zástupce (2).lnk
2015-03-21 18:39 - 2015-03-21 18:39 - 0001068 _____ () C:\Users\Pepa7\AppData\Roaming\.minecraft – zástupce.lnk
2015-03-09 20:08 - 2015-03-10 16:43 - 0000098 _____ () C:\Users\Pepa7\AppData\Roaming\LauncherSettings_live.cfg
2015-03-09 22:50 - 2015-03-09 22:56 - 0000040 _____ () C:\Users\Pepa7\AppData\Roaming\TheHunterSettings_live.cfg
2015-08-17 16:07 - 2015-08-17 16:07 - 0029696 _____ () C:\Users\Pepa7\AppData\Local\MSGBOX.EXE
2014-12-26 00:32 - 2015-08-17 01:10 - 0007598 _____ () C:\Users\Pepa7\AppData\Local\Resmon.ResmonCfg
2014-12-27 17:46 - 2014-12-27 17:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-08-09 02:36

==================== End of log ============================

Re: csrss.exe

Napsal: 17 srp 2015 15:12
od LosMajos_
Tady je příloha :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 2

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz