Virus .scr ( steam )

R0bin · Příspěvekod **R0bin** » 14 kvě 2015 18:40

To musím spustit celý Windows v nouzovém režimu , nebo jde jenom ten program spustit v nouzovém režimu? :oops:

Reklama

Příspěvekod **jerabina** » 14 kvě 2015 18:41

Musíš celý Windows, jinak to nejde. Při startu počítače mačkej F8(na klávesnici) a v nabídce vyber Nouzový režim

R0bin · Příspěvekod **R0bin** » 14 kvě 2015 18:46

Ať mačkám sebevíc , nic se neděje .. (cca 5x jsem to zkoušel)

nějaký jiný postup jak se tam dostat není? :)

Příspěvekod **jerabina** » 14 kvě 2015 19:01

Použij tento postup, jak se dostat do Nouzového režimu: https://support.microsoft.com/en-us/kb/2809468/cs

R0bin · Příspěvekod **R0bin** » 15 kvě 2015 07:35

Tak Windows , jsem už spustil v nouzovém režimu , ale aplikace antikey mi napíše , že v nouzovém režimu spustit nejde :roll:

Příspěvekod **jaro3** » 16 kvě 2015 09:24

Vypni rez. ochranu u antiviru a antispywaru,příp. firewall..

Stáhni si ComboFix (by sUBs)
a ulož si ho na plochu.
Ukonči všechna aktivní okna a spusť ho.
- Po spuštění se zobrazí podmínky užití, potvrď je stiskem tlačítka Ano
- Dále postupuj dle pokynů, během aplikování ComboFixu neklikej do zobrazujícího se okna
- Po dokončení skenování by měl program vytvořit log - C:\ComboFix.txt - zkopíruj sem prosím celý jeho obsah
Pokud budou problémy , spusť ho v nouz. režimu.

Upozornění : Může se stát, že po aplikaci Combofixu a restartu počítače, Windows nenaběhnou , nebo nenajede plocha , budou problémy s připojením, pak znovu restartuj počítač, pokud to nepomůže , po restartu mačkej klávesu F8 a pak zvol poslední známou funkční konfiguraci. , či použij bod obnovy.

R0bin · Příspěvekod **R0bin** » 16 kvě 2015 20:54

Píše mi to , že ten program nepodporuje Win 8.1 , pouze 8.

Příspěvekod **Orcus** » 17 kvě 2015 08:43

ComboFix se odinstaluje takto:
Start-Spustit a zadej ComboFix /Uninstall

====================================================

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

R0bin · Příspěvekod **R0bin** » 17 kvě 2015 12:32

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by PC (administrator) on PC on 17-05-2015 12:29:52
Running from C:\Users\Robin\Desktop
Loaded Profiles: PC (Available profiles: PC)
Platform: Windows 8.1 Enterprise (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2014-07-15] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-12] (Avast Software s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\MountPoints2: {948ecf5c-cce4-11e4-824b-806e6f6e6963} - "F:\autorun.exe"
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\MountPoints2: {aec8b971-cce4-11e4-824c-d8cb8a196d95} - "H:\setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk [2015-03-18]
ShortcutTarget: GamePark klient 2.lnk -> E:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-12] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3924451612-1508638027-1716174210-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-12] (Avast Software s.r.o.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-05-14] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-12] (Avast Software s.r.o.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-05-14] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.88.1

FireFox:
========
FF ProfilePath: C:\Users\Robin\AppData\Roaming\Mozilla\Firefox\Profiles\zkrsfq1k.default
FF Homepage: https://www.seznam.cz/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-05-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-05-14] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-17]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-05-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-12]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-12] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-12] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-12] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2015-03-22] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2015-04-06] ()
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [965776 2014-10-26] (@ByELDI) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-12] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-12] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-12] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-12] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-12] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-12] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-12] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-12] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-12] ()
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-03-18] (Disc Soft Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-04-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-12] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 12:29 - 2015-05-17 12:30 - 00014209 _____ () C:\Users\Robin\Desktop\FRST.txt
2015-05-17 12:29 - 2015-05-17 12:29 - 00000000 ____D () C:\FRST
2015-05-17 12:28 - 2015-05-17 12:29 - 02107392 _____ (Farbar) C:\Users\Robin\Desktop\FRST64.exe
2015-05-16 20:49 - 2015-05-16 20:49 - 05623645 _____ (Swearware) C:\Users\Robin\Desktop\ComboFix.exe
2015-05-16 13:32 - 2015-05-16 13:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-16 12:41 - 2015-05-16 12:41 - 00000000 ____D () C:\Users\Robin\AppData\Local\CrashDumps
2015-05-16 12:39 - 2015-04-29 16:29 - 15705880 _____ (Codemasters Software Company Limited) C:\Users\Robin\Desktop\Dirt Rally.exe
2015-05-15 22:12 - 2015-05-15 22:12 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Steam
2015-05-15 22:12 - 2015-05-15 22:12 - 00000000 ____D () C:\ProgramData\Codemasters
2015-05-15 22:00 - 2015-05-15 22:00 - 05384631 _____ () C:\Users\Robin\Downloads\Core.i3.4160.7z
2015-05-15 22:00 - 2015-05-15 22:00 - 01580428 _____ () C:\Users\Robin\Downloads\DiRT.Rally.Patch.V03.1.rar
2015-05-15 21:33 - 2015-05-15 21:37 - 00000000 ____D () C:\Users\Robin\Documents\Project CARS
2015-05-15 21:33 - 2015-05-15 21:33 - 00000000 ____D () C:\Users\Robin\Documents\wmd_symbol_cache
2015-05-15 19:08 - 2015-05-15 19:08 - 00001960 _____ () C:\Users\Public\Desktop\Metin2.lnk
2015-05-15 19:08 - 2015-05-15 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metin2
2015-05-15 18:51 - 2015-05-15 19:09 - 00000000 ____D () C:\Users\Robin\Downloads\Gameforge Live
2015-05-15 18:51 - 2015-05-15 19:06 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2015-05-15 18:51 - 2015-05-15 18:51 - 00001086 _____ () C:\Users\Public\Desktop\Gameforge Live.lnk
2015-05-15 18:51 - 2015-05-15 18:51 - 00000000 ____D () C:\Users\Robin\AppData\Local\Gameforge4d
2015-05-15 18:51 - 2015-05-15 18:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-05-15 18:50 - 2015-05-15 18:50 - 20254336 _____ (Gameforge ) C:\Users\Robin\Downloads\Metin2_GameforgeLiveSetup.exe
2015-05-15 16:28 - 2015-05-15 16:28 - 00000000 ___SH () C:\Users\Robin\AppData\Local\LumaEmu
2015-05-15 16:28 - 2015-05-15 16:28 - 00000000 ____D () C:\ProgramData\LumaEmu_SteamCloud
2015-05-15 12:34 - 2015-05-15 12:35 - 00018473 _____ () C:\Windows\DirectX.log
2015-05-15 12:22 - 2015-05-15 21:32 - 00000557 _____ () C:\Users\Public\Desktop\Project CARS.lnk
2015-05-15 12:22 - 2015-05-15 21:32 - 00000557 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project CARS.lnk
2015-05-14 19:09 - 2015-05-15 21:54 - 00000000 ____D () C:\Users\Robin\Downloads\12354-dir ral
2015-05-14 19:05 - 2015-05-15 12:06 - 00000000 ____D () C:\Users\Robin\Downloads\Project CARS-RELOADED
2015-05-14 18:35 - 2015-05-17 12:28 - 00005882 _____ () C:\Windows\setupact.log
2015-05-14 18:35 - 2015-05-14 18:35 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-14 17:55 - 2015-05-16 14:45 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3924451612-1508638027-1716174210-1001
2015-05-14 17:38 - 2015-05-14 17:38 - 00000000 ____D () C:\Users\Robin\Desktop\antikey
2015-05-14 17:16 - 2015-05-14 17:16 - 00001222 _____ () C:\DelFix.txt
2015-05-14 17:11 - 2015-05-14 17:11 - 06065388 _____ () C:\Users\Robin\Downloads\antikey.zip
2015-05-13 21:10 - 2015-05-13 21:10 - 00000000 ____D () C:\Users\Robin\AppData\Local\VirtualStore
2015-05-13 21:10 - 2015-05-13 21:01 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-13 17:17 - 2015-05-13 20:55 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-05-13 17:17 - 2015-05-13 17:23 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-05-13 17:15 - 2015-05-13 17:15 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PC-Windows-8.1-Enterprise-(64-bit).dat
2015-05-13 13:35 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:35 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:24 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 13:24 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 13:24 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 13:24 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 13:24 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 13:24 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-13 13:24 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-13 13:24 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-05-13 13:24 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-05-13 13:24 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-05-13 13:24 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-05-13 13:24 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-05-13 13:24 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-05-13 13:24 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-05-13 13:24 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-05-13 13:24 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-05-13 13:24 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-05-13 13:24 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 13:24 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-05-13 13:23 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 13:23 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 13:23 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 13:23 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 13:23 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 13:23 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 13:23 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 13:23 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-13 13:23 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 13:23 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 13:23 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 13:23 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 13:23 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 13:23 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 13:23 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 13:23 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 13:23 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-13 13:23 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 13:23 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 13:23 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 13:23 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 13:23 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 13:23 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-13 13:23 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 13:23 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 13:23 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 13:23 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-13 13:23 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 13:23 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 13:23 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 13:23 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 13:23 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 13:23 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 13:23 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 13:23 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 13:23 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 13:23 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 13:23 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 13:23 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 13:23 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 13:23 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 13:23 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 13:23 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-05-13 13:23 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 13:23 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 13:23 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 13:23 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 13:23 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 13:23 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-05-13 13:23 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-05-13 13:23 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-05-13 13:23 - 2015-03-13 02:29 - 00410017 _____ () C:\Windows\system32\ApnDatabase.xml
2015-05-13 13:23 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 13:23 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 13:23 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 13:23 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-05-13 13:23 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 13:23 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 13:23 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-05-12 22:33 - 2015-05-12 22:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-12 21:42 - 2015-05-12 21:42 - 00000000 ____D () C:\Windows\system32\appmgmt
2015-05-12 21:40 - 2015-05-17 09:20 - 01431486 _____ () C:\Windows\WindowsUpdate.log
2015-05-12 21:25 - 2015-05-12 21:25 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-05-12 21:25 - 2015-05-12 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-12 21:25 - 2015-05-12 21:25 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-12 21:24 - 2015-05-12 21:24 - 06484352 _____ (Piriform Ltd) C:\Users\Robin\Downloads\ccsetup505.exe
2015-05-12 18:07 - 2015-05-12 18:07 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-05-12 18:07 - 2015-05-12 18:07 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-12 18:07 - 2015-05-12 18:07 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-12 18:07 - 2015-05-12 18:07 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-05-08 15:04 - 2015-05-08 15:04 - 01674929 _____ (TeamExtreme) C:\Users\Robin\Desktop\Minecraft-Launcher-1.8.exe
2015-05-08 15:04 - 2015-05-08 15:04 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\java
2015-05-08 15:01 - 2015-05-15 19:53 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\.minecraft
2015-05-08 15:01 - 2015-05-08 15:01 - 01329671 _____ () C:\Users\Robin\Desktop\minecraft.exe
2015-05-08 14:36 - 2015-05-08 14:36 - 00000000 ____D () C:\Users\Robin\AppData\Local\2K Games
2015-05-07 21:52 - 2015-05-07 21:52 - 00012288 ___SH () C:\Users\Robin\Desktop\Thumbs.db
2015-05-03 12:55 - 2015-05-03 12:55 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-05-01 13:49 - 2015-05-03 12:30 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Apple Computer
2015-05-01 13:49 - 2015-05-01 13:49 - 00002535 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-05-01 13:49 - 2015-05-01 13:49 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2015-05-01 13:49 - 2015-05-01 13:49 - 00000000 ____D () C:\Users\Robin\AppData\Local\Apple Computer
2015-05-01 13:49 - 2015-05-01 13:49 - 00000000 ____D () C:\Users\Robin\AppData\Local\Apple
2015-05-01 13:49 - 2015-05-01 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-01 13:49 - 2015-05-01 13:49 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-01 13:49 - 2015-05-01 13:49 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-01 13:49 - 2015-05-01 13:49 - 00000000 ____D () C:\Program Files\iTunes
2015-05-01 13:49 - 2015-05-01 13:49 - 00000000 ____D () C:\Program Files\iPod
2015-05-01 13:49 - 2015-05-01 13:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-01 13:49 - 2015-05-01 13:49 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2015-05-01 13:49 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-05-01 13:48 - 2015-05-01 13:49 - 00000000 ____D () C:\ProgramData\Apple
2015-05-01 13:48 - 2015-05-01 13:49 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-01 13:48 - 2015-05-01 13:48 - 00000000 ____D () C:\Program Files\Bonjour
2015-05-01 13:48 - 2015-05-01 13:48 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2015-04-28 14:03 - 2015-04-28 14:04 - 00000197 _____ () C:\Windows\system32\2015-04-28-12-03-52.060-AvastVBoxSVC.exe-2796.log
2015-04-27 15:19 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-04-27 15:19 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-04-26 15:50 - 2015-04-26 15:50 - 00000247 _____ () C:\Windows\system32\2015-04-26-13-50-18.048-aswFe.exe-3056.log
2015-04-26 15:48 - 2015-04-26 15:50 - 00000247 _____ () C:\Windows\system32\2015-04-26-13-48-06.081-aswFe.exe-3356.log
2015-04-26 15:48 - 2015-04-26 15:48 - 00000197 _____ () C:\Windows\system32\2015-04-26-13-48-05.056-AvastVBoxSVC.exe-5184.log
2015-04-26 15:44 - 2015-04-26 15:44 - 00000197 _____ () C:\Windows\system32\2015-04-26-13-44-38.011-AvastVBoxSVC.exe-2740.log
2015-04-25 22:53 - 2015-04-25 22:53 - 00000034 _____ () C:\Users\Robin\Documents\Untitled.avi.sfl
2015-04-25 22:34 - 2015-04-25 22:53 - 555699200 _____ () C:\Users\Robin\Documents\Untitled.avi
2015-04-25 22:33 - 2015-04-25 22:40 - 00473144 _____ () C:\Users\Robin\Documents\J1.mxf.sfk
2015-04-25 21:43 - 2015-04-25 21:43 - 00000000 ____D () C:\Users\Robin\Documents\Nová složka
2015-04-25 21:17 - 2015-04-25 21:17 - 00000000 ____D () C:\ProgramData\Sony
2015-04-25 21:10 - 2015-04-25 21:15 - 00000000 ____D () C:\Users\Robin\AppData\Local\Sony
2015-04-25 21:10 - 2015-04-25 21:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-04-25 21:09 - 2015-04-25 21:09 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-04-25 21:09 - 2015-04-25 21:09 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-04-25 21:09 - 2015-04-25 21:09 - 00000000 ____D () C:\Program Files\MSBuild
2015-04-25 21:09 - 2015-04-25 21:09 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-04-25 21:08 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2015-04-25 21:08 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll
2015-04-25 20:58 - 2015-04-25 21:53 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Sony
2015-04-19 11:49 - 2015-04-19 11:49 - 00000000 ____D () C:\Users\Robin\Documents\Adobe
2015-04-19 11:47 - 2015-04-19 11:47 - 00001565 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-04-18 17:48 - 2015-04-18 17:48 - 00000197 _____ () C:\Windows\system32\2015-04-18-15-48-17.088-AvastVBoxSVC.exe-3868.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-17 12:29 - 2015-03-20 16:51 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Skype
2015-05-17 12:28 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-17 09:48 - 2015-03-17 22:38 - 01745984 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-17 09:48 - 2013-10-11 18:44 - 00738682 _____ () C:\Windows\system32\perfh005.dat
2015-05-17 09:48 - 2013-10-11 18:44 - 00151404 _____ () C:\Windows\system32\perfc005.dat
2015-05-17 09:47 - 2015-03-18 20:18 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-17 09:04 - 2015-03-18 20:14 - 00000000 ____D () C:\Users\Robin\AppData\Local\Adobe
2015-05-16 20:52 - 2015-03-17 22:41 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-16 20:52 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-16 20:50 - 2015-03-18 19:23 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-16 19:22 - 2015-03-17 23:05 - 00087040 ___SH () C:\Users\Robin\Downloads\Thumbs.db
2015-05-16 19:02 - 2015-03-17 22:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-15 22:12 - 2015-04-06 11:12 - 00000000 ____D () C:\Users\Robin\Documents\My Games
2015-05-15 13:40 - 2015-03-17 22:33 - 00000000 ____D () C:\Users\Robin
2015-05-15 12:21 - 2015-03-18 19:53 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\DAEMON Tools Lite
2015-05-15 08:12 - 2015-04-13 20:39 - 00000000 ____D () C:\Users\Robin\Desktop\Ostatní
2015-05-15 07:30 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-14 20:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-05-14 18:57 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-14 17:50 - 2015-03-18 20:11 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-05-14 17:50 - 2015-03-18 20:11 - 00000000 ____D () C:\ProgramData\Oracle
2015-05-14 17:50 - 2015-03-18 20:11 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-13 19:35 - 2015-04-06 16:45 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\TS3Client
2015-05-13 17:12 - 2013-08-22 16:44 - 05177336 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 17:11 - 2013-08-22 17:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2015-05-13 17:11 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 13:35 - 2015-03-18 21:44 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 13:35 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-13 13:33 - 2015-03-18 21:44 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 13:33 - 2013-08-22 21:12 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 22:44 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Resources
2015-05-12 21:45 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-05-12 21:27 - 2015-03-18 07:31 - 00000000 ____D () C:\Windows\Panther
2015-05-12 18:09 - 2015-03-17 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-12 18:07 - 2015-03-17 22:38 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-12 18:07 - 2015-03-17 22:38 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-12 18:07 - 2015-03-17 22:38 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-12 18:07 - 2015-03-17 22:38 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-12 18:07 - 2015-03-17 22:38 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-12 18:07 - 2015-03-17 22:38 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-12 18:07 - 2015-03-17 22:38 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-12 18:07 - 2015-03-17 22:38 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-12 18:07 - 2015-03-17 22:38 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-10 18:34 - 2015-04-14 15:20 - 00000080 _____ () C:\Users\Robin\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-05-06 17:54 - 2015-03-18 19:27 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-05 19:59 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-01 18:51 - 2015-03-18 21:27 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-01 18:51 - 2015-03-18 21:27 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-01 18:50 - 2015-03-18 21:27 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-01 18:50 - 2015-03-18 21:27 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-04-30 15:15 - 2015-03-20 16:51 - 00000000 ____D () C:\ProgramData\Skype
2015-04-25 22:41 - 2015-03-18 20:16 - 00000000 ____D () C:\Program Files\Adobe
2015-04-25 22:41 - 2015-03-18 20:15 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-04-25 22:41 - 2015-03-17 22:33 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Adobe
2015-04-25 21:09 - 2015-03-18 19:57 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-04-25 21:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-04-25 21:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\MUI
2015-04-19 11:50 - 2015-03-18 20:16 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2015-04-17 19:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-17 14:44 - 2015-04-14 15:25 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-04-17 14:44 - 2015-04-14 15:24 - 00000000 ____D () C:\Program Files\Rockstar Games

==================== Files in the root of some directories =======

2015-05-15 16:28 - 2015-05-15 16:28 - 0000000 ___SH () C:\Users\Robin\AppData\Local\LumaEmu

Some content of TEMP:
====================
C:\Users\Robin\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Robin\AppData\Local\Temp\proxy_vole8011994905930440975.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-09 19:09

==================== End Of Log ============================

R0bin · Příspěvekod **R0bin** » 17 kvě 2015 12:32

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by PC at 2015-05-17 12:30:08
Running from C:\Users\Robin\Desktop
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3924451612-1508638027-1716174210-500 - Administrator - Disabled)
Guest (S-1-5-21-3924451612-1508638027-1716174210-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3924451612-1508638027-1716174210-1003 - Limited - Enabled)
PC (S-1-5-21-3924451612-1508638027-1716174210-1001 - Administrator - Enabled) => C:\Users\Robin

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.4.3.22 (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
GamePark klient 2.0.9.0 (HKLM\...\{52E5D8A7-B129-4A29-AD4B-EBB749DCC3A3}_is1) (Version: 2.0.9.0 - GamePark)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version: - Size Five Games)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 cs)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
NVIDIA Virtuální audio Miracast 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
Ovládací panel NVIDIA 350.12 (Version: 350.12 - NVIDIA Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Project CARS Update v1.2 (HKLM-x32\...\UHJvamVjdENBUlM=_is1) (Version: 1 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Rust Legacy Klient 1.8.5 (HKLM-x32\...\Rust Legacy Klient 1.8.5) (Version: 1.8.5 - Rusted.cz)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Vegas Pro 11.0 (64-bit) (HKLM\...\{314DDDC0-E935-11E0-8F9F-F04DA23A5C58}) (Version: 11.0.371 - Sony)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

15-05-2015 12:34:47 Nainstalováno rozhraní DirectX

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-05-13 21:03 - 00000753 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {6DAD7281-A409-4DE9-9EC1-874D9619BB89} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {B74DE61C-E93A-4A66-9CEF-711FA0DF457E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-10-26] (@ByELDI)
Task: {C80BE8EC-2AA7-4C9D-BB22-49C5F1A0C1AE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {C838C958-605B-49A0-946F-D4E65E19B93C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F2204B9E-44C7-4886-B03B-D94537BE6CE3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-12] (Avast Software s.r.o.)
Task: {F3CE2AF2-D7DC-40A6-B283-0E45F26D007C} - System32\Tasks\AdobeAAMUpdater-1.0-Pc-PC => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {FF0A7576-1F75-4B2F-89D0-B00D13D04C7E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-22 12:40 - 2015-03-22 12:40 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-03-22 12:45 - 2015-04-06 19:16 - 00214520 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-03-17 22:41 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-08 21:53 - 2015-04-08 21:53 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-05-12 18:07 - 2015-05-12 18:07 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-12 18:07 - 2015-05-12 18:07 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-16 20:15 - 2015-05-16 20:15 - 02929664 _____ () C:\Program Files\AVAST Software\Avast\defs\15051601\algo.dll
2015-03-31 15:49 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-12 18:07 - 2015-05-12 18:07 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Robin\SkyDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Robin\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\the_avengers_movie_2012-1920x1080.jpg
DNS Servers: 192.168.88.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{EAB55532-566C-4024-A5BC-1FE4E35A903D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{07A334C3-D7E7-4815-813A-A67D05161103}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{759168C1-0C36-46ED-B6DE-41C54AE12B4E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E856B2DA-41D8-45AE-840C-DEE43DA89284}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{44774197-9914-4E1C-BBE1-76338F206C8E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8DEB490F-3E13-4959-B203-28CC917E0D9B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9EA49A8F-66FA-43C9-A632-7E8AB8D4F514}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{4B54E0A7-976C-42A1-81AD-9AA5CD53025E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E8262406-78A5-4181-9822-317AE45B6F89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2985E4D8-3927-4E65-BB33-D093D11AAF9D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2C3ECAE3-8C92-4AF8-940B-B192D4553855}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{21BC6E09-4014-45AF-9D55-2EE3724455F2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{02929367-DFB2-4B1D-BB6D-33C137BE8D9D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F43E9B62-D1B2-4386-BA72-448D235F2F11}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E98239F0-3E94-4258-A43A-74FB6F15F87F}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{8766861D-FD50-4224-B7BE-CF6ABB0B7016}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{41E35F39-708B-4306-B4F9-429733499615}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{764B033B-F4FA-4B94-A2BE-6BBB7FD11262}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D2AE480A-8787-414C-963F-2299C6067B90}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{FC745E09-31A0-4708-BFB9-0284ABE3F52A}E:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) E:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [UDP Query User{75A6BAB9-CF35-466F-A689-FEC421D2E165}E:\program files (x86)\activision\call of duty 2\cod2mp_s.exe] => (Allow) E:\program files (x86)\activision\call of duty 2\cod2mp_s.exe
FirewallRules: [TCP Query User{94E26700-84F7-45A3-B150-AF30432EE878}E:\games\world_of_tanks\wotlauncher.exe] => (Allow) E:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{E36276D7-EDC2-4A51-BD88-DEAB2845F4A8}E:\games\world_of_tanks\wotlauncher.exe] => (Allow) E:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{737BE723-8978-48EE-A0DE-ABC9E3B142DF}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{462685BA-AAD2-42E0-9AB3-26C7FB71EED7}E:\games\world_of_tanks\worldoftanks.exe] => (Allow) E:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{463F21E8-6360-4CD3-86CE-51E256C628F2}E:\users\robin\appdata\roaming\utorrent\utorrent.exe] => (Allow) E:\users\robin\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{11EF2368-0D00-45C3-820A-6B956E838396}E:\users\robin\appdata\roaming\utorrent\utorrent.exe] => (Allow) E:\users\robin\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{72033B86-037F-406A-8426-0BB789015BF1}E:\games\far cry 4\bin\farcry4.exe] => (Block) E:\games\far cry 4\bin\farcry4.exe
FirewallRules: [UDP Query User{DF87AAD8-01DB-44B6-A348-3E791FC38798}E:\games\far cry 4\bin\farcry4.exe] => (Block) E:\games\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{D164D514-F29B-4ED6-8436-20363A2B37B8}E:\games\trackmania 2\maniaplanet.exe] => (Allow) E:\games\trackmania 2\maniaplanet.exe
FirewallRules: [UDP Query User{D3D38CD8-DEA1-4D7E-9479-F9C91DAE56D1}E:\games\trackmania 2\maniaplanet.exe] => (Allow) E:\games\trackmania 2\maniaplanet.exe
FirewallRules: [TCP Query User{F7A9DEFF-FCC1-4810-876A-6FB1CE8C0753}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{0F5163FF-EDCE-4469-9B73-C95CF658BB36}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{28020FE7-D7A2-41BF-8FCB-627B12987A55}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{4F3AD51D-503E-454A-9153-790C0B576F0B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{8B0E394F-AFD7-45DF-9C7E-FB76012A57D8}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{2F5C618F-C04E-43BB-9CBE-3283B6D1F019}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{70E700CE-55B9-45F7-9B13-ECDF5C326ACC}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{F1605F91-61B1-4387-B174-91F29FB322F3}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{FFE9D354-1314-4DCF-B8C5-D6276EEFC2E6}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{65665348-34FB-4651-8483-46362062BB56}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{EE2E1E30-B243-4FB1-B851-98481163CC96}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{AB65A2BA-3ED0-48D1-9095-95EFFB0655F4}] => (Allow) C:\Program Files (x86)\Farming Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{059C01C3-5117-412D-BADE-5E4DD71B885A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6B244678-C8E1-4AD5-9DF3-86AFF949041C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{96227037-9303-43E7-8905-8B9F6C26BA81}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B0FFC0B0-4204-471B-9B6D-2DE8B4357197}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D4C90086-789C-47C3-A54C-F4841F60B556}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{6EEDF62C-9C19-414A-AF9B-FA3051410664}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{24043E76-765C-4408-9845-8C9EEB6DFE78}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{5DB7EABB-FAFA-466D-B743-CFF4E535E2CE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{448A06B6-62C3-4B16-8DEA-39119B48F884}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5BDE88AC-D972-4A71-A2F6-99CE73D00993}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Gun Monkeys\Gun_Monkeys.exe
FirewallRules: [{C73CCDEC-8BEB-484D-8949-DB4FA816FE9C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Gun Monkeys\Gun_Monkeys.exe
FirewallRules: [{0CF4B7B5-D623-4F9A-ADEC-947E6DEBE9D4}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{EDDD1DA4-DDCA-4F16-8FCF-D04F9944C696}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{4101D07E-1318-4A61-8CCD-A47285B2618B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe

==================== Faulty Device Manager Devices =============

Name: Řadič jednoduché komunikace pro sběrnici PCI
Description: Řadič jednoduché komunikace pro sběrnici PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Řadič sběrnice SM
Description: Řadič sběrnice SM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (05/17/2015 00:28:30 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]

Error: (05/17/2015 09:02:27 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (05/17/2015 09:02:24 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (05/16/2015 03:05:41 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/16/2015 00:41:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Dirt Rally.exe, verze: 0.3.106.453, časové razítko: 0x553f87cd
Název chybujícího modulu: steam_api.dll, verze: 6.3.9600.17736, časové razítko: 0x550f42c2
Kód výjimky: 0xc0000135
Posun chyby: 0x0009d4f2
ID chybujícího procesu: 0xc34
Čas spuštění chybující aplikace: 0xDirt Rally.exe0
Cesta k chybující aplikaci: Dirt Rally.exe1
Cesta k chybujícímu modulu: Dirt Rally.exe2
ID zprávy: Dirt Rally.exe3
Úplný název chybujícího balíčku: Dirt Rally.exe4
ID aplikace související s chybujícím balíčkem: Dirt Rally.exe5

Error: (05/16/2015 10:26:45 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [5]

Error: (05/15/2015 09:59:05 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/15/2015 01:41:48 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/15/2015 00:34:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (05/15/2015 07:26:15 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]

System errors:
=============
Error: (05/16/2015 08:51:52 PM) (Source: DCOM) (EventID: 10005) (User: Pc)
Description: 1084WSearchNení k dispozici{9E175B68-F52A-11D8-B9A5-505054503030}

Error: (05/16/2015 08:51:52 PM) (Source: DCOM) (EventID: 10005) (User: Pc)
Description: 1084ShellHWDetectionNení k dispozici{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/16/2015 08:51:36 PM) (Source: DCOM) (EventID: 10005) (User: Pc)
Description: 1084ShellHWDetectionNení k dispozici{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/16/2015 08:51:28 PM) (Source: DCOM) (EventID: 10005) (User: Pc)
Description: 1084WSearchNení k dispozici{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/16/2015 08:51:28 PM) (Source: DCOM) (EventID: 10005) (User: Pc)
Description: 1084WSearchNení k dispozici{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/16/2015 08:51:28 PM) (Source: DCOM) (EventID: 10005) (User: Pc)
Description: 1084WSearchNení k dispozici{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/16/2015 08:51:28 PM) (Source: DCOM) (EventID: 10005) (User: Pc)
Description: 1084WSearchNení k dispozici{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (05/16/2015 08:51:27 PM) (Source: DCOM) (EventID: 10005) (User: Pc)
Description: 1084ShellHWDetectionNení k dispozici{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (05/16/2015 08:51:19 PM) (Source: DCOM) (EventID: 10005) (User: Pc)
Description: 1068netprofmNení k dispozici{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (05/16/2015 08:51:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Služba seznamu sítí závisí na službě Sledování umístění v síti (NLA), která neuspěla při spuštění v důsledku následující chyby:
%%1068

Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
Percentage of memory in use: 13%
Total physical RAM: 8120 MB
Available physical RAM: 7023.92 MB
Total Pagefile: 9400 MB
Available Pagefile: 8019.29 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (SSD) (Fixed) (Total:111.45 GB) (Free:17.83 GB) NTFS
Drive d: (Programy Hry 2) (Fixed) (Total:244.6 GB) (Free:144.77 GB) NTFS
Drive e: (Programy Hry) (Fixed) (Total:221.16 GB) (Free:90.86 GB) NTFS
Drive f: (FS15) (CDROM) (Total:1.91 GB) (Free:0 GB) UDF
Drive h: (Project CARS) (CDROM) (Total:15.46 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or

(Size: 111.8 GB) (Disk ID: 5F30C486)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or

(Size: 465.8 GB) (Disk ID: 97646C29)
Partition 1: (Not Active) - (Size=244.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=221.2 GB) - (Type=OF Extended)

==================== End Of Log ============================

Příspěvekod **jerabina** » 18 kvě 2015 20:04

Ahoj, odinstaluj vše od:
KMSpico

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:

(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\MountPoints2: {948ecf5c-cce4-11e4-824b-806e6f6e6963} - "F:\autorun.exe" 
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\MountPoints2: {aec8b971-cce4-11e4-824c-d8cb8a196d95} - "H:\setup.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk [2015-03-18]
ShortcutTarget: GamePark klient 2.lnk -> E:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [965776 2014-10-26] (@ByELDI) [File not signed]

C:\Program Files\KMSpico\
C:\Users\Robin\AppData\Local\LumaEmu
C:\Users\Robin\Downloads\Project CARS-RELOADED

C:\Windows\Tasks\*.job
Task: {6DAD7281-A409-4DE9-9EC1-874D9619BB89} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {B74DE61C-E93A-4A66-9CEF-711FA0DF457E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-10-26] (@ByELDI)
Task: {F3CE2AF2-D7DC-40A6-B283-0E45F26D007C} - System32\Tasks\AdobeAAMUpdater-1.0-Pc-PC => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)

AlternateDataStreams: C:\Users\Robin\SkyDrive:ms-properties

FirewallRules: [{EDDD1DA4-DDCA-4F16-8FCF-D04F9944C696}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{4101D07E-1318-4A61-8CCD-A47285B2618B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe

CMD: bitsadmin /reset /allusers

EmptTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt

Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

R0bin · Příspěvekod **R0bin** » 18 kvě 2015 20:24

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by PC at 2015-05-18 20:23:00 Run:1
Running from C:\Users\Robin\Desktop
Loaded Profiles: PC (Available profiles: PC)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\MountPoints2: {948ecf5c-cce4-11e4-824b-806e6f6e6963} - "F:\autorun.exe"
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\...\MountPoints2: {aec8b971-cce4-11e4-824c-d8cb8a196d95} - "H:\setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk [2015-03-18]
ShortcutTarget: GamePark klient 2.lnk -> E:\Program Files\GamePark2\gpcl.exe (Allstar Group, s.r.o.)

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [965776 2014-10-26] (@ByELDI) [File not signed]

C:\Program Files\KMSpico\
C:\Users\Robin\AppData\Local\LumaEmu
C:\Users\Robin\Downloads\Project CARS-RELOADED

C:\Windows\Tasks\*.job
Task: {6DAD7281-A409-4DE9-9EC1-874D9619BB89} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {B74DE61C-E93A-4A66-9CEF-711FA0DF457E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-10-26] (@ByELDI)
Task: {F3CE2AF2-D7DC-40A6-B283-0E45F26D007C} - System32\Tasks\AdobeAAMUpdater-1.0-Pc-PC => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)

AlternateDataStreams: C:\Users\Robin\SkyDrive:ms-properties

FirewallRules: [{EDDD1DA4-DDCA-4F16-8FCF-D04F9944C696}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{4101D07E-1318-4A61-8CCD-A47285B2618B}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe

CMD: bitsadmin /reset /allusers

EmptTemp:
End
*****************

Processes closed successfully.
C:\Program Files\KMSpico\Service_KMS.exe => No running process found
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeAAMUpdater-1.0 => value deleted successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\iTunesHelper => value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value deleted successfully.
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Steam => value deleted successfully.
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value deleted successfully.
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
"HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{948ecf5c-cce4-11e4-824b-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{948ecf5c-cce4-11e4-824b-806e6f6e6963} => Key not found.
"HKU\S-1-5-21-3924451612-1508638027-1716174210-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{aec8b971-cce4-11e4-824c-d8cb8a196d95}" => Key deleted successfully.
HKCR\CLSID\{aec8b971-cce4-11e4-824c-d8cb8a196d95} => Key not found.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamePark klient 2.lnk => Moved successfully.
E:\Program Files\GamePark2\gpcl.exe => Moved successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Service KMSELDI => Service deleted successfully.
C:\Program Files\KMSpico => Moved successfully.
C:\Users\Robin\AppData\Local\LumaEmu => Moved successfully.
"C:\Users\Robin\Downloads\Project CARS-RELOADED" => File/Directory not found.
C:\Windows\Tasks\*.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DAD7281-A409-4DE9-9EC1-874D9619BB89}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DAD7281-A409-4DE9-9EC1-874D9619BB89}" => Key deleted successfully.
C:\Windows\System32\Tasks\Adobe Flash Player Updater => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B74DE61C-E93A-4A66-9CEF-711FA0DF457E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B74DE61C-E93A-4A66-9CEF-711FA0DF457E}" => Key deleted successfully.
C:\Windows\System32\Tasks\AutoPico Daily Restart => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3CE2AF2-D7DC-40A6-B283-0E45F26D007C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3CE2AF2-D7DC-40A6-B283-0E45F26D007C}" => Key deleted successfully.
C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-Pc-PC => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-Pc-PC" => Key deleted successfully.
"C:\Users\Robin\SkyDrive" => ":ms-properties" ADS not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EDDD1DA4-DDCA-4F16-8FCF-D04F9944C696} => value deleted successfully.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4101D07E-1318-4A61-8CCD-A47285B2618B} => value deleted successfully.

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

Unable to cancel {FB458C4B-1A2F-4E0A-838C-9E9A5D8CACEA}.
Unable to cancel {DD8FAAF7-9B8A-4329-A604-6A4E6AF0CB0B}.
Unable to cancel {81383DF6-BDE0-40CF-B4B5-6783BB542F30}.
Unable to cancel {2EA0A503-7655-43FE-A1C5-E17128AAADD7}.
Unable to cancel {131C9DDA-4948-44A3-9E96-84A328932A70}.
Unable to cancel {DC62B624-8562-40B3-9231-72CA6F1A4366}.
Unable to cancel {A9FBC322-1158-4A64-B2CD-B81D87C88E3C}.
0 out of 7 jobs canceled.

========= End of CMD: =========

EmptTemp: => Error: No automatic fix found for this entry.

The system needed a reboot.

==== End of Fixlog 20:23:01 ====

Virus .scr ( steam ) Vyřešeno

Re: Virus .scr ( steam )

Re: Virus .scr ( steam )

Re: Virus .scr ( steam )

Re: Virus .scr ( steam )

Re: Virus .scr ( steam )

Re: Virus .scr ( steam )

Re: Virus .scr ( steam )

Re: Virus .scr ( steam )

Re: Virus .scr ( steam )

Re: Virus .scr ( steam )

Re: Virus .scr ( steam )

Re: Virus .scr ( steam )

Kdo je online