LOG-Appky proste padajúú

[mimi973]

RK:

RogueKiller V10.6.5.0 (x64) [May 20 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 8.1 (6.3.9200 ) 64 bits version
Started in : Normal mode
User : Bobo [Administrator]
Started from : C:\Users\Bobo\Desktop\RogueKillerX64.exe
Mode : Delete -- Date : 06/09/2015 18:12:52

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.Orphan] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> ERROR [0]
[PUM.Orphan] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad | WebCheck : {E6FB5E20-DE35-11CF-9C87-00AA005127ED} -> ERROR [0]
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Replaced (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0 -> Replaced (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 0 -> Replaced (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 0 -> Replaced (0)

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] \\MdmUpdateTaskMachineCore -- "C:\Users\Bobo\AppData\Roaming\SpaceEngineers\Caches\mdm" (overbtc12.) -> ERROR [0]

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Deleted

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1CH162 +++++
--- User ---
[MBR] 19b1f35a2c6aa20e8b9f3d0ea4816cd3
[BSP] 64fcb7b3e63aea0a9a82e00c1fc5f7b1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_05232015_223545.log - RKreport_SCN_05252015_171014.log - RKreport_DEL_05252015_171042.log - RKreport_SCN_06092015_181147.log
RKreport_DEL_06092015_181251.log

COMBOFIX mi na win 8 nejde spustiť ani v kompatibilite na win 8....proste má ta apka zruší,

[Reklama]

[jaro3]

No adwcleaner se zmýlil , dal win7 , RK správně win8.1...

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

[mimi973]

Add by FrSt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by Bobo at 2015-06-09 18:55:07
Running from C:\Users\Bobo\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4076773374-1843248530-2627806815-500 - Administrator - Disabled)
Bobo (S-1-5-21-4076773374-1843248530-2627806815-1001 - Administrator - Enabled) => C:\Users\Bobo
bobo_2 (S-1-5-21-4076773374-1843248530-2627806815-1003 - Limited - Enabled) => C:\Users\bobo_2
Guest (S-1-5-21-4076773374-1843248530-2627806815-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.0.12510 - Adobe Systems Inc.)
Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Brick-Force (EU) (HKLM-x32\...\Steam App 335330) (Version: - Exe Games Inc.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
Car Mechanic Simulator 2015 (HKLM-x32\...\Car Mechanic Simulator 2015_is1) (Version: - )
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor Pro 1.22 (HKLM\...\CPUID HWMonitorPro_is1) (Version: - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version: - Codemasters Racing Studio)
DiRT 3 Complete Edition (HKLM-x32\...\Steam App 321040) (Version: - Codemasters Racing Studio)
From Dust (HKLM-x32\...\{578485F8-60F3-4C61-9183-0698E581B902}) (Version: 1.0.0 - Ubisoft)
Garmin Express (HKLM-x32\...\{f12fdb52-c810-4ca6-a78c-032686527928}) (Version: 4.0.21.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.0.21.0 - Garmin Ltd or its subsidiaries) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version: - Codemasters Racing)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
KeyDominator1 (HKLM-x32\...\BloodyKeyboard) (Version: 15.03.0001 - Bloody)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware verze 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MK LOL (HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\MK LOL) (Version: - )
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.3.0.0 - Electronic Arts)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PlaysTV (HKLM-x32\...\PlaysTV) (Version: - )
Raptr (HKLM-x32\...\Raptr) (Version: - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Scribblenauts Unlimited (HKLM-x32\...\Steam App 218680) (Version: - 5th Cell Media)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
ToneMaker 1 (HKLM-x32\...\BloodyToneMaker) (Version: 14.01.0003 - Bloody)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

25-05-2015 17:12:42 zoek.exe restore point
28-05-2015 18:00:07 Installed From Dust
30-05-2015 11:16:00 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
06-06-2015 18:08:30 Scheduled Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2015-06-09 18:12 - 00000725 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {09672CC5-4C82-4F39-AD08-D85C3FB50BBA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe
Task: {1ACD36F9-935C-43A8-A3E3-2156BB7B1874} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-05-21] ()
Task: {3A58B47D-1585-4191-A839-F249C8E5AA83} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {4690E8EB-AC2D-483C-88CA-68F6A8371F69} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {5CDAD87C-E4B5-4613-A7FE-474F6526F75F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {618B5BB7-FB00-4AC6-BC7D-86F32B2E22C2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {65CBA3F9-B6DD-4D5B-8A70-B941BCDE853B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {7C2E6A96-A034-478A-BFEE-1D3B1274AB11} - \Optimize Start Menu Cache Files-S-1-5-21-4076773374-1843248530-2627806815-1003 No Task File <==== ATTENTION
Task: {86AC77C2-B0C9-4607-BDC2-5A56C12FC12C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-16] (Google Inc.)
Task: {9EB452C4-9185-4366-AD88-3BE5768E5A43} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {C70CF9A4-7693-46DB-A2F3-3D68A9EA87C0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-16] (Adobe Systems Incorporated)
Task: {CEA4D4D8-7449-45A4-8D4B-BEA6FAD210E2} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-bojcuk.m.007@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {F5E407B4-3EB3-4C41-8826-BE136EEA55A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-16] (Google Inc.)
Task: {F6C87B3E-34C5-4D35-BD44-8B2E9E035397} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-03-16] ()
Task: {FE3D7359-5BF7-4F89-A346-2B047FB107DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-16 16:55 - 2013-07-04 04:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-03-22 12:25 - 2011-03-02 13:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2015-03-16 17:04 - 2014-01-15 11:01 - 07887872 _____ () C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
2015-03-16 17:05 - 2015-03-02 17:30 - 11621888 _____ () C:\Program Files (x86)\KeyDominator1\KeyDominator1\KeyDominator1.exe
2014-10-09 21:44 - 2014-10-09 21:44 - 00504832 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 09315328 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00015872 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-10-09 21:43 - 2014-10-09 21:43 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00115200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-10-08 17:30 - 2014-10-08 17:30 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00034304 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-10-08 17:30 - 2014-10-08 17:30 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00189440 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00031744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00159744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00020992 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00029696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00023040 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-10-09 21:44 - 2014-10-09 21:44 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2015-03-16 17:04 - 2013-11-06 11:09 - 10891783 _____ () C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
2015-03-16 16:55 - 2015-06-09 18:39 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-03-16 16:55 - 2013-07-04 04:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-03-16 17:04 - 2013-11-11 18:01 - 04259840 _____ () C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2015-03-16 17:05 - 2014-01-10 18:48 - 04260352 _____ () C:\Program Files (x86)\KeyDominator1\KeyDominator1\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\PlaysTV\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\PlaysTV\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\PlaysTV\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\PlaysTV\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\PlaysTV\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\PlaysTV\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\PlaysTV\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\PlaysTV\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\PlaysTV\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\PlaysTV\_hashlib.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00008704 _____ () C:\Program Files (x86)\PlaysTV\PyQt4.Qt.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\PlaysTV\_sqlite3.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00387072 _____ () C:\Program Files (x86)\PlaysTV\sqlite3.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files (x86)\PlaysTV\libvlc.dll
2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files (x86)\PlaysTV\libvlccore.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\PlaysTV\win32file.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\PlaysTV\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\PlaysTV\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\PlaysTV\winsound.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\PlaysTV\win32process.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\PlaysTV\amd_ags.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\PlaysTV\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\PlaysTV\win32com.shell.shell.pyd
2015-05-15 04:21 - 2015-05-15 04:21 - 02540296 _____ () C:\Program Files (x86)\PlaysTV\ltc_host_ex.DLL
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\PlaysTV\unicodedata.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Bobo\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\bobo_2\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bobo\Pictures\pool.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\StartupApproved\StartupFolder: => "Download PC Torrents - KickassTorrents.lnk"
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\StartupApproved\StartupFolder: => "526962672680771234s.lnk"
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{688A67A4-8842-4AD5-8CED-3549D28337C3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{35CF3B1F-DEDA-4A4F-971A-DF4B21D58697}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{43714FB2-358D-40AE-AD3F-6BEA99C7D4E9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B9B02F94-66F9-405D-8E8F-E8E07A1B6581}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2D4AC31A-5791-412E-9BE1-5C993F2C4C6C}] => (Allow) C:\Users\Bobo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A448FD12-467E-4A1B-8AC9-FF200C6637BC}] => (Allow) C:\Users\Bobo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8F2583C8-2F46-4716-8E7D-842AC695F222}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{313F8A6F-6214-4175-ADE3-DED7A3F31970}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E27970C5-7D4A-48D7-B5CC-A52A993CF82A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3A352015-6939-4400-A4C9-DF9DF33DDD3F}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE
FirewallRules: [{F295BA2E-50E2-495C-8A4C-C39E97998FA1}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE
FirewallRules: [{21B5BC39-91AF-4625-93E2-801EFA8365F4}] => (Allow) C:\Program Files (x86)\Need for Speed Rivals\NFS14_x86.exe
FirewallRules: [{1650D25C-DD01-49A0-ADB5-E5A1A96D66E4}] => (Allow) C:\Program Files (x86)\Need for Speed Rivals\NFS14_x86.exe
FirewallRules: [{62B40501-4DF4-4DE7-8A55-C6102BBD8A67}] => (Allow) C:\Program Files (x86)\Need for Speed Rivals\NFS14.exe
FirewallRules: [{587A8370-B228-4638-B144-F2A9C765F55A}] => (Allow) C:\Program Files (x86)\Need for Speed Rivals\NFS14.exe
FirewallRules: [{C634AE66-CF31-43B7-967B-F3DFED3C8967}] => (Allow) C:\Program Files (x86)\PlaysTV\playstv.exe
FirewallRules: [{049E7D4A-19B1-43FB-AC1A-C636C162AF5A}] => (Allow) C:\Program Files (x86)\PlaysTV\playstv.exe
FirewallRules: [{247C13CD-3118-4AB7-8325-4776EB38ECCC}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{B82B2E76-9F7C-4408-B684-5E18A8F2D074}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{FF69E597-383D-4594-8358-BE17E35261A8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{12EAEEA9-7963-4480-9125-0F6D5E0E2273}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{88A68426-423F-4560-914E-96E9A04A0E65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{387CEC72-AA52-48D5-84E5-9D006038D11A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{C21AAB6F-129D-4AA0-BA54-E64922D91889}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{74FF9BB3-7964-43F1-AC20-72DFCFCD1F5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{B00C46A4-B5B0-4DDA-8F02-2501DDAD14B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3\dirt3.exe
FirewallRules: [{C036C0E2-EB13-4E8F-AEB7-84945E621C64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT 3\dirt3.exe
FirewallRules: [TCP Query User{65C0ABE5-2932-4190-AF30-EBFAD6044D72}C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe
FirewallRules: [UDP Query User{E0FEB45C-CA07-4FAF-B126-462BE1648A4A}C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dirt 3\dirt3_game.exe
FirewallRules: [{E81EFA47-D734-4E38-AAE9-EA25BBCFD361}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{FF1D9E9F-9F8D-4DB7-AD9D-C9D7E8C165CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{4DD10C1E-1D83-4191-9249-27C6BF61C4EB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{1FAF4D2E-D77B-4396-A1A8-CB293CACDF99}] => (Allow) C:\Users\Bobo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BF27F3D4-5D8D-4A61-93E6-36CA70CED3CE}] => (Allow) C:\Users\Bobo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{43D63B75-0432-4174-BE04-6A633E7E5496}] => (Allow) C:\Users\Bobo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B8D19C1A-F380-47A9-AEC4-2945A40011EB}] => (Allow) C:\Users\Bobo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7FF85F14-9F12-47CE-8B3A-9B47E00C7987}] => (Allow) C:\Users\Bobo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E430535F-B0E0-40A0-801A-7848F06A36AE}] => (Allow) C:\Users\Bobo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FB44EEF5-57E3-4535-8B5B-3762E7FB6AAB}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{B26EA10E-29C9-4120-9C9F-3E30AF1835EE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{CF12C2EE-5BBC-401F-AD1F-D7AAE8F3DA66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brick-Force ROW\InfernumLogin.exe
FirewallRules: [{1363FE21-DCE6-4B25-ACD3-3D438B98EC12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Brick-Force ROW\InfernumLogin.exe
FirewallRules: [{D61D8546-8750-4FE5-AB4F-DE7AFD5AE56A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scribblenauts\Scribble.exe
FirewallRules: [{F42635CD-254A-4ACE-905A-D65377230E7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scribblenauts\Scribble.exe
FirewallRules: [TCP Query User{9C1B2D67-31D1-47F1-870B-3B8B6AD438D4}C:\program files (x86)\steam\steamapps\common\brick-force row\brickforce.exe] => (Block) C:\program files (x86)\steam\steamapps\common\brick-force row\brickforce.exe
FirewallRules: [UDP Query User{B2EE98D5-7A36-416C-B152-6DA7EBA19626}C:\program files (x86)\steam\steamapps\common\brick-force row\brickforce.exe] => (Block) C:\program files (x86)\steam\steamapps\common\brick-force row\brickforce.exe

==================== Faulty Device Manager Devices =============

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2015 00:04:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 5.10.0.330, time stamp: 0x555f6b59
Faulting module name: League of Legends.exe, version: 5.10.0.330, time stamp: 0x555f6b59
Exception code: 0xc0000005
Fault offset: 0x003bc8fa
Faulting process id: 0x1598
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3
Faulting package full name: League of Legends.exe4
Faulting package-relative application ID: League of Legends.exe5

Error: (06/08/2015 11:11:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 5.10.0.330, time stamp: 0x555f6b59
Faulting module name: League of Legends.exe, version: 5.10.0.330, time stamp: 0x555f6b59
Exception code: 0xc0000005
Fault offset: 0x003bc8fa
Faulting process id: 0x6f0
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3
Faulting package full name: League of Legends.exe4
Faulting package-relative application ID: League of Legends.exe5

Error: (06/07/2015 11:26:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 5.10.0.330, time stamp: 0x555f6b59
Faulting module name: League of Legends.exe, version: 5.10.0.330, time stamp: 0x555f6b59
Exception code: 0xc0000005
Fault offset: 0x003bc8fa
Faulting process id: 0xca8
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3
Faulting package full name: League of Legends.exe4
Faulting package-relative application ID: League of Legends.exe5

Error: (06/07/2015 10:33:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 5.10.0.330, time stamp: 0x555f6b59
Faulting module name: League of Legends.exe, version: 5.10.0.330, time stamp: 0x555f6b59
Exception code: 0xc0000005
Fault offset: 0x003bc8fa
Faulting process id: 0xb4c
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3
Faulting package full name: League of Legends.exe4
Faulting package-relative application ID: League of Legends.exe5

Error: (06/07/2015 10:04:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 5.10.0.330, time stamp: 0x555f6b59
Faulting module name: League of Legends.exe, version: 5.10.0.330, time stamp: 0x555f6b59
Exception code: 0xc0000005
Fault offset: 0x003bc8fa
Faulting process id: 0xd34
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3
Faulting package full name: League of Legends.exe4
Faulting package-relative application ID: League of Legends.exe5

Error: (06/07/2015 08:57:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x552d15e0
Faulting module name: client.dll, version: 1.0.0.1, time stamp: 0x556b2796
Exception code: 0xc0000005
Fault offset: 0x0015f34a
Faulting process id: 0x1238
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
Faulting package full name: hl2.exe4
Faulting package-relative application ID: hl2.exe5

Error: (06/07/2015 01:45:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: hl2.exe, version: 0.0.0.0, time stamp: 0x552d15e0
Faulting module name: materialsystem.dll_unloaded, version: 1.0.0.1, time stamp: 0x553946b7
Exception code: 0xc0000005
Fault offset: 0x00006c19
Faulting process id: 0xb54
Faulting application start time: 0xhl2.exe0
Faulting application path: hl2.exe1
Faulting module path: hl2.exe2
Report Id: hl2.exe3
Faulting package full name: hl2.exe4
Faulting package-relative application ID: hl2.exe5

Error: (06/06/2015 06:08:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (06/06/2015 05:59:14 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/04/2015 03:08:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.5.0.0, time stamp: 0x52aef33f
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0xe0434352
Fault offset: 0x0000000000008b9c
Faulting process id: 0x588
Faulting application start time: 0xAutoKMS.exe0
Faulting application path: AutoKMS.exe1
Faulting module path: AutoKMS.exe2
Report Id: AutoKMS.exe3
Faulting package full name: AutoKMS.exe4
Faulting package-relative application ID: AutoKMS.exe5


System errors:
=============
Error: (06/09/2015 06:39:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 18:20:19 on ‎9.‎6.‎2015 was unexpected.

Error: (06/09/2015 06:39:09 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (06/09/2015 10:32:45 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 0:27:53 on ‎9.‎6.‎2015 was unexpected.

Error: (06/09/2015 10:32:27 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256845513638497719848

Error: (06/08/2015 07:36:14 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 19:05:11 on ‎8.‎6.‎2015 was unexpected.

Error: (06/08/2015 03:45:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 23:33:46 on ‎7.‎6.‎2015 was unexpected.

Error: (06/08/2015 03:44:49 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256844787204908974456

Error: (06/07/2015 07:33:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 18:35:21 on ‎7.‎6.‎2015 was unexpected.

Error: (06/07/2015 11:15:20 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:12:43 on ‎7.‎6.‎2015 was unexpected.

Error: (06/07/2015 11:12:43 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 21:10:28 on ‎6.‎6.‎2015 was unexpected.


Microsoft Office:
=========================
Error: (06/09/2015 00:04:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe5.10.0.330555f6b59League of Legends.exe5.10.0.330555f6b59c0000005003bc8fa159801d0a23134723a79C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.91\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.91\deploy\League of Legends.exe481a557a-0e2a-11e5-82f3-d850e6543c3f

Error: (06/08/2015 11:11:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe5.10.0.330555f6b59League of Legends.exe5.10.0.330555f6b59c0000005003bc8fa6f001d0a22a117c7ae4C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.91\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.91\deploy\League of Legends.exef3874a2c-0e22-11e5-82f3-d850e6543c3f

Error: (06/07/2015 11:26:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe5.10.0.330555f6b59League of Legends.exe5.10.0.330555f6b59c0000005003bc8faca801d0a1624129ef0cC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.91\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.91\deploy\League of Legends.execade706d-0d5b-11e5-82f1-d850e6543c3f

Error: (06/07/2015 10:33:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe5.10.0.330555f6b59League of Legends.exe5.10.0.330555f6b59c0000005003bc8fab4c01d0a15dd80a83eeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.91\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.91\deploy\League of Legends.exe679020fa-0d54-11e5-82f1-d850e6543c3f

Error: (06/07/2015 10:04:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe5.10.0.330555f6b59League of Legends.exe5.10.0.330555f6b59c0000005003bc8fad3401d0a156c3e7611fC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.91\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.91\deploy\League of Legends.exe5a4040c8-0d50-11e5-82f1-d850e6543c3f

Error: (06/07/2015 08:57:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl2.exe0.0.0.0552d15e0client.dll1.0.0.1556b2796c00000050015f34a123801d0a14854cfe446C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exec:\program files (x86)\steam\steamapps\common\garrysmod\garrysmod\bin\client.dll181bb638-0d47-11e5-82f1-d850e6543c3f

Error: (06/07/2015 01:45:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hl2.exe0.0.0.0552d15e0materialsystem.dll_unloaded1.0.0.1553946b7c000000500006c19b5401d0a102a59b0bc1C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exematerialsystem.dlla0f35616-0d0a-11e5-82f0-d850e6543c3f

Error: (06/06/2015 06:08:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

Error: (06/06/2015 05:59:14 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/04/2015 03:08:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AutoKMS.exe2.5.0.052aef33fKERNELBASE.dll6.3.9600.1741554505737e04343520000000000008b9c58801d09ec664d133e7C:\WINDOWS\AutoKMS\AutoKMS.exeC:\WINDOWS\system32\KERNELBASE.dlld346178e-0aba-11e5-82e6-d850e6543c3f


CodeIntegrity Errors:
===================================
Date: 2015-06-09 10:57:04.323
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-08 17:20:54.464
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-07 13:56:26.787
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-06 17:55:35.757
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-04 17:01:40.404
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-06-02 09:38:32.093
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-05-31 11:29:45.442
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-05-30 08:34:39.712
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-05-29 08:45:07.444
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-05-28 15:25:43.004
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 19%
Total physical RAM: 8130.23 MB
Available physical RAM: 6549.24 MB
Total Pagefile: 9410.23 MB
Available Pagefile: 7721.87 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:680.44 GB) NTFS
Drive f: (SAMSUNG) (Fixed) (Total:1367.71 GB) (Free:344.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or (Size: 931.5 GB) (Disk ID: CDBF289B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1397.3 GB) (Disk ID: 7AD3EA51)
Partition 1: (Active) - (Size=1367.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=29.6 GB) - (Type=OF Extended)

==================== End of log ============================

[mimi973]

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by Bobo (administrator) on ZER0 on 09-06-2015 18:54:20
Running from C:\Users\Bobo\Desktop
Loaded Profiles: Bobo (Available Profiles: Bobo & bobo_2)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe
() C:\Program Files (x86)\KeyDominator1\KeyDominator1\KeyDominator1.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\SDK\CM_LibraryIO.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Plays.tv, LLC) C:\Program Files (x86)\PlaysTV\playstv.exe
(Raptr Inc.) C:\Program Files (x86)\PlaysTV\plays_ep64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\PlaysTV\playstv_launcher.exe [55568 2015-05-15] (Plays.tv, LLC)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-05-16] (Adobe Systems Incorporated)
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\Run: [BloodyToneMaker] => C:\Program Files (x86)\BloodyToneMaker\BloodyToneMaker\Bloody ToneMaker1.exe [7887872 2014-01-15] ()
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\Run: [BloodyKeyboard] => C:\Program Files (x86)\KeyDominator1\KeyDominator1\KeyDominator1.exe [11621888 2015-03-02] ()
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS)
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [5583120 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\MountPoints2: {a2c96fdd-d949-11e4-826c-d850e6543c3f} - "E:\Startme.exe"
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\MountPoints2: {badb462a-e2b2-11e4-8280-d850e6543c3f} - "G:\setup.exe"
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\...\MountPoints2: {d3833240-d862-11e4-8269-d850e6543c3f} - "E:\setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 Status Window.lnk [2015-04-02]
ShortcutTarget: Canon LBP2900 Status Window.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4076773374-1843248530-2627806815-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-25]
CHR Extension: (Google Docs) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-16]
CHR Extension: (Google Drive) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-16]
CHR Extension: (YouTube) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-16]
CHR Extension: (Google Search) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-16]
CHR Extension: (Google Sheets) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-25]
CHR Extension: (Bookmark Manager) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Google Wallet) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
CHR Extension: (Gmail) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [717768 2015-05-21] (Garmin Ltd. or its subsidiaries)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-14] (Electronic Arts)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R3 CMUAC; C:\Windows\system32\DRIVERS\Headset6400x1.SYS [387072 2013-10-03] (A4Tech Inc.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30352 2015-04-01] (Disc Soft Ltd)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-06] (Malwarebytes Corporation)
R3 SAlphamHid; C:\Windows\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation)
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 X6va029; \??\C:\WINDOWS\SysWOW64\Drivers\X6va029 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 18:54 - 2015-06-09 18:54 - 00011663 _____ C:\Users\Bobo\Desktop\FRST.txt
2015-06-09 18:54 - 2015-06-09 18:54 - 00000000 ____D C:\FRST
2015-06-09 18:46 - 2015-06-09 18:46 - 02108928 _____ (Farbar) C:\Users\Bobo\Desktop\FRST64.exe
2015-06-09 18:04 - 2015-06-09 18:05 - 05628161 _____ (Swearware) C:\Users\Bobo\Desktop\ComboFix.exe
2015-06-09 18:03 - 2015-06-09 18:03 - 00000000 ____D C:\Users\Bobo\Desktop\backups
2015-06-08 22:33 - 2015-06-08 22:33 - 00204316 _____ C:\Users\Bobo\Downloads\568137493302217.htm
2015-06-08 15:45 - 2015-06-09 18:39 - 00003016 _____ C:\WINDOWS\setupact.log
2015-06-08 15:45 - 2015-06-08 15:45 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-06-07 22:19 - 2015-06-09 18:42 - 00581232 _____ C:\WINDOWS\WindowsUpdate.log
2015-06-07 21:05 - 2015-06-07 21:05 - 00070880 _____ C:\Users\Bobo\Documents\cc_20150607_210556.reg
2015-06-02 10:13 - 2015-06-02 10:13 - 00000000 ____D C:\Users\Bobo\AppData\Local\GWX
2015-05-30 11:16 - 2015-05-30 11:16 - 00000000 ____D C:\ProgramData\Package Cache
2015-05-30 11:12 - 2015-05-30 11:12 - 00000222 _____ C:\Users\Bobo\Desktop\Brick-Force (EU).url
2015-05-30 11:04 - 2015-05-30 11:04 - 00000222 _____ C:\Users\Bobo\Desktop\Scribblenauts Unlimited.url
2015-05-29 21:09 - 2015-05-29 21:13 - 00000000 ____D C:\Users\Bobo\Desktop\Moja karta fotky
2015-05-28 18:14 - 2015-05-29 23:45 - 00000000 ____D C:\Users\Bobo\Desktop\nechapem očo ide
2015-05-28 18:00 - 2015-05-28 18:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-28 18:00 - 2015-05-28 18:03 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-05-28 17:51 - 2015-05-28 17:51 - 00002642 _____ C:\Users\Bobo\Desktop\µTorrent.lnk
2015-05-27 18:51 - 2015-05-27 21:04 - 00000000 ____D C:\Users\Bobo\Desktop\xa
2015-05-27 18:18 - 2015-05-27 21:06 - 00000000 ____D C:\Users\Bobo\Desktop\New folder
2015-05-25 20:46 - 2015-05-26 12:29 - 00000000 ____D C:\Users\Bobo\AppData\Local\VirtualStore
2015-05-25 17:30 - 2015-05-25 17:11 - 00024064 _____ C:\WINDOWS\zoek-delete.exe
2015-05-25 17:12 - 2015-05-25 20:26 - 00012533 _____ C:\zoek-results.log
2015-05-25 17:11 - 2015-05-25 17:11 - 01308672 _____ C:\Users\Bobo\Desktop\zoek.exe
2015-05-24 17:40 - 2015-05-24 17:40 - 00000220 _____ C:\Users\Bobo\Desktop\Garry's Mod.url
2015-05-24 01:42 - 2015-05-24 01:42 - 00000000 ____D C:\Users\Bobo\Documents\Games for Windows - LIVE Demos
2015-05-24 01:20 - 2015-05-24 17:37 - 00000000 ____D C:\ProgramData\Codemasters
2015-05-24 01:20 - 2015-05-24 01:20 - 00000000 __SHD C:\ProgramData\DSS
2015-05-24 01:19 - 2015-05-24 01:19 - 00466456 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2015-05-24 01:19 - 2015-05-24 01:19 - 00444952 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2015-05-24 01:19 - 2015-05-24 01:19 - 00122904 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2015-05-24 01:19 - 2015-05-24 01:19 - 00109080 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2015-05-24 01:19 - 2015-05-24 01:19 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2015-05-24 01:19 - 2015-05-24 01:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2015-05-24 01:19 - 2015-05-24 01:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Ripple Sound
2015-05-24 01:19 - 2015-05-24 01:19 - 00000000 ____D C:\Program Files (x86)\OpenAL
2015-05-24 01:19 - 2015-05-24 01:19 - 00000000 ____D C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2015-05-24 01:19 - 2015-05-24 01:19 - 00000000 ____D C:\Program Files (x86)\BRS
2015-05-24 01:19 - 2011-03-19 15:16 - 01417216 _____ (Blue Ripple Sound Limited) C:\WINDOWS\SysWOW64\rapture3d_oal.dll
2015-05-24 01:19 - 2010-09-22 13:12 - 19087360 _____ (Intel Corporation / Blue Ripple Sound Limited) C:\WINDOWS\SysWOW64\mkl_blueripple.dll
2015-05-23 23:32 - 2015-05-23 23:32 - 00000187 _____ C:\Users\Bobo\Desktop\DiRT 3.url
2015-05-23 23:31 - 2015-05-23 23:31 - 00000221 _____ C:\Users\Bobo\Desktop\GRID 2.url
2015-05-23 22:55 - 2015-05-23 22:55 - 00000000 ____D C:\Users\Bobo\AppData\Roaming\PDAppFlex
2015-05-23 22:54 - 2015-05-23 22:54 - 00001675 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC.lnk
2015-05-23 22:53 - 2015-05-23 22:53 - 00001539 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC (64 Bit).lnk
2015-05-23 22:51 - 2015-05-23 22:51 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2015-05-23 22:50 - 2015-05-26 12:02 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4076773374-1843248530-2627806815-1001
2015-05-23 22:43 - 2015-06-08 23:11 - 00000000 ____D C:\Users\Bobo\AppData\Local\CrashDumps
2015-05-23 22:43 - 2015-05-23 22:43 - 182572124 _____ C:\Users\Bobo\AppData\Local\ACCCx3_0_1_88.zip.aamdownload
2015-05-23 22:43 - 2015-05-23 22:43 - 00002194 _____ C:\Users\Bobo\AppData\Local\ACCCx3_0_1_88.zip.aamdownload.aamd
2015-05-23 22:31 - 2015-06-09 18:08 - 00037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2015-05-23 22:31 - 2015-05-23 22:39 - 00000000 ____D C:\ProgramData\RogueKiller
2015-05-23 22:22 - 2015-05-23 22:22 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-ZER0-Windows-8.1-Pro-(64-bit).dat
2015-05-23 22:22 - 2015-05-23 22:22 - 00000000 ____D C:\RegBackup
2015-05-23 22:17 - 2015-05-23 22:17 - 20742744 _____ C:\Users\Bobo\Desktop\RogueKillerX64.exe
2015-05-23 22:17 - 2015-05-23 22:17 - 02720636 _____ (Thisisu) C:\Users\Bobo\Desktop\JRT.exe
2015-05-23 21:26 - 2015-06-06 20:58 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-23 21:18 - 2015-05-23 21:18 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-23 21:18 - 2015-05-23 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-23 21:18 - 2015-05-23 21:18 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-05-23 21:18 - 2015-05-23 21:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-23 21:18 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-05-23 21:18 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-23 21:18 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-23 14:15 - 2015-05-23 14:15 - 00000222 _____ C:\Users\Bobo\Desktop\DiRT 3 Complete Edition.url
2015-05-23 09:31 - 2015-05-23 10:05 - 00000000 ____D C:\Users\Bobo\Downloads\Chappie 2015 1080p WEB-DL x264 AC3-JYK
2015-05-23 09:24 - 2015-05-23 09:53 - 00000000 ____D C:\Users\Bobo\Downloads\Ex Machina (2015) [1080p]
2015-05-23 00:59 - 2015-05-23 10:32 - 00000000 ____D C:\Users\Bobo\Desktop\Big Hero 6 (2014) [1080p]
2015-05-23 00:58 - 2015-05-23 10:59 - 00000000 ____D C:\Users\Bobo\Desktop\Exodus Gods and Kings (2014) [1080p]
2015-05-23 00:58 - 2015-05-23 10:49 - 00000000 ____D C:\Users\Bobo\Desktop\Fast and Furious 7 2015 1080p HDRip x264 AC3-JYK
2015-05-23 00:50 - 2015-06-07 23:26 - 00000000 ____D C:\Users\Bobo\Desktop\Eminem - The Hits [FLAC+MP3] (Big Papi) Curtain Call
2015-05-23 00:32 - 2015-05-23 00:32 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Bobo\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-23 00:32 - 2015-05-23 00:32 - 02223104 _____ C:\Users\Bobo\Desktop\AdwCleaner.exe
2015-05-23 00:32 - 2015-05-23 00:32 - 00448512 _____ (OldTimer Tools) C:\Users\Bobo\Desktop\TFC.exe
2015-05-22 20:12 - 2015-05-22 20:12 - 00000000 ____D C:\Users\Bobo\Documents\The Witcher 3
2015-05-22 20:12 - 2015-05-22 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-22 18:55 - 2015-05-22 18:55 - 00000000 ____D C:\Users\Bobo\AppData\Local\Garmin_Ltd._or_its_subsid
2015-05-22 18:34 - 2015-05-22 18:34 - 00003554 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2015-05-22 18:34 - 2015-05-22 18:34 - 00001906 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2015-05-22 18:34 - 2015-05-22 18:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-05-22 18:34 - 2015-05-22 18:34 - 00000000 ____D C:\ProgramData\Garmin
2015-05-22 18:34 - 2015-05-22 18:34 - 00000000 ____D C:\Program Files (x86)\Garmin
2015-05-22 18:10 - 2015-06-09 18:03 - 00008498 _____ C:\Users\Bobo\Desktop\hijackthis.log
2015-05-22 18:07 - 2015-05-22 18:07 - 00388608 _____ (Trend Micro Inc.) C:\Users\Bobo\Desktop\HijackThis.exe
2015-05-21 19:13 - 2015-05-21 19:13 - 00000000 ____D C:\Users\Bobo\Documents\MKJogo
2015-05-21 19:09 - 2015-05-21 19:09 - 00001131 _____ C:\Users\Bobo\Desktop\MK LOL.lnk
2015-05-21 19:09 - 2015-05-21 19:09 - 00000000 ____D C:\Program Files (x86)\MKJogo
2015-05-21 18:35 - 2015-05-21 18:35 - 00019470 _____ C:\Users\Bobo\Documents\cc_20150521_183527.reg
2015-05-21 18:35 - 2015-05-21 18:35 - 00000318 _____ C:\Users\Bobo\Documents\cc_20150521_183549.reg
2015-05-21 06:47 - 2015-05-21 06:47 - 00000000 ____D C:\GOG Games
2015-05-19 22:58 - 2015-05-21 19:13 - 00000058 _____ C:\WINDOWS\JQHApp.dat
2015-05-19 22:58 - 2015-05-19 22:59 - 00000000 ____D C:\Users\Bobo\Documents\MK-LOL
2015-05-19 22:57 - 2015-05-21 19:09 - 00000000 ____D C:\Users\Bobo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MKJogo
2015-05-17 11:36 - 2015-05-17 11:36 - 00136108 _____ C:\Users\Bobo\Documents\cc_20150517_113646.reg
2015-05-14 09:10 - 2015-05-14 09:10 - 00000000 ____D C:\Users\Bobo\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
2015-05-14 09:08 - 2015-05-14 09:29 - 00000000 ____D C:\Users\Bobo\Documents\OCCT
2015-05-14 08:54 - 2015-05-22 20:15 - 00000000 ____D C:\Program Files (x86)\OCCTPT
2015-05-14 08:54 - 2015-05-14 08:54 - 00000983 _____ C:\Users\bobo_2\Desktop\OCCT.lnk
2015-05-14 08:54 - 2015-05-14 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OCCT
2015-05-13 23:41 - 2015-05-13 23:41 - 00000000 ____D C:\Users\Bobo\Documents\PassMark
2015-05-13 23:41 - 2015-05-13 23:41 - 00000000 ____D C:\Users\Bobo\AppData\Local\PassMark
2015-05-13 23:41 - 2015-05-13 23:41 - 00000000 ____D C:\ProgramData\Passmark
2015-05-13 16:56 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 16:56 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 14:37 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 14:37 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 14:37 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 14:37 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 14:37 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 14:37 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 14:37 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 14:37 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 14:37 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 14:37 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 14:37 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 14:37 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 14:37 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 14:37 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 14:37 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 14:37 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 14:37 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 14:37 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 14:37 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 14:37 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 14:37 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 14:37 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 14:37 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 14:37 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 14:37 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 14:37 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 14:37 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 14:37 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 14:37 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 14:37 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 14:37 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 14:37 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 14:37 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 14:37 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 14:37 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 14:37 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 14:37 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 14:37 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 14:37 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 14:37 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 14:37 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 14:37 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 14:37 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 14:37 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 14:37 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 14:37 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 14:37 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 14:37 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 14:37 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 14:37 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 14:37 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 14:37 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 14:37 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 14:37 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 14:37 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 14:37 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 14:37 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 14:37 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 14:37 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 14:37 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 14:37 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 14:37 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 14:37 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 14:37 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 14:37 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 14:37 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 14:37 - 2015-03-13 02:29 - 00410017 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 14:37 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-13 14:37 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-13 14:37 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 14:37 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 14:37 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 14:37 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 14:37 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 14:37 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 14:37 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 14:37 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 14:37 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 14:37 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-10 18:57 - 2015-06-09 18:40 - 00000000 ____D C:\Users\Bobo\AppData\Roaming\PlaysTV
2015-05-10 18:57 - 2015-05-16 09:59 - 00000000 ____D C:\Program Files (x86)\PlaysTV
2015-05-10 18:57 - 2015-05-10 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlaysTV
2015-05-10 09:25 - 2015-05-10 09:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2015-05-10 09:25 - 2015-05-10 09:25 - 00000000 ____D C:\Program Files\Core Temp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 18:54 - 2015-03-16 18:18 - 00000000 ____D C:\Users\Bobo\AppData\Roaming\vlc
2015-06-09 18:43 - 2015-04-16 20:33 - 00003758 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2015-06-09 18:41 - 2015-03-16 16:52 - 00000000 ___DO C:\Users\Bobo\SkyDrive
2015-06-09 18:40 - 2015-03-16 16:56 - 00000950 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-09 18:39 - 2015-03-16 16:48 - 00000000 ____D C:\Users\Bobo
2015-06-09 18:39 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-06-09 18:06 - 2015-03-16 16:56 - 00000954 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-09 18:01 - 2015-03-16 18:43 - 00000000 ____D C:\Users\Bobo\AppData\Roaming\TS3Client
2015-06-09 18:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-06-09 17:31 - 2015-03-16 22:56 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-09 10:42 - 2015-03-16 17:21 - 00000000 ____D C:\Users\Bobo\AppData\Local\Adobe
2015-06-08 21:51 - 2015-04-13 19:47 - 00020909 _____ C:\Users\Bobo\Desktop\Play it.xspf
2015-06-08 21:15 - 2015-03-16 18:16 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-07 21:05 - 2015-04-01 15:06 - 00000000 ____D C:\Users\Bobo\AppData\Roaming\DAEMON Tools Lite
2015-06-06 21:08 - 2015-03-16 22:56 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-05-29 20:31 - 2015-03-28 19:25 - 00000000 ____D C:\Users\Bobo\AppData\Roaming\Skype
2015-05-28 19:52 - 2015-03-16 18:21 - 00000000 ____D C:\Users\Bobo\AppData\Roaming\uTorrent
2015-05-27 21:18 - 2015-03-16 16:47 - 00863592 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-25 17:29 - 2015-04-17 21:47 - 00000000 ____D C:\Users\bobo_2\AppData\Local\Google
2015-05-25 17:29 - 2014-11-25 18:34 - 00000000 ____D C:\zoek_backup
2015-05-24 17:37 - 2015-05-05 21:14 - 00000000 ____D C:\Users\Bobo\Documents\My Games
2015-05-23 23:17 - 2013-08-22 16:44 - 05174352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-23 22:55 - 2015-03-16 16:50 - 00000000 ____D C:\Users\Bobo\AppData\Roaming\Adobe
2015-05-23 22:53 - 2015-04-01 15:37 - 00000000 ____D C:\Program Files\Adobe
2015-05-23 22:53 - 2015-04-01 15:33 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-05-23 22:51 - 2015-03-16 17:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-05-23 22:01 - 2014-11-23 12:09 - 00000000 ____D C:\AdwCleaner
2015-05-23 11:13 - 2015-04-01 15:38 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-05-22 20:52 - 2015-03-16 17:12 - 00000000 ____D C:\Users\Bobo\AppData\Roaming\Raptr
2015-05-22 20:17 - 2015-05-05 21:18 - 00000000 ____D C:\Users\Bobo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Focus Home Interactive
2015-05-22 18:55 - 2015-03-16 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-05-22 18:55 - 2015-03-16 17:41 - 00000000 ____D C:\Program Files\CPUID
2015-05-20 18:33 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-05-20 18:32 - 2015-04-04 16:02 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-05-20 18:32 - 2015-04-04 16:02 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-05-19 18:01 - 2015-03-16 16:56 - 00003926 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 18:01 - 2015-03-16 16:56 - 00003690 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 17:27 - 2015-03-16 17:12 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-05-17 15:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-05-17 11:39 - 2015-03-16 18:41 - 00000090 _____ C:\Users\Bobo\Desktop\Hesla na lolko.txt
2015-05-16 18:47 - 2015-03-16 22:56 - 00003718 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-05-14 19:35 - 2015-03-16 18:17 - 00000000 ____D C:\ProgramData\Origin
2015-05-14 19:31 - 2015-03-16 18:19 - 00000000 ____D C:\Users\Bobo\AppData\Roaming\Origin
2015-05-14 19:31 - 2015-03-16 18:16 - 00000000 ____D C:\Program Files (x86)\Origin
2015-05-14 08:54 - 2015-03-16 18:39 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2015-05-13 21:05 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-05-13 21:05 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 16:55 - 2015-03-18 14:52 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-05-13 16:51 - 2015-03-18 14:52 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-13 16:50 - 2015-04-01 15:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-13 16:44 - 2013-08-22 21:11 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-13 14:32 - 2015-03-16 17:22 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-12 20:44 - 2015-03-27 16:22 - 00001390 _____ C:\Users\Bobo\Desktop\SpaceEngineers - Shortcut.lnk

==================== Files in the root of some directories =======

2015-05-23 22:43 - 2015-05-23 22:43 - 182572124 _____ () C:\Users\Bobo\AppData\Local\ACCCx3_0_1_88.zip.aamdownload
2015-05-23 22:43 - 2015-05-23 22:43 - 0002194 _____ () C:\Users\Bobo\AppData\Local\ACCCx3_0_1_88.zip.aamdownload.aamd

Some files in TEMP:
====================
C:\Users\Bobo\AppData\Local\Temp\dllnt_dump.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-04 16:59

==================== End of log ============================

[Orcus]

Doinstaluj si ovladače pro MB:

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Zlegalizuj si Office / Windows!!!!

Task: {F6C87B3E-34C5-4D35-BD44-8B2E9E035397} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-03-16] ()

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

Task: {09672CC5-4C82-4F39-AD08-D85C3FB50BBA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe
Task: {7C2E6A96-A034-478A-BFEE-1D3B1274AB11} - \Optimize Start Menu Cache Files-S-1-5-21-4076773374-1843248530-2627806815-1003 No Task File <==== ATTENTION
Task: {86AC77C2-B0C9-4607-BDC2-5A56C12FC12C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-16] (Google Inc.)
Task: {C70CF9A4-7693-46DB-A2F3-3D68A9EA87C0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-16] (Adobe Systems Incorporated)
Task: {F5E407B4-3EB3-4C41-8826-BE136EEA55A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-16] (Google Inc.)
Task: {F6C87B3E-34C5-4D35-BD44-8B2E9E035397} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-03-16] ()
Task: {FE3D7359-5BF7-4F89-A346-2B047FB107DF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_169_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKU\S-1-5-21-4076773374-1843248530-2627806815-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4076773374-1843248530-2627806815-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
CHR Profile: C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-25]
CHR Extension: (Google Docs) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-16]
CHR Extension: (Google Drive) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-16]
CHR Extension: (YouTube) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-16]
CHR Extension: (Google Search) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-16]
CHR Extension: (Google Sheets) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-25]
CHR Extension: (Bookmark Manager) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Google Wallet) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
CHR Extension: (Gmail) - C:\Users\Bobo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-16]
2015-06-09 18:40 - 2015-03-16 16:56 - 00000950 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-09 18:06 - 2015-03-16 16:56 - 00000954 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-09 17:31 - 2015-03-16 22:56 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-06 21:08 - 2015-03-16 22:56 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-05-19 18:01 - 2015-03-16 16:56 - 00003926 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 18:01 - 2015-03-16 16:56 - 00003690 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-09 18:43 - 2015-04-16 20:33 - 00003758 _____ C:\WINDOWS\System32\Tasks\AutoKMS


(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusť FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.