﻿Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
Ran by IMPs (administrator) on CASYOPEA on 30-06-2015 00:37:24
Running from C:\Users\IMPs\Desktop
Loaded Profiles: IMPs (Available Profiles: IMPs)
Platform: Windows 8.1 Pro (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
Failed to access process -> NvStreamNetworkService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-30] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-632114120-3898815288-2674959074-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-632114120-3898815288-2674959074-1001\...\Run: [uTorrent] => C:\Users\IMPs\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-16] (BitTorrent Inc.)
HKU\S-1-5-21-632114120-3898815288-2674959074-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG)
HKU\S-1-5-21-632114120-3898815288-2674959074-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-632114120-3898815288-2674959074-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\scrnsave.scr [11776 2013-08-22] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-01-07] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-632114120-3898815288-2674959074-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-07] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-07] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-21] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{3A0E242F-FF3D-4405-A0A3-CC1FB30DF359}: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\IMPs\AppData\Roaming\Mozilla\Firefox\Profiles\3ukdpuz6.default-1428758307883
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-23] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-13] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-632114120-3898815288-2674959074-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\IMPs\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-24] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-07]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome: 
=======
CHR Profile: C:\Users\IMPs\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\IMPs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-07]
CHR Extension: (Google Docs) - C:\Users\IMPs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-07]
CHR Extension: (Google Drive) - C:\Users\IMPs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-07]
CHR Extension: (YouTube) - C:\Users\IMPs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-07]
CHR Extension: (Google Search) - C:\Users\IMPs\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-07]
CHR Extension: (Avast SafePrice) - C:\Users\IMPs\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-06-30]
CHR Extension: (Google Sheets) - C:\Users\IMPs\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-07]
CHR Extension: (Avast Online Security) - C:\Users\IMPs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-21]
CHR Extension: (Google Wallet) - C:\Users\IMPs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-07]
CHR Extension: (Gmail) - C:\Users\IMPs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-07]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-07] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-07] (Avast Software)
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-03-07] ()
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-01-07] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-07] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-07] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-07] ()
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2015-01-07] (Disc Soft Ltd)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-07] (Avast Software)
S3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [685568 2013-09-30] (Microsoft Corporation)
S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [685568 2013-09-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-30 00:37 - 2015-06-30 00:37 - 00016201 _____ C:\Users\IMPs\Desktop\FRST.txt
2015-06-30 00:28 - 2015-06-29 23:19 - 00024064 _____ C:\Windows\zoek-delete.exe
2015-06-29 23:21 - 2015-06-30 00:30 - 00018074 _____ C:\zoek-results.log
2015-06-29 23:19 - 2015-06-30 00:25 - 00000000 ____D C:\zoek_backup
2015-06-29 23:19 - 2015-06-29 23:19 - 01308672 _____ C:\Users\IMPs\Desktop\zoek.exe
2015-06-29 23:00 - 2015-06-29 23:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-29 22:52 - 2015-06-29 22:52 - 00259773 _____ C:\Users\IMPs\Desktop\Screenshot_3.rar
2015-06-29 22:42 - 2015-06-29 22:45 - 00000000 ____D C:\AdwCleaner
2015-06-29 22:33 - 2015-06-29 22:33 - 02244096 _____ C:\Users\IMPs\Desktop\adwcleaner_4.207.exe
2015-06-29 21:38 - 2015-06-29 21:38 - 00038279 _____ C:\Users\IMPs\Desktop\Tomáš PC.zip
2015-06-29 21:38 - 2015-06-29 21:38 - 00000000 ____D C:\Users\IMPs\Desktop\Tomáš PC
2015-06-29 21:34 - 2015-06-30 00:37 - 00000000 ____D C:\FRST
2015-06-29 21:33 - 2015-06-29 21:33 - 00112640 _____ (forum.viry.cz) C:\Users\IMPs\Desktop\FRSTLauncher.exe
2015-06-29 21:31 - 2015-06-29 21:31 - 02112512 _____ (Farbar) C:\Users\IMPs\Desktop\FRST64.exe
2015-06-29 21:27 - 2015-06-29 21:37 - 00000000 ____D C:\rsit
2015-06-29 21:27 - 2015-06-29 21:27 - 00000000 ____D C:\Program Files\trend micro
2015-06-29 21:21 - 2015-06-29 21:21 - 01222144 _____ C:\Users\IMPs\Desktop\RSITx64.exe
2015-06-29 21:21 - 2015-06-29 21:21 - 00688992 ____R (Swearware) C:\Users\IMPs\Desktop\dds.exe
2015-06-28 11:15 - 2015-06-28 22:24 - 00013069 _____ C:\Users\IMPs\Desktop\Jún Tomáš Zaťko-4.xlsx
2015-06-15 09:20 - 2015-06-15 09:20 - 00000000 ____D C:\Users\IMPs\AppData\Local\RabanSoft
2015-06-14 13:40 - 2015-06-30 00:35 - 00003756 _____ C:\Windows\System32\Tasks\AutoKMS
2015-06-08 22:11 - 2015-06-08 22:11 - 00003172 _____ C:\Windows\System32\Tasks\{4351763D-8BA0-41EF-8817-ABD64AC1FB2C}
2015-06-06 00:03 - 2015-06-06 08:17 - 871995392 ____R C:\Users\IMPs\Downloads\Ex.Machina.2015.BDRip.XviD.CZ-HiDE.avi
2015-06-05 23:00 - 2015-06-05 23:32 - 936487658 ____R C:\Users\IMPs\Downloads\Babovřesky 3 (2015) CZ.avi
2015-06-04 21:55 - 2015-06-29 22:45 - 00000000 ____D C:\Windows\system32\log
2015-06-03 22:57 - 2015-06-03 22:57 - 09961629 _____ (DaemonicMU ) C:\Users\IMPs\Downloads\daemu_2014S4_1_35_update.exe
2015-06-03 22:50 - 2015-06-03 22:56 - 213870945 _____ (DaemonicMU ) C:\Users\IMPs\Downloads\daemu_2014S4_1_30_nosound (1).exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-30 00:36 - 2015-01-07 09:59 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{841E7368-2274-4D1B-8E16-04EEB15D7743}
2015-06-30 00:35 - 2015-05-03 15:16 - 02057416 _____ C:\Windows\WindowsUpdate.log
2015-06-30 00:35 - 2015-01-07 09:09 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-632114120-3898815288-2674959074-1001
2015-06-30 00:31 - 2015-04-21 09:04 - 00000974 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-30 00:30 - 2015-01-07 16:48 - 00000008 __RSH C:\ProgramData\ntuser.pol
2015-06-30 00:30 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-30 00:29 - 2015-05-11 21:31 - 00005724 _____ C:\Windows\PFRO.log
2015-06-30 00:29 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-06-30 00:20 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-06-30 00:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-06-30 00:15 - 2015-04-21 09:04 - 00000978 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-30 00:15 - 2015-01-16 21:24 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-30 00:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-06-29 23:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-06-29 22:41 - 2015-04-29 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2015-06-29 22:39 - 2015-02-21 12:18 - 00000000 ____D C:\Users\IMPs\AppData\Roaming\.minecraft
2015-06-29 22:36 - 2015-04-21 09:04 - 00003950 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-06-29 22:36 - 2015-04-21 09:04 - 00003714 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-06-29 21:14 - 2015-01-07 11:53 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-28 22:57 - 2015-01-07 14:24 - 00000000 ____D C:\Users\IMPs\AppData\Roaming\vlc
2015-06-28 11:45 - 2015-01-07 01:24 - 00000000 ____D C:\Users\IMPs\AppData\Local\Packages
2015-06-26 21:32 - 2013-09-30 06:20 - 01745984 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-26 21:32 - 2013-09-30 05:57 - 00739924 _____ C:\Windows\system32\perfh005.dat
2015-06-26 21:32 - 2013-09-30 05:57 - 00151610 _____ C:\Windows\system32\perfc005.dat
2015-06-23 21:17 - 2015-01-16 21:24 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-22 21:17 - 2015-04-21 09:05 - 00002215 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-20 20:45 - 2015-01-07 12:24 - 00000000 ____D C:\Users\IMPs\AppData\Roaming\uTorrent
2015-06-19 23:43 - 2015-01-07 01:23 - 00000000 ____D C:\Users\IMPs
2015-06-16 09:11 - 2015-04-28 05:31 - 00000000 ____D C:\Users\IMPs\Downloads\Microsoft Windows XP Professional SP3 CZ [ 8.2013 ]
2015-06-12 20:04 - 2015-05-11 21:44 - 00006136 _____ C:\Windows\setupact.log
2015-06-07 12:10 - 2015-01-07 10:28 - 00000000 ____D C:\Users\IMPs\AppData\Roaming\DAEMON Tools Lite

==================== Files in the root of some directories =======

2015-01-07 11:51 - 2015-05-30 23:39 - 0000424 _____ () C:\Users\IMPs\AppData\Local\UserProducts.xml

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-24 16:36

==================== End of log ============================