﻿Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by Admin (administrator) on ZALMANR1 (15-03-2016 19:28:47)
Running from C:\Users\Admin\Desktop\Scan
Loaded Profiles: Admin (Available Profiles: Admin & Baruška & MSSQL$ADK)
Platform: Windows 10 Pro (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safepay\obksvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.19020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_182.exe
(Mozilla Corporation) C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe
() C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8483032 2015-05-28] (Realtek Semiconductor)
HKLM\...\Run: [Eraser] => C:\Program Files\Eraser\Eraser.exe [1074088 2015-09-03] (The Eraser Project)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7137664 2016-03-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595504 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888344 2016-02-05] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-02-03] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{93cd84c0-9c28-42cf-8441-bbe6616bf76d}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2560372422-2021965399-549226919-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-02-03] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-02-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll [2016-02-15] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-02-03] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-09] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll [2016-02-15] (Oracle Corporation)
Handler: cardisabled - No CLSID Value
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7c2brz7f.default-1457218423810
FF Homepage: about:home
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll [2016-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.74.2 -> C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll [2016-02-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-02-09] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-21] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-02-09] (Microsoft Corporation)
FF Extension: Disable Anti-Adblock - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7c2brz7f.default-1457218423810\extensions\{d49a148e-817e-4025-bee3-5d541376de3b}.xpi [2016-03-06]
FF Extension: WOT - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7c2brz7f.default-1457218423810\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-03-14]
FF Extension: Lazarus: Form Recovery - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7c2brz7f.default-1457218423810\extensions\lazarus@interclue.com.xpi [2016-03-14]
FF Extension: Certificate Patrol - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7c2brz7f.default-1457218423810\extensions\CertPatrol@PSYC.EU.xpi [2016-03-14]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7c2brz7f.default-1457218423810\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-06]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-15]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-03-15]
FF HKLM-x32\...\Firefox\Extensions: [{a171a864-424e-4d77-be5a-1ee220deccd3}] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff
FF Extension: Bitdefender Safepay - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxff [2014-11-11] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms}
CHR DefaultSearchKeyword: Default -> Avira
CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=en
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-13]
CHR Extension: (Tampermonkey) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-12-09]
CHR Extension: (Avast Online Security) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-02-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-01]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2015-09-27]
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-02-03]
CHR HKLM-x32\...\Chrome\Extension: [hhgfkbnifcfibjflcgibdmabmcgmjdco] - C:\Program Files\Bitdefender\Bitdefender Safepay\spbxcr.crx [2015-09-27]
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [File not signed]
S4 appdrvrem01; C:\WINDOWS\System32\appdrvrem01.exe [551896 2015-04-11] (Protection Technology)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2015-10-02] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [237096 2016-02-03] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433688 2016-02-05] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413208 2016-02-05] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [859672 2016-02-05] (BlueStack Systems, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 MSSQL$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\sqlservr.exe [163008 2015-07-16] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 OBKSvc; C:\Program Files\Bitdefender\Bitdefender Safepay\OBKSvc.exe [1242568 2014-11-11] (Bitdefender)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S4 SQLAgent$ADK; c:\Program Files (x86)\Microsoft SQL Server\MSSQL11.ADK\MSSQL\Binn\SQLAGENT.EXE [448704 2015-07-16] (Microsoft Corporation)
R2 UPDATESRV_SAFEPAY; C:\Program Files\Bitdefender\Bitdefender Safepay\updatesrv.exe [66784 2014-10-28] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 CmdAgent; "C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" [X]
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [31992 2015-06-03] (Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2015-04-19] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2015-04-19] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2015-04-19] (LG Electronics Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 appdrv01; C:\Windows\System32\Drivers\appdrv01.sys [2715824 2015-04-11] (Protection Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2015-07-27] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-02-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-03-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-02-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-02-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-03-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463744 2016-02-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [165344 2016-02-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287016 2016-02-10] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
S3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-02-05] (BlueStack Systems)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows (R) Win 7 DDK provider)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21720 2015-11-18] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [828144 2015-11-18] (COMODO)
R1 cmdhlp; C:\Windows\system32\DRIVERS\cmdhlp.sys [35056 2015-08-05] (COMODO)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2015-04-02] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2015-04-02] (Windows (R) Win 7 DDK provider)
S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [41032 2013-05-23] (ThreatTrack Security)
S3 gfiutil; C:\Windows\System32\drivers\gfiutil.sys [31264 2013-09-04] (ThreatTrack Security)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [146720 2012-09-05] (BitDefender LLC)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [41080 2016-01-29] ()
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-23] (REALiX(tm))
S0 icquni; no ImagePath
R1 inspect; C:\Windows\system32\DRIVERS\inspect.sys [127232 2015-08-05] (COMODO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [864072 2015-10-01] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106120 2015-10-01] (McAfee, Inc.)
U5 mfevtp; C:\WINDOWS\system32\mfevtps.exe [250672 2016-03-05] (McAfee, Inc.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2015-06-13] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2015-06-13] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek                                            )
S0 ssuhop; no ImagePath
S3 trufos; C:\Windows\System32\drivers\trufos.sys [350160 2015-10-04] (BitDefender S.R.L.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 aswArKrn; \??\C:\Users\Admin\AppData\Local\Temp\aswArKrn.sys [X]
S3 efavdrv; \??\C:\WINDOWS\system32\drivers\efavdrv.sys [X]
S3 MFE_RR; \??\C:\Users\Admin\AppData\Local\Temp\mfe_rr.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-15 19:25 - 2016-03-15 19:25 - 00016148 _____ C:\WINDOWS\system32\ZALMANR1_Admin_HistoryPrediction.bin
2016-03-13 18:35 - 2016-03-13 18:35 - 00000000 ____D C:\Users\Admin\AppData\Local\_
2016-03-13 18:12 - 2016-03-13 18:12 - 01083916 _____ C:\Users\Admin\Downloads\saep.zip
2016-03-12 13:06 - 2016-02-03 18:08 - 00398152 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-03-12 13:05 - 2016-03-12 13:05 - 00002482 _____ C:\WINDOWS\System32\Tasks\Uninstaller_SkipUac_Admin
2016-03-11 18:58 - 2016-03-11 18:58 - 00000218 _____ C:\Users\Admin\AppData\Local\recently-used.xbel
2016-03-10 06:32 - 2016-03-12 13:08 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-03-10 06:32 - 2016-03-12 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-03-10 06:32 - 2016-03-10 06:32 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Ashampoo
2016-03-10 06:32 - 2016-03-10 06:32 - 00000000 ____D C:\Users\Admin\AppData\Local\ashampoo
2016-03-10 06:31 - 2016-03-10 06:31 - 12891208 _____ (Ashampoo GmbH & Co. KG ) C:\Users\Admin\Downloads\ashampoo_burning_studio_6_free_6.84_13471.exe
2016-03-10 06:30 - 2016-03-12 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vypalovač CD, DVD, Blu-ray, HD-DVD
2016-03-10 06:30 - 2016-03-10 06:30 - 08218472 _____ (PS Media s.r.o. ) C:\Users\Admin\Downloads\vypalovac.exe
2016-03-10 06:25 - 2016-03-12 13:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ ISO Burner
2016-03-10 06:25 - 2016-03-12 13:08 - 00000000 ____D C:\Program Files (x86)\LSoft Technologies
2016-03-10 06:25 - 2016-03-10 06:25 - 04097491 _____ C:\Users\Admin\Downloads\Iso-burner.zip
2016-03-09 15:09 - 2016-02-23 15:53 - 01314496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 15:09 - 2016-02-23 15:51 - 00633184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-03-09 15:09 - 2016-02-23 15:41 - 00299600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2016-03-09 15:09 - 2016-02-23 15:07 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-09 15:09 - 2016-02-23 14:23 - 00952968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 15:09 - 2016-02-23 14:11 - 00249976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2016-03-09 15:09 - 2016-02-23 13:39 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-09 15:09 - 2016-02-23 13:38 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-09 15:09 - 2016-02-23 13:16 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 15:09 - 2016-02-23 12:55 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 15:09 - 2016-02-23 12:45 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-09 15:09 - 2016-02-23 12:45 - 06788608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 15:09 - 2016-02-23 12:38 - 02663424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-09 15:09 - 2016-02-23 12:14 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-03-09 15:09 - 2016-02-23 12:04 - 00225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 15:09 - 2016-02-23 12:03 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 15:09 - 2016-02-23 11:55 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 15:09 - 2016-02-23 11:51 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 15:09 - 2016-02-23 11:51 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 15:09 - 2016-02-23 11:48 - 21859840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 15:09 - 2016-02-23 11:48 - 05157376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 15:09 - 2016-02-23 11:46 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 15:09 - 2016-02-23 11:45 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 15:09 - 2016-02-23 11:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 15:09 - 2016-02-23 11:44 - 01821696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-09 15:09 - 2016-02-23 11:38 - 07524864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-09 15:09 - 2016-02-23 11:17 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 15:09 - 2016-02-23 11:11 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 15:09 - 2016-02-23 11:03 - 01495040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 15:09 - 2016-02-23 11:00 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-09 15:09 - 2016-02-23 10:58 - 18800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 15:08 - 2016-02-23 15:52 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-09 15:08 - 2016-02-23 15:51 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 15:08 - 2016-02-23 15:50 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 15:08 - 2016-02-23 15:48 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 15:08 - 2016-02-23 15:48 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-09 15:08 - 2016-02-23 15:48 - 01123952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-09 15:08 - 2016-02-23 15:41 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 15:08 - 2016-02-23 15:41 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-03-09 15:08 - 2016-02-23 15:40 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-03-09 15:08 - 2016-02-23 15:38 - 00272752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 15:08 - 2016-02-23 15:36 - 00080128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-03-09 15:08 - 2016-02-23 15:11 - 00781984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 15:08 - 2016-02-23 15:11 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-09 15:08 - 2016-02-23 15:11 - 00103776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-03-09 15:08 - 2016-02-23 15:08 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-09 15:08 - 2016-02-23 14:39 - 00607416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 15:08 - 2016-02-23 14:30 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 15:08 - 2016-02-23 14:25 - 01085632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-09 15:08 - 2016-02-23 14:21 - 00529456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 15:08 - 2016-02-23 14:21 - 00141152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 15:08 - 2016-02-23 14:11 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-03-09 15:08 - 2016-02-23 14:11 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-03-09 15:08 - 2016-02-23 14:09 - 00229352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 15:08 - 2016-02-23 14:06 - 00069232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-03-09 15:08 - 2016-02-23 13:58 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-03-09 15:08 - 2016-02-23 13:50 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-09 15:08 - 2016-02-23 13:50 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-03-09 15:08 - 2016-02-23 13:42 - 00658536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 15:08 - 2016-02-23 13:42 - 00467296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-09 15:08 - 2016-02-23 13:42 - 00078176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-03-09 15:08 - 2016-02-23 13:35 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 15:08 - 2016-02-23 13:20 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-03-09 15:08 - 2016-02-23 13:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-03-09 15:08 - 2016-02-23 13:15 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 15:08 - 2016-02-23 13:15 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-03-09 15:08 - 2016-02-23 12:59 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-03-09 15:08 - 2016-02-23 12:59 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-09 15:08 - 2016-02-23 12:57 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-09 15:08 - 2016-02-23 12:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 15:08 - 2016-02-23 12:37 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-03-09 15:08 - 2016-02-23 12:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-09 15:08 - 2016-02-23 12:25 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 15:08 - 2016-02-23 12:18 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 15:08 - 2016-02-23 12:17 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-03-09 15:08 - 2016-02-23 12:17 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-03-09 15:08 - 2016-02-23 12:08 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 15:08 - 2016-02-23 12:02 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 15:08 - 2016-02-23 11:55 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 15:08 - 2016-02-23 11:45 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 15:08 - 2016-02-23 11:29 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-03-09 15:08 - 2016-02-23 11:00 - 05457408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 15:07 - 2016-02-23 12:42 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 15:07 - 2016-02-23 12:03 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 15:07 - 2016-02-23 11:45 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-03-09 15:07 - 2016-02-23 11:17 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 05:35 - 2016-03-09 05:35 - 00000000 ____D C:\Users\Admin\Desktop\vypálit
2016-03-07 20:29 - 2016-03-07 20:29 - 00029546 _____ C:\Users\Admin\Downloads\Sweet-Home(0000264199).srt
2016-03-05 23:53 - 2016-03-05 23:53 - 00032540 _____ C:\ProgramData\1457217569.bdinstall.bin
2016-03-05 20:44 - 2016-03-05 20:44 - 00001742 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-03-05 20:44 - 2016-03-05 20:44 - 00001718 _____ C:\Users\Public\Desktop\BlueStacks.lnk
2016-03-05 20:44 - 2016-03-05 20:44 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2016-03-05 20:42 - 2016-03-05 20:43 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2016-03-05 20:42 - 2016-03-05 20:42 - 00000000 ____D C:\ProgramData\BlueStacks
2016-03-05 20:40 - 2016-03-15 03:03 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-03-05 20:40 - 2016-03-05 20:40 - 00000000 ____D C:\Users\Admin\AppData\Local\Bluestacks
2016-03-05 20:36 - 2016-03-05 20:36 - 00050106 _____ C:\ProgramData\1457206464.bdinstall.bin
2016-03-05 20:33 - 2016-03-05 20:33 - 00316168 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2016-03-05 20:33 - 2016-03-05 20:33 - 00000000 ____D C:\Users\Admin\Downloads\TrendMicro AntiThreat Toolkit
2016-03-05 20:24 - 2016-03-05 20:41 - 184505152 _____ C:\Users\Admin\Downloads\g515k89l.exe
2016-03-05 18:46 - 2016-03-05 18:52 - 00265960 _____ C:\TDSSKiller.3.1.0.9_05.03.2016_18.46.24_log.txt
2016-03-05 18:45 - 2016-03-05 18:46 - 00000490 _____ C:\TDSSKiller.3.1.0.9_05.03.2016_18.45.58_log.txt
2016-03-05 18:45 - 2016-03-05 18:45 - 00246848 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\67417549.sys
2016-03-05 18:44 - 2016-03-05 18:45 - 00061094 _____ C:\TDSSKiller.3.1.0.9_05.03.2016_18.44.40_log.txt
2016-02-27 23:41 - 2016-03-02 00:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-27 23:10 - 2016-03-02 00:06 - 00000000 ____D C:\Program Files\Unlocker
2016-02-27 22:51 - 2016-02-27 22:52 - 03374394 _____ C:\Users\Admin\Downloads\processhacker-2.38-bin.zip
2016-02-27 17:56 - 2016-03-02 00:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Spy Emergency
2016-02-27 17:56 - 2016-03-01 01:21 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Noralabs antimalware
2016-02-27 17:56 - 2016-03-01 01:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Emergency
2016-02-27 17:55 - 2016-02-27 17:55 - 00000000 ____D C:\Quarantine
2016-02-27 17:55 - 2016-02-27 17:55 - 00000000 ____D C:\ProgramData\NETGATE
2016-02-27 17:07 - 2016-02-27 17:07 - 00000000 _SHDL C:\Users\DWM-1\Soubory cookie
2016-02-27 17:07 - 2016-02-27 17:07 - 00000000 _SHDL C:\Users\DWM-1\AppData\Local\Data aplikací
2016-02-27 17:06 - 2016-03-02 00:05 - 00000000 ____D C:\Users\DWM-1
2016-02-27 17:06 - 2016-02-27 17:06 - 00000016 _____ C:\ProgramData\mntemp
2016-02-27 17:06 - 2016-02-27 17:06 - 00000000 _SHDL C:\Users\DWM-1\Šablony
2016-02-27 17:06 - 2016-02-27 17:06 - 00000000 _SHDL C:\Users\DWM-1\Poslední
2016-02-27 17:06 - 2016-02-27 17:06 - 00000000 _SHDL C:\Users\DWM-1\Okolní tiskárny
2016-02-27 17:06 - 2016-02-27 17:06 - 00000000 _SHDL C:\Users\DWM-1\Okolní síť
2016-02-27 17:06 - 2016-02-27 17:06 - 00000000 _SHDL C:\Users\DWM-1\Nabídka Start
2016-02-27 17:06 - 2016-02-27 17:06 - 00000000 _SHDL C:\Users\DWM-1\Dokumenty
2016-02-27 17:06 - 2016-02-27 17:06 - 00000000 _SHDL C:\Users\DWM-1\Documents\Obrázky
2016-02-27 17:06 - 2016-02-27 17:06 - 00000000 _SHDL C:\Users\DWM-1\Documents\Hudba
2016-02-27 17:06 - 2016-02-27 17:06 - 00000000 _SHDL C:\Users\DWM-1\Documents\Filmy
2016-02-27 17:06 - 2016-02-27 17:06 - 00000000 _SHDL C:\Users\DWM-1\Data aplikací
2016-02-27 17:06 - 2016-02-27 17:06 - 00000000 _SHDL C:\Users\DWM-1\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2016-02-27 17:06 - 2016-02-27 17:06 - 00000000 ____D C:\WINDOWS\Minidump\Cezurity
2016-02-27 17:06 - 2015-07-31 15:40 - 00000000 ____D C:\Users\DWM-1\AppData\Roaming\ATI
2016-02-27 17:06 - 2015-07-31 15:40 - 00000000 ____D C:\Users\DWM-1\AppData\Local\Microsoft Help
2016-02-27 17:06 - 2015-07-31 15:40 - 00000000 ____D C:\Users\DWM-1\AppData\Local\ATI
2016-02-27 09:13 - 2016-02-27 09:13 - 00063922 _____ C:\Users\Admin\Downloads\The Vampire Diaries - 07x14 - Moonlight on the Bayou.LOL.English.HI.C.orig.Addic7ed.com.srt
2016-02-27 02:23 - 2016-03-05 20:38 - 271802696 _____ (BlueStack Systems Inc.) C:\Users\Admin\Downloads\BlueStacks2_native.exe
2016-02-26 14:47 - 2016-02-26 14:48 - 14758443 _____ (Deluge Team) C:\Users\Admin\Downloads\deluge-1.3.12-1-win32-py2.6-setup.exe
2016-02-25 04:32 - 2016-02-25 04:33 - 01636897 _____ C:\Users\Admin\Downloads\FirefoxDownloadUnblocker.zip
2016-02-25 04:30 - 2016-03-05 20:42 - 01579552 _____ (McAfee Inc.) C:\Users\Admin\Downloads\getsusp.exe
2016-02-25 04:05 - 2016-02-25 04:26 - 02113152 _____ C:\Users\Admin\Downloads\PANDAFREEAV.exe
2016-02-25 04:05 - 2016-02-25 04:05 - 08589664 _____ (McAfee, Inc.) C:\Users\Admin\Downloads\SecurityScan_Release(1).exe
2016-02-25 04:05 - 2016-02-25 04:05 - 02622792 _____ (Kaspersky Lab) C:\Users\Admin\Downloads\kss16.0.0.1344en_ru_de_fr_es_pt_it_zh-hans_nl_pl_tr_cs_ko_id_vi_ar_fa_zh-hant_9328(1).exe
2016-02-25 04:04 - 2016-03-05 20:33 - 00160160 _____ C:\Users\Admin\Downloads\60Second_en_us.exe
2016-02-25 04:03 - 2016-02-25 04:07 - 141877394 _____ (Igor Pavlov) C:\Users\Admin\Downloads\ZillyaScanner_en.exe
2016-02-25 04:03 - 2016-02-25 04:05 - 24799576 _____ (SUPERAntiSpyware) C:\Users\Admin\Downloads\SAS_38423.EXE
2016-02-25 04:02 - 2016-02-25 04:08 - 163107769 _____ C:\Users\Admin\Downloads\vba32w-latest.zip
2016-02-25 04:01 - 2016-03-05 20:42 - 02527376 _____ (Trend Micro Inc.) C:\Users\Admin\Downloads\HousecallLauncher64.exe
2016-02-25 04:01 - 2016-02-25 04:02 - 05228804 _____ C:\Users\Admin\Downloads\sysclean.zip
2016-02-25 04:00 - 2016-02-25 04:03 - 143919144 _____ (Sophos Limited) C:\Users\Admin\Downloads\Sophos Virus Removal Tool.exe
2016-02-25 03:59 - 2016-02-25 04:01 - 89680280 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\KVRT(1).exe
2016-02-25 03:58 - 2016-02-25 04:06 - 119710544 _____ (PortableApps.com) C:\Users\Admin\Downloads\SpybotPortable_2.5.paf(1).exe
2016-02-25 03:58 - 2016-02-25 04:00 - 25169992 _____ C:\Users\Admin\Downloads\RogueKillerX64.exe
2016-02-25 03:58 - 2016-02-25 03:59 - 26379472 _____ (NETGATE Technologies s.r.o. ) C:\Users\Admin\Downloads\se-setup.exe
2016-02-25 03:58 - 2016-02-25 03:58 - 54329568 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\Windows-KB890830-x64-V5.33(1).exe
2016-02-25 03:58 - 2016-02-25 03:58 - 03088296 _____ (Symantec Corporation) C:\Users\Admin\Downloads\NPE.exe
2016-02-25 03:54 - 2016-02-25 03:56 - 155240216 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\msert.exe
2016-02-25 03:54 - 2016-02-25 03:55 - 54329568 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\Windows-KB890830-x64-V5.33.exe
2016-02-25 03:54 - 2016-02-25 03:55 - 42126923 _____ C:\Users\Admin\Downloads\PandaCloudCleaner(2).zip
2016-02-25 03:54 - 2016-02-25 03:55 - 12795800 _____ () C:\Users\Admin\Downloads\norascan.exe
2016-02-25 03:53 - 2016-02-25 03:56 - 89680280 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\KVRT.exe
2016-02-25 03:53 - 2016-02-25 03:53 - 02870984 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_enu.exe
2016-02-25 03:52 - 2016-02-25 03:53 - 23732069 _____ C:\Users\Admin\Downloads\cce_2.5.242177.201_x32.zip
2016-02-25 03:52 - 2016-02-25 03:52 - 03354176 _____ C:\Users\Admin\Downloads\scanclgui-2012-07-04.zip
2016-02-25 03:52 - 2016-02-25 03:52 - 01396968 _____ (Cezurity) C:\Users\Admin\Downloads\Cezurity_Antivirus.exe
2016-02-25 03:10 - 2016-02-25 03:14 - 119710544 _____ (PortableApps.com) C:\Users\Admin\Downloads\SpybotPortable_2.5.paf.exe
2016-02-25 03:10 - 2016-02-25 03:10 - 25543261 _____ C:\Users\Admin\Downloads\cce_2.5.242177.201_x64(1).zip
2016-02-24 03:06 - 2016-02-27 16:34 - 13530592 _____ (COMODO) C:\Users\Admin\Downloads\CSU_FREE_Setup.exe
2016-02-24 03:03 - 2016-02-24 03:04 - 25543261 _____ C:\Users\Admin\Downloads\cce_2.5.242177.201_x64.zip
2016-02-24 02:19 - 2016-02-24 02:19 - 00000272 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2016-02-24 02:19 - 2016-02-24 02:19 - 00000000 ____D C:\ProgramData\Comodo Downloader
2016-02-24 02:18 - 2016-02-24 16:03 - 00000000 ____D C:\Program Files\COMODO
2016-02-24 00:36 - 2016-02-24 00:41 - 220699928 _____ (COMODO) C:\Users\Admin\Downloads\cmd_fw_installer.exe
2016-02-24 00:30 - 2016-02-24 00:30 - 06837784 _____ (Piriform Ltd) C:\Users\Admin\Downloads\ccsetup515.exe
2016-02-23 23:49 - 2016-03-15 19:28 - 00000000 ____D C:\FRST
2016-02-22 17:13 - 2016-03-02 00:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2016-02-22 17:13 - 2016-03-01 23:59 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2016-02-22 17:13 - 2016-02-22 17:13 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-22 17:13 - 2016-02-22 17:13 - 00001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-02-22 17:12 - 2016-02-22 17:13 - 42840336 _____ C:\Users\Admin\Downloads\Firefox Setup 44.0.2.exe
2016-02-21 23:26 - 2016-02-21 23:30 - 00000000 ____D C:\Users\Admin\Downloads\Trojan - Lékařská fyziologie - 4.vydání
2016-02-21 17:44 - 2016-02-21 17:44 - 01699497 _____ (Christian Thöing ) C:\Users\Admin\Downloads\PWGen-2.7.0-Setup(1).exe
2016-02-19 01:22 - 2016-02-19 01:22 - 01054426 _____ C:\Users\Admin\Downloads\video-1441660914.mp4
2016-02-19 01:14 - 2016-02-19 01:14 - 01673034 _____ C:\Users\Admin\Downloads\video-1441487849.mp4
2016-02-16 15:12 - 2016-02-16 15:12 - 00077777 _____ C:\Users\Admin\Downloads\Přehled významných rodů(1).pptx
2016-02-16 01:04 - 2016-02-16 01:05 - 00000000 ____D C:\Users\Admin\Documents\ucebnice Pravo
2016-02-15 21:15 - 2016-02-15 21:15 - 00002658 _____ C:\Users\Public\Desktop\Skype.lnk
2016-02-15 21:15 - 2016-02-15 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-15 16:38 - 2016-02-15 16:38 - 00030443 _____ C:\Users\Admin\Downloads\DL-Fructose.svg
2016-02-15 03:30 - 2016-02-15 03:30 - 00000000 ____D C:\Program Files (x86)\MSECache
2016-02-15 03:29 - 2016-02-15 03:30 - 08374576 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\proofingtools_cs-cz-x64.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-15 19:28 - 2015-03-25 16:21 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2016-03-15 18:59 - 2015-10-18 23:07 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-15 17:34 - 2015-10-07 18:47 - 00002162 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-03-15 15:30 - 2015-04-01 22:23 - 00000000 ____D C:\Users\Admin\AppData\Roaming\KeePass
2016-03-15 14:07 - 2015-05-13 22:26 - 00000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2016-03-15 12:59 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-15 12:59 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-15 12:52 - 2015-04-03 19:23 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-03-15 06:17 - 2015-03-23 22:59 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Telegram Desktop
2016-03-15 03:45 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-15 03:45 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Globalization
2016-03-15 03:45 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-03-15 03:22 - 2015-04-01 22:51 - 00219694 _____ C:\Users\Admin\Desktop\DTBS.kdbx
2016-03-15 03:18 - 2015-03-23 23:50 - 00000000 ____D C:\Users\Admin\AppData\Roaming\PWGen
2016-03-15 03:00 - 2015-07-31 15:33 - 00000000 ____D C:\Users\Admin
2016-03-15 02:00 - 2015-04-04 23:06 - 00000000 ____D C:\Users\Admin\Downloads\Telegram Desktop
2016-03-14 01:32 - 2015-03-23 23:29 - 00000000 ____D C:\Movies
2016-03-14 01:22 - 2015-03-21 08:51 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2016-03-13 20:25 - 2015-03-23 23:50 - 00001032 _____ C:\Users\Public\Desktop\PWGen.lnk
2016-03-13 20:25 - 2015-03-23 23:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PWGen
2016-03-13 20:25 - 2015-03-23 23:50 - 00000000 ____D C:\Program Files (x86)\PWGen
2016-03-13 20:22 - 2015-03-23 19:01 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-13 18:35 - 2015-03-21 20:03 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2016-03-13 17:58 - 2015-04-21 21:08 - 00000000 ____D C:\Users\Admin\AppData\Local\LogMeIn Hamachi
2016-03-13 16:40 - 2015-03-23 19:12 - 00000000 ____D C:\Hry
2016-03-13 16:32 - 2015-03-23 22:15 - 00000000 ____D C:\Program Files\Recuva
2016-03-13 14:58 - 2015-10-15 14:27 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-03-13 14:57 - 2016-02-13 18:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-13 14:55 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-13 02:46 - 2016-02-09 15:36 - 00000000 ____D C:\Users\Admin\Documents\Matematika_pro_stredoskolaky_-_Nadace_Geneze
2016-03-13 02:46 - 2016-02-03 00:54 - 00000000 ____D C:\Users\Admin\Downloads\Matematika_-_Cesky_jazyk_-_EMPE
2016-03-12 16:14 - 2015-10-01 17:14 - 00000296 _____ C:\WINDOWS\Tasks\Uninstaller_SkipUac_Admin.job
2016-03-12 16:10 - 2015-11-17 15:44 - 00000000 ____D C:\Users\Admin\Desktop\Škola
2016-03-12 15:50 - 2015-07-31 15:49 - 02345332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-12 15:50 - 2015-07-10 17:02 - 01073962 _____ C:\WINDOWS\system32\perfh005.dat
2016-03-12 15:50 - 2015-07-10 17:02 - 00271530 _____ C:\WINDOWS\system32\perfc005.dat
2016-03-12 15:50 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2016-03-12 15:28 - 2015-09-10 20:31 - 00000000 ____D C:\Users\Admin\AppData\Roaming\dvdcss
2016-03-12 15:18 - 2015-10-03 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deluge
2016-03-12 14:08 - 2015-07-14 23:01 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-03-12 13:25 - 2015-06-29 18:00 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-12 13:08 - 2016-01-06 12:16 - 00001979 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-03-12 13:08 - 2016-01-06 12:16 - 00001967 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-03-12 13:08 - 2015-11-17 15:31 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-03-12 13:08 - 2015-03-30 19:57 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-03-12 13:01 - 2015-07-31 18:33 - 00000000 ____D C:\Users\Baruška
2016-03-12 13:01 - 2015-07-31 15:44 - 00000000 ____D C:\Users\MSSQL$ADK
2016-03-12 13:01 - 2015-07-10 10:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-03-12 13:00 - 2015-09-28 21:15 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ProductData
2016-03-12 13:00 - 2015-09-28 21:15 - 00000000 ____D C:\ProgramData\ProductData
2016-03-12 12:56 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\registration
2016-03-12 12:54 - 2015-10-15 14:24 - 00000000 ____D C:\Program Files\Microsoft Office
2016-03-10 19:41 - 2015-03-23 23:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\deluge
2016-03-10 04:36 - 2015-07-10 13:20 - 00356376 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-10 04:34 - 2015-07-10 10:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI(16)
2016-03-10 04:33 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-10 04:33 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-10 04:33 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-10 04:33 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-10 00:12 - 2015-11-17 15:31 - 01070904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-03-10 00:12 - 2015-11-17 15:31 - 00107792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-03-09 16:15 - 2015-09-03 19:42 - 00000000 ____D C:\Users\Admin\Desktop\Tor Browser
2016-03-09 15:58 - 2015-03-21 09:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 15:51 - 2015-03-21 09:54 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 14:42 - 2016-01-22 22:02 - 00000000 ____D C:\Users\Admin\AppData\Local\FSDART
2016-03-09 14:42 - 2015-09-27 19:21 - 00000000 ____D C:\ProgramData\Bitdefender
2016-03-09 14:42 - 2015-06-15 01:00 - 00000000 ____D C:\Program Files\Bitdefender
2016-03-08 08:10 - 2015-07-10 12:06 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 08:10 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-05 20:43 - 2015-07-10 12:04 - 00000000 __RHD C:\Users\Public\Libraries
2016-03-05 20:34 - 2016-01-30 01:46 - 34010104 _____ C:\Users\Admin\Downloads\60Second_x64.exe
2016-03-05 19:36 - 2015-10-02 21:37 - 00000000 ____D C:\ProgramData\F-Secure
2016-03-05 18:56 - 2015-10-01 21:37 - 00250672 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
2016-03-05 14:43 - 2015-03-25 16:21 - 00001139 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-03-02 00:07 - 2015-04-10 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serious Sam 2
2016-03-02 00:06 - 2015-09-27 00:45 - 00000000 ____D C:\ProgramData\Norton
2016-03-02 00:06 - 2015-09-23 21:48 - 00000000 ____D C:\WINDOWS\System32\Tasks\COMODO
2016-03-02 00:06 - 2015-08-29 20:51 - 00000000 ____D C:\ProgramData\OO Software
2016-03-02 00:06 - 2015-08-22 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2016-03-02 00:06 - 2015-08-01 23:28 - 00000000 ____D C:\ProgramData\HitmanPro
2016-03-02 00:06 - 2015-07-31 15:29 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-02 00:06 - 2015-07-15 04:39 - 00000000 ____D C:\ProgramData\RogueKiller
2016-03-02 00:06 - 2015-06-30 18:39 - 00000000 ____D C:\ProgramData\ROCCAT
2016-03-02 00:06 - 2015-04-18 23:25 - 00000000 ____D C:\ProgramData\HP Product Assistant
2016-03-02 00:06 - 2015-04-18 22:50 - 00000000 ____D C:\ProgramData\HP
2016-03-02 00:06 - 2015-04-04 09:58 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2016-03-02 00:06 - 2015-04-02 00:41 - 00000000 ____D C:\ProgramData\Skype
2016-03-02 00:06 - 2015-03-29 16:42 - 00000000 ____D C:\ProgramData\Oracle
2016-03-02 00:06 - 2015-03-24 21:07 - 00000000 ____D C:\ProgramData\Riot Games
2016-03-02 00:06 - 2015-03-23 19:23 - 00000000 ____D C:\ProgramData\ClassicShell
2016-03-02 00:06 - 2015-03-23 19:13 - 00000000 ____D C:\Users\Admin\AppData\Roaming\IObit
2016-03-02 00:06 - 2015-03-23 19:13 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\IObit
2016-03-02 00:06 - 2015-03-23 19:13 - 00000000 ____D C:\ProgramData\IObit
2016-03-02 00:06 - 2015-03-21 18:27 - 00000000 ____D C:\ProgramData\Microsoft SkyDrive
2016-03-02 00:00 - 2015-09-19 09:47 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-03-02 00:00 - 2015-04-08 21:04 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2016-03-02 00:00 - 2015-04-02 00:41 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2016-03-01 23:59 - 2016-01-30 01:52 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-03-01 23:59 - 2015-09-23 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2016-03-01 23:59 - 2015-09-23 21:25 - 00000000 ____D C:\ProgramData\Comodo
2016-03-01 23:59 - 2015-06-09 22:57 - 00000000 ____D C:\ProgramData\IsolatedStorage
2016-03-01 23:59 - 2015-04-02 20:00 - 00000000 ____D C:\ProgramData\Zoner
2016-03-01 23:59 - 2015-03-26 15:54 - 00000000 ____D C:\ProgramData\Steam
2016-03-01 23:59 - 2015-03-23 22:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-01 23:59 - 2015-03-21 19:58 - 00000000 ____D C:\ProgramData\Adobe
2016-03-01 19:32 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-02-27 17:06 - 2015-09-05 01:13 - 00000000 ____D C:\WINDOWS\Minidump
2016-02-27 17:05 - 2015-09-27 00:45 - 00000000 ____D C:\Users\Admin\AppData\Local\NPE
2016-02-24 15:55 - 2015-12-02 13:57 - 00000978 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-24 15:55 - 2015-12-02 13:57 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-24 03:11 - 2015-09-05 17:19 - 00003550 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-24 03:11 - 2015-09-05 17:19 - 00003326 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-24 02:07 - 2015-03-23 19:13 - 00000000 ____D C:\Program Files (x86)\IObit
2016-02-24 01:39 - 2015-04-02 00:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-24 01:39 - 2015-04-02 00:21 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-24 00:35 - 2015-10-07 18:47 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-23 18:10 - 2015-11-17 15:31 - 00463744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-02-22 17:06 - 2015-11-05 18:20 - 00243880 _____ C:\Users\Admin\Downloads\Firefox Setup Stub 42.0.exe
2016-02-21 12:10 - 2015-05-22 16:42 - 00002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-17 01:51 - 2015-11-23 23:31 - 00001802 _____ C:\Users\Admin\Desktop\Word 2013.lnk
2016-02-16 12:19 - 2016-01-16 02:09 - 00001018 _____ C:\Users\Admin\Desktop\Daum Potplayer-64 Bits.lnk
2016-02-15 21:15 - 2015-08-28 12:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-15 20:57 - 2015-09-07 18:05 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-02-15 20:57 - 2015-08-28 12:50 - 00000000 ____D C:\Users\Admin\.oracle_jre_usage

==================== Files in the root of some directories =======

2016-01-23 23:52 - 2016-01-23 23:52 - 0145838 _____ () C:\Users\Admin\AppData\Local\ars.cache
2016-01-23 23:52 - 2016-01-23 23:52 - 0335326 _____ () C:\Users\Admin\AppData\Local\census.cache
2015-09-23 20:02 - 2015-09-23 20:02 - 0003584 _____ () C:\Users\Admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-23 23:00 - 2016-01-23 23:00 - 0000036 _____ () C:\Users\Admin\AppData\Local\housecall.guid.cache
2016-03-11 18:58 - 2016-03-11 18:58 - 0000218 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-03-21 20:10 - 2015-09-27 00:50 - 0007602 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
2015-09-07 20:44 - 2015-09-07 20:44 - 0243595 _____ () C:\ProgramData\1441654844.bdinstall.bin
2015-09-27 19:22 - 2015-09-27 19:22 - 0201499 _____ () C:\ProgramData\1443378030.bdinstall.bin
2015-09-30 22:09 - 2015-09-30 22:09 - 0177845 _____ () C:\ProgramData\1443647147.bdinstall.bin
2016-01-30 01:48 - 2016-01-30 01:48 - 0050218 _____ () C:\ProgramData\1454114846.bdinstall.bin
2016-01-31 01:32 - 2016-01-31 01:32 - 0032614 _____ () C:\ProgramData\1454199274.bdinstall.bin
2016-03-05 20:36 - 2016-03-05 20:36 - 0050106 _____ () C:\ProgramData\1457206464.bdinstall.bin
2016-03-05 23:53 - 2016-03-05 23:53 - 0032540 _____ () C:\ProgramData\1457217569.bdinstall.bin
2015-07-31 15:29 - 2015-07-31 15:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-18 23:23 - 2015-07-14 01:23 - 0009270 _____ () C:\ProgramData\hpzinstall.log
2016-02-27 17:06 - 2016-02-27 17:06 - 0000016 _____ () C:\ProgramData\mntemp
2015-09-29 19:15 - 2015-09-29 19:15 - 0000000 _____ () C:\ProgramData\rebootpending.txt

Some files in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-13 02:20

==================== End of FRST.txt ============================