FRST Scan:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-10-2017
Ran by test (administrator) on TEST-PC (23-10-2017 17:46:53)
Running from C:\Users\test\Downloads
Loaded Profiles: test (Available Profiles: test)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Discord Inc.) C:\Users\test\AppData\Local\Discord\app-0.0.298\Discord.exe
(WinZip) C:\Program Files\WinZip\WZUpdateNotifier.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Discord Inc.) C:\Users\test\AppData\Local\Discord\app-0.0.298\Discord.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Discord Inc.) C:\Users\test\AppData\Local\Discord\app-0.0.298\Discord.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-10-12] (AVAST Software)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2015-11-09] (VIA)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3101984 2017-10-17] (Valve Corporation)
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [World of Tanks (1)] => "C:\Games\World_of_Tanks_CT\WargamingGameUpdater.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [World of Warships] => "C:\Games\World_of_Warships\WargamingGameUpdater.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [WallpaperEngine] => "C:\Program Files (x86)\Steam\steamapps\common\wallpaper_engine\wallpaper32.exe" -silent
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [World of Warplanes] => "C:\Games\World_of_Warplanes\WargamingGameUpdater.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [Gaijin.Net Agent] => "C:\Users\test\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe"
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\...\Run: [Discord] => C:\Users\test\AppData\Local\Discord\app-0.0.298\Discord.exe [57477112 2017-08-08] (Discord Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Aktualizace oznámení.lnk [2017-06-14]
ShortcutTarget: Aktualizace oznámení.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2017-06-14]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-06-14]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{40F5143E-E1E8-494E-B925-72839C3F31C7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{AE568813-CC7A-4B9D-B4B4-8D4030A09294}: [NameServer] 77.234.40.79
Internet Explorer:
==================
HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {3BF1670B-0D8A-4E20-B24B-CFD61F757B1A} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {9F976E67-9D9C-4F2B-BB92-BE375CC328CA} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {C0C85594-B862-4570-848F-E85A0AB6DD3A} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1906927588-4285542165-1585533686-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-06-17] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-10-12] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-06-17] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-10-12] (AVAST Software)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF DefaultProfile: aiixix9q.default
FF ProfilePath: C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\aiixix9q.default [2017-10-23]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\test\AppData\Roaming\Mozilla\Firefox\Profiles\aiixix9q.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-23]
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-06-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-06-17] (Oracle Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC ... earchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__ ... earchTerms}
CHR Profile: C:\Users\test\AppData\Local\Google\Chrome\User Data\Default [2017-10-23]
CHR Extension: (Prezentace) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-23]
CHR Extension: (Dokumenty) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-23]
CHR Extension: (Disk Google) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-23]
CHR Extension: (YouTube) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-23]
CHR Extension: (Adobe Acrobat) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-10-23]
CHR Extension: (Tabulky) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-23]
CHR Extension: (AdBlock) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-23]
CHR Extension: (Avast Online Security) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-23]
CHR Extension: (Gmail) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\test\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-23]
CHR HKU\S-1-5-21-1906927588-4285542165-1585533686-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [peefembmkccmkodbcpgilfjgkligpbba] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7446024 2017-10-12] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-10-12] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1530376 2017-07-17] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2017-10-08] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-24] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [492480 2017-03-28] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2017-03-28] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-10-15] ()
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\Sh4Service.exe [889016 2017-10-23] (Enigma Software Group USA, LLC.)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2015-11-09] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-11-15] (Microsoft Corporation)
S3 NvStreamNetworkSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe" [X]
S2 NvStreamSvc; "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" [X]
S2 OnfatU; "C:\Program Files (x86)\Onfat\Update\OnfatUpdate.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [321032 2017-10-12] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-10-12] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-10-12] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-10-12] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47008 2017-10-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147776 2017-10-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-10-12] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-10-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1020536 2017-10-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [587168 2017-10-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [201352 2017-10-12] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [53904 2017-03-18] (The OpenVPN Project)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [363440 2017-10-12] (AVAST Software)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-11-15] (Disc Soft Ltd)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2017-10-23] ()
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77440 2017-08-24] ()
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [50088 2017-02-08] (Visicom Media Inc.)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [192960 2017-10-23] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [101824 2017-10-23] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [45472 2017-10-23] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [253888 2017-10-23] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [84256 2017-10-23] (Malwarebytes)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47552 2017-03-28] (NVIDIA Corporation)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [38656 2017-06-13] (The OpenVPN Project)
R3 VBAudioVMAUXVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmauxvaio64_win7.sys [41192 2017-08-30] (Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\Windows\System32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2017-08-30] (Windows (R) Win 7 DDK provider)
R1 VBoxUSBMon; C:\Windows\System32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\System32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S3 cpuz138; \??\C:\Users\test\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-23 17:46 - 2017-10-23 17:48 - 000021816 _____ C:\Users\test\Downloads\FRST.txt
2017-10-23 17:44 - 2017-10-23 17:44 - 002402816 _____ (Farbar) C:\Users\test\Downloads\FRST64.exe
2017-10-23 17:40 - 2017-10-23 17:40 - 000000000 ____D C:\Users\test\AppData\LocalLow\Mozilla
2017-10-23 17:39 - 2017-10-23 17:44 - 000000000 ____D C:\Users\test\AppData\Local\Mozilla
2017-10-23 17:39 - 2017-10-23 17:39 - 000000896 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-10-23 17:39 - 2017-10-23 17:39 - 000000884 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-10-23 17:39 - 2017-10-23 17:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-23 17:38 - 2017-10-23 17:39 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-10-23 17:12 - 2017-10-23 17:15 - 000192960 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-10-23 17:12 - 2017-10-23 17:15 - 000084256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-10-23 17:12 - 2017-10-23 17:12 - 000253888 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-10-23 17:12 - 2017-10-23 17:12 - 000101824 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-10-23 17:12 - 2017-10-23 17:12 - 000045472 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-10-23 17:11 - 2017-10-23 17:11 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-23 17:11 - 2017-10-23 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-10-23 17:11 - 2017-08-24 11:27 - 000077440 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-10-23 16:07 - 2017-10-23 16:07 - 003934840 _____ (Google) C:\Users\test\Downloads\chrome_cleanup_tool.exe
2017-10-23 15:51 - 2017-10-23 15:51 - 000000000 _____ C:\autoexec.bat
2017-10-23 15:50 - 2017-10-23 17:28 - 000000000 ____D C:\Users\test\AppData\Roaming\Enigma Software Group
2017-10-23 15:50 - 2017-10-23 17:09 - 000003320 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2017-10-23 15:50 - 2017-10-23 15:50 - 000001047 _____ C:\Users\test\Desktop\SpyHunter.lnk
2017-10-23 15:50 - 2017-10-23 15:50 - 000000000 ____D C:\sh4ldr
2017-10-23 15:49 - 2017-10-23 15:49 - 000022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2017-10-23 15:49 - 2017-10-23 15:49 - 000000000 ____D C:\Program Files\Enigma Software Group
2017-10-23 15:43 - 2017-10-23 15:43 - 000002271 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-23 15:43 - 2017-10-23 15:43 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-10-23 15:37 - 2017-10-23 15:37 - 000001730 __RSH C:\ProgramData\ntuser.pol
2017-10-23 15:34 - 2017-10-23 15:34 - 000000000 ____D C:\Users\test\Desktop\filmora
2017-10-23 13:53 - 2017-10-23 13:53 - 000000566 _____ C:\Users\test\Documents\starburn.txt
2017-10-23 13:43 - 2017-10-23 13:43 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-10-23 13:42 - 2017-10-23 13:56 - 000000000 ____D C:\Users\test\Downloads\Wondershare Filmora v7.8.1.2 Final Ml_Rus
2017-10-23 13:41 - 2017-10-23 13:41 - 000013237 _____ C:\Users\test\Downloads\5168_Milovya.torrent
2017-10-21 19:13 - 2017-10-21 20:34 - 000000513 _____ C:\Users\test\Desktop\Nový textový dokument.txt
2017-10-17 19:38 - 2017-07-17 04:05 - 898750996 _____ C:\Users\test\Downloads\Mašinka-Tomáš-Král-železnice.cz.avi
2017-10-17 19:32 - 2017-10-17 19:32 - 000311632 _____ C:\Users\test\Downloads\Prezentace1.pdf
2017-10-17 18:53 - 2017-10-17 18:53 - 000002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft PowerPoint Viewer .lnk
2017-10-17 18:53 - 2017-10-17 18:53 - 000000000 ____D C:\Program Files (x86)\MSECache
2017-10-17 18:53 - 2017-10-17 18:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-10-17 18:37 - 2017-10-17 18:37 - 000000000 ____D C:\Users\test\AppData\Local\Microsoft Help
2017-10-16 20:39 - 2017-10-16 20:39 - 000820792 _____ (Roblox Corporation) C:\Users\test\Downloads\RobloxPlayerLauncher.exe
2017-10-16 20:39 - 2017-10-16 20:39 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2017-10-15 13:09 - 2017-10-15 20:32 - 000281392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2017-10-15 13:09 - 2017-10-15 20:32 - 000076888 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2017-10-15 12:29 - 2017-10-15 12:29 - 000000232 _____ C:\Users\test\Desktop\Assassin's Creed III (Singleplayer).url
2017-10-15 12:29 - 2017-10-15 12:29 - 000000232 _____ C:\Users\test\Desktop\Assassin's Creed III (Multiplayer).url
2017-10-15 12:29 - 2017-10-15 12:29 - 000000232 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Assassin's Creed III (Singleplayer).url
2017-10-15 12:29 - 2017-10-15 12:29 - 000000232 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Assassin's Creed III (Multiplayer).url
2017-10-15 12:27 - 2017-10-15 12:27 - 000001205 _____ C:\Users\test\Desktop\Uplay.lnk
2017-10-15 12:27 - 2017-10-15 12:27 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-10-15 11:55 - 2017-10-15 12:23 - 000000000 ____D C:\Users\test\Documents\Assassin's Creed Unity
2017-10-14 22:45 - 2017-10-14 22:45 - 000000672 _____ C:\Users\Public\Desktop\PBE.lnk
2017-10-14 22:45 - 2017-10-14 22:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PBE
2017-10-14 22:26 - 2017-10-15 09:53 - 000000000 ____D C:\Users\test\Downloads\Assassins.Creed.Unity.Gold.Edition.MULTi13-ElAmigos
2017-10-12 20:12 - 2017-10-12 20:12 - 000000222 _____ C:\Users\test\Desktop\Rocket League.url
2017-10-12 18:23 - 2017-10-12 18:22 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-10-12 14:49 - 2017-10-12 14:49 - 010698399 _____ C:\Users\test\Downloads\[JPz Central] Its Not Like I Like You!! (feat. Emirichu Static-P Amree).mp4
2017-10-08 21:17 - 2017-10-08 11:43 - 000382504 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2017-10-08 17:46 - 2017-10-16 08:43 - 000000000 ____D C:\Program Files (x86)\BlueStacks
2017-10-08 01:26 - 2017-10-08 01:26 - 000000222 _____ C:\Users\test\Desktop\Dead by Daylight.url
2017-10-07 22:23 - 2017-10-07 22:23 - 000000222 _____ C:\Users\test\Desktop\Unturned.url
2017-10-05 18:27 - 2017-10-05 18:27 - 000000000 ____D C:\ProgramData\Wondershare
2017-10-05 18:26 - 2017-10-05 18:26 - 000000000 ____D C:\Users\test\AppData\Local\Wondershare
2017-10-05 18:24 - 2017-10-06 22:46 - 000000000 ____D C:\Users\test\Documents\Wondershare Filmora
2017-10-05 15:19 - 2017-10-05 15:19 - 001275430 _____ C:\Users\test\Downloads\2017-10-05-1517-30.flv
2017-10-03 17:21 - 2017-10-03 17:21 - 000000000 ____D C:\Windows\D56B0E274A3E46C9B5C1D93D580C099C.TMP
2017-10-03 17:21 - 2017-10-03 17:21 - 000000000 ____D C:\Program Files (x86)\AMD
2017-10-03 17:21 - 2008-07-12 08:18 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2017-10-03 17:21 - 2008-07-12 08:18 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2017-10-03 17:21 - 2008-07-12 08:18 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2017-10-03 17:16 - 2017-10-03 17:16 - 000000221 _____ C:\Users\test\Desktop\Moonbase Alpha.url
2017-10-03 16:08 - 2017-10-03 17:52 - 000000000 ____D C:\Program Files\MAXON
2017-10-03 16:07 - 2017-10-03 16:38 - 000000000 ____D C:\Users\test\AppData\Roaming\MAXON
2017-10-02 21:38 - 2017-10-02 21:38 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2017-10-02 21:38 - 2017-10-02 21:38 - 000000000 ____D C:\Program Files\Blender Foundation
2017-10-01 15:50 - 2017-10-01 15:50 - 000000000 ____D C:\Users\test\AppData\Local\Apps\2.0
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-23 17:46 - 2016-02-04 20:33 - 000000000 ____D C:\FRST
2017-10-23 17:40 - 2017-07-02 00:13 - 000000000 ____D C:\Users\test\AppData\Roaming\Mozilla
2017-10-23 17:39 - 2015-11-20 15:32 - 000000000 ____D C:\Users\test\AppData\Roaming\Skype
2017-10-23 17:26 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing
2017-10-23 17:15 - 2009-07-14 06:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-23 17:15 - 2009-07-14 06:45 - 000031312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-23 17:09 - 2017-09-10 11:00 - 000003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468859727
2017-10-23 17:09 - 2017-06-14 20:33 - 000003512 _____ C:\Windows\System32\Tasks\WinZipBackGroundToolsTask
2017-10-23 17:09 - 2017-06-14 20:33 - 000003398 _____ C:\Windows\System32\Tasks\WinZip Update Notifier
2017-10-23 17:09 - 2017-05-25 13:44 - 000003498 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-test-PC-test
2017-10-23 17:09 - 2017-04-19 17:58 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:09 - 2017-04-19 17:58 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:09 - 2017-04-19 17:58 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:09 - 2017-04-19 17:58 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:09 - 2017-04-19 17:58 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-10-23 17:09 - 2016-09-03 12:34 - 000004512 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-23 17:09 - 2016-08-20 13:12 - 000009010 _____ C:\Windows\System32\Tasks\Gerkmiwegh Cache
2017-10-23 17:09 - 2016-05-11 06:14 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d15d7bd5d2ebca
2017-10-23 17:09 - 2016-05-11 06:14 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d12d273b5e9ef8
2017-10-23 17:09 - 2016-02-04 20:13 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-10-23 17:09 - 2015-11-21 02:50 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-10-23 17:09 - 2015-11-15 00:14 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-10-23 17:09 - 2015-11-15 00:12 - 000003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{38DB25C1-6B48-4196-8799-61FE26F18AD5}
2017-10-23 16:08 - 2015-11-27 23:22 - 000000000 ____D C:\Users\test\AppData\Local\CrashDumps
2017-10-23 15:50 - 2015-11-15 00:59 - 000000000 ____D C:\Users\test
2017-10-23 15:43 - 2015-11-15 00:14 - 000000000 ____D C:\Program Files (x86)\Google
2017-10-23 15:42 - 2015-11-15 01:00 - 000001397 _____ C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-10-23 15:37 - 2009-07-14 05:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-10-23 15:37 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-10-23 15:02 - 2016-07-17 13:53 - 000000000 ____D C:\Program Files (x86)\Steam
2017-10-23 13:53 - 2017-06-11 21:17 - 000000000 ____D C:\Users\test\AppData\Roaming\uTorrent
2017-10-23 13:30 - 2017-01-02 17:11 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-10-23 13:30 - 2015-11-19 17:50 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2017-10-23 13:30 - 2015-11-15 01:13 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-23 13:29 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-22 22:02 - 2017-07-27 01:11 - 000000021 _____ C:\Users\test\Desktop\Animepreparedtowatch.txt
2017-10-22 21:51 - 2017-08-01 10:26 - 000001213 _____ C:\Users\test\Desktop\Anime i watched.txt
2017-10-20 15:18 - 2016-11-11 16:12 - 000000000 ____D C:\Users\test\Desktop\Songs
2017-10-20 13:21 - 2016-12-17 23:15 - 000000000 ____D C:\Users\test\AppData\Local\Ubisoft Game Launcher
2017-10-18 06:01 - 2009-07-14 06:45 - 000440080 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-17 19:40 - 2017-04-13 16:37 - 000000000 ____D C:\Users\test\Desktop\other
2017-10-17 19:40 - 2015-11-15 01:26 - 000113928 _____ C:\Users\test\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-17 19:39 - 2011-04-12 10:34 - 000668540 _____ C:\Windows\system32\perfh005.dat
2017-10-17 19:39 - 2011-04-12 10:34 - 000141200 _____ C:\Windows\system32\perfc005.dat
2017-10-17 19:39 - 2009-07-14 07:13 - 001583214 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-17 19:39 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-17 18:49 - 2017-03-13 18:22 - 000000000 ____D C:\Program Files\Microsoft Office
2017-10-17 18:49 - 2011-04-12 10:45 - 000000000 ____D C:\Windows\ShellNew
2017-10-17 18:49 - 2009-07-14 04:34 - 000000387 _____ C:\Windows\win.ini
2017-10-17 18:48 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-10-17 18:47 - 2016-02-20 23:33 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2017-10-17 18:47 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-10-16 20:39 - 2016-03-02 22:35 - 000000250 _____ C:\Users\test\AppData\LocalLow\rbxcsettings.rbx
2017-10-16 13:53 - 2016-11-03 15:09 - 000000000 ____D C:\Users\test\Desktop\photos
2017-10-16 13:52 - 2015-11-20 15:39 - 000000000 ____D C:\Users\test\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-10-16 13:42 - 2017-08-28 18:58 - 000000000 ____D C:\Users\test\AppData\Roaming\EasyAntiCheat
2017-10-16 13:35 - 2017-05-15 05:10 - 000000000 ____D C:\Users\test\AppData\Roaming\OBS
2017-10-16 13:35 - 2017-04-28 23:07 - 000000000 ____D C:\Users\test\AppData\Roaming\vlc
2017-10-16 09:27 - 2015-11-21 02:50 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-16 09:27 - 2015-11-21 02:50 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-16 09:27 - 2015-11-21 02:50 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-16 09:27 - 2015-11-21 02:50 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-15 20:43 - 2016-12-18 00:53 - 000000000 ____D C:\Users\test\Documents\Assassin's Creed III
2017-10-15 20:32 - 2016-12-18 00:54 - 000281392 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2017-10-15 18:07 - 2016-01-30 02:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-10-15 13:10 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-10-15 13:09 - 2016-01-31 01:06 - 000189248 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2017-10-15 09:58 - 2016-11-04 23:20 - 000000000 ____D C:\Users\test\AppData\Local\Bluestacks
2017-10-14 22:43 - 2016-09-04 18:02 - 000000000 ____D C:\Riot Games
2017-10-14 11:45 - 2017-08-23 23:24 - 000000000 ____D C:\Users\test\AppData\Roaming\discord
2017-10-12 18:23 - 2017-03-18 13:54 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-10-12 18:22 - 2016-07-18 18:34 - 000587168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-10-12 18:22 - 2016-07-18 18:34 - 000363440 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-10-12 18:22 - 2016-07-18 18:34 - 000201352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-10-12 18:22 - 2016-07-18 18:34 - 000147776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-10-12 18:22 - 2016-07-18 18:34 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-10-12 18:22 - 2016-07-18 18:34 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-10-12 18:22 - 2016-07-18 18:34 - 000047008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-10-12 18:22 - 2016-02-04 20:11 - 000000000 ____D C:\ProgramData\AVAST Software
2017-10-12 18:21 - 2017-03-18 13:54 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-10-12 18:21 - 2017-03-18 13:54 - 000321032 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-10-12 18:21 - 2017-03-18 13:54 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-10-12 18:21 - 2017-03-18 13:54 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-10-12 18:21 - 2016-07-18 18:34 - 001020536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-10-11 15:38 - 2017-08-17 19:51 - 000000000 ____D C:\Users\test\AppData\Roaming\audacity
2017-10-11 06:55 - 2017-09-08 06:50 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2017-10-11 05:55 - 2017-08-05 16:43 - 000001708 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-10-10 20:20 - 2017-04-12 22:12 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2017-10-08 14:51 - 2017-07-26 19:50 - 000000000 ____D C:\Users\test\Desktop\inmk
2017-10-07 17:28 - 2017-01-08 18:22 - 000000000 ____D C:\Users\test\AppData\Roaming\.minecraft
2017-10-06 22:28 - 2017-03-18 11:43 - 000000000 ____D C:\Users\test\AppData\Local\Battle.net
2017-10-06 22:00 - 2017-03-21 18:05 - 000000000 ____D C:\Users\test\Documents\Overwatch
2017-10-06 21:58 - 2017-03-18 11:43 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-10-04 21:19 - 2017-03-21 17:08 - 000000000 ____D C:\Program Files (x86)\Overwatch
2017-10-03 17:21 - 2016-05-05 19:10 - 000000000 ____D C:\Users\test\AppData\Local\Downloaded Installations
2017-10-03 17:21 - 2015-11-22 00:29 - 000000000 ____D C:\Users\test\Documents\My Games
2017-10-03 15:59 - 2017-03-13 23:05 - 000000000 ____D C:\tmp
2017-09-29 17:17 - 2017-03-18 11:44 - 000000000 ____D C:\Users\test\AppData\Local\Blizzard Entertainment
==================== Files in the root of some directories =======
2016-11-01 20:50 - 2016-11-01 20:50 - 000066309 _____ () C:\Users\test\AppData\Roaming\icarus-dxdiag.xml
2015-12-13 17:50 - 2015-12-13 17:50 - 000000097 _____ () C:\Users\test\AppData\Roaming\LauncherSettings_live.cfg
2015-12-13 17:45 - 2015-12-13 17:45 - 000010496 _____ () C:\Users\test\AppData\Roaming\TheHunterSettings_live.bin
2015-12-13 17:42 - 2015-12-13 17:42 - 000000039 _____ () C:\Users\test\AppData\Roaming\TheHunterSettings_steam_live.cfg
2015-12-19 16:53 - 2016-08-06 20:24 - 000000910 _____ () C:\Users\test\AppData\Local\_settings.ini
Some files in TEMP:
====================
2017-10-15 09:57 - 2017-09-25 12:28 - 000965176 _____ (BlueStack Systems, Inc.) C:\Users\test\AppData\Local\Temp\BlueStacksClientUninstaller.exe
2017-10-15 09:57 - 2017-09-25 12:27 - 000421400 _____ (CodeTitans) C:\Users\test\AppData\Local\Temp\JSON.dll
2017-06-19 21:06 - 2017-06-19 21:06 - 030950664 _____ () C:\Users\test\AppData\Local\Temp\vlc-2.2.6-win32.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-20 13:39
==================== End of FRST.txt ============================
Přispějete na provoz fóra?