Prosím o preventívku

Zpráva

To3@s · #1 Příspěvek od **To3@s** » 26 zář 2017 22:21

Ahoj,
poprosím o preventívku.
FRSTlauncher mi Chrome blokuje :-/ (Tento súbor je nebezpečný a preto ho Chrome zablokoval)

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2017 01
Ran by msi PC (administrator) on DESKTOP-02H91O1 (26-09-2017 23:18:52)
Running from C:\Users\msi PC\Desktop\132
Loaded Profiles: msi PC (Available Profiles: msi PC)
Platform: Windows 10 Home Version 1703 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Lenovo) C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5798\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Blizzard App\Battle.net.9397\Battle.net.exe
() C:\Program Files (x86)\Blizzard App\Battle.net.9397\Battle.net Helper.exe
() C:\Program Files (x86)\Blizzard App\Battle.net.9397\Battle.net Helper.exe
(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Wow-64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(BitTorrent Inc.) C:\Users\msi PC\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\msi PC\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
(BitTorrent Inc.) C:\Users\msi PC\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3366624 2017-05-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17652344 2017-06-27] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM-x32\...\Run: [MagicPlus_helper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [3267208 2016-08-15] (Lenovo)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [uTorrent] => C:\Users\msi PC\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-07-16] (BitTorrent Inc.)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {19cf6b7f-88d9-11e7-86c3-240a649d0023} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {97e5f77d-9a44-11e7-bba3-240a649ce882} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {9ea0cafd-9e32-11e7-bba4-240a649ce882} - "F:\Lenovo_Suite.exe"
Startup: C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexonCs.vbs [2017-08-02] ()
Startup: C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-08-20]
ShortcutTarget: Twitch.lnk -> C:\Users\msi PC\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{572df3df-5cc4-46ba-84c2-cadf47c5d1bb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c623cfa5-ecf2-42d7-a396-e17aa1b0ea98}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-24] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-26] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: jv34688q.default
FF ProfilePath: C:\Users\msi PC\AppData\Roaming\Firefox\Firefox\Profiles\jv34688q.default [2017-05-22] <==== ATTENTION
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData2
CHR HomePage: ChromeDefaultData2 -> hxxp://google.sk/
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://google.sk/"
CHR Profile: C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-09-26] <==== ATTENTION
CHR Extension: (Prezentácie Google) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-07]
CHR Extension: (Dokumenty Google) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-07]
CHR Extension: (Disk Google) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-07]
CHR Extension: (YouTube) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-07]
CHR Extension: (Tampermonkey) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-09-08]
CHR Extension: (Adobe Acrobat) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-30]
CHR Extension: (Google Apps Script) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\eoieeedlomnegifmaghhjnghhmcldobl [2017-05-07]
CHR Extension: (Tabuľky Google) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-07]
CHR Extension: (AdBlock) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-09-19]
CHR Extension: (The West) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2017-05-07]
CHR Extension: (Skype) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Script Installation Services/Website Setup) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ojkfkmbechelifpehnokcfhlamloapmc [2017-05-07]
CHR Extension: (Gmail) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-19]
CHR HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2016-12-14] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144096 2017-05-04] (ELAN Microelectronics Corp.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-03-17] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-06-27] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2017-02-12] (Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2017-02-12] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132272 2016-12-13] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106768 2016-12-13] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-12-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180544 2016-12-13] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49672 2016-12-13] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77616 2016-12-13] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [96856 2016-12-13] (ESET)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31824 2017-05-04] (ELAN Microelectronic Corp.)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2017-05-02] (Sony Mobile Communications)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-06-27] (Logitech Inc.)
R1 MpKsl0d85c4b5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0D9B0D8E-D44C-49AD-88D3-64C9AD5BFA77}\MpKsl0d85c4b5.sys [44928 2017-09-26] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_0401a47bc69f625c\nvlddmkm.sys [14456952 2017-06-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation)
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [593624 2015-03-11] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [760968 2017-02-23] (Realsil Semiconductor Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2017-03-18] (Realtek Semiconductor Corporation )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-04-30] (Wellbia.com Co., Ltd.)
S3 pccsmcfd; \SystemRoot\system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-26 23:12 - 2017-09-26 23:18 - 000000000 ____D C:\Users\msi PC\Desktop\132
2017-09-26 23:09 - 2017-09-26 23:11 - 000000000 ____D C:\Users\msi PC\Downloads\2. série
2017-09-26 23:09 - 2017-09-26 23:09 - 000027878 _____ C:\Users\msi PC\Downloads\[CzT]Vikingove_Vikings_2_serie_CZ_TvRip_.torrent
2017-09-26 23:09 - 2017-09-26 23:09 - 000000000 ____D C:\Users\msi PC\AppData\LocalLow\uTorrent
2017-09-25 12:04 - 2017-09-25 12:04 - 000000000 ____D C:\ProgramData\icondir
2017-09-25 12:03 - 2017-09-25 12:04 - 000001934 _____ C:\Users\Public\Desktop\乐助手.lnk
2017-09-25 12:03 - 2017-09-25 12:03 - 000004172 _____ C:\WINDOWS\System32\Tasks\lenovo mobile auto run
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\乐助手
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 ____D C:\Program Files (x86)\MagicPlus
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 ____D C:\MagicPlus
2017-09-25 12:00 - 2017-09-25 12:03 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Lenovo
2017-09-25 12:00 - 2017-09-25 12:01 - 000000000 ____D C:\Users\msi PC\.android
2017-09-25 12:00 - 2017-09-25 12:00 - 000000000 ____D C:\Program Files (x86)\LenovoUsbDriver
2017-09-25 11:54 - 2017-09-25 11:54 - 000000000 ____D C:\Users\msi PC\Desktop\Vikingové
2017-09-22 19:01 - 2017-09-26 07:18 - 000000515 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-09-17 09:50 - 2017-09-17 09:50 - 000012232 _____ C:\Users\msi PC\Downloads\[CzT]Labuti_princezna_7_Kralovska_mise_The_Swan_Princess_Royally_Undercover_2017_CZ_.torrent
2017-09-17 09:49 - 2017-09-17 09:49 - 000215836 _____ C:\Users\msi PC\Downloads\[CzT]Ozzy_2016_CZ_SK_720pLQ_.torrent
2017-09-15 12:22 - 2017-09-17 09:49 - 000000000 ____D C:\Users\msi PC\Downloads\Alien.Covenant.2017.BRRip.XviD.AC3.CZ-PiRaTE
2017-09-15 11:30 - 2017-09-15 11:30 - 000000000 ____D C:\Users\msi PC\Downloads\Pirates.of.the.Caribbean.Dead.Men.Tell.No.Tales.2017.WEB-DL.XviD.AC3.CZ-PiRaTE
2017-09-15 11:29 - 2017-09-15 11:29 - 000019074 _____ C:\Users\msi PC\Downloads\[CzT]Pirati_z_Karibiku_Salazarova_pomsta_Pirates_of_the_Caribbean_Dead_Men_Tell_No_Tales_2017_CZ_WebRip_.torrent
2017-09-15 11:28 - 2017-09-17 09:49 - 000000000 ____D C:\Users\msi PC\Downloads\Guardians.of.the.Galaxy.Vol.2.2017.BRRip.XviD.AC3.CZ-PiRaTE
2017-09-15 11:28 - 2017-09-15 11:28 - 000018156 _____ C:\Users\msi PC\Downloads\[CzT]Strazci_Galaxie_Vol_2_Guardians_of_the_Galaxy_Vol_2_2017_CZ_.torrent
2017-09-15 11:28 - 2017-09-15 11:28 - 000016372 _____ C:\Users\msi PC\Downloads\[CzT]Vetrelec_Covenant_Alien_Covenant_2017_CZ_.torrent
2017-09-15 09:14 - 2017-09-15 09:14 - 000000936 _____ C:\Users\Public\Desktop\Diablo III.lnk
2017-09-15 09:14 - 2017-09-15 09:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2017-09-15 01:43 - 2017-09-15 09:30 - 000000000 ____D C:\Program Files (x86)\Diablo III
2017-09-15 00:54 - 2017-09-15 00:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test
2017-09-15 00:14 - 2017-09-15 00:14 - 000000000 ____D C:\Users\msi PC\AppData\Local\NokiaAccount
2017-09-15 00:11 - 2017-09-15 01:54 - 000000000 ____D C:\Program Files (x86)\Diablo III Public Test
2017-09-14 23:19 - 2017-09-14 23:19 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-09-14 23:19 - 2017-09-14 23:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-09-14 23:19 - 2017-09-14 23:19 - 000000000 ____D C:\Program Files\iTunes
2017-09-14 23:19 - 2017-09-14 23:19 - 000000000 ____D C:\Program Files\iPod
2017-09-14 23:17 - 2017-09-14 23:17 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-09-14 23:17 - 2017-09-14 23:17 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2017-09-14 23:12 - 2017-09-14 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-09-12 23:21 - 2017-09-14 23:17 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-09-12 23:21 - 2017-09-14 23:12 - 000000000 ____D C:\Program Files\Common Files\Apple
2017-09-12 23:21 - 2017-09-12 23:21 - 000000000 ____D C:\Program Files\Bonjour
2017-09-12 23:21 - 2017-09-12 23:21 - 000000000 ____D C:\Program Files (x86)\Bonjour
2017-09-12 07:29 - 2017-09-12 07:29 - 000000000 ____D C:\Users\msi PC\Desktop\Five Finger Death Punch - Discography
2017-09-12 07:28 - 2017-09-12 07:28 - 000000000 ____D C:\Users\msi PC\Documents\FeedbackHub
2017-09-11 23:43 - 2017-09-11 23:53 - 881525766 _____ C:\Users\msi PC\Desktop\Five-Finger-Death-Punch---Discography-by-PETR.V.rar
2017-09-09 18:05 - 2017-09-09 18:05 - 004212384 _____ (Husdawg, LLC) C:\Users\msi PC\Desktop\Detection.exe
2017-09-03 15:19 - 2017-09-03 15:19 - 000000000 ____D C:\Users\msi PC\Downloads\Vikingové
2017-09-01 14:47 - 2017-09-01 14:47 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Nokia
2017-09-01 14:46 - 2017-09-01 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
2017-09-01 14:46 - 2017-09-01 14:46 - 000000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2017-09-01 14:32 - 2017-09-01 14:32 - 000000000 ____D C:\ProgramData\Installations
2017-09-01 14:22 - 2017-09-01 14:22 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2017-09-01 14:22 - 2017-09-01 14:22 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2017-09-01 14:13 - 2017-09-01 14:47 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\PC Suite
2017-09-01 14:13 - 2017-09-01 14:22 - 000000000 ____D C:\ProgramData\PC Suite
2017-09-01 14:13 - 2017-09-01 14:21 - 000000000 ____D C:\Users\msi PC\AppData\Local\Nokia
2017-09-01 14:12 - 2017-09-15 00:15 - 000000000 ____D C:\ProgramData\Nokia
2017-09-01 14:12 - 2013-01-23 10:31 - 000057856 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsX64.dll
2017-09-01 14:09 - 2017-09-15 00:15 - 000000000 ____D C:\Program Files (x86)\Nokia
2017-09-01 14:09 - 2017-09-01 14:09 - 000000000 ____D C:\ProgramData\NokiaInstallerCache
2017-08-30 11:47 - 2017-08-30 12:28 - 3358991599 _____ C:\Users\msi PC\Downloads\Game.of.Thrones.S07E07.720p.WEB.H264.CZ.Titulky.mkv
2017-08-27 18:44 - 2017-08-27 18:44 - 000160822 _____ C:\Users\msi PC\Desktop\HandyNotes-v1.4.14.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-26 23:19 - 2017-01-12 01:04 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\uTorrent
2017-09-26 23:18 - 2017-05-05 22:23 - 000000000 ____D C:\FRST
2017-09-26 23:17 - 2017-07-26 18:51 - 000000000 ____D C:\Users\msi PC\AppData\Local\Battle.net
2017-09-26 23:08 - 2017-08-18 12:59 - 000004214 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C64E399A-027A-4EC2-85B6-848EE54437CA}
2017-09-26 23:08 - 2017-08-18 12:55 - 000000000 ____D C:\Users\msi PC
2017-09-26 23:08 - 2017-08-18 12:54 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-26 23:07 - 2017-07-26 18:58 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2017-09-26 23:07 - 2017-07-26 18:52 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2017-09-26 23:05 - 2017-08-18 12:55 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-26 23:05 - 2017-01-09 20:47 - 000000000 __SHD C:\Users\msi PC\IntelGraphicsProfiles
2017-09-26 07:28 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-26 07:22 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-26 07:22 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-25 23:22 - 2017-08-18 12:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-25 23:05 - 2017-08-20 18:58 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Twitch
2017-09-25 12:00 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-24 14:58 - 2017-01-09 20:45 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\vlc
2017-09-22 19:04 - 2017-08-18 13:01 - 003477908 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-22 19:04 - 2017-03-06 22:41 - 001912608 _____ C:\WINDOWS\system32\perfh01B.dat
2017-09-22 19:04 - 2017-03-06 22:41 - 000567086 _____ C:\WINDOWS\system32\perfc01B.dat
2017-09-22 16:49 - 2017-08-18 12:59 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1862971310-3561655192-1180766120-1001
2017-09-22 16:49 - 2017-01-09 20:40 - 000002374 _____ C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-22 16:49 - 2017-01-09 20:40 - 000000000 ___RD C:\Users\msi PC\OneDrive
2017-09-22 04:28 - 2017-05-06 19:52 - 000002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-20 20:36 - 2017-08-18 12:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-20 20:36 - 2017-08-18 12:54 - 000306200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-20 17:40 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-09-16 09:01 - 2017-01-09 20:38 - 000000000 ____D C:\Users\msi PC\AppData\Local\Packages
2017-09-15 01:43 - 2017-01-12 18:34 - 000000000 ____D C:\Users\msi PC\Documents\Diablo III
2017-09-15 01:17 - 2017-08-11 19:13 - 000000000 ___DC C:\WINDOWS\Panther
2017-09-15 01:17 - 2017-04-30 13:29 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-15 01:17 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-09-15 01:17 - 2017-01-26 08:25 - 000000000 ____D C:\Users\msi PC\AppData\Local\CrashDumps
2017-09-14 23:53 - 2017-03-27 20:18 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Apple Computer
2017-09-14 23:53 - 2017-03-27 20:18 - 000000000 ____D C:\Users\msi PC\AppData\Local\Apple Computer
2017-09-13 07:24 - 2017-08-18 12:59 - 000004422 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-09-13 07:24 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-12 23:27 - 2017-01-09 21:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-12 23:21 - 2017-03-27 20:16 - 000000000 ____D C:\ProgramData\Apple
2017-09-12 23:21 - 2017-01-09 21:17 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-12 07:31 - 2017-01-09 20:45 - 000001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-09-10 12:48 - 2017-08-18 12:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-09-09 20:33 - 2017-07-25 16:14 - 000000000 ____D C:\Fraps
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-01 14:46 - 2017-01-09 21:21 - 000000000 ____D C:\Program Files\DIFX
2017-08-31 23:08 - 2017-01-09 20:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2017-07-02 12:37 - 2017-07-02 12:37 - 000000008 _____ () C:\Users\msi PC\AppData\Roaming\00000602001520
2017-03-27 21:36 - 2017-04-09 11:06 - 000000040 _____ () C:\Users\msi PC\AppData\Roaming\cdr.ini
2017-05-03 22:00 - 2017-05-03 22:02 - 000029696 _____ () C:\Users\msi PC\AppData\Local\MSGBOX.EXE
2017-07-25 10:10 - 2017-07-25 10:10 - 000000003 _____ () C:\Users\msi PC\AppData\Local\updater.log
2017-07-25 10:10 - 2017-07-28 19:35 - 000000059 _____ () C:\Users\msi PC\AppData\Local\UserProducts.xml
2017-01-10 22:47 - 2017-01-10 22:47 - 000000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-24 14:51

==================== End of FRST.txt ============================

To3@s · #2 Příspěvek od **To3@s** » 26 zář 2017 22:22

RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by msi PC at 2017-09-26 23:20:38
Microsoft Windows 10 Home
System drive C: has 246 GB (54%) free of 456 GB
Total RAM: 12208 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:20:40, on 26.09.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0000)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
C:\ProgramData\Battle.net\Agent\Agent.5798\Agent.exe
C:\Program Files (x86)\Blizzard App\Battle.net.9397\Battle.net.exe
C:\Program Files (x86)\Blizzard App\Battle.net.9397\Battle.net Helper.exe
C:\Program Files (x86)\Blizzard App\Battle.net.9397\Battle.net Helper.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\msi PC\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\msi PC\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
C:\Users\msi PC\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe
C:\Program Files\trend micro\msi PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MagicPlus_helper] "C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\msi PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [uTorrent] "C:\Users\msi PC\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [Boxoft Tools] "C:\ProgramData\Boxtools\Boxofttoolbox.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: NexonCs.vbs
O4 - Startup: Twitch.lnk = C:\Users\msi PC\AppData\Roaming\Twitch\Bin\Twitch.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Logitech Gaming Registry Service (LogiRegistryService) - Logitech Inc. - C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10086 bytes

======Listing Processes======

C:\WINDOWS\system32\lsass.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-7ad07929-936f-4e09-bd48-8a6ea624c4d0 -SystemEventPortName:HostProcess-8108d664-cabc-43ad-a46f-67aa03e0f019 -IoCancelEventPortName:HostProcess-5ea95efd-1be4-4f15-8357-af1b0f7050d4 -NonStateChangingEventPortName:HostProcess-0d01c388-617a-4599-ae8f-d657b2dff98d -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:1126be5e-e530-4137-b84a-b826bd90f950 -DeviceGroupId:WudfDefaultDevicePool
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc

c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
dashost.exe {5381c5bf-b73f-4eb6-8b00d057591cf677}
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
"C:\Program Files\Bonjour\mDNSResponder.exe"
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe"
"C:\Program Files\Elantech\ETDService.exe"
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks

c:\windows\system32\svchost.exe -k netsvcs -s WpnService

c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost

c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent

C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -s SharedAccess
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s wcncsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
c:\windows\system32\svchost.exe -k networkservice -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -s RasMan
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s upnphost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s QWAVE
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DsSvc
c:\windows\system32\svchost.exe -k netsvcs -s seclogon
C:\WINDOWS\system32\wbem\WmiApSrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\AUDIODG.EXE 0x4e0
C:\WINDOWS\system32\svchost.exe -k netsvcs -s XblAuthManager
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -s NcdAutoSetup

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"fontdrvhost.exe"
"dwm.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -c
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
C:\WINDOWS\Explorer.EXE
igfxEM.exe
igfxHK.exe
"C:\Program Files\Elantech\ETDCtrlHelper.exe"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts
"C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\Windows Defender\MSASCuiL.exe"
C:\Windows\System32\CastSrv.exe CCastServerControlInteractiveUser -Embedding
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\ProgramData\Battle.net\Agent\Agent.5798\Agent.exe" --locale=enUS --session=2778686328112891250
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Program Files (x86)\Blizzard App\Battle.net.9397\Battle.net.exe"
"Battle.net Helper.exe" --type=gpu-process --channel="1184.0.2001447428\1248151672" --no-sandbox --lang=en-US --log-file="C:\Users\msi PC\AppData\Local\Battle.net\Logs\libcef-20170926T210709.444705.log" --log-severity=error --product-version=Battle.net/1.9.0.9397 --supports-dual-gpus=false --gpu-driver-bug-workarounds=3,11,16,25,54 --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4624 --lang=en-US --log-file="C:\Users\msi PC\AppData\Local\Battle.net\Logs\libcef-20170926T210709.444705.log" --log-severity=error --product-version=Battle.net/1.9.0.9397 /prefetch:2
"Battle.net Helper.exe" --type=renderer --no-sandbox --lang=en-US --lang=en-US --log-file="C:\Users\msi PC\AppData\Local\Battle.net\Logs\libcef-20170926T210709.444705.log" --log-severity=error --product-version=Battle.net/1.9.0.9397 --disable-spell-checking --enable-system-flash --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="1184.1.99507010\595721108" /prefetch:1
"C:\Program Files (x86)\World of Warcraft\Wow-64.exe" -launcherlogin -noautolaunch64bit -uid wow_enus
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
"C:\Windows\System32\GameBarPresenceWriter.exe" -ServerName:Windows.Gaming.GameBar.Internal.PresenceWriterServer
"C:\Users\msi PC\AppData\Roaming\uTorrent\uTorrent.exe" "C:\Users\msi PC\Downloads\[CzT]Vikingove_Vikings_2_serie_CZ_TvRip_.torrent" /SHELLASSOC
"C:\Users\msi PC\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe" uTorrent_9420_00C0C890_54276900 µTorrent4823DF041B09 uTorrent
"C:\Users\msi PC\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe" uTorrent_9420_00C0C928_1969209561 µTorrent4823DF041B09 uTorrent
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\Public\Documents\Google\Chrome "--metrics-dir=C:\Users\msi PC\AppData\Local\Google\Chrome\User Data" --url=https://client2.google.com/cr/reports --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x1e4,0x1e8,0x1ec,0x1e0,0x1f0,0x7ffa18b31988,0x7ffa18b31948,0x7ffa18b31958
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=8396 --on-initialized-event-handle=644 --parent-handle=648 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1416,11800714190207187092,10748606815896750569,131072 --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,13,23,27,29,49,70,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x8086 --gpu-device-id=0x0416 --gpu-driver-vendor="Intel Corporation" --gpu-driver-version=20.19.15.4624 --gpu-driver-date=3-8-2017 --gpu-secondary-vendor-ids=0x10de --gpu-secondary-device-ids=0x0fe4 --service-request-channel-token=A8B080FCC6ED6B1D3490CF621DBD7E2B --mojo-platform-channel-handle=1444 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1416,11800714190207187092,10748606815896750569,131072 --service-pipe-token=FD0E4DDF26F6FE11654F778A6BF6F640 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1.25 --num-raster-threads=2 --enable-main-frame-before-activation --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=FD0E4DDF26F6FE11654F778A6BF6F640 --renderer-client-id=8 --mojo-platform-channel-handle=5236 /prefetch:1
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
c:\windows\system32\svchost.exe -k netsvcs -s BITS
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\system32\svchost.exe -k netsvcs -s wlidsvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe116_ Global\UsGthrCtrlFltPipeMssGthrPipe116 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 700 704 712 8192 708
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
"C:\Users\msi PC\Desktop\132\RSITx64.exe"

======Scheduled tasks folder======

C:\WINDOWS\tasks\update-S-1-5-21-1862971310-3561655192-1180766120-1001.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate
C:\WINDOWS\tasks\update-sys.job - C:\Program Files (x86)\Skillbrains\Updater\Updater.exe -runmode=checkupdate

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-24 571968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-24 235584]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-26 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-26 186944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2017-05-04 3366624]
"ShadowPlay"=C:\WINDOWS\system32\nvspcap64.dll [2017-08-18 1923008]
"Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe [2017-06-27 17652344]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-09-11 297784]
"WindowsDefender"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\msi PC\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-22 1686736]
"uTorrent"=C:\Users\msi PC\AppData\Roaming\uTorrent\uTorrent.exe [2017-07-16 2146496]
"Boxoft Tools"=C:\ProgramData\Boxtools\Boxofttoolbox.exe [2010-12-15 514048]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2017-09-07 3071776]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-06-30 9818328]
"iCloudServices"=C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [2017-07-14 67384]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"VirtualCloneDrive"=C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2013-03-10 88984]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-12 587288]
"MagicPlus_helper"=C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2016-08-15 3267208]

C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
NexonCs.vbs
Twitch.lnk - C:\Users\msi PC\AppData\Roaming\Twitch\Bin\Twitch.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"aux1"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2017-09-26 23:20:38 ----D---- C:\rsit
2017-09-25 12:04:05 ----D---- C:\ProgramData\icondir
2017-09-25 12:03:50 ----D---- C:\MagicPlus
2017-09-25 12:03:32 ----D---- C:\Program Files (x86)\MagicPlus
2017-09-25 12:00:57 ----D---- C:\Users\msi PC\AppData\Roaming\Lenovo
2017-09-25 12:00:51 ----D---- C:\Program Files (x86)\LenovoUsbDriver
2017-09-15 01:43:12 ----AD---- C:\Program Files (x86)\Diablo III
2017-09-15 00:11:46 ----AD---- C:\Program Files (x86)\Diablo III Public Test
2017-09-14 23:19:58 ----D---- C:\Program Files\iPod
2017-09-14 23:19:36 ----AD---- C:\Program Files\iTunes
2017-09-14 23:17:44 ----AD---- C:\Program Files (x86)\Apple Software Update
2017-09-12 23:21:42 ----AD---- C:\Program Files\Bonjour
2017-09-12 23:21:42 ----AD---- C:\Program Files (x86)\Bonjour
2017-09-12 23:21:27 ----D---- C:\Program Files\Common Files\Apple
2017-09-01 14:47:09 ----D---- C:\Users\msi PC\AppData\Roaming\Nokia
2017-09-01 14:46:19 ----AD---- C:\Program Files (x86)\PC Connectivity Solution
2017-09-01 14:32:56 ----D---- C:\ProgramData\Installations
2017-09-01 14:13:11 ----D---- C:\Users\msi PC\AppData\Roaming\PC Suite
2017-09-01 14:13:10 ----D---- C:\ProgramData\PC Suite
2017-09-01 14:12:58 ----D---- C:\ProgramData\Nokia
2017-09-01 14:12:29 ----DC---- C:\WINDOWS\system32\DRVSTORE
2017-09-01 14:12:05 ----A---- C:\WINDOWS\system32\nmwcdclsX64.dll
2017-09-01 14:09:43 ----D---- C:\ProgramData\NokiaInstallerCache
2017-09-01 14:09:43 ----D---- C:\Program Files (x86)\Nokia

======List of files/folders modified in the last 1 month======

2017-09-26 23:20:40 ----D---- C:\Program Files\trend micro
2017-09-26 23:20:28 ----D---- C:\WINDOWS\Prefetch
2017-09-26 23:19:56 ----D---- C:\FRST
2017-09-26 23:19:44 ----D---- C:\Windows
2017-09-26 23:19:36 ----D---- C:\Users\msi PC\AppData\Roaming\uTorrent
2017-09-26 23:13:23 ----D---- C:\WINDOWS\Temp
2017-09-26 23:08:02 ----D---- C:\ProgramData\NVIDIA
2017-09-26 23:07:32 ----AD---- C:\Program Files (x86)\World of Warcraft
2017-09-26 23:07:09 ----AD---- C:\Program Files (x86)\Blizzard App
2017-09-26 23:06:00 ----D---- C:\WINDOWS\system32\sru
2017-09-26 23:05:54 ----D---- C:\WINDOWS\System32
2017-09-26 23:05:54 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-26 07:35:57 ----D---- C:\WINDOWS\system32\config
2017-09-26 07:29:55 ----RD---- C:\WINDOWS\Microsoft.NET
2017-09-26 07:28:03 ----D---- C:\WINDOWS\CbsTemp
2017-09-26 07:22:45 ----D---- C:\WINDOWS\AppReadiness
2017-09-26 07:22:44 ----HD---- C:\Program Files\WindowsApps
2017-09-26 00:06:21 ----D---- C:\WINDOWS\system32\LogFiles
2017-09-25 23:22:29 ----D---- C:\WINDOWS\system32\SleepStudy
2017-09-25 23:05:06 ----D---- C:\Users\msi PC\AppData\Roaming\Twitch
2017-09-25 12:04:05 ----HD---- C:\ProgramData
2017-09-25 12:03:48 ----D---- C:\WINDOWS\system32\Tasks
2017-09-25 12:03:32 ----RD---- C:\Program Files (x86)
2017-09-25 12:00:56 ----D---- C:\WINDOWS\system32\DriverStore
2017-09-25 12:00:56 ----D---- C:\WINDOWS\system32\CatRoot
2017-09-25 12:00:56 ----D---- C:\WINDOWS\INF
2017-09-25 12:00:54 ----D---- C:\WINDOWS\system32\catroot2
2017-09-25 08:02:16 ----SHD---- C:\System Volume Information
2017-09-24 14:58:25 ----D---- C:\Users\msi PC\AppData\Roaming\vlc
2017-09-22 19:04:30 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-22 19:01:17 ----D---- C:\WINDOWS\system32\drivers\etc
2017-09-18 18:32:55 ----D---- C:\WINDOWS\WinSxS
2017-09-15 01:54:41 ----D---- C:\WINDOWS\system32\WDI
2017-09-15 01:38:06 ----D---- C:\WINDOWS\SoftwareDistribution
2017-09-15 01:17:55 ----D---- C:\Program Files (x86)\Steam
2017-09-15 01:17:44 ----DC---- C:\WINDOWS\Panther
2017-09-15 01:17:44 ----D---- C:\WINDOWS\ModemLogs
2017-09-15 01:17:44 ----D---- C:\WINDOWS\debug
2017-09-15 00:15:07 ----SHD---- C:\WINDOWS\Installer
2017-09-15 00:15:03 ----D---- C:\WINDOWS\SysWOW64
2017-09-14 23:53:47 ----D---- C:\Users\msi PC\AppData\Roaming\Apple Computer
2017-09-14 23:19:58 ----RD---- C:\Program Files
2017-09-13 07:24:51 ----D---- C:\WINDOWS\SYSWOW64\Macromed
2017-09-12 23:27:07 ----D---- C:\WINDOWS\system32\MRT
2017-09-12 23:26:28 ----D---- C:\WINDOWS\system32\drivers
2017-09-12 23:21:53 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-09-12 23:21:27 ----D---- C:\Program Files\Common Files
2017-09-12 23:21:05 ----D---- C:\ProgramData\Apple
2017-09-12 23:21:05 ----D---- C:\Program Files (x86)\Common Files
2017-09-12 23:04:41 ----D---- C:\WINDOWS\Logs
2017-09-10 12:48:12 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2017-09-09 20:33:58 ----D---- C:\Fraps
2017-09-02 17:15:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2017-09-01 14:46:31 ----D---- C:\Program Files\DIFX
2017-09-01 14:22:57 ----D---- C:\WINDOWS\system32\drivers\UMDF

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\WINDOWS\system32\DRIVERS\edevmon.sys [2016-12-13 106768]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R0 nvpciflt;nvpciflt; C:\WINDOWS\system32\DRIVERS\nvpciflt.sys [2017-06-26 47032]
R1 eamonm;eamonm; C:\WINDOWS\system32\DRIVERS\eamonm.sys [2016-12-13 132272]
R1 ehdrv;ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [2016-12-13 180544]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2014-12-21 40344]
R1 epfw;epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [2016-12-13 77616]
R1 epfwwfp;epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [2016-12-13 96856]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R1 MpKsl0d85c4b5;MpKsl0d85c4b5; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0D9B0D8E-D44C-49AD-88D3-64C9AD5BFA77}\MpKsl0d85c4b5.sys [2017-09-26 44928]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 ekbdflt;ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [2016-12-13 49672]
R2 LGCoreTemp;Logitech CPU Core Tempurature; \??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [2015-06-21 14184]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-03-18 79872]
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys [2017-03-18 85504]
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
R3 ETD;@oem38.inf,%PS2DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2017-05-04 603216]
R3 ETDSMBus;ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [2017-05-04 31824]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2017-03-17 7961584]
R3 KillerEth;@e2xw10x64.inf,%RIVET.Service.DispName%;NDIS Miniport Driver for Killer PCI-E Gigabit Ethernet Controller; C:\WINDOWS\System32\drivers\e2xw10x64.sys [2017-03-18 145920]
R3 LGBusEnum;@oem17.inf,%LGBusEnum.SVCDESC%;Logitech Gaming Virtual Bus Enumerator Driver; C:\WINDOWS\system32\drivers\LGBusEnum.sys [2017-06-27 36496]
R3 LGJoyXlCore;@oem17.inf,%LGJoyXlCore.SVCDESC%;Logitech Translation Layer Driver (LGS); C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [2017-06-27 67736]
R3 MEIx64;@oem11.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2016-04-04 195152]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_0401a47bc69f625c\nvlddmkm.sys [2017-06-26 14456952]
R3 nvvad_WaveExtensible;@oem34.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-07-26 48064]
R3 nvvhci;@oem3.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-08-18 57792]
R3 RtkBtFilter;@oem21.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [2015-03-11 593624]
R3 RTSPER;@oem52.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [2017-02-23 760968]
R3 rtwlane_13;@netrtwlane_13.inf,%rtwlane_13.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter; C:\WINDOWS\System32\drivers\rtwlane_13.sys [2017-03-18 3717120]
S0 eelam;eelam; C:\WINDOWS\system32\DRIVERS\eelam.sys [2016-12-13 15488]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-03-18 36760]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth Stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2017-03-18 181248]
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys [2017-08-18 105472]
S3 BthHFAud;@wdma_bt.inf,%DISPLAY_NAME%;Bluetooth Hands-Free; C:\WINDOWS\system32\DRIVERS\BthHfAud.sys [2017-03-18 47104]
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-08-18 97280]
S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2017-07-11 130048]
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\system32\DRIVERS\BTHport.sys [2017-08-18 982016]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-03-18 39424]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2017-05-18 131984]
S3 dtultrascsibus;DAEMON Tools Ultra Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [2017-02-12 30264]
S3 dtultrausbbus;DAEMON Tools Ultra Virtual USB Bus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [2017-02-12 47672]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 ggflt;SOMC USB Flash Driver Filter; C:\WINDOWS\System32\drivers\ggflt.sys [2017-05-02 16088]
S3 ggsomc;SOMC USB Flash Driver; C:\WINDOWS\System32\drivers\ggsomc.sys [2017-05-02 30424]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2012-09-11 4142864]
S3 IntcDAud;@oem51.inf,%IntcDAud.SvcDesc%;Intel(R) Zvuk pre obrazovky; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys [2016-05-12 481768]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 KMWDFILTER;HIDServiceDesc; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [2009-04-29 30208]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-08-18 30144]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfdx64.sys []
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2017-08-18 180736]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2017-05-18 166288]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-09-07 83768]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 462096]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_9ba8026;Connected Devices Platform User Service_9ba8026; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2016-12-14 2836296]
R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2017-05-04 144096]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2017-03-17 365040]
R2 LogiRegistryService;Logitech Gaming Registry Service; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [2017-06-27 225400]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-18 512960]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-08-18 449984]
R2 OneSyncSvc_9ba8026;Sync Host_9ba8026; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-07-11 336320]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 PimIndexMaintenanceSvc_9ba8026;Kontaktné údaje_9ba8026; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-06 153168]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-03-17 292848]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_9ba8026;DevicesFlow_9ba8026; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-06 153168]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-09-11 673080]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_9ba8026;MessagingService_9ba8026; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-08-18 512960]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2012-06-11 724376]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2017-07-18 1608480]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]

-----------------EOF-----------------

#3 Příspěvek od **Rudy** » 27 zář 2017 20:09

Zdravím!
FRST Launcher je upravený FRST. Některé antiviry ho vyhodnotí jako virus, i když není. Běžně ho tu používáme. Při stažení vypněte antivir, případně ho stáhněte přes IE. Pokud by se stále nedařilo, použijte běžný FRST: http://www.bleepingcomputer.com/downloa ... scan-tool/ . V desítkách musím pracovat pouze s FRST, při mazání přes RSIT by se mohl poškodit systém.

To3@s · #4 Příspěvek od **To3@s** » 28 zář 2017 07:03

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-09-2017 01
Ran by msi PC (administrator) on DESKTOP-02H91O1 (28-09-2017 08:02:15)
Running from C:\Users\msi PC\Desktop
Loaded Profiles: msi PC (Available Profiles: msi PC)
Platform: Windows 10 Home Version 1703 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Lenovo) C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.26.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.5798\Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\Program Files (x86)\Blizzard App\Battle.net.9397\Battle.net.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Blizzard App\Battle.net.9397\Battle.net Helper.exe
() C:\Program Files (x86)\Blizzard App\Battle.net.9397\Battle.net Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Wow-64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GameBarPresenceWriter.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(forum.viry.cz) C:\Users\msi PC\Desktop\FRST-OlderVersion\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\PING.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3366624 2017-05-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17652344 2017-06-27] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM-x32\...\Run: [MagicPlus_helper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [3267208 2016-08-15] (Lenovo)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [uTorrent] => C:\Users\msi PC\AppData\Roaming\uTorrent\uTorrent.exe [1982144 2017-09-26] (BitTorrent Inc.)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {19cf6b7f-88d9-11e7-86c3-240a649d0023} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {97e5f77d-9a44-11e7-bba3-240a649ce882} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {9ea0cafd-9e32-11e7-bba4-240a649ce882} - "F:\Lenovo_Suite.exe"
Startup: C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexonCs.vbs [2017-08-02] ()
Startup: C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-08-20]
ShortcutTarget: Twitch.lnk -> C:\Users\msi PC\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{572df3df-5cc4-46ba-84c2-cadf47c5d1bb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c623cfa5-ecf2-42d7-a396-e17aa1b0ea98}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-24] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-26] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: jv34688q.default
FF ProfilePath: C:\Users\msi PC\AppData\Roaming\Firefox\Firefox\Profiles\jv34688q.default [2017-05-22] <==== ATTENTION
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData2
CHR HomePage: ChromeDefaultData2 -> hxxp://google.sk/
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://google.sk/"
CHR Profile: C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-09-28] <==== ATTENTION
CHR Extension: (Prezentácie Google) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-07]
CHR Extension: (Dokumenty Google) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-07]
CHR Extension: (Disk Google) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-07]
CHR Extension: (YouTube) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-07]
CHR Extension: (Tampermonkey) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-09-08]
CHR Extension: (Adobe Acrobat) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-30]
CHR Extension: (Google Apps Script) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\eoieeedlomnegifmaghhjnghhmcldobl [2017-05-07]
CHR Extension: (Tabuľky Google) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-07]
CHR Extension: (AdBlock) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-09-19]
CHR Extension: (The West) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2017-05-07]
CHR Extension: (Skype) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Script Installation Services/Website Setup) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ojkfkmbechelifpehnokcfhlamloapmc [2017-05-07]
CHR Extension: (Gmail) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-19]
CHR HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2016-12-14] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144096 2017-05-04] (ELAN Microelectronics Corp.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-03-17] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-06-27] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2017-02-12] (Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2017-02-12] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132272 2016-12-13] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106768 2016-12-13] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-12-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180544 2016-12-13] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49672 2016-12-13] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77616 2016-12-13] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [96856 2016-12-13] (ESET)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31824 2017-05-04] (ELAN Microelectronic Corp.)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2017-05-02] (Sony Mobile Communications)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-06-27] (Logitech Inc.)
R1 MpKsl294fd422; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{472A3090-2ABF-4B4C-9580-0DB88BFCAD2E}\MpKsl294fd422.sys [44928 2017-09-27] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_0401a47bc69f625c\nvlddmkm.sys [14456952 2017-06-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation)
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [593624 2015-03-11] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [760968 2017-02-23] (Realsil Semiconductor Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2017-03-18] (Realtek Semiconductor Corporation )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-04-30] (Wellbia.com Co., Ltd.)
S3 pccsmcfd; \SystemRoot\system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-28 08:02 - 2017-09-28 08:02 - 000018423 _____ C:\Users\msi PC\Desktop\FRST.txt
2017-09-28 07:51 - 2017-09-28 07:51 - 000015327 _____ C:\Users\msi PC\Desktop\LM.bat
2017-09-28 07:51 - 2017-09-28 07:51 - 000000000 ____D C:\Users\msi PC\Desktop\FRST-OlderVersion
2017-09-27 11:24 - 2017-09-27 11:24 - 000000000 ____D C:\Users\msi PC\AppData\LocalLow\uTorrent
2017-09-26 23:20 - 2017-09-26 23:20 - 000000000 ____D C:\rsit
2017-09-26 23:13 - 2017-09-26 23:13 - 001222144 _____ C:\Users\msi PC\Desktop\RSITx64.exe
2017-09-26 23:12 - 2017-09-28 07:51 - 002399744 _____ (Farbar) C:\Users\msi PC\Desktop\FRST64.exe
2017-09-26 23:12 - 2017-09-28 07:51 - 000000000 ____D C:\Users\msi PC\Desktop\132
2017-09-26 23:09 - 2017-09-26 23:11 - 000000000 ____D C:\Users\msi PC\Downloads\2. série
2017-09-26 23:09 - 2017-09-26 23:09 - 000027878 _____ C:\Users\msi PC\Downloads\[CzT]Vikingove_Vikings_2_serie_CZ_TvRip_.torrent
2017-09-25 12:04 - 2017-09-25 12:04 - 000000000 ____D C:\ProgramData\icondir
2017-09-25 12:03 - 2017-09-25 12:04 - 000001934 _____ C:\Users\Public\Desktop\乐助手.lnk
2017-09-25 12:03 - 2017-09-25 12:03 - 000004172 _____ C:\WINDOWS\System32\Tasks\lenovo mobile auto run
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\乐助手
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 ____D C:\Program Files (x86)\MagicPlus
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 ____D C:\MagicPlus
2017-09-25 12:00 - 2017-09-25 12:03 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Lenovo
2017-09-25 12:00 - 2017-09-25 12:01 - 000000000 ____D C:\Users\msi PC\.android
2017-09-25 12:00 - 2017-09-25 12:00 - 000000000 ____D C:\Program Files (x86)\LenovoUsbDriver
2017-09-25 11:54 - 2017-09-25 11:54 - 000000000 ____D C:\Users\msi PC\Desktop\Vikingové
2017-09-22 19:01 - 2017-09-26 07:18 - 000000515 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-09-17 09:50 - 2017-09-17 09:50 - 000012232 _____ C:\Users\msi PC\Downloads\[CzT]Labuti_princezna_7_Kralovska_mise_The_Swan_Princess_Royally_Undercover_2017_CZ_.torrent
2017-09-17 09:49 - 2017-09-17 09:49 - 000215836 _____ C:\Users\msi PC\Downloads\[CzT]Ozzy_2016_CZ_SK_720pLQ_.torrent
2017-09-15 12:22 - 2017-09-17 09:49 - 000000000 ____D C:\Users\msi PC\Downloads\Alien.Covenant.2017.BRRip.XviD.AC3.CZ-PiRaTE
2017-09-15 11:30 - 2017-09-15 11:30 - 000000000 ____D C:\Users\msi PC\Downloads\Pirates.of.the.Caribbean.Dead.Men.Tell.No.Tales.2017.WEB-DL.XviD.AC3.CZ-PiRaTE
2017-09-15 11:29 - 2017-09-15 11:29 - 000019074 _____ C:\Users\msi PC\Downloads\[CzT]Pirati_z_Karibiku_Salazarova_pomsta_Pirates_of_the_Caribbean_Dead_Men_Tell_No_Tales_2017_CZ_WebRip_.torrent
2017-09-15 11:28 - 2017-09-17 09:49 - 000000000 ____D C:\Users\msi PC\Downloads\Guardians.of.the.Galaxy.Vol.2.2017.BRRip.XviD.AC3.CZ-PiRaTE
2017-09-15 11:28 - 2017-09-15 11:28 - 000018156 _____ C:\Users\msi PC\Downloads\[CzT]Strazci_Galaxie_Vol_2_Guardians_of_the_Galaxy_Vol_2_2017_CZ_.torrent
2017-09-15 11:28 - 2017-09-15 11:28 - 000016372 _____ C:\Users\msi PC\Downloads\[CzT]Vetrelec_Covenant_Alien_Covenant_2017_CZ_.torrent
2017-09-15 09:14 - 2017-09-15 09:14 - 000000936 _____ C:\Users\Public\Desktop\Diablo III.lnk
2017-09-15 09:14 - 2017-09-15 09:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2017-09-15 01:43 - 2017-09-15 09:30 - 000000000 ____D C:\Program Files (x86)\Diablo III
2017-09-15 00:54 - 2017-09-15 00:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test
2017-09-15 00:14 - 2017-09-15 00:14 - 000000000 ____D C:\Users\msi PC\AppData\Local\NokiaAccount
2017-09-15 00:11 - 2017-09-15 01:54 - 000000000 ____D C:\Program Files (x86)\Diablo III Public Test
2017-09-14 23:19 - 2017-09-14 23:19 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-09-14 23:19 - 2017-09-14 23:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-09-14 23:19 - 2017-09-14 23:19 - 000000000 ____D C:\Program Files\iTunes
2017-09-14 23:19 - 2017-09-14 23:19 - 000000000 ____D C:\Program Files\iPod
2017-09-14 23:17 - 2017-09-14 23:17 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-09-14 23:17 - 2017-09-14 23:17 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2017-09-14 23:12 - 2017-09-14 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-09-12 23:21 - 2017-09-14 23:17 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-09-12 23:21 - 2017-09-14 23:12 - 000000000 ____D C:\Program Files\Common Files\Apple
2017-09-12 23:21 - 2017-09-12 23:21 - 000000000 ____D C:\Program Files\Bonjour
2017-09-12 23:21 - 2017-09-12 23:21 - 000000000 ____D C:\Program Files (x86)\Bonjour
2017-09-12 07:29 - 2017-09-12 07:29 - 000000000 ____D C:\Users\msi PC\Desktop\Five Finger Death Punch - Discography
2017-09-12 07:28 - 2017-09-12 07:28 - 000000000 ____D C:\Users\msi PC\Documents\FeedbackHub
2017-09-11 23:43 - 2017-09-11 23:53 - 881525766 _____ C:\Users\msi PC\Desktop\Five-Finger-Death-Punch---Discography-by-PETR.V.rar
2017-09-09 18:05 - 2017-09-09 18:05 - 004212384 _____ (Husdawg, LLC) C:\Users\msi PC\Desktop\Detection.exe
2017-09-03 15:19 - 2017-09-03 15:19 - 000000000 ____D C:\Users\msi PC\Downloads\Vikingové
2017-09-01 14:47 - 2017-09-01 14:47 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Nokia
2017-09-01 14:46 - 2017-09-01 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
2017-09-01 14:46 - 2017-09-01 14:46 - 000000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2017-09-01 14:32 - 2017-09-01 14:32 - 000000000 ____D C:\ProgramData\Installations
2017-09-01 14:22 - 2017-09-01 14:22 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2017-09-01 14:22 - 2017-09-01 14:22 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2017-09-01 14:13 - 2017-09-01 14:47 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\PC Suite
2017-09-01 14:13 - 2017-09-01 14:22 - 000000000 ____D C:\ProgramData\PC Suite
2017-09-01 14:13 - 2017-09-01 14:21 - 000000000 ____D C:\Users\msi PC\AppData\Local\Nokia
2017-09-01 14:12 - 2017-09-15 00:15 - 000000000 ____D C:\ProgramData\Nokia
2017-09-01 14:12 - 2013-01-23 10:31 - 000057856 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsX64.dll
2017-09-01 14:09 - 2017-09-15 00:15 - 000000000 ____D C:\Program Files (x86)\Nokia
2017-09-01 14:09 - 2017-09-01 14:09 - 000000000 ____D C:\ProgramData\NokiaInstallerCache
2017-08-30 11:47 - 2017-08-30 12:28 - 3358991599 _____ C:\Users\msi PC\Downloads\Game.of.Thrones.S07E07.720p.WEB.H264.CZ.Titulky.mkv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-28 08:02 - 2017-05-05 22:23 - 000000000 ____D C:\FRST
2017-09-28 07:57 - 2017-07-26 18:51 - 000000000 ____D C:\Users\msi PC\AppData\Local\Battle.net
2017-09-28 07:51 - 2017-05-03 22:00 - 000029696 _____ C:\Users\msi PC\AppData\Local\MSGBOX.EXE
2017-09-28 07:49 - 2017-08-18 12:55 - 000000000 ____D C:\Users\msi PC
2017-09-28 07:47 - 2017-07-26 18:52 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2017-09-28 07:46 - 2017-08-18 12:59 - 000004214 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C64E399A-027A-4EC2-85B6-848EE54437CA}
2017-09-28 07:46 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-28 07:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-28 07:44 - 2017-08-18 12:54 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-28 07:42 - 2017-08-18 12:55 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-28 07:42 - 2017-01-09 20:47 - 000000000 __SHD C:\Users\msi PC\IntelGraphicsProfiles
2017-09-28 00:12 - 2017-08-18 12:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-27 23:05 - 2017-07-26 18:58 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2017-09-27 12:32 - 2017-01-12 01:04 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\uTorrent
2017-09-27 10:06 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-26 23:20 - 2017-05-03 22:06 - 000000000 ____D C:\Program Files\trend micro
2017-09-25 23:05 - 2017-08-20 18:58 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Twitch
2017-09-25 12:00 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-24 14:58 - 2017-01-09 20:45 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\vlc
2017-09-22 19:04 - 2017-08-18 13:01 - 003477908 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-22 19:04 - 2017-03-06 22:41 - 001912608 _____ C:\WINDOWS\system32\perfh01B.dat
2017-09-22 19:04 - 2017-03-06 22:41 - 000567086 _____ C:\WINDOWS\system32\perfc01B.dat
2017-09-22 16:49 - 2017-08-18 12:59 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1862971310-3561655192-1180766120-1001
2017-09-22 16:49 - 2017-01-09 20:40 - 000002374 _____ C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-22 16:49 - 2017-01-09 20:40 - 000000000 ___RD C:\Users\msi PC\OneDrive
2017-09-22 04:28 - 2017-05-06 19:52 - 000002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-20 20:36 - 2017-08-18 12:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-20 20:36 - 2017-08-18 12:54 - 000306200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-20 17:40 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-09-16 09:01 - 2017-01-09 20:38 - 000000000 ____D C:\Users\msi PC\AppData\Local\Packages
2017-09-15 01:43 - 2017-01-12 18:34 - 000000000 ____D C:\Users\msi PC\Documents\Diablo III
2017-09-15 01:17 - 2017-08-11 19:13 - 000000000 ___DC C:\WINDOWS\Panther
2017-09-15 01:17 - 2017-04-30 13:29 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-15 01:17 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-09-15 01:17 - 2017-01-26 08:25 - 000000000 ____D C:\Users\msi PC\AppData\Local\CrashDumps
2017-09-14 23:53 - 2017-03-27 20:18 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Apple Computer
2017-09-14 23:53 - 2017-03-27 20:18 - 000000000 ____D C:\Users\msi PC\AppData\Local\Apple Computer
2017-09-13 07:24 - 2017-08-18 12:59 - 000004422 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-09-13 07:24 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-12 23:27 - 2017-01-09 21:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-12 23:21 - 2017-03-27 20:16 - 000000000 ____D C:\ProgramData\Apple
2017-09-12 23:21 - 2017-01-09 21:17 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-12 07:31 - 2017-01-09 20:45 - 000001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-09-10 12:48 - 2017-08-18 12:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-09-09 20:33 - 2017-07-25 16:14 - 000000000 ____D C:\Fraps
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-01 14:46 - 2017-01-09 21:21 - 000000000 ____D C:\Program Files\DIFX
2017-08-31 23:08 - 2017-01-09 20:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2017-07-02 12:37 - 2017-07-02 12:37 - 000000008 _____ () C:\Users\msi PC\AppData\Roaming\00000602001520
2017-03-27 21:36 - 2017-04-09 11:06 - 000000040 _____ () C:\Users\msi PC\AppData\Roaming\cdr.ini
2017-05-03 22:00 - 2017-09-28 07:51 - 000029696 _____ () C:\Users\msi PC\AppData\Local\MSGBOX.EXE
2017-07-25 10:10 - 2017-07-25 10:10 - 000000003 _____ () C:\Users\msi PC\AppData\Local\updater.log
2017-07-25 10:10 - 2017-07-28 19:35 - 000000059 _____ () C:\Users\msi PC\AppData\Local\UserProducts.xml
2017-01-10 22:47 - 2017-01-10 22:47 - 000000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-24 14:51

==================== End of FRST.txt ============================

#5 Příspěvek od **Rudy** » 28 zář 2017 18:54

OK. Teď spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

To3@s · #6 Příspěvek od **To3@s** » 28 zář 2017 22:12

# AdwCleaner 7.0.3.0 - Logfile created on Thu Sep 28 21:11:51 2017
# Updated on 2017/28/09 by Malwarebytes
# Database: 09-27-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Users\msi PC\AppData\Roaming\Firefox
PUP.Optional.Legacy, C:\Users\msi PC\AppData\Local\WANARE

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

Adware.Elex, [Key] - HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
Adware.Ghokswa, [Key] - HKLM\SOFTWARE\Dayglad
Adware.Ghokswa, [Key] - HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\Software\Dayglad
Adware.Ghokswa, [Key] - HKCU\Software\Dayglad
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\ecb`nl
PUP.Optional.Legacy, [Key] - HKU\.DEFAULT\Software\ecb`nl
PUP.Optional.Legacy, [Key] - HKU\S-1-5-18\Software\ecb`nl
Adware.Elex.SHHKRST, [Key] - HKLM\SOFTWARE\initialpage123Software
PUP.Optional.StartPage, [Key] - HKLM\SOFTWARE\ourluckysitesSoftware
PUP.Optional.StartPage.ShrtCln, [Key] - HKLM\SOFTWARE\ourluckysitesSoftware

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

#7 Příspěvek od **Rudy** » 29 zář 2017 10:51

Ještě musíte kliknout v ADW na mazání. Pak dejte nový log FRST.

To3@s · #8 Příspěvek od **To3@s** » 29 zář 2017 22:27

# AdwCleaner 7.0.3.0 - Logfile created on Fri Sep 29 21:25:44 2017
# Updated on 2017/28/09 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\msi PC\AppData\Roaming\\Firefox
Deleted: C:\Users\msi PC\AppData\Local\WANARE

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\{84416237-6490-494D-9AD6-4994DD978971}
Deleted: [Key] - HKLM\SOFTWARE\Dayglad
Deleted: [Key] - HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\Software\Dayglad
Deleted: [Key] - HKCU\Software\Dayglad
Deleted: [Key] - HKLM\SOFTWARE\ecb`nl
Deleted: [Key] - HKU\.DEFAULT\Software\ecb`nl
Deleted: [Key] - HKU\S-1-5-18\Software\ecb`nl
Deleted: [Key] - HKLM\SOFTWARE\initialpage123Software
Deleted: [Key] - HKLM\SOFTWARE\ourluckysitesSoftware
Deleted: [Key] - HKLM\SOFTWARE\ourluckysitesSoftware

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1647 B] - [2017/9/28 21:11:51]
C:/AdwCleaner/AdwCleaner[S1].txt - [1715 B] - [2017/9/29 21:24:49]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

To3@s · #9 Příspěvek od **To3@s** » 29 zář 2017 22:29

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-09-2017
Ran by msi PC (administrator) on DESKTOP-02H91O1 (29-09-2017 23:27:52)
Running from C:\Users\msi PC\Desktop
Loaded Profiles: msi PC (Available Profiles: msi PC)
Platform: Windows 10 Home Version 1703 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Lenovo) C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3366624 2017-05-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17652344 2017-06-27] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKLM-x32\...\Run: [MagicPlus_helper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [3267208 2016-08-15] (Lenovo)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [uTorrent] => C:\Users\msi PC\AppData\Roaming\uTorrent\uTorrent.exe [1982144 2017-09-26] (BitTorrent Inc.)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [Boxoft Tools] => C:\ProgramData\Boxtools\Boxofttoolbox.exe [514048 2010-12-15] ()
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9818328 2017-06-30] (Piriform Ltd)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {19cf6b7f-88d9-11e7-86c3-240a649d0023} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {97e5f77d-9a44-11e7-bba3-240a649ce882} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {9ea0cafd-9e32-11e7-bba4-240a649ce882} - "F:\Lenovo_Suite.exe"
Startup: C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexonCs.vbs [2017-08-02] ()
Startup: C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2017-08-20]
ShortcutTarget: Twitch.lnk -> C:\Users\msi PC\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{572df3df-5cc4-46ba-84c2-cadf47c5d1bb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c623cfa5-ecf2-42d7-a396-e17aa1b0ea98}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-24] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-24] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-26] (Oracle Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-24] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: ChromeDefaultData2
CHR HomePage: ChromeDefaultData2 -> hxxp://google.sk/
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://google.sk/"
CHR Profile: C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-09-29] <==== ATTENTION
CHR Extension: (Prezentácie Google) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-07]
CHR Extension: (Dokumenty Google) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-07]
CHR Extension: (Disk Google) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-07]
CHR Extension: (YouTube) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-07]
CHR Extension: (Tampermonkey) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-09-08]
CHR Extension: (Adobe Acrobat) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-30]
CHR Extension: (Google Apps Script) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\eoieeedlomnegifmaghhjnghhmcldobl [2017-05-07]
CHR Extension: (Tabuľky Google) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-07]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-07]
CHR Extension: (AdBlock) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-09-19]
CHR Extension: (The West) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ilkgeioneoemibpddeiamfgiofnpjifm [2017-05-07]
CHR Extension: (Skype) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Script Installation Services/Website Setup) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ojkfkmbechelifpehnokcfhlamloapmc [2017-05-07]
CHR Extension: (Gmail) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-19]
CHR HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2836296 2016-12-14] (ESET)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144096 2017-05-04] (ELAN Microelectronics Corp.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-03-17] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-06-27] (Logitech Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-08-18] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-05-01] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-08-18] (NVIDIA Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2017-02-12] (Disc Soft Ltd)
S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2017-02-12] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [132272 2016-12-13] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106768 2016-12-13] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-12-13] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180544 2016-12-13] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [49672 2016-12-13] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [77616 2016-12-13] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [96856 2016-12-13] (ESET)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31824 2017-05-04] (ELAN Microelectronic Corp.)
S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2017-05-02] (Sony Mobile Communications)
R3 KillerEth; C:\WINDOWS\System32\drivers\e2xw10x64.sys [145920 2017-03-18] (Qualcomm Atheros, Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-06-27] (Logitech Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvmi.inf_amd64_0401a47bc69f625c\nvlddmkm.sys [14456952 2017-06-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [48064 2017-07-26] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-08-18] (NVIDIA Corporation)
R3 RtkBtFilter; C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys [593624 2015-03-11] (Realtek Semiconductor Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [760968 2017-02-23] (Realsil Semiconductor Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2017-03-18] (Realtek Semiconductor Corporation )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-04-30] (Wellbia.com Co., Ltd.)
S3 pccsmcfd; \SystemRoot\system32\DRIVERS\pccsmcfdx64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-29 23:22 - 2017-09-29 23:23 - 008249808 _____ (Malwarebytes) C:\Users\msi PC\Desktop\adwcleaner_7.0.3.0.exe
2017-09-28 23:10 - 2017-09-29 23:24 - 000000000 ____D C:\AdwCleaner
2017-09-28 08:02 - 2017-09-29 23:28 - 000016553 _____ C:\Users\msi PC\Desktop\FRST.txt
2017-09-28 08:02 - 2017-09-28 08:03 - 000042272 _____ C:\Users\msi PC\Desktop\Addition.txt
2017-09-28 07:51 - 2017-09-29 23:27 - 000000000 ____D C:\Users\msi PC\Desktop\FRST-OlderVersion
2017-09-28 07:51 - 2017-09-28 07:51 - 000015327 _____ C:\Users\msi PC\Desktop\LM.bat
2017-09-26 23:20 - 2017-09-26 23:20 - 000000000 ____D C:\rsit
2017-09-26 23:13 - 2017-09-26 23:13 - 001222144 _____ C:\Users\msi PC\Desktop\RSITx64.exe
2017-09-26 23:12 - 2017-09-29 23:27 - 002399744 _____ (Farbar) C:\Users\msi PC\Desktop\FRST64.exe
2017-09-26 23:12 - 2017-09-28 23:10 - 000000000 ____D C:\Users\msi PC\Desktop\132
2017-09-26 23:09 - 2017-09-26 23:11 - 000000000 ____D C:\Users\msi PC\Downloads\2. série
2017-09-26 23:09 - 2017-09-26 23:09 - 000027878 _____ C:\Users\msi PC\Downloads\[CzT]Vikingove_Vikings_2_serie_CZ_TvRip_.torrent
2017-09-25 12:04 - 2017-09-28 09:54 - 000000000 ____D C:\ProgramData\icondir
2017-09-25 12:03 - 2017-09-28 09:54 - 000001934 _____ C:\Users\Public\Desktop\乐助手.lnk
2017-09-25 12:03 - 2017-09-25 12:03 - 000004172 _____ C:\WINDOWS\System32\Tasks\lenovo mobile auto run
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\乐助手
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 ____D C:\Program Files (x86)\MagicPlus
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 ____D C:\MagicPlus
2017-09-25 12:00 - 2017-09-25 12:03 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Lenovo
2017-09-25 12:00 - 2017-09-25 12:01 - 000000000 ____D C:\Users\msi PC\.android
2017-09-25 12:00 - 2017-09-25 12:00 - 000000000 ____D C:\Program Files (x86)\LenovoUsbDriver
2017-09-25 11:54 - 2017-09-25 11:54 - 000000000 ____D C:\Users\msi PC\Desktop\Vikingové
2017-09-22 19:01 - 2017-09-26 07:18 - 000000515 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-09-17 09:50 - 2017-09-17 09:50 - 000012232 _____ C:\Users\msi PC\Downloads\[CzT]Labuti_princezna_7_Kralovska_mise_The_Swan_Princess_Royally_Undercover_2017_CZ_.torrent
2017-09-17 09:49 - 2017-09-17 09:49 - 000215836 _____ C:\Users\msi PC\Downloads\[CzT]Ozzy_2016_CZ_SK_720pLQ_.torrent
2017-09-15 12:22 - 2017-09-17 09:49 - 000000000 ____D C:\Users\msi PC\Downloads\Alien.Covenant.2017.BRRip.XviD.AC3.CZ-PiRaTE
2017-09-15 11:30 - 2017-09-15 11:30 - 000000000 ____D C:\Users\msi PC\Downloads\Pirates.of.the.Caribbean.Dead.Men.Tell.No.Tales.2017.WEB-DL.XviD.AC3.CZ-PiRaTE
2017-09-15 11:29 - 2017-09-15 11:29 - 000019074 _____ C:\Users\msi PC\Downloads\[CzT]Pirati_z_Karibiku_Salazarova_pomsta_Pirates_of_the_Caribbean_Dead_Men_Tell_No_Tales_2017_CZ_WebRip_.torrent
2017-09-15 11:28 - 2017-09-17 09:49 - 000000000 ____D C:\Users\msi PC\Downloads\Guardians.of.the.Galaxy.Vol.2.2017.BRRip.XviD.AC3.CZ-PiRaTE
2017-09-15 11:28 - 2017-09-15 11:28 - 000018156 _____ C:\Users\msi PC\Downloads\[CzT]Strazci_Galaxie_Vol_2_Guardians_of_the_Galaxy_Vol_2_2017_CZ_.torrent
2017-09-15 11:28 - 2017-09-15 11:28 - 000016372 _____ C:\Users\msi PC\Downloads\[CzT]Vetrelec_Covenant_Alien_Covenant_2017_CZ_.torrent
2017-09-15 09:14 - 2017-09-15 09:14 - 000000936 _____ C:\Users\Public\Desktop\Diablo III.lnk
2017-09-15 09:14 - 2017-09-15 09:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2017-09-15 01:43 - 2017-09-15 09:30 - 000000000 ____D C:\Program Files (x86)\Diablo III
2017-09-15 00:54 - 2017-09-15 00:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test
2017-09-15 00:14 - 2017-09-15 00:14 - 000000000 ____D C:\Users\msi PC\AppData\Local\NokiaAccount
2017-09-15 00:11 - 2017-09-15 01:54 - 000000000 ____D C:\Program Files (x86)\Diablo III Public Test
2017-09-14 23:19 - 2017-09-14 23:19 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-09-14 23:19 - 2017-09-14 23:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-09-14 23:19 - 2017-09-14 23:19 - 000000000 ____D C:\Program Files\iTunes
2017-09-14 23:19 - 2017-09-14 23:19 - 000000000 ____D C:\Program Files\iPod
2017-09-14 23:17 - 2017-09-14 23:17 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-09-14 23:17 - 2017-09-14 23:17 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2017-09-14 23:12 - 2017-09-14 23:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-09-12 23:21 - 2017-09-14 23:17 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-09-12 23:21 - 2017-09-14 23:12 - 000000000 ____D C:\Program Files\Common Files\Apple
2017-09-12 23:21 - 2017-09-12 23:21 - 000000000 ____D C:\Program Files\Bonjour
2017-09-12 23:21 - 2017-09-12 23:21 - 000000000 ____D C:\Program Files (x86)\Bonjour
2017-09-12 07:29 - 2017-09-12 07:29 - 000000000 ____D C:\Users\msi PC\Desktop\Five Finger Death Punch - Discography
2017-09-12 07:28 - 2017-09-12 07:28 - 000000000 ____D C:\Users\msi PC\Documents\FeedbackHub
2017-09-11 23:43 - 2017-09-11 23:53 - 881525766 _____ C:\Users\msi PC\Desktop\Five-Finger-Death-Punch---Discography-by-PETR.V.rar
2017-09-09 18:05 - 2017-09-09 18:05 - 004212384 _____ (Husdawg, LLC) C:\Users\msi PC\Desktop\Detection.exe
2017-09-03 15:19 - 2017-09-03 15:19 - 000000000 ____D C:\Users\msi PC\Downloads\Vikingové
2017-09-01 14:47 - 2017-09-01 14:47 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Nokia
2017-09-01 14:46 - 2017-09-01 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nokia PC Suite
2017-09-01 14:46 - 2017-09-01 14:46 - 000000000 ____D C:\Program Files (x86)\PC Connectivity Solution
2017-09-01 14:32 - 2017-09-01 14:32 - 000000000 ____D C:\ProgramData\Installations
2017-09-01 14:22 - 2017-09-01 14:22 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_PCCSWpdDriver_01_09_00.Wdf
2017-09-01 14:22 - 2017-09-01 14:22 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ccdcmbx64_01009.Wdf
2017-09-01 14:13 - 2017-09-01 14:47 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\PC Suite
2017-09-01 14:13 - 2017-09-01 14:22 - 000000000 ____D C:\ProgramData\PC Suite
2017-09-01 14:13 - 2017-09-01 14:21 - 000000000 ____D C:\Users\msi PC\AppData\Local\Nokia
2017-09-01 14:12 - 2017-09-15 00:15 - 000000000 ____D C:\ProgramData\Nokia
2017-09-01 14:12 - 2013-01-23 10:31 - 000057856 _____ (Nokia) C:\WINDOWS\system32\nmwcdclsX64.dll
2017-09-01 14:09 - 2017-09-15 00:15 - 000000000 ____D C:\Program Files (x86)\Nokia
2017-09-01 14:09 - 2017-09-01 14:09 - 000000000 ____D C:\ProgramData\NokiaInstallerCache
2017-08-30 11:47 - 2017-08-30 12:28 - 3358991599 _____ C:\Users\msi PC\Downloads\Game.of.Thrones.S07E07.720p.WEB.H264.CZ.Titulky.mkv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-29 23:27 - 2017-05-05 22:23 - 000000000 ____D C:\FRST
2017-09-29 23:26 - 2017-08-18 12:59 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-29 23:26 - 2017-08-18 12:55 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-29 23:26 - 2017-08-18 12:54 - 000306200 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-29 23:26 - 2017-08-18 12:54 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-29 23:26 - 2017-01-09 20:47 - 000000000 __SHD C:\Users\msi PC\IntelGraphicsProfiles
2017-09-29 23:25 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-09-29 23:19 - 2017-08-18 12:59 - 000004214 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C64E399A-027A-4EC2-85B6-848EE54437CA}
2017-09-29 23:19 - 2017-07-26 18:52 - 000000000 ____D C:\Program Files (x86)\Blizzard App
2017-09-29 23:19 - 2017-07-26 18:51 - 000000000 ____D C:\Users\msi PC\AppData\Local\Battle.net
2017-09-29 12:30 - 2017-08-18 12:55 - 000000000 ____D C:\Users\msi PC
2017-09-29 10:24 - 2017-07-26 18:58 - 000000000 ____D C:\Program Files (x86)\World of Warcraft
2017-09-29 10:23 - 2017-08-18 12:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-29 10:18 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-29 07:37 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-29 07:37 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-28 09:56 - 2017-01-12 01:04 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\uTorrent
2017-09-26 23:20 - 2017-05-03 22:06 - 000000000 ____D C:\Program Files\trend micro
2017-09-25 23:05 - 2017-08-20 18:58 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Twitch
2017-09-25 12:00 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-24 14:58 - 2017-01-09 20:45 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\vlc
2017-09-22 19:04 - 2017-08-18 13:01 - 003477908 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-22 19:04 - 2017-03-06 22:41 - 001912608 _____ C:\WINDOWS\system32\perfh01B.dat
2017-09-22 19:04 - 2017-03-06 22:41 - 000567086 _____ C:\WINDOWS\system32\perfc01B.dat
2017-09-22 16:49 - 2017-08-18 12:59 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1862971310-3561655192-1180766120-1001
2017-09-22 16:49 - 2017-01-09 20:40 - 000002374 _____ C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-22 16:49 - 2017-01-09 20:40 - 000000000 ___RD C:\Users\msi PC\OneDrive
2017-09-22 04:28 - 2017-05-06 19:52 - 000002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-16 09:01 - 2017-01-09 20:38 - 000000000 ____D C:\Users\msi PC\AppData\Local\Packages
2017-09-15 01:43 - 2017-07-26 18:54 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Battle.net
2017-09-15 01:43 - 2017-01-12 18:34 - 000000000 ____D C:\Users\msi PC\Documents\Diablo III
2017-09-15 01:17 - 2017-08-11 19:13 - 000000000 ___DC C:\WINDOWS\Panther
2017-09-15 01:17 - 2017-04-30 13:29 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-15 01:17 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-09-15 01:17 - 2017-01-26 08:25 - 000000000 ____D C:\Users\msi PC\AppData\Local\CrashDumps
2017-09-14 23:53 - 2017-03-27 20:18 - 000000000 ____D C:\Users\msi PC\AppData\Roaming\Apple Computer
2017-09-14 23:53 - 2017-03-27 20:18 - 000000000 ____D C:\Users\msi PC\AppData\Local\Apple Computer
2017-09-13 07:24 - 2017-08-18 12:59 - 000004422 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-09-13 07:24 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-12 23:27 - 2017-01-09 21:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-12 23:21 - 2017-03-27 20:16 - 000000000 ____D C:\ProgramData\Apple
2017-09-12 23:21 - 2017-01-09 21:17 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-12 07:31 - 2017-01-09 20:45 - 000001143 _____ C:\Users\Public\Desktop\VLC media player.lnk
2017-09-10 12:48 - 2017-08-18 12:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-09-09 20:33 - 2017-07-25 16:14 - 000000000 ____D C:\Fraps
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-01 14:46 - 2017-01-09 21:21 - 000000000 ____D C:\Program Files\DIFX
2017-08-31 23:08 - 2017-01-09 20:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2017-07-02 12:37 - 2017-07-02 12:37 - 000000008 _____ () C:\Users\msi PC\AppData\Roaming\00000602001520
2017-03-27 21:36 - 2017-04-09 11:06 - 000000040 _____ () C:\Users\msi PC\AppData\Roaming\cdr.ini
2017-07-25 10:10 - 2017-07-25 10:10 - 000000003 _____ () C:\Users\msi PC\AppData\Local\updater.log
2017-07-25 10:10 - 2017-07-28 19:35 - 000000059 _____ () C:\Users\msi PC\AppData\Local\UserProducts.xml
2017-01-10 22:47 - 2017-01-10 22:47 - 000000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-09-24 14:51

==================== End of FRST.txt ============================

#10 Příspěvek od **Rudy** » 30 zář 2017 10:38

OK. Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {19cf6b7f-88d9-11e7-86c3-240a649d0023} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {97e5f77d-9a44-11e7-bba3-240a649ce882} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {9ea0cafd-9e32-11e7-bba4-240a649ce882} - "F:\Lenovo_Suite.exe"
Startup: C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexonCs.vbs [2017-08-02] ()
CHR Profile: C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-09-29] <==== ATTENTION
C:\Users\Public\Desktop\乐助手.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\乐助手
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

To3@s · #11 Příspěvek od **To3@s** » 30 zář 2017 10:42

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-09-2017
Ran by msi PC (30-09-2017 11:40:19) Run:4
Running from C:\Users\msi PC\Desktop
Loaded Profiles: msi PC (Available Profiles: msi PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {19cf6b7f-88d9-11e7-86c3-240a649d0023} - "F:\Lenovo_Suite.exe"
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {97e5f77d-9a44-11e7-bba3-240a649ce882} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\...\MountPoints2: {9ea0cafd-9e32-11e7-bba4-240a649ce882} - "F:\Lenovo_Suite.exe"
Startup: C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexonCs.vbs [2017-08-02] ()
CHR Profile: C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-09-29] <==== ATTENTION
C:\Users\Public\Desktop\???.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\???
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

EmptyTemp:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19cf6b7f-88d9-11e7-86c3-240a649d0023} => key removed successfully
HKLM\Software\Classes\CLSID\{19cf6b7f-88d9-11e7-86c3-240a649d0023} => key not found.
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{97e5f77d-9a44-11e7-bba3-240a649ce882} => key removed successfully
HKLM\Software\Classes\CLSID\{97e5f77d-9a44-11e7-bba3-240a649ce882} => key not found.
HKU\S-1-5-21-1862971310-3561655192-1180766120-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ea0cafd-9e32-11e7-bba4-240a649ce882} => key removed successfully
HKLM\Software\Classes\CLSID\{9ea0cafd-9e32-11e7-bba4-240a649ce882} => key not found.
C:\Users\msi PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NexonCs.vbs => moved successfully
C:\Users\msi PC\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 => moved successfully
"C:\Users\Public\Desktop\???.lnk" => not found.
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\???" => not found.
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12693824 B
Java, Flash, Steam htmlcache => 12108790 B
Windows/system/drivers => 2095356 B
Edge => 3180954 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 11006 B
NetworkService => 31048 B
msi PC => 76761029 B

RecycleBin => 638519964 B
EmptyTemp: => 718.4 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 11:40:41 ====

#12 Příspěvek od **Rudy** » 30 zář 2017 10:46

V pořádku. Log by již měl být OK.

To3@s · #13 Příspěvek od **To3@s** » 30 zář 2017 10:47

Ďakujem krásne a pekný zvyšok dňa

#14 Příspěvek od **Rudy** » 30 zář 2017 11:56

Hezký den i vám a nemáte zač!

VIRY.CZ

Prosím o preventívku

Prosím o preventívku

Re: Prosím o preventívku

Re: Prosím o preventívku

Re: Prosím o preventívku

Re: Prosím o preventívku

Re: Prosím o preventívku

Re: Prosím o preventívku

Re: Prosím o preventívku

Re: Prosím o preventívku

Re: Prosím o preventívku

Re: Prosím o preventívku

Re: Prosím o preventívku

Re: Prosím o preventívku

Re: Prosím o preventívku