Prosím o kontrolu (100% využití procesoru, zasekané, ...) Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu (100% využití procesoru, zasekané, ...)

Příspěvekod jaro3 » 24 čer 2019 21:43

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost


ještě to projedem.

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
JimmyTudeski
nováček
Příspěvky: 30
Registrován: červen 19
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu (100% využití procesoru, zasekané, ...)

Příspěvekod JimmyTudeski » 25 čer 2019 10:42

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2019
Ran by uzivatel (administrator) on DESKTOP-IERC611 (Gigabyte Technology Co., Ltd. B360M-DS3H) (25-06-2019 10:35:14)
Running from D:\data\Plocha
Loaded Profiles: uzivatel (Available Profiles: uzivatel)
Platform: Windows 10 Home Version 1809 17763.557 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19053.13.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0339148.inf_amd64_2aa98027cbb86d51\B339146\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0339148.inf_amd64_2aa98027cbb86d51\B339146\atiesrxx.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\uzivatel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files\Steam\Steam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2018-02-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [757184 2018-06-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [177928 2019-04-17] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-21-2044785028-3156583648-1372798179-1001\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3148576 2019-06-18] (Valve -> Valve Corporation)
HKU\S-1-5-21-2044785028-3156583648-1372798179-1001\...\Run: [Spotify] => C:\Users\uzivatel\AppData\Roaming\Spotify\Spotify.exe [25386912 2019-06-19] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2044785028-3156583648-1372798179-1001\...\MountPoints2: {be834ecc-24c3-11e9-8f61-806e6f6e6963} - "D:\Run.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.119\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B1F3235-2EC4-4BF6-B9A1-591332992F3A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26803808 2019-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {0C6A5460-465C-471C-B947-2D9FD7F355C4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152112 2019-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {15C27D3C-8164-44A4-A8FD-ECF8D6816D41} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-02-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {1AFEB9A4-89AC-46FE-8EBF-9909B0D94BEA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152112 2019-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {30C15774-2D14-45C5-B4B3-72DA710B7BB0} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {33599CE8-4AAC-4171-817E-1A3936755268} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-02-13] (Advanced Micro Devices, Inc.) [File not signed]
Task: {34984849-E95E-439E-9E5C-458C6F693B69} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6440520 2019-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {36FC37DD-5406-4626-8C3C-B52987B0F1E7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26803808 2019-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {4BD8D5E1-7362-490E-842B-2302E7018063} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-31] (Google Inc -> Google Inc.)
Task: {4F50FB2A-7D6F-4317-8597-AC9946310BC6} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe
Task: {8B780719-5D40-4495-B7DA-91534548B5EB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [817472 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {98EDB720-DFD8-45CC-8E8C-58BFEC62ECDF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6440520 2019-06-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {B0DB17F3-016A-4048-ADF7-404D2305B5BF} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [648256 2019-06-17] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {C4EFBBB8-F69A-40A4-A8E7-4AA17D82157E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {EF1FAFBE-1CC5-4D4F-9782-3F4A12CF242C} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-02-13] (Advanced Micro Devices, Inc.) [File not signed]
Task: {F72E02B5-05A7-4F56-BF0C-75A2F8C44CE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-31] (Google Inc -> Google Inc.)
Task: {FFDFCE05-91AE-47B9-B558-3C7F2409FAAD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-06-24] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.88.1 10.107.4.100 10.107.4.129
Tcpip\..\Interfaces\{f5ad9351-f062-4e5e-a9ee-1f035074bfa6}: [DhcpNameServer] 192.168.88.1 10.107.4.100 10.107.4.129

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-2044785028-3156583648-1372798179-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2044785028-3156583648-1372798179-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-06-13] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-21] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-13] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-06-21] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2044785028-3156583648-1372798179-1001 -> about:tabs
Edge Session Restore: HKU\S-1-5-21-2044785028-3156583648-1372798179-1001 -> is enabled.

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> file:///D:/DATA/Downloads/Wohnout---Laskonky-a-kremrole-(2014)/Wohnout%20-%20Laskonky%20a%20kremrole%20(2014)
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.google.com/"
CHR Profile: C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default [2019-06-25]
CHR Extension: (Prezentace) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-24]
CHR Extension: (Dokumenty) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-24]
CHR Extension: (Disk Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-24]
CHR Extension: (YouTube) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-24]
CHR Extension: (Tabulky) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-24]
CHR Extension: (Dokumenty Google offline) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-24]
CHR Extension: (Google Play) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2019-06-24]
CHR Extension: (Mapy Google) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2019-06-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-24]
CHR Extension: (Gmail) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-24]
CHR Extension: (Chrome Media Router) - C:\Users\uzivatel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-24]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\System32\DriverStore\FileRepository\c0339148.inf_amd64_2aa98027cbb86d51\B339146\atiesrxx.exe [509040 2019-02-13] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11409504 2019-06-20] (Microsoft Corporation -> Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-17] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-17] (ESET, spol. s r.o. -> ESET)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [743728 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [720184 2017-11-16] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [214672 2018-01-31] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2303792 2019-05-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3175728 2019-05-31] (Electronic Arts, Inc. -> Electronic Arts)
R2 RtkAudioUniversalService; C:\Windows\System32\RtkAudUService64.exe [757184 2018-06-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2019-01-30] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2019-01-30] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0339148.inf_amd64_2aa98027cbb86d51\B339146\atikmdag.sys [52815992 2019-02-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DriverStore\FileRepository\c0339148.inf_amd64_2aa98027cbb86d51\B339146\atikmpag.sys [590960 2019-02-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [103240 2019-02-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2019-06-24] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [107400 2018-10-03] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [145600 2019-03-16] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188240 2019-03-16] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50144 2018-10-17] (ESET, spol. s r.o. -> ESET)
S4 epfw; C:\Windows\system32\DRIVERS\epfw.sys [82304 2018-10-17] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110000 2019-03-16] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
S3 gdrv; C:\Windows\gdrv.sys [26792 2019-01-30] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [123544 2017-10-15] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R0 iaStorAC; C:\Windows\System32\drivers\iaStorAC.sys [942128 2018-02-13] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-06-23] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-06-25] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-06-25] (Malwarebytes Corporation -> Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-06-23] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [117344 2019-06-25] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [1010648 2017-10-20] (Realtek Semiconductor Corp. -> Realtek )
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46680 2019-01-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [330936 2019-01-30] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [62136 2019-01-30] (Microsoft Windows -> Microsoft Corporation)
S0 edevmon; system32\DRIVERS\edevmon.sys [X]
U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

JimmyTudeski
nováček
Příspěvky: 30
Registrován: červen 19
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu (100% využití procesoru, zasekané, ...)

Příspěvekod JimmyTudeski » 25 čer 2019 10:43

==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-25 10:35 - 2019-06-25 10:35 - 000000000 ____D C:\FRST
2019-06-25 09:04 - 2019-06-25 09:04 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-06-25 09:04 - 2019-06-25 09:04 - 000117344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-06-25 09:04 - 2019-06-25 09:04 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-06-24 19:28 - 2019-06-25 10:35 - 001147462 _____ C:\Windows\ZAM.krnl.trace
2019-06-24 19:28 - 2019-06-24 19:28 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2019-06-24 19:28 - 2019-06-24 19:28 - 000003564 _____ C:\Windows\System32\Tasks\AMHelper
2019-06-24 19:28 - 2019-06-24 19:28 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Zemana
2019-06-24 19:28 - 2019-06-24 19:28 - 000000000 ____D C:\Users\uzivatel\AppData\Local\AMSDK
2019-06-24 19:28 - 2019-06-24 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-06-24 19:28 - 2019-06-24 19:28 - 000000000 ____D C:\Program Files (x86)\Zemana
2019-06-24 19:17 - 2014-02-13 23:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2019-06-24 19:03 - 2019-06-24 19:14 - 000000000 ____D C:\zoek_backup
2019-06-24 10:07 - 2019-06-24 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2019-06-24 10:07 - 2019-06-24 10:07 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2019-06-24 10:02 - 2019-06-24 10:03 - 000000000 ____D C:\ProgramData\RogueKiller
2019-06-24 09:14 - 2019-06-24 09:14 - 000000000 ____D C:\ProgramData\Sophos
2019-06-24 09:13 - 2019-06-24 09:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2019-06-24 09:13 - 2019-06-24 09:13 - 000000000 ____D C:\Program Files (x86)\Sophos
2019-06-23 20:03 - 2019-06-23 20:03 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-06-23 20:03 - 2019-06-23 20:03 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-06-23 20:03 - 2019-06-23 20:03 - 000000000 ____D C:\Users\uzivatel\AppData\Local\mbamtray
2019-06-23 20:03 - 2019-06-23 20:03 - 000000000 ____D C:\Users\uzivatel\AppData\Local\mbam
2019-06-23 20:03 - 2019-06-23 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-23 20:03 - 2019-06-23 20:03 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-23 20:03 - 2019-06-23 20:03 - 000000000 ____D C:\Program Files\Malwarebytes
2019-06-23 20:03 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-06-23 20:03 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-06-19 10:51 - 2019-06-19 10:51 - 000000000 ____D C:\Program Files\UNP
2019-06-14 12:20 - 2019-06-14 12:20 - 026808320 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 023438336 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 022114960 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 020816384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 018999296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 017484800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 015221248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 012869120 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 012162048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 007884288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 007875072 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 007724992 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 007687576 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 007645392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 006926336 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 006547144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 006441472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 006309256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 006068224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 005764608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 005588184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 005297152 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 005210904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 005112792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 005086208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 004997096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 004883968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 004661760 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 004627456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 003983872 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 003906560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 003426816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 003385344 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 003363640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 003344896 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 003270144 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 003091968 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 002999808 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 002928640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 002926096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 002777736 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 002707968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 002690048 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 002653696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 002638336 _____ (Microsoft Corporation) C:\Windows\system32\smartscreen.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 002627600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 002469440 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 002323696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 002276192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 002096128 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-14 12:20 - 2019-06-14 12:20 - 002085168 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 002017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-06-14 12:20 - 2019-06-14 12:20 - 001929216 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001903616 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001899160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001860608 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001860096 ____R (The ICU Project) C:\Windows\system32\icuin.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001761280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001750016 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001700312 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-06-14 12:20 - 2019-06-14 12:20 - 001670840 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001644544 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001618944 ____R (The ICU Project) C:\Windows\SysWOW64\icuin.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001616384 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001605120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001485312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001483872 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001471040 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 001466496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001462272 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001342904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-06-14 12:20 - 2019-06-14 12:20 - 001331536 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001315328 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001313792 _____ (Microsoft Corporation) C:\Windows\system32\NotificationController.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001298952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001260048 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2019-06-14 12:20 - 2019-06-14 12:20 - 001256448 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001255936 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001254912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001253688 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 001229824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 001223168 _____ (Microsoft Corporation) C:\Windows\system32\HoloSI.PCShell.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001219424 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001180184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 001098136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 001048592 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 001032704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001005056 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 001000448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000971776 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000924160 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000863544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000853504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000850760 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000804352 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000791040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000787456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000773632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000769536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000758688 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 000756736 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000752144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000735232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000730592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000699392 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000676048 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000669184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapi.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 000651064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000615440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000604344 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000586040 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000570368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000555232 _____ (Microsoft Corporation) C:\Windows\system32\AppResolver.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000553664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000540720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000532992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000531968 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000515152 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000513904 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000506192 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcext.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\DDDS.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000478720 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000474936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-14 12:20 - 2019-06-14 12:20 - 000462136 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000451104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000430904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000427688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppResolver.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\SDDS.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000419368 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000404792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000398848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000398208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000389120 _____ (Microsoft Corporation) C:\Windows\system32\BingASDS.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000386576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000375544 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 000375296 _____ (Microsoft Corporation) C:\Windows\system32\esentutl.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000365056 _____ (Microsoft Corporation) C:\Windows\system32\NotificationControllerPS.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000362496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000351232 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicSvc.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000340480 _____ (Microsoft Corporation) C:\Windows\system32\credprovhost.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000331264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esentutl.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 000311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fveapibase.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000292664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000287912 _____ (Microsoft Corporation) C:\Windows\system32\SIHClient.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 000282424 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credprovhost.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000275456 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000262160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicCapsule.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000247608 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\JpnServiceDS.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 000218624 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000196920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000195072 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\FilterDS.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spacebridge.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSrv.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 000162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000156984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000152896 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000152400 _____ (Microsoft Corporation) C:\Windows\system32\KerbClientShared.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000137056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000125528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KerbClientShared.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000122680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000114648 _____ (Microsoft Corporation) C:\Windows\system32\CompPkgSup.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000101176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryBroker.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\BingFilterDS.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000091424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CompPkgSup.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000090424 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000087864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000080400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-06-14 12:20 - 2019-06-14 12:20 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\WaaSMedicAgent.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\TokenBrokerUI.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AssignedAccessRuntime.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBrokerUI.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\UsoClient.exe
2019-06-14 12:20 - 2019-06-14 12:20 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AssignedAccessRuntime.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryCore.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\slcext.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000019968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slcext.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-14 12:20 - 2019-06-14 12:20 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-06-14 12:20 - 2019-06-14 12:20 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-06-14 12:20 - 2019-06-14 12:20 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-06-14 12:20 - 2019-06-14 12:20 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-06-14 12:20 - 2019-06-14 12:20 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-06-14 12:20 - 2019-06-14 12:20 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-06-14 12:20 - 2019-06-14 12:20 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-06-14 12:20 - 2019-06-14 12:20 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-06-13 12:21 - 2019-06-13 12:21 - 001993528 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2019-06-04 18:10 - 2019-06-04 18:10 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\Macromedia
2019-06-03 09:37 - 2019-06-03 09:37 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2019-06-03 09:37 - 2019-06-03 09:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 19
2019-05-31 11:23 - 2019-05-31 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™
2019-05-31 11:23 - 2019-05-31 11:23 - 000000000 ____D C:\ProgramData\Electronic Arts
2019-05-31 10:00 - 2019-06-24 10:51 - 000000000 ____D C:\Program Files (x86)\Origin Games
2019-05-31 09:59 - 2019-06-01 09:32 - 000000000 ____D C:\Program Files (x86)\Origin
2019-05-31 09:59 - 2019-05-31 09:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2019-05-31 09:56 - 2019-06-24 18:49 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\Origin
2019-05-31 09:56 - 2019-06-24 10:51 - 000000000 ____D C:\ProgramData\Origin
2019-05-31 09:56 - 2019-05-31 12:16 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Origin
2019-05-31 09:56 - 2019-05-31 09:56 - 000000000 ____D C:\Users\uzivatel\.QtWebEngineProcess
2019-05-31 09:56 - 2019-05-31 09:56 - 000000000 ____D C:\Users\uzivatel\.Origin

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-25 09:47 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-25 09:02 - 2019-02-06 11:04 - 000000000 ____D C:\Program Files\Steam
2019-06-25 09:01 - 2019-05-18 07:59 - 000003118 _____ C:\Windows\System32\Tasks\AMDLinkUpdate
2019-06-25 09:01 - 2019-05-02 13:24 - 000000000 ____D C:\Users\uzivatel\AppData\Roaming\Spotify
2019-06-24 22:46 - 2019-01-30 21:23 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Packages
2019-06-24 22:29 - 2019-01-30 21:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-06-24 21:47 - 2019-01-30 21:25 - 000003386 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2044785028-3156583648-1372798179-1001
2019-06-24 21:47 - 2019-01-30 21:25 - 000000000 ___RD C:\Users\uzivatel\OneDrive
2019-06-24 21:47 - 2019-01-30 21:22 - 000002374 _____ C:\Users\uzivatel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-24 21:40 - 2019-01-30 22:48 - 000000000 ____D C:\Users\uzivatel\AppData\Local\D3DSCache
2019-06-24 21:40 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-24 21:40 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-06-24 19:29 - 2019-01-30 21:25 - 001609524 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-24 19:29 - 2018-09-15 19:32 - 000683396 _____ C:\Windows\system32\perfh005.dat
2019-06-24 19:29 - 2018-09-15 19:32 - 000137612 _____ C:\Windows\system32\perfc005.dat
2019-06-24 19:29 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-06-24 19:23 - 2019-01-30 22:06 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-06-24 19:23 - 2019-01-30 21:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-24 19:23 - 2018-09-15 08:09 - 000524288 _____ C:\Windows\system32\config\BBI
2019-06-24 19:03 - 2019-02-17 18:05 - 000000000 ____D C:\Users\uzivatel\AppData\Local\CrashDumps
2019-06-24 09:09 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-06-24 09:08 - 2019-02-05 17:02 - 000000000 ____D C:\Program Files\Microsoft Office
2019-06-23 20:03 - 2018-09-15 09:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-06-23 19:58 - 2019-01-30 22:46 - 000000000 ____D C:\Users\uzivatel\AppData\Local\AMD
2019-06-22 22:45 - 2019-01-30 21:23 - 000000000 ____D C:\Users\uzivatel\AppData\Local\VirtualStore
2019-06-21 15:05 - 2019-05-02 13:24 - 000000000 ____D C:\Users\uzivatel\AppData\Local\Spotify
2019-06-21 10:38 - 2019-01-31 22:17 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-16 22:30 - 2019-01-30 21:22 - 000000000 ____D C:\Users\uzivatel
2019-06-15 16:42 - 2019-01-31 22:17 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-14 14:28 - 2019-01-30 21:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-14 14:28 - 2019-01-30 21:17 - 000441360 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-14 14:27 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-14 14:27 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\migwiz
2019-06-14 14:27 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-06-14 12:34 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-06-13 12:22 - 2019-01-30 23:00 - 000000000 ____D C:\Windows\system32\MRT
2019-06-13 12:21 - 2019-01-30 23:00 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-13 12:14 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-06-10 19:57 - 2019-02-04 22:59 - 000000353 _____ C:\Windows\BRRBCOM.INI
2019-06-05 13:15 - 2018-10-17 16:37 - 000015800 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys
2019-05-31 20:03 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-31 20:03 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

JimmyTudeski
nováček
Příspěvky: 30
Registrován: červen 19
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu (100% využití procesoru, zasekané, ...)

Příspěvekod JimmyTudeski » 25 čer 2019 10:44

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-06-2019
Ran by uzivatel (25-06-2019 10:36:00)
Running from D:\data\Plocha
Windows 10 Home Version 1809 17763.557 (X64) (2019-01-30 19:21:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2044785028-3156583648-1372798179-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2044785028-3156583648-1372798179-503 - Limited - Disabled)
Guest (S-1-5-21-2044785028-3156583648-1372798179-501 - Limited - Disabled)
uzivatel (S-1-5-21-2044785028-3156583648-1372798179-1001 - Administrator - Enabled) => C:\Users\uzivatel
WDAGUtilityAccount (S-1-5-21-2044785028-3156583648-1372798179-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.2.2 - Advanced Micro Devices, Inc.)
Branding64 (HKLM\...\{EE2AFCE4-0238-4DE0-A140-1647021627C1}) (Version: 1.00.0001 - Advanced Micro Devices, Inc.) Hidden
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.73.1084 - AB Team, d.o.o.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7041 - CDBurnerXP)
CrystalDiskInfo 8.1.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.1.0 - Crystal Dew World)
ESET Security (HKLM\...\{F1544F11-BFCC-43CC-9D0C-169A7E99369E}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
FIFA 19 (HKLM-x32\...\{3391E07D-8484-4124-817E-FCBDA859FD62}) (Version: 1.0.60.53040 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1805.12.0.1097 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1727.1 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{55d73ea7-6354-42db-8831-02d048ae57f8}) (Version: 10.1.17541.8066 - Intel(R) Corporation) Hidden
IZArc 4.2 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.2 - Ivan Zahariev)
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11727.20210 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11727.20210 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2044785028-3156583648-1372798179-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Project Professional 2016 - cs-cz (HKLM\...\ProjectProRetail - cs-cz) (Version: 16.0.11727.20210 - Microsoft Corporation)
Microsoft Project Professional 2016 - en-us (HKLM\...\ProjectProRetail - en-us) (Version: 16.0.11727.20210 - Microsoft Corporation)
Microsoft Visio Professional 2016 - cs-cz (HKLM\...\VisioProRetail - cs-cz) (Version: 16.0.11727.20210 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM\...\VisioProRetail - en-us) (Version: 16.0.11727.20210 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Need for Speed™ (HKLM-x32\...\{F8643E83-A868-4EE8-A0B9-389386830453}) (Version: 1.3.0.0 - Electronic Arts)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11727.20210 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11727.20210 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.40.26928 - Electronic Arts, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.23.1003.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8295 - Realtek Semiconductor Corp.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Spotify (HKU\S-1-5-21-2044785028-3156583648-1372798179-1001\...\Spotify) (Version: 1.1.9.383.g9f48828e - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Zemana AntiMalware verze 3.1.290 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.290 - Zemana)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_CZ_is1) (Version: 18.0.1.2 - ZONER software)

Packages:
=========
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1530.2.0_x86__kgqvnymyfvs32 [2019-06-13] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_5.0.0.3_x86__m9bz608c1b9ra [2019-06-11] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.521.0_x64__rz1tebttyb220 [2019-03-11] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-01-30] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-30] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-30] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-15] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-01-30] (Thumbmunkeys Ltd) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.1.135.0_x64__dt26b99r8h8gj [2019-04-09] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] () [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] () [File not signed]
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2019-02-12] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-17] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-01-31 22:12 - 2012-07-20 14:39 - 002469888 _____ () [File not signed] C:\Program Files (x86)\IZArc\IZArcCM64.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-12-20 16:46 - 2018-12-20 16:46 - 002551808 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-05-31 09:59 - 2019-05-31 09:57 - 001548288 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2019-05-31 09:59 - 2019-05-31 09:57 - 000395776 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2019-05-31 09:59 - 2019-05-31 09:57 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2019-05-31 09:59 - 2019-05-31 09:57 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2019-05-31 09:59 - 2019-05-31 09:57 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2019-05-31 09:59 - 2019-05-31 09:57 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2019-05-31 09:59 - 2019-05-31 09:57 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2019-05-31 09:59 - 2019-05-31 09:57 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000040960 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000031744 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000345600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000025088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000024576 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000023552 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000502784 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 001413632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2019-02-12 20:10 - 2019-02-12 20:10 - 005786112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 006303232 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 001077248 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 000323584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 003556352 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 003699712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 000331264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 000355328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 076171264 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 000113152 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 005590528 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 000461312 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 000189952 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-12-20 16:45 - 2018-12-20 16:45 - 002821632 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000053760 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000059392 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000017408 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000327680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000137728 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000089600 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000017920 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2018-12-20 16:46 - 2018-12-20 16:46 - 000135680 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\AMD\CNext\CNext\styles\qwindowsvistastyle.dll

==================== Alternate Data Streams (Whitelisted) =========

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-09-15 09:31 - 2019-06-24 19:05 - 000000841 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-2044785028-3156583648-1372798179-1001\Control Panel\Desktop\\Wallpaper -> D:\data\Plocha\thumb-1920-396643.jpg
DNS Servers: 192.168.88.1 - 10.107.4.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{7C2934EA-EF26-4A4E-AB71-69BC905F52EF}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe (ZONER software) [File not signed]
FirewallRules: [{8CFD7216-EB80-470A-BA44-EE6845B87D27}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C8F05C25-5E27-4C27-89BE-24F272B7AE04}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A975B768-DAD2-43DE-9AFD-4ECCEE503EFB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{4D391E1E-1226-474F-936F-D4553DC051AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{B35FEDE0-4614-42A2-8358-8EA63A85AA7B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E2F66038-FED4-43AF-8870-0AB29AF7832D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{F0C0D1CC-0A01-48E0-A760-EA9069D1F3DC}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{34C07483-94F5-407E-A687-B770B4A6053F}] => (Allow) C:\Program Files\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{EA27CB1A-D149-443E-9FA2-9764028D76EE}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{587C368E-821F-4C0D-856C-228E0EDD7416}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{6DE12097-517F-415B-BEEF-C9E4E3ED6F6D}] => (Allow) C:\Program Files\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [{760F4B23-E7F8-41C8-9597-15CC3169976D}] => (Allow) C:\Program Files\Steam\steamapps\common\assettocorsa\AssettoCorsa.exe (Kunos Simulazioni) [File not signed]
FirewallRules: [{7E17B9CB-D8CB-43E9-8E52-5CB0249A9E59}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{42D2B65A-A0E0-4DBF-B66A-C474BC5EF41A}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{3CA30C76-F520-4A51-9633-8C7E6A72368E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{239E541D-D255-42AB-8BAD-29B8E631C7E7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{E8B74EE6-5F0A-44D1-803F-720743025D1A}C:\users\uzivatel\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\uzivatel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{1AEDE31B-840A-43AE-9FEB-113FF0554708}C:\users\uzivatel\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\uzivatel\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F34DD71D-423D-4C85-9479-597BD4A372EF}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B3873F65-4A07-42E9-BFCB-16DA9B776B5F}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{5819C016-232A-4201-AF57-8839EBDC90DA}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{4E464DFB-75F5-4EF8-9B0E-13008AA602D6}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16_trial.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{77828C9D-7C43-4152-80BA-88A3B98A929C}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed\NFS16_trial.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{59D0896B-9276-4C62-9552-F3AC22ADD501}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [{9065EB1B-3C20-4ABA-819F-8E7618BAF5C1}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 19\FIFASetup\fifaconfig.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{1AAD6E14-19F5-47E0-8B61-4EC705C8419C}C:\program files (x86)\origin games\fifa 19\fifa19.exe] => (Allow) C:\program files (x86)\origin games\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [UDP Query User{EAF74426-69A3-48AE-9AB8-1B2D2FA3A2D6}C:\program files (x86)\origin games\fifa 19\fifa19.exe] => (Allow) C:\program files (x86)\origin games\fifa 19\fifa19.exe (Electronic Arts, Inc. -> Electronic Arts)
FirewallRules: [TCP Query User{1BD4DEDF-346B-445F-9A4D-463A9D69B086}C:\program files\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) C:\program files\steam\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [UDP Query User{32FADA66-FAE5-430F-832F-63DF9B4F59E8}C:\program files\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) C:\program files\steam\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [TCP Query User{4D9BB4CF-2639-4F99-AC44-C2E2BE2CC0AD}C:\program files\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) C:\program files\steam\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [UDP Query User{C6F04D36-2ACA-47EB-9836-3C4EB189B4D4}C:\program files\steam\steamapps\common\assettocorsa\acs.exe] => (Allow) C:\program files\steam\steamapps\common\assettocorsa\acs.exe () [File not signed]
FirewallRules: [{04B269A4-D8D6-4B33-9467-9136751EDC55}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

03-06-2019 09:37:29 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
12-06-2019 12:05:29 Naplánovaný kontrolní bod
21-06-2019 17:18:34 Naplánovaný kontrolní bod
24-06-2019 09:06:05 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/24/2019 07:03:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17763.475, časové razítko: 0x9877ee8b
Kód výjimky: 0xc0000409
Posun chyby: 0x0011c762
ID chybujícího procesu: 0x13a4
Čas spuštění chybující aplikace: 0x01d52aaebe502a1a
Cesta k chybující aplikaci: D:\data\Plocha\zoek.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 243aaa5d-263c-40ed-a130-c3dedbef756b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/24/2019 01:30:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NFS16.exe, verze: 1.0.0.0, časové razítko: 0x57155d11
Název chybujícího modulu: NFS16.exe, verze: 1.0.0.0, časové razítko: 0x57155d11
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000047cfa59
ID chybujícího procesu: 0x3238
Čas spuštění chybující aplikace: 0x01d52a7772535970
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
ID zprávy: b6c1be87-e2ff-4a6a-80ce-d076fb8dc186
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/24/2019 11:39:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NFS16.exe, verze: 1.0.0.0, časové razítko: 0x57155d11
Název chybujícího modulu: NFS16.exe, verze: 1.0.0.0, časové razítko: 0x57155d11
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000047cfa59
ID chybujícího procesu: 0xde8
Čas spuštění chybující aplikace: 0x01d52a6da0b32037
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
ID zprávy: bee651bf-7469-4134-8eda-6ef62bb9bbe5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/24/2019 11:15:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NFS16.exe, verze: 1.0.0.0, časové razítko: 0x57155d11
Název chybujícího modulu: NFS16.exe, verze: 1.0.0.0, časové razítko: 0x57155d11
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000047cfa59
ID chybujícího procesu: 0x2b20
Čas spuštění chybující aplikace: 0x01d52a69fe511447
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
ID zprávy: 6cc74bdd-2d17-4446-be8f-ac24a3564db7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/24/2019 10:10:12 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RogueKiller_portable64.exe verze 13.2.2.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 17a4

Čas spuštění: 01d52a633e0e01c0

Čas ukončení: 4294967295

Cesta k aplikaci: D:\data\Plocha\RogueKiller_portable64.exe

ID hlášení: 0997506b-764a-4047-ad98-6655f0907839

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Top level window is idle

Error: (06/22/2019 06:49:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Microsoft.Photos.exe verze 2019.19041.16510.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: dcc

Čas spuštění: 01d528d296fc8174

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

ID hlášení: 30c2249a-d479-4fd1-a3f2-00953b66e725

Úplný název balíčku s chybou: Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe

ID aplikace relativní podle balíčku s chybou: App

Typ zablokování: Quiesce

Error: (06/16/2019 06:37:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program explorer.exe verze 10.0.17763.348 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 1638

Čas spuštění: 01d52402b2b62f4d

Čas ukončení: 0

Cesta k aplikaci: C:\Windows\explorer.exe

ID hlášení: 00cc803f-5f6e-49df-a091-eb6117dab4fa

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Unknown

Error: (06/04/2019 11:18:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NFS16.exe, verze: 1.0.0.0, časové razítko: 0x57155d11
Název chybujícího modulu: NFS16.exe, verze: 1.0.0.0, časové razítko: 0x57155d11
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000034476fa
ID chybujícího procesu: 0x36f4
Čas spuštění chybující aplikace: 0x01d51aac815a0c8d
Cesta k chybující aplikaci: C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Origin Games\Need for Speed\NFS16.exe
ID zprávy: 7d11e611-3657-4957-a69e-c5cc8b9c9072
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (06/25/2019 10:31:39 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IERC611)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-IERC611\uzivatel (SID: S-1-5-21-2044785028-3156583648-1372798179-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/25/2019 09:01:58 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IERC611)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-IERC611\uzivatel (SID: S-1-5-21-2044785028-3156583648-1372798179-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/25/2019 09:01:58 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IERC611)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-IERC611\uzivatel (SID: S-1-5-21-2044785028-3156583648-1372798179-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/25/2019 09:01:58 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IERC611)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-IERC611\uzivatel (SID: S-1-5-21-2044785028-3156583648-1372798179-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/24/2019 10:46:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IERC611)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli DESKTOP-IERC611\uzivatel (SID: S-1-5-21-2044785028-3156583648-1372798179-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (S-1-15-2-3633769401-4254176415-1261075828-1509550471-1939920827-1152469692-1137340935). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/24/2019 08:40:22 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IERC611)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-IERC611\uzivatel (SID: S-1-5-21-2044785028-3156583648-1372798179-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/24/2019 07:30:51 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IERC611)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-IERC611\uzivatel (SID: S-1-5-21-2044785028-3156583648-1372798179-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (06/24/2019 07:27:04 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-IERC611)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-IERC611\uzivatel (SID: S-1-5-21-2044785028-3156583648-1372798179-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2019-02-04 13:14:07.273
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.285.608.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-02-04 13:14:07.273
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.285.608.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-02-04 13:14:07.273
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.285.608.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-02-04 13:14:07.268
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.285.608.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-02-04 13:14:07.268
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.285.608.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15600.4
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2019-06-24 19:25:52.445
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-24 19:25:52.433
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-24 19:25:52.416
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-06-24 19:25:52.404
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-04 17:00:34.745
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-04 17:00:34.743
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-04 17:00:34.738
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-02-04 17:00:34.736
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F6 07/13/2018
Motherboard: Gigabyte Technology Co., Ltd. B360M DS3H
Processor: Intel(R) Core(TM) i5-9400F CPU @ 2.90GHz
Percentage of memory in use: 31%
Total physical RAM: 16317.44 MB
Available physical RAM: 11246.67 MB
Total Virtual: 18749.44 MB
Available Virtual: 10245.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.29 GB) (Free:79.86 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.5 GB) (Free:631.86 GB) NTFS
Drive e: () (Removable) (Total:28.96 GB) (Free:25.34 GB) FAT32

\\?\Volume{a2fbd570-4e30-44f3-bddb-27ddcd9e4b28}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{ea292d4b-13fc-4737-aa27-387b13175997}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (Protective MBR) (Size: 29 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu (100% využití procesoru, zasekané, ...)

Příspěvekod jaro3 » 25 čer 2019 19:20

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
příště před skenem vypnout!

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
Task: {4BD8D5E1-7362-490E-842B-2302E7018063} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-31] (Google Inc -> Google Inc.)
Task: {F72E02B5-05A7-4F56-BF0C-75A2F8C44CE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-31] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-2044785028-3156583648-1372798179-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2044785028-3156583648-1372798179-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [{A975B768-DAD2-43DE-9AFD-4ECCEE503EFB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{4D391E1E-1226-474F-936F-D4553DC051AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{B35FEDE0-4614-42A2-8358-8EA63A85AA7B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E2F66038-FED4-43AF-8870-0AB29AF7832D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{EA27CB1A-D149-443E-9FA2-9764028D76EE}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{587C368E-821F-4C0D-856C-228E0EDD7416}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe No File

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

JimmyTudeski
nováček
Příspěvky: 30
Registrován: červen 19
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu (100% využití procesoru, zasekané, ...)

Příspěvekod JimmyTudeski » 26 čer 2019 10:26

Omlouvám se, příště to všechno vypnu.

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-06-2019
Ran by uzivatel (26-06-2019 10:21:46) Run:1
Running from D:\data\Plocha
Loaded Profiles: uzivatel (Available Profiles: uzivatel)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Task: {4BD8D5E1-7362-490E-842B-2302E7018063} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-31] (Google Inc -> Google Inc.)
Task: {F72E02B5-05A7-4F56-BF0C-75A2F8C44CE1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-01-31] (Google Inc -> Google Inc.)
SearchScopes: HKU\S-1-5-21-2044785028-3156583648-1372798179-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2044785028-3156583648-1372798179-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
FirewallRules: [{A975B768-DAD2-43DE-9AFD-4ECCEE503EFB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{4D391E1E-1226-474F-936F-D4553DC051AB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{B35FEDE0-4614-42A2-8358-8EA63A85AA7B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E2F66038-FED4-43AF-8870-0AB29AF7832D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{EA27CB1A-D149-443E-9FA2-9764028D76EE}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{587C368E-821F-4C0D-856C-228E0EDD7416}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe No File

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4BD8D5E1-7362-490E-842B-2302E7018063}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BD8D5E1-7362-490E-842B-2302E7018063}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F72E02B5-05A7-4F56-BF0C-75A2F8C44CE1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F72E02B5-05A7-4F56-BF0C-75A2F8C44CE1}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKU\S-1-5-21-2044785028-3156583648-1372798179-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2044785028-3156583648-1372798179-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A975B768-DAD2-43DE-9AFD-4ECCEE503EFB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4D391E1E-1226-474F-936F-D4553DC051AB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B35FEDE0-4614-42A2-8358-8EA63A85AA7B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E2F66038-FED4-43AF-8870-0AB29AF7832D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA27CB1A-D149-443E-9FA2-9764028D76EE}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{587C368E-821F-4C0D-856C-228E0EDD7416}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1171781164 B
Java, Flash, Steam htmlcache => 33717289 B
Windows/system/drivers => 763491 B
Edge => 343970559 B
Chrome => 536732805 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2708 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
uzivatel => 39791981 B

RecycleBin => 0 B
EmptyTemp: => 2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 10:22:41 ====

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu (100% využití procesoru, zasekané, ...)

Příspěvekod jaro3 » 26 čer 2019 18:35

Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

JimmyTudeski
nováček
Příspěvky: 30
Registrován: červen 19
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu (100% využití procesoru, zasekané, ...)

Příspěvekod JimmyTudeski » 27 čer 2019 10:01

Všechno je v pořádku. Mockrát děkuji za pomoc! :-)

# DelFix v1.013 - Logfile created 27/06/2019 at 09:59:27
# Updated 17/04/2016 by Xplode
# Username : uzivatel - DESKTOP-IERC611
# Operating System : Windows 10 Home (64 bits)

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\AdwCleaner
Deleted : C:\zoek-results.log
Deleted : D:\data\Plocha\Addition.txt
Deleted : D:\data\Plocha\AdwCleaner.exe
Deleted : D:\data\Plocha\AdwCleaner[S03].txt
Deleted : D:\data\Plocha\Fixlog.txt
Deleted : D:\data\Plocha\FRST.txt
Deleted : D:\data\Plocha\FRST64.exe
Deleted : D:\data\Plocha\JRT.exe
Deleted : D:\data\Plocha\JRT.txt
Deleted : D:\data\Plocha\HijackThis.exe
Deleted : D:\data\Plocha\hijackthis.log
Deleted : D:\data\Plocha\RogueKiller_portable64.exe
Deleted : D:\data\Plocha\TFC.exe
Deleted : D:\data\Plocha\zoek-results.txt
Deleted : HKLM\SOFTWARE\OldTimer Tools

~ Cleaning system restore ...

Deleted : RP #25 [Naplánovaný kontrolní bod | 06/12/2019 10:05:29]
Deleted : RP #26 [Naplánovaný kontrolní bod | 06/21/2019 15:18:34]
Deleted : RP #27 [JRT Pre-Junkware Removal | 06/24/2019 07:06:05]

New restore point created !

########## - EOF - ##########

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím o kontrolu (100% využití procesoru, zasekané, ...)  Vyřešeno

Příspěvekod jaro3 » 27 čer 2019 17:56

Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 13 hostů