Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Chrome zatěžuje procesot

Návody, recenze, diskuze, řešení problémů

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Odpovědět
Zpráva
Autor
Beza45
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 13 říj 2017 08:42

Chrome zatěžuje procesot

#1 Příspěvek od Beza45 »

Dobrý den a předem se omlouvám jsem tu nový...

Tak že nazval bych to asi hodně jednoduše...chrome mi pořád u mého Notebooku zatěžuje procesor...jen tak při brouzdání po internetu ale nejvíc když koukám na filmy online na internetu...to jede na max! Když otevřu v jinem prohlížeči je to pořád stejné... nevite prosim někdo co s tim..Děkuju

Fotka nejde vložit...nevim proč

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15196
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Chrome zatěžuje procesot

#2 Příspěvek od JaRon »

FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Beza45
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 13 říj 2017 08:42

Re: Chrome zatěžuje procesot

#3 Příspěvek od Beza45 »

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Lenovo on 16.10.2017 at 9:47:43,30.
Microsoft Windows 10 Home 10.0.15063 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\Lenovo\Downloads\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2017-10-16-074358.log 1742 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Skillbrains deleted
C:\PROGRA~3\Package Cache deleted
C:\WINDOWS\wininit.ini deleted
C:\windows\SysNative\tasks\update-S-1-5-21-1132558896-572766911-3905001776-1001 deleted
C:\windows\SysNative\tasks\update-sys deleted
C:\WINDOWS\tasks\update-S-1-5-21-1132558896-572766911-3905001776-1001.job deleted
C:\WINDOWS\tasks\update-sys.job deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted

==== Chromium Look ======================


HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bgjpfhpjcgdppjbgnpnjllokbmcdllig - No path found[]
blmojkbhnkkphngknkmgccmlenfaelkd - No path found[]
olfeabkoenfaoljndfecamgilllcpiak - No path found[]

AVG Web TuneUp - Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
Chrome Media Router - Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage deleted successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d10lpsik1i8c69.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_operation-flashpoint-dragon-rising.en.softonic.com_0.localstorage deleted successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_operation-flashpoint-dragon-rising.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_windows-xp-service-pack-3.en.softonic.com_0.localstorage deleted successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_windows-xp-service-pack-3.en.softonic.com_0.localstorage-journal deleted successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Lenovo\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Lenovo\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Lenovo\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Lenovo\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=78 folders=42 25364434 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Lenovo\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Cache\data_4" deleted
"C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted

==== EOF on 16.10.2017 at 10:00:41,43 ======================

Beza45
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 13 říj 2017 08:42

Re: Chrome zatěžuje procesot

#4 Příspěvek od Beza45 »

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by Lenovo (Administrator) on 16.10.2017 at 10:03:15,84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder)
Successfully deleted: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)



Registry: 3

Successfully deleted: HKCU\Software\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Registry Key)
Successfully deleted: HKCU\Software\Google\Chrome\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Registry Key)
Successfully deleted: HKCU\Software\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.10.2017 at 10:05:21,86
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15196
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Chrome zatěžuje procesot

#5 Příspěvek od JaRon »

je to lepsie ?
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Beza45
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 13 říj 2017 08:42

Re: Chrome zatěžuje procesot

#6 Příspěvek od Beza45 »

Spíše nee pořad stejne....

Jinak koukam na stranky.

http://simpsonovi.nikee.net/
https://sledujufilmy.cz/

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15196
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Chrome zatěžuje procesot

#7 Příspěvek od JaRon »

Vycisti PC s MBAM, log sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Beza45
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 13 říj 2017 08:42

Re: Chrome zatěžuje procesot

#8 Příspěvek od Beza45 »

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 16.10.17
Čas skenování: 22:17
Logovací soubor: ff13f0d4-b2ae-11e7-a7e6-68f728d02113.json
Správce: Ano

-Informace o softwaru-
Verze: 3.2.2.2029
Verze komponentů: 1.0.212
Aktualizovat verzi balíku komponent: 1.0.3026
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 15063.674)
CPU: x64
Systém souborů: NTFS
Uživatel: HONZA\Lenovo

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 395076
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 3 min, 8 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Beza45
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 13 říj 2017 08:42

Re: Chrome zatěžuje procesot

#9 Příspěvek od Beza45 »

https://prnt.sc/gy8pv0

tady je vidět když tu stranku spustim.. jinak malwarem to projiždím často

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15196
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Chrome zatěžuje procesot

#10 Příspěvek od JaRon »

vloz oba logy FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Beza45
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 13 říj 2017 08:42

Re: Chrome zatěžuje procesot

#11 Příspěvek od Beza45 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2017
Ran by Lenovo (17-10-2017 12:38:32)
Running from C:\Users\Lenovo\Downloads
Windows 10 Home Version 1703 170317-1834 (X64) (2017-06-04 10:56:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1132558896-572766911-3905001776-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1132558896-572766911-3905001776-503 - Limited - Disabled)
Guest (S-1-5-21-1132558896-572766911-3905001776-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1132558896-572766911-3905001776-1003 - Limited - Enabled)
Lenovo (S-1-5-21-1132558896-572766911-3905001776-1001 - Administrator - Enabled) => C:\Users\Lenovo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (HKLM\...\{90160000-001F-0427-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (HKLM\...\{90160000-001F-041A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Apowersoft Phone Manager verze 2.7.4 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.7.4 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.0 - Conexant)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (HKLM\...\{90160000-001F-042A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM\...\{90160000-001F-0816-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V Update (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
iCloud (HKLM\...\{7464D896-C63C-412E-8ED3-3261C9F14E21}) (Version: 7.0.1.210 - Apple Inc.)
I-Microsoft Office Proofing Tools 2016 - IsiZulu (HKLM\...\{90160000-001F-0435-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (HKLM\...\{90160000-001F-0491-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instrumente de verificare Microsoft Office 2016 - Română (HKLM\...\{90160000-001F-0418-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4474 - Intel Corporation)
iTunes (HKLM\...\{EB7E0903-21E9-4851-99D3-D7E54B51031C}) (Version: 12.7.0.166 - Apple Inc.)
Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM\...\{90160000-001F-0406-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (HKLM\...\{90160000-001F-0414-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (HKLM\...\{90160000-001F-0814-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\dda9ca0b023f4c56) (Version: 1.6.3.5 - Lenovo)
Malwarebytes verze 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA Ovladače grafiky 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (HKLM\...\{90160000-001F-0424-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Seznam Software (HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Sweet Home 3D version 5.4 (HKLM\...\Sweet Home 3D_is1) (Version: 5.4 - eTeks)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Tony Hawks Pro Skater 4 (HKLM-x32\...\{E0F07676-2C60-4465-A727-20DE3BFCABAC}) (Version: 1.00.0000 - Aspyr Media)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM\...\{90160000-001F-083C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (HKLM\...\{90160000-001F-041C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (HKLM\...\{90160000-001F-0408-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM\...\{90160000-001F-040D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (HKLM\...\{90160000-001F-0429-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-09-18] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-26] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08377332-88F4-4633-A4C5-8B0AF6BEF214} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\81d949c8-00b8-4471-a3d1-8903627361b2 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited)
Task: {0A0047AF-4F8D-4A6B-8616-F9647E9E98A1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e04a41a1-adc5-4bb8-8a9d-16ad494a4543 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited)
Task: {316ACE15-55A1-4EBD-A3C5-D202DBDE9201} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe [2017-10-16] (Adobe Systems Incorporated)
Task: {39E92780-5E2A-413D-93F4-4B1D40AF9E54} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {4A209D84-8D95-48DA-85F9-4A3C2C2978D2} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1132558896-572766911-3905001776-1001 => "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {6EB5E466-14B5-4172-A92A-8371B974958F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-17] (Google Inc.)
Task: {7004A9D8-E8DE-42B3-A385-26FD2DB06490} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-07-14] (Apple Inc.)
Task: {8455D637-16B9-4830-8576-8E90DB3FBAAB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1023c1df-4390-42b8-9d52-1bc3c463b54e => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited)
Task: {84D9477B-7155-4136-BA57-8AB52E061888} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {85645DE4-FFE7-4FF2-A7CA-DB37D93518C7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {9C5FFE7C-042D-46DB-9DB5-4DFF0E999B4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-17] (Google Inc.)
Task: {A3AB654F-F9BA-49A2-8CF5-EDA16FEB48B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {AAB8F439-A26F-4985-950C-B71FA00BFC3C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16] (Adobe Systems Incorporated)
Task: {CA4BAD4C-C352-409C-A4B5-9D3329F638A5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {CCAF1699-53ED-47C9-B403-8C7B9BA49596} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {CE8462D5-C404-4191-92DF-DF5C240E9094} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1d8a414b-e74a-4157-9419-014796857a11 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited)
Task: {EA387123-40A7-41E3-8984-6AA97B7EA575} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-04-21 20:43 - 2017-10-04 13:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-21 20:43 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-06-04 12:32 - 2016-12-29 15:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-06 14:13 - 2017-02-08 13:38 - 000079872 _____ () C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\1861libfoxloader-x64.dll
2016-07-14 05:33 - 2017-05-26 05:11 - 000401840 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 22:59 - 2017-03-20 06:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-22 20:30 - 2017-08-22 20:30 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-22 20:30 - 2017-08-22 20:30 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-04 12:34 - 2010-10-26 12:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2017-09-11 14:45 - 2017-09-11 14:45 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-09-11 14:45 - 2017-09-11 14:45 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2017-10-06 14:13 - 2013-05-16 15:25 - 001062472 _____ () C:\Users\Lenovo\AppData\Roaming\Seznam.cz\szninstall.exe
2017-09-26 18:20 - 2017-09-21 09:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-26 18:20 - 2017-09-21 09:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-10-06 14:13 - 2017-06-14 16:17 - 000466640 _____ () C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-10-06 14:13 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2017-10-06 14:13 - 2015-05-26 13:37 - 000078504 _____ () C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\1861libfoxloader.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-06 14:13 - 2015-05-26 13:38 - 000862888 _____ () C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-10-08 17:55 - 2008-06-20 06:43 - 003330048 _____ () C:\Games\Call of Duty Modern Warfare\iw3mp.exe
2017-10-08 17:56 - 2017-10-09 19:49 - 000202240 _____ () C:\Games\Call of Duty Modern Warfare\mss32.dll
2017-10-08 20:11 - 2017-10-09 19:49 - 003189248 _____ () C:\Users\Lenovo\AppData\Local\CallofDuty4MW\bin\cod4x_017\cod4x_017.dll
2017-10-08 20:11 - 2017-10-09 19:49 - 000138240 _____ () C:\Users\Lenovo\AppData\Local\CallofDuty4MW\bin\cod4x_017\crashrpt1403.dll
2017-10-08 17:56 - 2011-09-06 10:16 - 000956558 _____ () C:\Games\Call of Duty Modern Warfare\pb\pbcl.dll
2017-10-08 18:33 - 2011-09-06 10:16 - 000065536 _____ () C:\Users\Lenovo\AppData\Local\PunkBuster\COD4\pb\pbag.dll
2017-10-08 17:56 - 2011-09-06 10:16 - 000425984 _____ () C:\Games\Call of Duty Modern Warfare\pb\pbsv.dll
2017-10-08 17:56 - 2011-09-06 10:16 - 000956558 _____ () C:\Games\Call of Duty Modern Warfare\pb\pbcls.dll
2017-10-08 17:56 - 2011-09-06 10:16 - 000065536 _____ () C:\Games\Call of Duty Modern Warfare\pb\pbags.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2017-10-16 09:48 - 000000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1132558896-572766911-3905001776-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{D03AB3A5-DEC9-45E7-8DFD-0B66E8CDD1F1}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe
FirewallRules: [TCP Query User{DAACC272-67F2-46E9-BF99-C28161C73260}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe
FirewallRules: [{84C5D18C-E3EE-454D-AF3E-146BF6F8357E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C606EB56-366C-4E54-A390-9DCDB8365F97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{E701136B-C1C6-4923-9DDF-9B8A7FAAE288}C:\games\counter-strike global offensive\csgo.exe] => (Allow) C:\games\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{DB86A700-A35A-4525-A1EE-33AC6B9CE70D}C:\games\counter-strike global offensive\csgo.exe] => (Allow) C:\games\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{6A1713D8-CDE5-41D9-B2D1-BDB3680E88C0}C:\program files (x86)\counter-strike 1.6 omonas\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 omonas\hl.exe
FirewallRules: [TCP Query User{01CF6F65-AA8C-495F-82E1-722FFB484434}C:\program files (x86)\counter-strike 1.6 omonas\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 omonas\hl.exe
FirewallRules: [{7DC9E4CF-3256-4C09-B4F4-F6CCFFE60462}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{71573F1F-0192-4C81-A836-B010AA8DB37B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{A5D8409F-6F09-4DD6-A1AB-7D1D15790ADE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{1985E824-9517-4802-80A5-9E767F3353FE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [UDP Query User{793A197B-3A45-4774-9D23-AE12559C9F88}C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{9F40DD3B-6E43-448B-819B-DBCE7F9E7A12}C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A80A1C98-8314-47D5-94B1-0CB627BC576D}C:\users\lenovo\counter-strike 1.6\hl.exe] => (Allow) C:\users\lenovo\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{3E917922-6154-4010-B76D-B6EC1F8C6FF4}C:\users\lenovo\counter-strike 1.6\hl.exe] => (Allow) C:\users\lenovo\counter-strike 1.6\hl.exe
FirewallRules: [{4FD2B317-36B4-4624-B1DF-45ED00032536}] => (Block) C:\program files (x86)\valve\hl.exe
FirewallRules: [{8460630F-7470-43A8-9B32-7637A4BEBCEE}] => (Block) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{FA388D00-C348-4013-B3BF-F1F6F9D9AAF5}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [TCP Query User{7B6BCB39-488C-44DC-9213-8C79FCD3DBDF}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [{8A507A1F-AEF7-4202-A9E5-3D2817E60757}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F930468A-6646-4DC5-82FD-E38D3EFBE4FD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C7B4579C-55B7-4213-8357-C9945FCE99F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{091410D3-3FAB-44C3-B4DF-23172FE33A83}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{55589A2B-4663-4D23-A28C-E37D70E84E8B}C:\users\lenovo\desktop\quake iii arena (complete)\ioq3ded.x86.exe] => (Allow) C:\users\lenovo\desktop\quake iii arena (complete)\ioq3ded.x86.exe
FirewallRules: [TCP Query User{614568BA-14E3-4223-B768-1D8707D0A399}C:\users\lenovo\desktop\quake iii arena (complete)\ioq3ded.x86.exe] => (Allow) C:\users\lenovo\desktop\quake iii arena (complete)\ioq3ded.x86.exe
FirewallRules: [{604C0C70-6BF5-4898-AD64-3B4F4927FF5B}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe
FirewallRules: [{3B21D088-48AC-4FEF-90CE-547B66163F76}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe
FirewallRules: [{D4F77BF9-869D-4467-8A2A-C1838BAE89A0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [{A4EBDE92-31DA-433E-BABB-302DA6FA2072}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [{646D59FA-530E-4C95-9460-C8F9453E8677}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe
FirewallRules: [{530773B4-F948-4313-91A1-D2A3E8059493}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe
FirewallRules: [{09A7B814-7044-4A29-B0B5-1E8783A9EC32}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7478A816-359B-4335-8D61-91BF3F07DD90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2FAF5DE5-9BAD-4E68-A39E-19C8F15F3E65}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B7D409CE-B7D7-43B8-96B5-1F9A466FE20B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{38B81C8B-A47D-4B8E-907A-7D447F18779A}] => (Allow) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
FirewallRules: [{FF969D2B-44B2-46B4-9FD3-28EE22211557}] => (Allow) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
FirewallRules: [{48A14348-643C-409D-8849-4031176F20E5}] => (Allow) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
FirewallRules: [{AADA1197-EB21-4FEC-9CC9-E202C6A26C7A}] => (Allow) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
FirewallRules: [TCP Query User{F07DDC5A-2C54-47EA-A4BF-E222A2F46FFD}C:\users\lenovo\desktop\quake iii arena (complete)\ioquake3.x86.exe] => (Allow) C:\users\lenovo\desktop\quake iii arena (complete)\ioquake3.x86.exe
FirewallRules: [UDP Query User{C934049C-CBA9-4549-9C60-941217A4AA49}C:\users\lenovo\desktop\quake iii arena (complete)\ioquake3.x86.exe] => (Allow) C:\users\lenovo\desktop\quake iii arena (complete)\ioquake3.x86.exe
FirewallRules: [{495A8F7C-B656-46E8-985B-33FAB372D4FF}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe
FirewallRules: [{2D6625C0-2F25-452B-BB7D-59C8F6C00631}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe
FirewallRules: [{816894F0-1FB6-4E8F-B5B1-9478B8008C74}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{942C00AA-EE5D-43C2-8B14-12B96B03EE67}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{6A60DC3C-7286-4B6F-A248-2467F5166D53}C:\program files (x86)\electronic arts inc\need for speed most wanted\nfs13.exe] => (Allow) C:\program files (x86)\electronic arts inc\need for speed most wanted\nfs13.exe
FirewallRules: [UDP Query User{C910BADA-E967-466B-8069-42C708AD961E}C:\program files (x86)\electronic arts inc\need for speed most wanted\nfs13.exe] => (Allow) C:\program files (x86)\electronic arts inc\need for speed most wanted\nfs13.exe
FirewallRules: [TCP Query User{CC5FBECC-DEC0-4365-AB47-41C0B545C7AE}C:\program files (x86)\aspyr\tony hawks pro skater 4\game\skate4.exe] => (Block) C:\program files (x86)\aspyr\tony hawks pro skater 4\game\skate4.exe
FirewallRules: [UDP Query User{29D034FF-EA43-43A5-BC4F-4C3F3D54CFAD}C:\program files (x86)\aspyr\tony hawks pro skater 4\game\skate4.exe] => (Block) C:\program files (x86)\aspyr\tony hawks pro skater 4\game\skate4.exe
FirewallRules: [TCP Query User{97105C22-EE71-47FD-A6E4-8D4E507A56D6}C:\games\call of duty modern warfare\iw3mp.exe] => (Allow) C:\games\call of duty modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{2F75736B-55D9-4E49-A923-7000CB1542D1}C:\games\call of duty modern warfare\iw3mp.exe] => (Allow) C:\games\call of duty modern warfare\iw3mp.exe
FirewallRules: [{620E983E-ECB9-405A-8043-7C5873F1BBEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{3B455F30-A760-4BE9-8CE4-E4E8E5C1A38F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe

==================== Restore Points =========================

06-10-2017 14:20:15 Installed Tony Hawks Pro Skater 4 Demo
11-10-2017 11:17:43 Windows Update
16-10-2017 10:03:20 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/17/2017 12:36:46 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/16/2017 10:45:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 3.0.0.1169, časové razítko: 0x599723f1
Název chybujícího modulu: ntdll.dll, verze: 10.0.15063.608, časové razítko: 0x802f667e
Kód výjimky: 0xc000000d
Posun chyby: 0x000f507c
ID chybujícího procesu: 0x1670
Čas spuštění chybující aplikace: 0x01d346be975f913c
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: fa7fe6c1-cede-49f5-8da2-4a83cd0024a8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/16/2017 10:27:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.15063.483, časové razítko: 0x88a53c1d
Kód výjimky: 0xc000041d
Posun chyby: 0x00005836
ID chybujícího procesu: 0x2d2c
Čas spuštění chybující aplikace: 0x01d346bd140b454d
Cesta k chybující aplikaci: C:\Users\Lenovo\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 726de37d-7b4f-47ee-ae0e-41f91b0c1d58
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/16/2017 08:03:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1140

Error: (10/16/2017 08:03:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1140

Error: (10/16/2017 08:03:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2017 07:36:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1171

Error: (10/16/2017 07:36:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1171

Error: (10/16/2017 07:36:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2017 07:24:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1157


System errors:
=============
Error: (10/17/2017 12:33:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/17/2017 12:33:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/17/2017 12:33:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (10/17/2017 12:33:43 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS

Error: (10/17/2017 12:33:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (10/17/2017 12:33:41 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (10/16/2017 10:45:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/16/2017 10:40:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/16/2017 10:14:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/16/2017 05:29:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
Date: 2017-10-17 12:38:26.284
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:38:26.281
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:36:32.885
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:36:32.881
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:36:32.028
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:36:32.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:36:27.327
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:36:27.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-16 22:25:33.513
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-16 22:25:33.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 23%
Total physical RAM: 16298.45 MB
Available physical RAM: 12415.83 MB
Total Virtual: 18730.45 MB
Available Virtual: 14189.96 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:891.21 GB) (Free:679.68 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B4574029)

Partition: GPT.

==================== End of Addition.txt ============================

Beza45
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 13 říj 2017 08:42

Re: Chrome zatěžuje procesot

#12 Příspěvek od Beza45 »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-10-2017
Ran by Lenovo (17-10-2017 12:38:32)
Running from C:\Users\Lenovo\Downloads
Windows 10 Home Version 1703 170317-1834 (X64) (2017-06-04 10:56:33)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1132558896-572766911-3905001776-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1132558896-572766911-3905001776-503 - Limited - Disabled)
Guest (S-1-5-21-1132558896-572766911-3905001776-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1132558896-572766911-3905001776-1003 - Limited - Enabled)
Lenovo (S-1-5-21-1132558896-572766911-3905001776-1001 - Administrator - Enabled) => C:\Users\Lenovo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Microsoft Office Proofing Tools 2016“ – lietuvių k. (HKLM\...\{90160000-001F-0427-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (HKLM\...\{90160000-001F-041A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Apowersoft Phone Manager verze 2.7.4 (HKLM-x32\...\{4A00E3C4-2D0F-4AE7-9F2A-74870BE09EF8}_is1) (Version: 2.7.4 - APOWERSOFT LIMITED)
Apple Mobile Device Support (HKLM\...\{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.0 - Conexant)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (HKLM\...\{90160000-001F-042A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM\...\{90160000-001F-0816-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V Update (HKLM-x32\...\R3JhbmRUaGVmdEF1dG9W_is1) (Version: 1 - )
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
iCloud (HKLM\...\{7464D896-C63C-412E-8ED3-3261C9F14E21}) (Version: 7.0.1.210 - Apple Inc.)
I-Microsoft Office Proofing Tools 2016 - IsiZulu (HKLM\...\{90160000-001F-0435-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (HKLM\...\{90160000-001F-0491-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instrumente de verificare Microsoft Office 2016 - Română (HKLM\...\{90160000-001F-0418-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4474 - Intel Corporation)
iTunes (HKLM\...\{EB7E0903-21E9-4851-99D3-D7E54B51031C}) (Version: 12.7.0.166 - Apple Inc.)
Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM\...\{90160000-001F-0406-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (HKLM\...\{90160000-001F-0414-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (HKLM\...\{90160000-001F-0814-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Lenovo Service Bridge (HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\dda9ca0b023f4c56) (Version: 1.6.3.5 - Lenovo)
Malwarebytes verze 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
NVIDIA Ovladače grafiky 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (HKLM\...\{90160000-001F-0424-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 376.54 - NVIDIA Corporation) Hidden
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{D0E45DEC-F4B9-4370-A9DF-66837789C2EF}) (Version: 6.0.2 - Apple Inc.)
PokerStars.cz (HKLM-x32\...\PokerStars.cz) (Version: - PokerStars.cz)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Seznam Software (HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Sweet Home 3D version 5.4 (HKLM\...\Sweet Home 3D_is1) (Version: 5.4 - eTeks)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Tony Hawks Pro Skater 4 (HKLM-x32\...\{E0F07676-2C60-4465-A727-20DE3BFCABAC}) (Version: 1.00.0000 - Aspyr Media)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM\...\{90160000-001F-083C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (HKLM\...\{90160000-001F-041C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (HKLM\...\{90160000-001F-0408-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM\...\{90160000-001F-040D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (HKLM\...\{90160000-001F-0429-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-09-18] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-26] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-12-29] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08377332-88F4-4633-A4C5-8B0AF6BEF214} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\81d949c8-00b8-4471-a3d1-8903627361b2 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited)
Task: {0A0047AF-4F8D-4A6B-8616-F9647E9E98A1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e04a41a1-adc5-4bb8-8a9d-16ad494a4543 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited)
Task: {316ACE15-55A1-4EBD-A3C5-D202DBDE9201} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe [2017-10-16] (Adobe Systems Incorporated)
Task: {39E92780-5E2A-413D-93F4-4B1D40AF9E54} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {4A209D84-8D95-48DA-85F9-4A3C2C2978D2} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1132558896-572766911-3905001776-1001 => "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {6EB5E466-14B5-4172-A92A-8371B974958F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-17] (Google Inc.)
Task: {7004A9D8-E8DE-42B3-A385-26FD2DB06490} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-07-14] (Apple Inc.)
Task: {8455D637-16B9-4830-8576-8E90DB3FBAAB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1023c1df-4390-42b8-9d52-1bc3c463b54e => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited)
Task: {84D9477B-7155-4136-BA57-8AB52E061888} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {85645DE4-FFE7-4FF2-A7CA-DB37D93518C7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {9C5FFE7C-042D-46DB-9DB5-4DFF0E999B4A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-17] (Google Inc.)
Task: {A3AB654F-F9BA-49A2-8CF5-EDA16FEB48B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {AAB8F439-A26F-4985-950C-B71FA00BFC3C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-16] (Adobe Systems Incorporated)
Task: {CA4BAD4C-C352-409C-A4B5-9D3329F638A5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {CCAF1699-53ED-47C9-B403-8C7B9BA49596} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {CE8462D5-C404-4191-92DF-DF5C240E9094} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1d8a414b-e74a-4157-9419-014796857a11 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-09-08] (Lenovo Group Limited)
Task: {EA387123-40A7-41E3-8984-6AA97B7EA575} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-09-01 18:12 - 2016-09-01 18:12 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-04-21 20:43 - 2017-10-04 13:15 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-04-21 20:43 - 2017-10-04 13:15 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-06-04 12:32 - 2016-12-29 15:16 - 000134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-10-06 14:13 - 2017-02-08 13:38 - 000079872 _____ () C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\1861libfoxloader-x64.dll
2016-07-14 05:33 - 2017-05-26 05:11 - 000401840 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-03-18 22:59 - 2017-03-20 06:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-08-22 20:30 - 2017-08-22 20:30 - 000074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-08-22 20:30 - 2017-08-22 20:30 - 000203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-06-04 12:34 - 2010-10-26 12:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2017-09-11 14:45 - 2017-09-11 14:45 - 000092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-09-11 14:45 - 2017-09-11 14:45 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2017-10-06 14:13 - 2013-05-16 15:25 - 001062472 _____ () C:\Users\Lenovo\AppData\Roaming\Seznam.cz\szninstall.exe
2017-09-26 18:20 - 2017-09-21 09:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-26 18:20 - 2017-09-21 09:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-10-06 14:13 - 2017-06-14 16:17 - 000466640 _____ () C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
2017-10-06 14:13 - 2017-02-08 13:39 - 000080576 _____ () C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
2017-10-06 14:13 - 2015-05-26 13:37 - 000078504 _____ () C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\1861libfoxloader.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 000080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-06 14:13 - 2015-05-26 13:38 - 000862888 _____ () C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\lightspeed.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-10-08 17:55 - 2008-06-20 06:43 - 003330048 _____ () C:\Games\Call of Duty Modern Warfare\iw3mp.exe
2017-10-08 17:56 - 2017-10-09 19:49 - 000202240 _____ () C:\Games\Call of Duty Modern Warfare\mss32.dll
2017-10-08 20:11 - 2017-10-09 19:49 - 003189248 _____ () C:\Users\Lenovo\AppData\Local\CallofDuty4MW\bin\cod4x_017\cod4x_017.dll
2017-10-08 20:11 - 2017-10-09 19:49 - 000138240 _____ () C:\Users\Lenovo\AppData\Local\CallofDuty4MW\bin\cod4x_017\crashrpt1403.dll
2017-10-08 17:56 - 2011-09-06 10:16 - 000956558 _____ () C:\Games\Call of Duty Modern Warfare\pb\pbcl.dll
2017-10-08 18:33 - 2011-09-06 10:16 - 000065536 _____ () C:\Users\Lenovo\AppData\Local\PunkBuster\COD4\pb\pbag.dll
2017-10-08 17:56 - 2011-09-06 10:16 - 000425984 _____ () C:\Games\Call of Duty Modern Warfare\pb\pbsv.dll
2017-10-08 17:56 - 2011-09-06 10:16 - 000956558 _____ () C:\Games\Call of Duty Modern Warfare\pb\pbcls.dll
2017-10-08 17:56 - 2011-09-06 10:16 - 000065536 _____ () C:\Games\Call of Duty Modern Warfare\pb\pbags.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2017-10-16 09:48 - 000000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1132558896-572766911-3905001776-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{D03AB3A5-DEC9-45E7-8DFD-0B66E8CDD1F1}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe
FirewallRules: [TCP Query User{DAACC272-67F2-46E9-BF99-C28161C73260}C:\program files (x86)\warzone\csgo warzone\csgo.exe] => (Allow) C:\program files (x86)\warzone\csgo warzone\csgo.exe
FirewallRules: [{84C5D18C-E3EE-454D-AF3E-146BF6F8357E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C606EB56-366C-4E54-A390-9DCDB8365F97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{E701136B-C1C6-4923-9DDF-9B8A7FAAE288}C:\games\counter-strike global offensive\csgo.exe] => (Allow) C:\games\counter-strike global offensive\csgo.exe
FirewallRules: [TCP Query User{DB86A700-A35A-4525-A1EE-33AC6B9CE70D}C:\games\counter-strike global offensive\csgo.exe] => (Allow) C:\games\counter-strike global offensive\csgo.exe
FirewallRules: [UDP Query User{6A1713D8-CDE5-41D9-B2D1-BDB3680E88C0}C:\program files (x86)\counter-strike 1.6 omonas\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 omonas\hl.exe
FirewallRules: [TCP Query User{01CF6F65-AA8C-495F-82E1-722FFB484434}C:\program files (x86)\counter-strike 1.6 omonas\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6 omonas\hl.exe
FirewallRules: [{7DC9E4CF-3256-4C09-B4F4-F6CCFFE60462}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{71573F1F-0192-4C81-A836-B010AA8DB37B}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe
FirewallRules: [{A5D8409F-6F09-4DD6-A1AB-7D1D15790ADE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [{1985E824-9517-4802-80A5-9E767F3353FE}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe
FirewallRules: [UDP Query User{793A197B-3A45-4774-9D23-AE12559C9F88}C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{9F40DD3B-6E43-448B-819B-DBCE7F9E7A12}C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\lenovo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A80A1C98-8314-47D5-94B1-0CB627BC576D}C:\users\lenovo\counter-strike 1.6\hl.exe] => (Allow) C:\users\lenovo\counter-strike 1.6\hl.exe
FirewallRules: [TCP Query User{3E917922-6154-4010-B76D-B6EC1F8C6FF4}C:\users\lenovo\counter-strike 1.6\hl.exe] => (Allow) C:\users\lenovo\counter-strike 1.6\hl.exe
FirewallRules: [{4FD2B317-36B4-4624-B1DF-45ED00032536}] => (Block) C:\program files (x86)\valve\hl.exe
FirewallRules: [{8460630F-7470-43A8-9B32-7637A4BEBCEE}] => (Block) C:\program files (x86)\valve\hl.exe
FirewallRules: [UDP Query User{FA388D00-C348-4013-B3BF-F1F6F9D9AAF5}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [TCP Query User{7B6BCB39-488C-44DC-9213-8C79FCD3DBDF}C:\program files (x86)\valve\hl.exe] => (Allow) C:\program files (x86)\valve\hl.exe
FirewallRules: [{8A507A1F-AEF7-4202-A9E5-3D2817E60757}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F930468A-6646-4DC5-82FD-E38D3EFBE4FD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C7B4579C-55B7-4213-8357-C9945FCE99F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{091410D3-3FAB-44C3-B4DF-23172FE33A83}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{55589A2B-4663-4D23-A28C-E37D70E84E8B}C:\users\lenovo\desktop\quake iii arena (complete)\ioq3ded.x86.exe] => (Allow) C:\users\lenovo\desktop\quake iii arena (complete)\ioq3ded.x86.exe
FirewallRules: [TCP Query User{614568BA-14E3-4223-B768-1D8707D0A399}C:\users\lenovo\desktop\quake iii arena (complete)\ioq3ded.x86.exe] => (Allow) C:\users\lenovo\desktop\quake iii arena (complete)\ioq3ded.x86.exe
FirewallRules: [{604C0C70-6BF5-4898-AD64-3B4F4927FF5B}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe
FirewallRules: [{3B21D088-48AC-4FEF-90CE-547B66163F76}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe
FirewallRules: [{D4F77BF9-869D-4467-8A2A-C1838BAE89A0}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [{A4EBDE92-31DA-433E-BABB-302DA6FA2072}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\ApowersoftAndroidDaemon.exe
FirewallRules: [{646D59FA-530E-4C95-9460-C8F9453E8677}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe
FirewallRules: [{530773B4-F948-4313-91A1-D2A3E8059493}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Phone Manager\Apowersoft Phone Manager.exe
FirewallRules: [{09A7B814-7044-4A29-B0B5-1E8783A9EC32}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7478A816-359B-4335-8D61-91BF3F07DD90}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2FAF5DE5-9BAD-4E68-A39E-19C8F15F3E65}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B7D409CE-B7D7-43B8-96B5-1F9A466FE20B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{38B81C8B-A47D-4B8E-907A-7D447F18779A}] => (Allow) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
FirewallRules: [{FF969D2B-44B2-46B4-9FD3-28EE22211557}] => (Allow) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
FirewallRules: [{48A14348-643C-409D-8849-4031176F20E5}] => (Allow) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
FirewallRules: [{AADA1197-EB21-4FEC-9CC9-E202C6A26C7A}] => (Allow) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
FirewallRules: [TCP Query User{F07DDC5A-2C54-47EA-A4BF-E222A2F46FFD}C:\users\lenovo\desktop\quake iii arena (complete)\ioquake3.x86.exe] => (Allow) C:\users\lenovo\desktop\quake iii arena (complete)\ioquake3.x86.exe
FirewallRules: [UDP Query User{C934049C-CBA9-4549-9C60-941217A4AA49}C:\users\lenovo\desktop\quake iii arena (complete)\ioquake3.x86.exe] => (Allow) C:\users\lenovo\desktop\quake iii arena (complete)\ioquake3.x86.exe
FirewallRules: [{495A8F7C-B656-46E8-985B-33FAB372D4FF}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe
FirewallRules: [{2D6625C0-2F25-452B-BB7D-59C8F6C00631}] => (Allow) C:\Program Files (x86)\Grand Theft Auto V\GTA5.exe
FirewallRules: [{816894F0-1FB6-4E8F-B5B1-9478B8008C74}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{942C00AA-EE5D-43C2-8B14-12B96B03EE67}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{6A60DC3C-7286-4B6F-A248-2467F5166D53}C:\program files (x86)\electronic arts inc\need for speed most wanted\nfs13.exe] => (Allow) C:\program files (x86)\electronic arts inc\need for speed most wanted\nfs13.exe
FirewallRules: [UDP Query User{C910BADA-E967-466B-8069-42C708AD961E}C:\program files (x86)\electronic arts inc\need for speed most wanted\nfs13.exe] => (Allow) C:\program files (x86)\electronic arts inc\need for speed most wanted\nfs13.exe
FirewallRules: [TCP Query User{CC5FBECC-DEC0-4365-AB47-41C0B545C7AE}C:\program files (x86)\aspyr\tony hawks pro skater 4\game\skate4.exe] => (Block) C:\program files (x86)\aspyr\tony hawks pro skater 4\game\skate4.exe
FirewallRules: [UDP Query User{29D034FF-EA43-43A5-BC4F-4C3F3D54CFAD}C:\program files (x86)\aspyr\tony hawks pro skater 4\game\skate4.exe] => (Block) C:\program files (x86)\aspyr\tony hawks pro skater 4\game\skate4.exe
FirewallRules: [TCP Query User{97105C22-EE71-47FD-A6E4-8D4E507A56D6}C:\games\call of duty modern warfare\iw3mp.exe] => (Allow) C:\games\call of duty modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{2F75736B-55D9-4E49-A923-7000CB1542D1}C:\games\call of duty modern warfare\iw3mp.exe] => (Allow) C:\games\call of duty modern warfare\iw3mp.exe
FirewallRules: [{620E983E-ECB9-405A-8043-7C5873F1BBEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{3B455F30-A760-4BE9-8CE4-E4E8E5C1A38F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe

==================== Restore Points =========================

06-10-2017 14:20:15 Installed Tony Hawks Pro Skater 4 Demo
11-10-2017 11:17:43 Windows Update
16-10-2017 10:03:20 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/17/2017 12:36:46 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/16/2017 10:45:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbam.exe, verze: 3.0.0.1169, časové razítko: 0x599723f1
Název chybujícího modulu: ntdll.dll, verze: 10.0.15063.608, časové razítko: 0x802f667e
Kód výjimky: 0xc000000d
Posun chyby: 0x000f507c
ID chybujícího procesu: 0x1670
Čas spuštění chybující aplikace: 0x01d346be975f913c
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: fa7fe6c1-cede-49f5-8da2-4a83cd0024a8
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/16/2017 10:27:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 2.2.1.25534, časové razítko: 0x4e4594ce
Název chybujícího modulu: GDI32.dll, verze: 10.0.15063.483, časové razítko: 0x88a53c1d
Kód výjimky: 0xc000041d
Posun chyby: 0x00005836
ID chybujícího procesu: 0x2d2c
Čas spuštění chybující aplikace: 0x01d346bd140b454d
Cesta k chybující aplikaci: C:\Users\Lenovo\AppData\Roaming\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\GDI32.dll
ID zprávy: 726de37d-7b4f-47ee-ae0e-41f91b0c1d58
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/16/2017 08:03:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1140

Error: (10/16/2017 08:03:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1140

Error: (10/16/2017 08:03:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2017 07:36:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1171

Error: (10/16/2017 07:36:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1171

Error: (10/16/2017 07:36:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/16/2017 07:24:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1157


System errors:
=============
Error: (10/17/2017 12:33:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/17/2017 12:33:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/17/2017 12:33:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba SecDrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (10/17/2017 12:33:43 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\WINDOWS\SysWow64\drivers\SECDRV.SYS

Error: (10/17/2017 12:33:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.

Error: (10/17/2017 12:33:41 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: Nepodařilo se zavést knihovnu DLL oznámení o heslech "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" kvůli chybě 126. Ověřte, zda cesta ke knihovně DLL oznámení definovaná v registru (HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages) odkazuje na správnou absolutní cestu (<jednotka>:\<cesta>\<název_souboru>.<přípona>). Pokud je cesta ke knihovně DLL správná, ověřte, zda jsou ve stejném adresáři umístěny všechny podpůrné soubory a zda má systémový účet přístup pro čtení k cestě knihovny DLL i všem podpůrným souborům. O další podporu můžete požádat poskytovatele knihovny DLL oznámení. Podrobnější informace najdete na adrese http://go.microsoft.com/fwlink/?LinkId=245898.

Error: (10/16/2017 10:45:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/16/2017 10:40:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/16/2017 10:14:11 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/16/2017 05:29:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================
Date: 2017-10-17 12:38:26.284
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:38:26.281
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:36:32.885
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:36:32.881
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:36:32.028
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:36:32.026
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:36:27.327
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-17 12:36:27.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-16 22:25:33.513
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2017-10-16 22:25:33.510
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 23%
Total physical RAM: 16298.45 MB
Available physical RAM: 12415.83 MB
Total Virtual: 18730.45 MB
Available Virtual: 14189.96 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:891.21 GB) (Free:679.68 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B4574029)

Partition: GPT.

==================== End of Addition.txt ============================

Beza45
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 13 říj 2017 08:42

Re: Chrome zatěžuje procesot

#13 Příspěvek od Beza45 »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2017
Ran by Lenovo (administrator) on HONZA (17-10-2017 12:37:04)
Running from C:\Users\Lenovo\Downloads
Loaded Profiles: Lenovo (Available Profiles: Lenovo)
Platform: Windows 10 Home Version 1703 170317-1834 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Lenovo\AppData\Roaming\Seznam.cz\szninstall.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo) C:\Users\Lenovo\AppData\Local\Apps\2.0\GYAGHXAL.1RO\CML23P9Q.TWN\lsb...tion_2d7b41b05b24775e_0001.0006_6c5982beb50abfca\LSB.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5166872 2016-07-13] (Realtek semiconductor)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1795912 2015-07-23] (NVIDIA Corporation)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297784 2017-09-11] (Apple Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2017-02-07] (Disc Soft Ltd)
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-09-18] (Apple Inc.)
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2017-09-18] (Apple Inc.)
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-09-18] (Apple Inc.)
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-09-18] (Apple Inc.)
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Lenovo\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Lenovo\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074336 2017-10-05] (Valve Corporation)
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\MountPoints2: {1b11c754-ff15-11e6-b935-68f728d02113} - "G:\PlayDiskStart.exe"
HKU\S-1-5-21-1132558896-572766911-3905001776-1001\...\MountPoints2: {db24f492-fd96-11e6-b931-68f728d02113} - "F:\PlayDiskStart.exe"
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5a4e4275-25bd-4901-9681-86e4aeaa0452}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{77946e71-218f-4e6a-b089-65851bd7a9a3}: [NameServer] 10.0.0.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1132558896-572766911-3905001776-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2017-10-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-16]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-09-07] (Apple Inc.)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2017-02-07] (Disc Soft Ltd)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373680 2017-05-26] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [68416 2017-09-08] (Lenovo Group Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-06-01] (Synaptics Incorporated)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [79120 2016-03-03] (Advanced Micro Devices, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-02-28] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-10-23] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-04] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-10-16] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-10-17] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-10-17] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-10-17] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-10-17] (Malwarebytes)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3528976 2016-06-14] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_dc8ffafad3ea7ddd\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3127576 2016-07-13] (Realtek Semiconductor Corp.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11376 2017-07-26] () [File not signed]
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-17 12:37 - 2017-10-17 12:37 - 000017048 _____ C:\Users\Lenovo\Downloads\FRST.txt
2017-10-17 12:36 - 2017-10-17 12:37 - 000000000 ____D C:\FRST
2017-10-17 12:36 - 2017-10-17 12:36 - 002401792 _____ (Farbar) C:\Users\Lenovo\Downloads\FRST64.exe
2017-10-16 22:27 - 2017-10-16 22:27 - 000000000 ____D C:\Users\Lenovo\AppData\Local\DBG
2017-10-16 22:26 - 2017-10-16 22:26 - 000040213 _____ C:\Users\Lenovo\Downloads\Malwarebytes Premium 3.2.0.1959 Beta + Keygen .puma.torrent
2017-10-16 22:20 - 2017-10-16 22:20 - 000003128 _____ C:\Users\Lenovo\Downloads\license.conf
2017-10-16 22:20 - 2017-10-16 22:20 - 000003128 _____ C:\Users\Lenovo\Downloads\license (1).conf
2017-10-16 22:16 - 2017-10-17 12:34 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-10-16 22:16 - 2017-10-17 12:34 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-10-16 22:16 - 2017-10-17 12:34 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-10-16 22:16 - 2017-10-16 22:16 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-10-16 22:16 - 2017-10-16 22:16 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-10-16 13:39 - 2017-10-16 13:39 - 000000000 ____D C:\Users\Lenovo\AppData\Local\NetworkTiles
2017-10-16 10:02 - 2017-10-16 10:03 - 001790024 _____ (Malwarebytes) C:\Users\Lenovo\Downloads\JRT.exe
2017-10-16 10:01 - 2017-10-16 10:01 - 000000000 ___HD C:\OneDriveTemp
2017-10-16 09:59 - 2017-10-16 09:47 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2017-10-16 09:40 - 2017-10-16 09:58 - 000000000 ____D C:\zoek_backup
2017-10-16 09:40 - 2017-10-16 09:40 - 001309184 _____ C:\Users\Lenovo\Downloads\zoek.exe
2017-10-15 14:12 - 2017-10-15 14:30 - 000000000 ____D C:\Users\Lenovo\Desktop\sítě
2017-10-11 11:22 - 2017-10-11 11:22 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-11 11:16 - 2017-09-30 04:29 - 000804784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-10-11 11:16 - 2017-09-30 04:10 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-10-11 11:16 - 2017-09-30 04:10 - 000606072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-10-11 11:16 - 2017-09-30 04:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-10-11 11:16 - 2017-09-30 04:09 - 000787712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-10-11 11:16 - 2017-09-30 04:05 - 005827744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-10-11 11:16 - 2017-09-30 04:05 - 001266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-11 11:16 - 2017-09-30 04:05 - 000750488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-10-11 11:16 - 2017-09-30 04:05 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-10-11 11:16 - 2017-09-30 04:04 - 004215184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-10-11 11:16 - 2017-09-30 04:04 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-10-11 11:16 - 2017-09-30 04:04 - 000438096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-10-11 11:16 - 2017-09-30 04:04 - 000347544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-11 11:16 - 2017-09-30 04:04 - 000182680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-10-11 11:16 - 2017-09-29 09:45 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-10-11 11:16 - 2017-09-29 09:43 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-10-11 11:16 - 2017-09-29 09:41 - 013844992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-10-11 11:16 - 2017-09-29 09:40 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-10-11 11:16 - 2017-09-29 09:39 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-10-11 11:16 - 2017-09-29 09:38 - 005721600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-10-11 11:16 - 2017-09-29 09:38 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-10-11 11:16 - 2017-09-29 09:38 - 000308224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-11 11:16 - 2017-09-29 09:37 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2017-10-11 11:16 - 2017-09-29 09:34 - 000798720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-10-11 11:16 - 2017-09-29 09:33 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-10-11 11:16 - 2017-09-29 09:33 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-10-11 11:16 - 2017-09-29 09:32 - 002782720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-10-11 11:16 - 2017-09-29 09:29 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpchttp.dll
2017-10-11 11:16 - 2017-09-29 09:24 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-10-11 11:15 - 2017-09-30 07:52 - 001595152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-11 11:15 - 2017-09-30 07:51 - 001458320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-11 11:15 - 2017-09-30 07:51 - 001147288 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-11 11:15 - 2017-09-30 07:51 - 000661224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-11 11:15 - 2017-09-30 07:50 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-10-11 11:15 - 2017-09-30 07:50 - 001068208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-10-11 11:15 - 2017-09-30 07:50 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-11 11:15 - 2017-09-30 07:49 - 001004136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-10-11 11:15 - 2017-09-30 07:49 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-10-11 11:15 - 2017-09-30 07:49 - 000135576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-11 11:15 - 2017-09-30 07:48 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-10-11 11:15 - 2017-09-30 07:48 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-10-11 11:15 - 2017-09-30 07:48 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-10-11 11:15 - 2017-09-30 07:48 - 000644696 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2017-10-11 11:15 - 2017-09-30 07:47 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-10-11 11:15 - 2017-09-30 07:47 - 001194792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2017-10-11 11:15 - 2017-09-30 07:45 - 000511896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2017-10-11 11:15 - 2017-09-30 07:44 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-10-11 11:15 - 2017-09-30 07:44 - 000181912 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-11 11:15 - 2017-09-30 07:43 - 007318888 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-10-11 11:15 - 2017-09-30 07:43 - 002442136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-10-11 11:15 - 2017-09-30 07:42 - 004848952 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-10-11 11:15 - 2017-09-30 07:42 - 001506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-11 11:15 - 2017-09-30 07:42 - 000820120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-10-11 11:15 - 2017-09-30 07:41 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-10-11 11:15 - 2017-09-30 07:41 - 005304496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-10-11 11:15 - 2017-09-30 07:41 - 002086808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-10-11 11:15 - 2017-09-30 07:41 - 000961944 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-10-11 11:15 - 2017-09-30 07:41 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-10-11 11:15 - 2017-09-30 07:41 - 000651672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-10-11 11:15 - 2017-09-30 07:41 - 000259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-10-11 11:15 - 2017-09-30 07:41 - 000257432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-10-11 11:15 - 2017-09-30 07:41 - 000228248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-11 11:15 - 2017-09-30 07:40 - 000724704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-10-11 11:15 - 2017-09-30 07:40 - 000642680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-11 11:15 - 2017-09-30 07:40 - 000558912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-10-11 11:15 - 2017-09-30 07:40 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-11 11:15 - 2017-09-30 07:40 - 000336320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-10-11 11:15 - 2017-09-30 07:40 - 000184728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2017-10-11 11:15 - 2017-09-30 07:40 - 000173976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2017-10-11 11:15 - 2017-09-30 07:40 - 000072944 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2017-10-11 11:15 - 2017-09-30 07:39 - 021351760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-10-11 11:15 - 2017-09-30 07:39 - 000203672 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-10-11 11:15 - 2017-09-30 07:38 - 007910072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-10-11 11:15 - 2017-09-30 07:38 - 002239136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-10-11 11:15 - 2017-09-30 07:36 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-10-11 11:15 - 2017-09-30 07:36 - 000057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-10-11 11:15 - 2017-09-30 04:29 - 001408536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-11 11:15 - 2017-09-30 04:26 - 001333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-11 11:15 - 2017-09-30 04:26 - 001292872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-10-11 11:15 - 2017-09-30 04:10 - 001150776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-10-11 11:15 - 2017-09-30 04:10 - 000508344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-11 11:15 - 2017-09-30 04:10 - 000480920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2017-10-11 11:15 - 2017-09-30 04:06 - 004471368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-10-11 11:15 - 2017-09-30 04:05 - 002603744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2017-10-11 11:15 - 2017-09-30 04:04 - 000612120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-10-11 11:15 - 2017-09-30 04:03 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-10-11 11:15 - 2017-09-30 04:03 - 006768288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-11 11:15 - 2017-09-30 04:03 - 001439032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-10-11 11:15 - 2017-09-30 04:02 - 000175512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-10-11 11:15 - 2017-09-30 04:01 - 000124544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-11 11:15 - 2017-09-29 09:46 - 023678976 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-10-11 11:15 - 2017-09-29 09:44 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-11 11:15 - 2017-09-29 09:43 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-10-11 11:15 - 2017-09-29 09:43 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-10-11 11:15 - 2017-09-29 09:42 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mgmtapi.dll
2017-10-11 11:15 - 2017-09-29 09:41 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2017-10-11 11:15 - 2017-09-29 09:40 - 006728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-10-11 11:15 - 2017-09-29 09:40 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-10-11 11:15 - 2017-09-29 09:39 - 020511232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-10-11 11:15 - 2017-09-29 09:39 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-10-11 11:15 - 2017-09-29 09:38 - 001135616 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2017-10-11 11:15 - 2017-09-29 09:38 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-11 11:15 - 2017-09-29 09:38 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2017-10-11 11:15 - 2017-09-29 09:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-11 11:15 - 2017-09-29 09:38 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-10-11 11:15 - 2017-09-29 09:37 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-10-11 11:15 - 2017-09-29 09:36 - 019337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-10-11 11:15 - 2017-09-29 09:36 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-10-11 11:15 - 2017-09-29 09:35 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-10-11 11:15 - 2017-09-29 09:34 - 017370624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-10-11 11:15 - 2017-09-29 09:34 - 006255616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-10-11 11:15 - 2017-09-29 09:34 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-10-11 11:15 - 2017-09-29 09:34 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-11 11:15 - 2017-09-29 09:34 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-10-11 11:15 - 2017-09-29 09:34 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-10-11 11:15 - 2017-09-29 09:33 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-10-11 11:15 - 2017-09-29 09:33 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-10-11 11:15 - 2017-09-29 09:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-11 11:15 - 2017-09-29 09:32 - 002340864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-10-11 11:15 - 2017-09-29 09:32 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-10-11 11:15 - 2017-09-29 09:32 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-11 11:15 - 2017-09-29 09:32 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-10-11 11:15 - 2017-09-29 09:32 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-10-11 11:15 - 2017-09-29 09:32 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-10-11 11:15 - 2017-09-29 09:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-10-11 11:15 - 2017-09-29 09:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-10-11 11:15 - 2017-09-29 09:32 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-11 11:15 - 2017-09-29 09:32 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-11 11:15 - 2017-09-29 09:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mgmtapi.dll
2017-10-11 11:15 - 2017-09-29 09:31 - 003107328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-10-11 11:15 - 2017-09-29 09:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-10-11 11:15 - 2017-09-29 09:31 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-10-11 11:15 - 2017-09-29 09:31 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-10-11 11:15 - 2017-09-29 09:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2017-10-11 11:15 - 2017-09-29 09:31 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-10-11 11:15 - 2017-09-29 09:30 - 023686144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-10-11 11:15 - 2017-09-29 09:30 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-10-11 11:15 - 2017-09-29 09:30 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-10-11 11:15 - 2017-09-29 09:30 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2017-10-11 11:15 - 2017-09-29 09:30 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-10-11 11:15 - 2017-09-29 09:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-11 11:15 - 2017-09-29 09:29 - 008333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-10-11 11:15 - 2017-09-29 09:29 - 001460736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-10-11 11:15 - 2017-09-29 09:29 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-10-11 11:15 - 2017-09-29 09:29 - 000724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-10-11 11:15 - 2017-09-29 09:29 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-11 11:15 - 2017-09-29 09:29 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-11 11:15 - 2017-09-29 09:29 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-10-11 11:15 - 2017-09-29 09:29 - 000304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-10-11 11:15 - 2017-09-29 09:29 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-10-11 11:15 - 2017-09-29 09:29 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-10-11 11:15 - 2017-09-29 09:29 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ServiceWorkerHost.exe
2017-10-11 11:15 - 2017-09-29 09:28 - 000699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-10-11 11:15 - 2017-09-29 09:28 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-10-11 11:15 - 2017-09-29 09:28 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-11 11:15 - 2017-09-29 09:28 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-10-11 11:15 - 2017-09-29 09:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-10-11 11:15 - 2017-09-29 09:28 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-11 11:15 - 2017-09-29 09:28 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2017-10-11 11:15 - 2017-09-29 09:28 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-10-11 11:15 - 2017-09-29 09:28 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-10-11 11:15 - 2017-09-29 09:28 - 000104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2017-10-11 11:15 - 2017-09-29 09:28 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cipher.exe
2017-10-11 11:15 - 2017-09-29 09:27 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-10-11 11:15 - 2017-09-29 09:27 - 001321984 ____R (The ICU Project) C:\WINDOWS\system32\icuuc.dll
2017-10-11 11:15 - 2017-09-29 09:27 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-10-11 11:15 - 2017-09-29 09:27 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2017-10-11 11:15 - 2017-09-29 09:27 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-11 11:15 - 2017-09-29 09:27 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-10-11 11:15 - 2017-09-29 09:27 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-10-11 11:15 - 2017-09-29 09:27 - 000409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-11 11:15 - 2017-09-29 09:27 - 000350720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-10-11 11:15 - 2017-09-29 09:26 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-10-11 11:15 - 2017-09-29 09:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-10-11 11:15 - 2017-09-29 09:26 - 001468928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-10-11 11:15 - 2017-09-29 09:26 - 001269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-10-11 11:15 - 2017-09-29 09:26 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-10-11 11:15 - 2017-09-29 09:26 - 000356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2017-10-11 11:15 - 2017-09-29 09:26 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2017-10-11 11:15 - 2017-09-29 09:25 - 008199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-10-11 11:15 - 2017-09-29 09:25 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-11 11:15 - 2017-09-29 09:25 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-10-11 11:15 - 2017-09-29 09:25 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-10-11 11:15 - 2017-09-29 09:24 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-11 11:15 - 2017-09-29 09:24 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-10-11 11:15 - 2017-09-29 09:24 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-10-11 11:15 - 2017-09-29 09:24 - 001628672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-10-11 11:15 - 2017-09-29 09:24 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-10-11 11:15 - 2017-09-29 09:24 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 003140096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 002730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-10-11 11:15 - 2017-09-29 09:23 - 002446336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-10-11 11:15 - 2017-09-29 09:23 - 001887744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 001398784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-10-11 11:15 - 2017-09-29 09:23 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-10-11 11:15 - 2017-09-29 09:22 - 002829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-10-11 11:15 - 2017-09-29 09:22 - 001802240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-11 11:15 - 2017-09-29 09:22 - 001438208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-10-11 11:15 - 2017-09-29 09:22 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-10-11 11:15 - 2017-09-29 09:21 - 003304448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-10-11 11:15 - 2017-09-29 09:21 - 000722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-11 11:15 - 2017-09-29 09:21 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-10-11 11:15 - 2017-09-29 09:21 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-11 11:15 - 2017-09-29 09:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-10-11 11:15 - 2017-09-29 09:21 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\regsvc.dll
2017-10-11 11:15 - 2017-09-29 09:21 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2017-10-11 11:15 - 2017-09-29 09:21 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-10-11 11:15 - 2017-09-29 09:20 - 001811456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-10-11 11:15 - 2017-09-29 09:20 - 000804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-10-11 11:15 - 2017-09-29 09:20 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2017-10-11 11:15 - 2017-09-29 09:20 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-11 11:15 - 2017-09-29 09:20 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2017-10-11 11:15 - 2017-09-29 09:20 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiexe.dll
2017-10-11 11:15 - 2017-09-29 09:19 - 002088448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-10-11 11:15 - 2017-09-29 09:19 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-10-11 11:15 - 2017-09-29 09:19 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2017-10-11 11:15 - 2017-09-29 09:19 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-10-11 11:15 - 2017-09-29 09:18 - 002438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-10-11 11:15 - 2017-09-29 09:18 - 001527296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-10-11 11:15 - 2017-09-29 09:18 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-10-11 11:15 - 2017-09-29 09:18 - 000603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-10-11 11:15 - 2017-09-29 09:18 - 000347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2017-10-11 11:15 - 2017-09-29 09:18 - 000215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\manage-bde.exe
2017-10-11 11:15 - 2017-09-29 09:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2017-10-11 11:15 - 2017-09-29 09:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2017-10-11 11:15 - 2017-09-29 09:18 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\cipher.exe
2017-10-11 11:15 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\SysWOW64\locale.nls
2017-10-11 11:15 - 2017-09-29 07:40 - 000804312 _____ C:\WINDOWS\system32\locale.nls
2017-10-11 11:15 - 2017-09-20 17:08 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-11 11:15 - 2017-09-20 17:08 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-10-11 11:15 - 2017-09-20 17:08 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-11 11:15 - 2017-09-19 01:20 - 001065104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-10-11 11:15 - 2017-09-19 01:20 - 000900376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-10-11 11:15 - 2017-09-19 01:18 - 000965024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-10-11 11:15 - 2017-09-19 01:17 - 001395664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-10-11 11:15 - 2017-09-19 01:17 - 001186464 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-10-11 11:15 - 2017-09-19 01:17 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-10-11 11:15 - 2017-09-19 01:11 - 001018272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-10-11 11:15 - 2017-09-19 01:09 - 000554400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-10-11 11:15 - 2017-09-19 00:26 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2017-10-11 11:15 - 2017-09-19 00:25 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\eShims.dll
2017-10-11 11:15 - 2017-09-19 00:23 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2017-10-11 11:15 - 2017-09-19 00:20 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-10-11 11:15 - 2017-09-19 00:20 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2017-10-11 11:15 - 2017-09-19 00:15 - 000648704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-10-11 11:05 - 2017-10-11 11:05 - 000498449 _____ C:\Users\Lenovo\Downloads\SpinTires - čeština by studna261.zip
2017-10-10 16:01 - 2017-10-10 16:02 - 032476891 _____ C:\Users\Lenovo\Downloads\Karta_Krot_v.1 (1).rar
2017-10-10 15:06 - 2017-10-10 15:08 - 034704843 _____ C:\Users\Lenovo\Downloads\mapy-spintires.zip
2017-10-09 18:58 - 2017-10-11 11:06 - 000001665 _____ C:\Users\Lenovo\Desktop\Play Spintires.lnk
2017-10-09 18:32 - 2017-10-09 18:49 - 681233959 _____ C:\Users\Lenovo\Downloads\Spintires-03.03.16.exe
2017-10-08 23:27 - 2017-10-09 01:20 - 2094395508 _____ C:\Users\Lenovo\Downloads\Rychle a zběsile 7 (CZ-Dub)-SPR4T3KK.avi
2017-10-08 23:26 - 2017-10-09 01:11 - 1928093403 _____ C:\Users\Lenovo\Downloads\Rychle a zběsile 6 (CZ-Dub)-SPR4T3KK.mkv
2017-10-08 21:12 - 2017-10-08 22:14 - 538620472 _____ C:\Users\Lenovo\[RePack] Full version Game - by FGrL [4,8 GB Compressed].zip
2017-10-08 21:10 - 2017-10-08 21:10 - 000034855 _____ C:\Users\Lenovo\Downloads\Spintires-MudRunner.torrent
2017-10-08 21:04 - 2017-10-08 21:04 - 000000222 _____ C:\Users\Lenovo\Desktop\Stronghold Crusader 2.url
2017-10-08 20:46 - 2017-10-17 00:32 - 000000000 ____D C:\Program Files (x86)\Steam
2017-10-08 20:46 - 2017-10-08 20:46 - 000001043 _____ C:\Users\Public\Desktop\Steam.lnk
2017-10-08 20:46 - 2017-10-08 20:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-10-08 20:45 - 2017-10-08 20:45 - 001446792 _____ C:\Users\Lenovo\Downloads\SteamSetup.exe
2017-10-08 20:11 - 2017-10-08 20:11 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CrashRpt
2017-10-08 20:11 - 2017-10-08 20:11 - 000000000 ____D C:\Users\Lenovo\AppData\Local\CallofDuty4MW
2017-10-08 18:34 - 2017-10-08 18:35 - 124203985 _____ C:\Users\Lenovo\Downloads\cod4-cz.zip
2017-10-08 18:33 - 2017-10-08 18:33 - 000000000 ____D C:\Users\Lenovo\AppData\Local\PunkBuster
2017-10-08 17:57 - 2017-10-08 17:57 - 000001802 _____ C:\Users\Lenovo\Desktop\Play COD4 SinglePlayer.lnk
2017-10-08 17:57 - 2017-10-08 17:57 - 000001802 _____ C:\Users\Lenovo\Desktop\Play COD4 MultiPlayer.lnk
2017-10-08 11:08 - 2017-10-08 12:12 - 1654502460 _____ C:\Users\Lenovo\Downloads\-Oceanofgames.com-Call_of_Duty4_Modern_Warfare.zip
2017-10-07 23:06 - 2017-10-07 23:06 - 000022667 _____ C:\Users\Lenovo\Downloads\Call Of Duty 4 - Modern Warfare (CZ EDITION) tORRENT2007_.torrent
2017-10-07 23:05 - 2017-10-07 23:05 - 000019293 _____ C:\Users\Lenovo\Downloads\Call of Duty 4 - Modern Warfare.torrent
2017-10-07 23:04 - 2017-10-07 23:04 - 000019905 _____ C:\Users\Lenovo\Downloads\Call of Duty 4 Modern Warfare + Crack.iso.torrent
2017-10-07 23:03 - 2017-10-07 23:20 - 1473748992 _____ C:\Users\Lenovo\Downloads\call-of-duty-4-modern-warfare.exe
2017-10-06 22:59 - 2017-10-06 22:59 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_iMDriver_01_11_00.Wdf
2017-10-06 22:58 - 2017-10-06 22:58 - 000000000 ____D C:\Program Files\Lenovo
2017-10-06 22:58 - 2017-10-06 22:58 - 000000000 ____D C:\Program Files (x86)\Lenovo
2017-10-06 22:58 - 2017-09-08 03:57 - 002365296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2017-10-06 22:58 - 2017-09-08 03:57 - 000103744 _____ (Lenovo Group Limited.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2017-10-06 22:58 - 2017-09-08 03:57 - 000039744 _____ (Lenovo Group Limited) C:\WINDOWS\system32\ImController.InfInstaller.exe
2017-10-06 15:50 - 2017-10-06 15:50 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2017-10-06 15:50 - 2017-10-06 15:50 - 000000000 ____D C:\Program Files (x86)\GameSpy Arcade
2017-10-06 15:49 - 2017-10-06 15:49 - 000002085 _____ C:\Users\Public\Desktop\Tony Hawks Pro Skater 4.lnk
2017-10-06 15:49 - 2017-10-06 15:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspyr
2017-10-06 15:49 - 2017-10-06 15:49 - 000000000 ____D C:\Program Files (x86)\Aspyr
2017-10-06 15:46 - 2017-10-06 15:46 - 000000000 ____D C:\Users\Lenovo\Desktop\Tony Hawk Pro Skater 4
2017-10-06 14:19 - 2017-10-06 14:19 - 000000000 ____D C:\Users\Lenovo\Desktop\toy
2017-10-06 14:17 - 2017-10-06 14:18 - 147634852 _____ C:\Users\Lenovo\Downloads\tony-hawks-pro-skater-4_ProSkater4 (1).exe
2017-10-06 14:13 - 2017-10-06 14:13 - 000000000 ____D C:\Program Files (x86)\Seznam.cz
2017-10-06 14:12 - 2017-10-16 09:51 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\Seznam.cz
2017-10-06 14:10 - 2017-10-06 14:11 - 147634852 _____ C:\Users\Lenovo\Downloads\tony-hawks-pro-skater-4_ProSkater4.exe
2017-10-06 14:09 - 2017-10-06 15:36 - 1558045703 _____ C:\Users\Lenovo\Downloads\Tony Hawk Pro Skater 4.rar
2017-10-06 10:14 - 2017-10-06 10:16 - 362685440 _____ C:\Users\Lenovo\Downloads\NFSU2_Demo (1).exe
2017-10-05 12:52 - 2017-10-05 12:52 - 000000000 ____D C:\Users\Lenovo\Downloads\NFSU2_Demo_Install
2017-10-05 12:38 - 2017-10-05 12:42 - 362685440 _____ C:\Users\Lenovo\Downloads\NFSU2_Demo.exe
2017-10-05 12:34 - 2017-10-05 15:11 - 2888084053 _____ C:\Users\Lenovo\Downloads\12. Need For Speed Most Wanted (2012).rar
2017-10-01 19:06 - 2017-10-01 19:06 - 000002187 _____ C:\Users\Lenovo\Downloads\smime.p7s
2017-10-01 18:24 - 2017-10-01 18:52 - 000000000 ____D C:\Users\Lenovo\Desktop\auto
2017-09-29 22:21 - 2017-09-29 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-09-29 22:19 - 2017-09-29 22:19 - 000001827 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-09-29 22:19 - 2017-09-29 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-09-29 22:19 - 2017-09-29 22:19 - 000000000 ____D C:\Program Files\iTunes
2017-09-29 22:19 - 2017-09-29 22:19 - 000000000 ____D C:\Program Files\iPod
2017-09-29 22:13 - 2017-09-29 22:13 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-09-29 22:13 - 2017-09-29 22:13 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2017-09-25 14:13 - 2017-09-25 14:13 - 000063488 _____ C:\Users\Lenovo\Desktop\Náklady na stavbu.xls
2017-09-18 22:54 - 2017-09-18 22:54 - 000618939 _____ C:\Users\Lenovo\Downloads\Doklad_2152173082.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-17 12:37 - 2017-06-04 12:36 - 000000000 ____D C:\Users\Lenovo
2017-10-17 12:37 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-17 12:36 - 2017-06-04 12:47 - 000004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BCEBD0E8-AFBE-4C13-B087-DF4FF35C5EA5}
2017-10-17 12:34 - 2016-05-22 18:16 - 000000000 ___RD C:\Users\Lenovo\OneDrive
2017-10-17 12:33 - 2017-06-04 12:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-17 12:33 - 2017-06-04 12:33 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-10-17 12:33 - 2017-04-21 20:44 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-10-17 12:33 - 2016-08-21 09:58 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-17 12:33 - 2015-09-14 04:18 - 000000000 __SHD C:\Users\Lenovo\IntelGraphicsProfiles
2017-10-17 00:32 - 2017-03-18 13:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2017-10-16 23:30 - 2017-06-04 12:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-16 22:27 - 2016-08-09 22:25 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\uTorrent
2017-10-16 19:21 - 2017-06-04 21:15 - 000004648 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-16 19:21 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-10-16 19:21 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-10-16 15:39 - 2016-12-02 12:53 - 000000499 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2017-10-16 10:05 - 2017-03-01 22:46 - 000111909 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-10-16 10:00 - 2017-09-03 17:18 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-10-16 09:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-10-16 09:57 - 2015-10-30 09:24 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-10-15 18:20 - 2017-06-04 12:47 - 000003486 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2017-10-14 21:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-10-12 11:48 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-11 23:18 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-10-11 20:10 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-10-11 19:44 - 2017-06-04 12:49 - 003857114 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-11 19:44 - 2017-03-20 06:43 - 001826232 _____ C:\WINDOWS\system32\perfh005.dat
2017-10-11 19:44 - 2017-03-20 06:43 - 000469864 _____ C:\WINDOWS\system32\perfc005.dat
2017-10-11 19:37 - 2016-04-27 08:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-11 19:09 - 2017-06-04 12:29 - 000391456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-11 19:07 - 2017-03-18 23:03 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-10-11 19:07 - 2017-03-18 23:03 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-10-11 19:07 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-10-11 19:07 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-10-11 11:26 - 2016-07-17 02:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-11 11:22 - 2016-07-17 02:33 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-11 11:20 - 2016-12-14 19:24 - 000000000 ____D C:\Users\Lenovo\AppData\Roaming\SpinTires
2017-10-11 11:06 - 2015-09-28 01:05 - 000000000 ____D C:\Games
2017-10-10 22:24 - 2016-07-18 17:07 - 000007630 _____ C:\Users\Lenovo\AppData\Local\resmon.resmoncfg
2017-10-09 17:44 - 2016-04-25 18:14 - 000000000 ____D C:\Users\Lenovo\Desktop\Film
2017-10-05 17:48 - 2017-07-24 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2017-10-05 17:46 - 2017-04-22 15:23 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2017-10-05 12:42 - 2015-09-26 19:56 - 000000000 ___RD C:\Users\Lenovo\Desktop\vše
2017-10-05 12:40 - 2016-12-30 20:41 - 000000000 ____D C:\Program Files (x86)\Valve
2017-10-04 13:15 - 2017-04-21 20:43 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-10-01 18:18 - 2017-04-16 08:08 - 000000000 ___RD C:\Users\Lenovo\iCloudDrive
2017-10-01 18:18 - 2017-04-16 08:08 - 000000000 ____D C:\Users\Lenovo\AppData\Local\671DDAD6-CBDC-41DA-A30A-9B7D0DCF7CD2.aplzod
2017-09-29 22:21 - 2017-04-16 08:08 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Apple Inc
2017-09-29 22:21 - 2016-09-11 09:12 - 000000000 ____D C:\Users\Lenovo\AppData\Local\Apple
2017-09-29 22:13 - 2016-09-11 09:12 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-09-26 18:20 - 2016-07-17 10:52 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-26 18:20 - 2016-07-17 10:52 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-19 21:47 - 2017-07-25 22:58 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1132558896-572766911-3905001776-1001
2017-09-19 21:47 - 2016-07-17 01:32 - 000002401 _____ C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Files in the root of some directories =======

2017-04-15 21:50 - 2017-04-15 21:50 - 000140288 _____ () C:\Users\Lenovo\AppData\Roaming\Installer.dat
2017-07-26 15:15 - 2002-08-29 17:33 - 000319488 ____R () C:\Users\Lenovo\AppData\Roaming\MafiaSetup.exe
2016-07-18 17:07 - 2017-10-10 22:24 - 000007630 _____ () C:\Users\Lenovo\AppData\Local\resmon.resmoncfg
2016-07-17 22:09 - 2016-07-17 22:09 - 000000003 _____ () C:\Users\Lenovo\AppData\Local\updater.log
2016-07-17 22:09 - 2016-07-17 22:14 - 000000059 _____ () C:\Users\Lenovo\AppData\Local\UserProducts.xml
2017-06-04 12:33 - 2017-06-04 12:33 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-13 20:48

==================== End of FRST.txt ============================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15196
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Chrome zatěžuje procesot

#14 Příspěvek od JaRon »

toto nebude virovy problem
vycisti PC s CCleanerom vcetne registrov
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Beza45
Návštěvník
Návštěvník
Příspěvky: 10
Registrován: 13 říj 2017 08:42

Re: Chrome zatěžuje procesot

#15 Příspěvek od Beza45 »

Je to tu ZPĚT....stahnul jsem MalwareBytes..a měl sem par dní ochranu v reálném čase...a když sem si chtěl pustit nějaky film někde tak mi to třeba nešlo a napsalo mi to že můj procesor po dobu koukání na film bude použit na počítaní nějakych matematických úloh....ale Malware to zablokoval a všechno šlo v poho...a ta zkušbní verze skončila a je to tu zas....koukam na film a procesor jede na MAX.....:( :(

Odpovědět