FIXnuto.......
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2020
Ran by Miroslav Jančík (administrator) on DESKTOP-U8UD9TP (TAROX Business 5000BD) (15-11-2020 19:42:48)
Running from C:\Users\Miroslav Jančík\Desktop
Loaded Profiles: Miroslav Jančík
Platform: Windows 10 Home Version 2004 19041.630 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2009.30067.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbengine.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-08-06] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4097425250-4243495393-2995953177-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26812232 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109080 2018-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.193\Installer\chrmstp.exe [2020-11-12] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {125C880A-5436-4329-A638-4102137B87D5} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {3DC4E265-3B40-4A64-B46B-D4701F873019} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612216 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C1AB081-55D7-4681-A2D0-3D8856077977} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-10] (Adobe Inc. -> Adobe)
Task: {6AA8F74F-6B31-42A0-B394-589DD1935EED} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Miroslav Jančík\Desktop\esetonlinescanner_csy.exe
Task: {7281C896-599C-40DB-879C-3A023F5D9A5D} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Miroslav Jančík\Desktop\esetonlinescanner_csy.exe
Task: {76A1679A-B579-468D-9D29-D3A91D8EA745} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
Task: {94EEC154-1D9C-4D62-858F-09A6849AC75E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1B89A0F-EA61-4647-B601-E2C4C471AB8F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [667856 2020-11-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {A46BCCCC-069C-44FA-B9B4-A6F53ABB9B43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-06] (Google LLC -> Google LLC)
Task: {B7A84A37-76DF-494C-9465-738717CD7AD3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C173F60B-84B1-4B7C-827F-6326304DDF54} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612216 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB6CC79F-E9DB-4F0C-97C1-E041A4F801C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2038152 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB9D67F0-6881-46EA-AD7A-52D68C72EAC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-06] (Google LLC -> Google LLC)
Task: {F8E362F1-507E-47FC-9B0A-0CC030AFECA1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE364EA9-3A2D-4740-983B-A625F53FEE1A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f4c28d85-53da-4fe1-acf8-f15e2e24d6dd}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF DefaultProfile: 2nz1t4ly.default
FF ProfilePath: C:\Users\Miroslav Jančík\AppData\Roaming\Mozilla\Firefox\Profiles\2nz1t4ly.default [2020-02-18]
FF ProfilePath: C:\Users\Miroslav Jančík\AppData\Roaming\Mozilla\Firefox\Profiles\vhhb4v6d.default-release [2020-11-15]
FF DownloadDir: C:\Users\Miroslav Jančík\Desktop
FF NewTab: Mozilla\Firefox\Profiles\vhhb4v6d.default-release -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\vhhb4v6d.default-release -> hxxps://prokliky.cz
FF Extension: (uBlock Origin) - C:\Users\Miroslav Jančík\AppData\Roaming\Mozilla\Firefox\Profiles\vhhb4v6d.default-release\Extensions\
uBlock0@raymondhill.net.xpi [2020-10-22]
FF Extension: (No Name) - C:\Users\Miroslav Jančík\AppData\Roaming\Mozilla\Firefox\Profiles\vhhb4v6d.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-10] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4097425250-4243495393-2995953177-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Miroslav Jančík\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-08] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-11-15]
Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [57952 2020-08-06] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2364472 2020-08-06] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2364472 2020-08-06] (ESET, spol. s r.o. -> ESET)
R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [1450080 2020-05-29] (ESET, spol. s r.o. -> ESET)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-13] (Malwarebytes Inc -> Malwarebytes)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [69864 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13617208 2020-10-22] (Adlice -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27768 2018-10-13] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-11-15] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [43944 2013-06-04] (BoiseTest -> Microsoft Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [154344 2020-08-06] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106848 2020-05-21] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-10-06] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [195464 2020-08-06] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79536 2020-08-06] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [115976 2020-08-06] (ESET, spol. s r.o. -> ESET)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-13] (Malwarebytes Inc -> Malwarebytes)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl3c43ed2f; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8713EC2F-C9C8-4E29-A865-1C7E6246E2A9}\MpKslDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-11-15 19:42 - 2020-11-15 19:47 - 000015705 _____ C:\Users\Miroslav Jančík\Desktop\FRST.txt
2020-11-15 19:42 - 2020-11-15 19:45 - 000000000 ____D C:\FRST
2020-11-15 19:39 - 2020-11-15 19:39 - 000000000 ____D C:\Users\Miroslav Jančík\Desktop\backups
2020-11-15 19:30 - 2020-11-15 19:30 - 002294784 _____ (Farbar) C:\Users\Miroslav Jančík\Desktop\FRST64.exe
2020-11-15 15:18 - 2020-11-15 15:18 - 000000703 _____ C:\Users\Miroslav Jančík\Desktop\Zemana.txt
2020-11-15 15:16 - 2020-11-15 19:47 - 000082272 _____ C:\WINDOWS\ZAM.krnl.trace
2020-11-15 15:16 - 2020-11-15 15:16 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-11-15 15:16 - 2020-11-15 15:16 - 000003578 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-11-15 15:16 - 2020-11-15 15:16 - 000001333 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-11-15 15:16 - 2020-11-15 15:16 - 000001333 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2020-11-15 15:16 - 2020-11-15 15:16 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Local\Zemana
2020-11-15 15:16 - 2020-11-15 15:16 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Local\AMSDK
2020-11-15 15:16 - 2020-11-15 15:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-11-15 15:16 - 2020-11-15 15:16 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-11-15 15:14 - 2020-11-15 15:14 - 000135598 _____ C:\Users\Miroslav Jančík\Desktop\ZOEK.txt
2020-11-15 15:08 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-11-15 14:46 - 2020-11-15 15:05 - 000000000 ____D C:\zoek_backup
2020-11-15 14:44 - 2020-11-11 22:29 - 000000000 ____D C:\Users\Miroslav Jančík\Desktop\zoek1
2020-11-15 14:42 - 2020-11-15 14:42 - 001800862 _____ C:\Users\Miroslav Jančík\Desktop\zoek1.rar
2020-11-15 00:17 - 2020-11-15 00:17 - 000002294 _____ C:\Users\Miroslav Jančík\Desktop\Rog.txt
2020-11-15 00:10 - 2020-11-15 00:10 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-11-15 00:10 - 2020-11-15 00:10 - 000000899 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-11-15 00:10 - 2020-11-15 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-11-15 00:10 - 2020-11-15 00:10 - 000000000 ____D C:\Program Files\RogueKiller
2020-11-15 00:09 - 2020-11-15 00:10 - 000000000 ____D C:\ProgramData\RogueKiller
2020-11-14 23:25 - 2020-11-14 23:25 - 000000000 ____D C:\ProgramData\Sophos
2020-11-14 23:24 - 2020-11-14 23:24 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-11-14 23:24 - 2020-11-14 23:24 - 000002775 _____ C:\ProgramData\Desktop\Sophos Virus Removal Tool.lnk
2020-11-14 23:24 - 2020-11-14 23:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-11-14 23:24 - 2020-11-14 23:24 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-11-14 23:22 - 2020-11-14 23:22 - 000000636 _____ C:\Users\Miroslav Jančík\Desktop\JRT.txt
2020-11-14 23:11 - 2020-11-14 23:11 - 001790024 _____ (Malwarebytes) C:\Users\Miroslav Jančík\Desktop\JRT.exe
2020-11-13 23:05 - 2020-11-13 23:05 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-11-13 23:05 - 2020-11-13 23:05 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-13 23:05 - 2020-11-13 23:05 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-11-13 23:05 - 2020-11-13 23:05 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-13 23:05 - 2020-11-13 23:05 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-13 23:05 - 2020-11-13 23:05 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-11-13 23:04 - 2020-11-13 23:04 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-13 22:57 - 2020-11-13 22:57 - 008447152 _____ (Malwarebytes) C:\Users\Miroslav Jančík\Desktop\AdwCleaner.exe
2020-11-13 22:56 - 2020-11-13 22:56 - 000448512 _____ (OldTimer Tools) C:\Users\Miroslav Jančík\Desktop\TFC.exe
2020-11-13 22:55 - 2020-11-13 22:55 - 000050688 _____ (Atribune.org) C:\Users\Miroslav Jančík\Desktop\ATF-Cleaner.exe
2020-11-13 22:54 - 2020-11-13 22:54 - 000388608 _____ (Trend Micro Inc.) C:\Users\Miroslav Jančík\Desktop\HijackThis.exe
2020-11-12 23:37 - 2020-11-12 23:37 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Local\CrashDumps
2020-11-12 21:58 - 2020-11-12 21:58 - 026274304 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 024265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 023452160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 019870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 018083840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 010840904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 010336904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 008895680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 008235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 008009872 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 007990232 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 007783936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 007636448 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 007621632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 007107584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 006422016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 006368392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 006231040 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 006196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 006001208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 005430992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004902400 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004830720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004783840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004752896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004732928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004651032 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 004629328 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 004281856 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004069992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 004008448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003933696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003893248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003869184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003821064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003815936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 003811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003779392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 003750400 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003388928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003305984 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003157816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003089920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
