Kontroja logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
miruska27
Level 3.5
Level 3.5
Příspěvky: 735
Registrován: leden 09
Pohlaví: Muž

Re: Kontroja logu

Příspěvekod miruska27 » 15 lis 2020 15:34

Informace o kontroly
Název produktu    :  Zemana AntiMalware
Stav kontroly    :  Dokončena
Datum kontroly    :  15.11.2020 15:17:04
Typ kontroly    :  Inteligentní kontrola
Čas trvání    :  00:00:27
Zkontrolované objekty    :  1873
Zjištěné objekty    :  0
Vyloučené objekty    :  0
Automatické odesílání    :  Ano
Operační systém    :  Windows 10 x64
Procesor    :  4X Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Režim systému BIOS    :  UEFI
Informace o doméně    :  WORKGROUP,False,NetSetupWorkgroupName
CUID    :  12638FFC412A2B9639B462


Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 15:20:52, on 15.11.2020
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.19041.0001)


Boot mode: Normal

Running processes:
C:\Users\Miroslav Jančík\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKCU\..\Run: [Lync] "C:\Program Files\Microsoft Office\root\Office16\lync.exe" /fromrunkey
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_3116a - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EHttpSrv) - ESET - C:\Program Files\ESET\ESET Security\ehttpsrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Firewall Helper (ekrnEpfw) - ESET - C:\Program Files\ESET\ESET Security\ekrn.exe
O23 - Service: ESET Management Agent (EraAgentSvc) - ESET - C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.193\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer - TeamViewer Germany GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @oem2.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - Unknown owner - C:\WINDOWS\system32\viakaraokesrv.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10387 bytes


Problém přetrvává, pořád se mi tam cpe Skype pro firmy :oops:



Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41285
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontroja logu

Příspěvekod jaro3 » 15 lis 2020 16:53

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O1 - Hosts: ::1 localhost
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')


Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
miruska27
Level 3.5
Level 3.5
Příspěvky: 735
Registrován: leden 09
Pohlaví: Muž

Re: Kontroja logu

Příspěvekod miruska27 » 15 lis 2020 20:05

FIXnuto.......

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2020
Ran by Miroslav Jančík (administrator) on DESKTOP-U8UD9TP (TAROX Business 5000BD) (15-11-2020 19:42:48)
Running from C:\Users\Miroslav Jančík\Desktop
Loaded Profiles: Miroslav Jančík
Platform: Windows 10 Home Version 2004 19041.630 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2009.30067.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbengine.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [185648 2020-08-06] (ESET, spol. s r.o. -> ESET)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-4097425250-4243495393-2995953177-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\root\Office16\lync.exe [26812232 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109080 2018-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.193\Installer\chrmstp.exe [2020-11-12] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {125C880A-5436-4329-A638-4102137B87D5} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [658808 2020-07-29] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {3DC4E265-3B40-4A64-B46B-D4701F873019} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612216 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C1AB081-55D7-4681-A2D0-3D8856077977} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-10] (Adobe Inc. -> Adobe)
Task: {6AA8F74F-6B31-42A0-B394-589DD1935EED} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Miroslav Jančík\Desktop\esetonlinescanner_csy.exe
Task: {7281C896-599C-40DB-879C-3A023F5D9A5D} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Miroslav Jančík\Desktop\esetonlinescanner_csy.exe
Task: {76A1679A-B579-468D-9D29-D3A91D8EA745} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
Task: {94EEC154-1D9C-4D62-858F-09A6849AC75E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1B89A0F-EA61-4647-B601-E2C4C471AB8F} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [667856 2020-11-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {A46BCCCC-069C-44FA-B9B4-A6F53ABB9B43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-06] (Google LLC -> Google LLC)
Task: {B7A84A37-76DF-494C-9465-738717CD7AD3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158568 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C173F60B-84B1-4B7C-827F-6326304DDF54} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24612216 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB6CC79F-E9DB-4F0C-97C1-E041A4F801C0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2038152 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB9D67F0-6881-46EA-AD7A-52D68C72EAC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-06] (Google LLC -> Google LLC)
Task: {F8E362F1-507E-47FC-9B0A-0CC030AFECA1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {FE364EA9-3A2D-4740-983B-A625F53FEE1A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6158752 2020-10-29] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f4c28d85-53da-4fe1-acf8-f15e2e24d6dd}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF DefaultProfile: 2nz1t4ly.default
FF ProfilePath: C:\Users\Miroslav Jančík\AppData\Roaming\Mozilla\Firefox\Profiles\2nz1t4ly.default [2020-02-18]
FF ProfilePath: C:\Users\Miroslav Jančík\AppData\Roaming\Mozilla\Firefox\Profiles\vhhb4v6d.default-release [2020-11-15]
FF DownloadDir: C:\Users\Miroslav Jančík\Desktop
FF NewTab: Mozilla\Firefox\Profiles\vhhb4v6d.default-release -> about:newtab
FF Notifications: Mozilla\Firefox\Profiles\vhhb4v6d.default-release -> hxxps://prokliky.cz
FF Extension: (uBlock Origin) - C:\Users\Miroslav Jančík\AppData\Roaming\Mozilla\Firefox\Profiles\vhhb4v6d.default-release\Extensions\uBlock0@raymondhill.net.xpi [2020-10-22]
FF Extension: (No Name) - C:\Users\Miroslav Jančík\AppData\Roaming\Mozilla\Firefox\Profiles\vhhb4v6d.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-10] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-4097425250-4243495393-2995953177-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Miroslav Jančík\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-08] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-11-15]

Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-10] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11137416 2020-10-09] (Microsoft Corporation -> Microsoft Corporation)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [57952 2020-08-06] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2364472 2020-08-06] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2364472 2020-08-06] (ESET, spol. s r.o. -> ESET)
R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [1450080 2020-05-29] (ESET, spol. s r.o. -> ESET)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-11-13] (Malwarebytes Inc -> Malwarebytes)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [69864 2018-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13617208 2020-10-22] (Adlice -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27768 2018-10-13] (VIA Technologies Inc. -> VIA Technologies, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2020-11-15] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [43944 2013-06-04] (BoiseTest -> Microsoft Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [154344 2020-08-06] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [106848 2020-05-21] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15288 2020-10-06] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [195464 2020-08-06] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [79536 2020-08-06] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [115976 2020-08-06] (ESET, spol. s r.o. -> ESET)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-11-13] (Malwarebytes Inc -> Malwarebytes)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsl3c43ed2f; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8713EC2F-C9C8-4E29-A865-1C7E6246E2A9}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-15 19:42 - 2020-11-15 19:47 - 000015705 _____ C:\Users\Miroslav Jančík\Desktop\FRST.txt
2020-11-15 19:42 - 2020-11-15 19:45 - 000000000 ____D C:\FRST
2020-11-15 19:39 - 2020-11-15 19:39 - 000000000 ____D C:\Users\Miroslav Jančík\Desktop\backups
2020-11-15 19:30 - 2020-11-15 19:30 - 002294784 _____ (Farbar) C:\Users\Miroslav Jančík\Desktop\FRST64.exe
2020-11-15 15:18 - 2020-11-15 15:18 - 000000703 _____ C:\Users\Miroslav Jančík\Desktop\Zemana.txt
2020-11-15 15:16 - 2020-11-15 19:47 - 000082272 _____ C:\WINDOWS\ZAM.krnl.trace
2020-11-15 15:16 - 2020-11-15 15:16 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2020-11-15 15:16 - 2020-11-15 15:16 - 000003578 _____ C:\WINDOWS\system32\Tasks\AMHelper
2020-11-15 15:16 - 2020-11-15 15:16 - 000001333 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-11-15 15:16 - 2020-11-15 15:16 - 000001333 _____ C:\ProgramData\Desktop\Zemana AntiMalware.lnk
2020-11-15 15:16 - 2020-11-15 15:16 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Local\Zemana
2020-11-15 15:16 - 2020-11-15 15:16 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Local\AMSDK
2020-11-15 15:16 - 2020-11-15 15:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-11-15 15:16 - 2020-11-15 15:16 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-11-15 15:14 - 2020-11-15 15:14 - 000135598 _____ C:\Users\Miroslav Jančík\Desktop\ZOEK.txt
2020-11-15 15:08 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2020-11-15 14:46 - 2020-11-15 15:05 - 000000000 ____D C:\zoek_backup
2020-11-15 14:44 - 2020-11-11 22:29 - 000000000 ____D C:\Users\Miroslav Jančík\Desktop\zoek1
2020-11-15 14:42 - 2020-11-15 14:42 - 001800862 _____ C:\Users\Miroslav Jančík\Desktop\zoek1.rar
2020-11-15 00:17 - 2020-11-15 00:17 - 000002294 _____ C:\Users\Miroslav Jančík\Desktop\Rog.txt
2020-11-15 00:10 - 2020-11-15 00:10 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-11-15 00:10 - 2020-11-15 00:10 - 000000899 _____ C:\ProgramData\Desktop\RogueKiller.lnk
2020-11-15 00:10 - 2020-11-15 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-11-15 00:10 - 2020-11-15 00:10 - 000000000 ____D C:\Program Files\RogueKiller
2020-11-15 00:09 - 2020-11-15 00:10 - 000000000 ____D C:\ProgramData\RogueKiller
2020-11-14 23:25 - 2020-11-14 23:25 - 000000000 ____D C:\ProgramData\Sophos
2020-11-14 23:24 - 2020-11-14 23:24 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-11-14 23:24 - 2020-11-14 23:24 - 000002775 _____ C:\ProgramData\Desktop\Sophos Virus Removal Tool.lnk
2020-11-14 23:24 - 2020-11-14 23:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-11-14 23:24 - 2020-11-14 23:24 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-11-14 23:22 - 2020-11-14 23:22 - 000000636 _____ C:\Users\Miroslav Jančík\Desktop\JRT.txt
2020-11-14 23:11 - 2020-11-14 23:11 - 001790024 _____ (Malwarebytes) C:\Users\Miroslav Jančík\Desktop\JRT.exe
2020-11-13 23:05 - 2020-11-13 23:05 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-11-13 23:05 - 2020-11-13 23:05 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-13 23:05 - 2020-11-13 23:05 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-11-13 23:05 - 2020-11-13 23:05 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-11-13 23:05 - 2020-11-13 23:05 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-11-13 23:05 - 2020-11-13 23:05 - 000002021 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-11-13 23:04 - 2020-11-13 23:04 - 000000000 ____D C:\Program Files\Malwarebytes
2020-11-13 22:57 - 2020-11-13 22:57 - 008447152 _____ (Malwarebytes) C:\Users\Miroslav Jančík\Desktop\AdwCleaner.exe
2020-11-13 22:56 - 2020-11-13 22:56 - 000448512 _____ (OldTimer Tools) C:\Users\Miroslav Jančík\Desktop\TFC.exe
2020-11-13 22:55 - 2020-11-13 22:55 - 000050688 _____ (Atribune.org) C:\Users\Miroslav Jančík\Desktop\ATF-Cleaner.exe
2020-11-13 22:54 - 2020-11-13 22:54 - 000388608 _____ (Trend Micro Inc.) C:\Users\Miroslav Jančík\Desktop\HijackThis.exe
2020-11-12 23:37 - 2020-11-12 23:37 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Local\CrashDumps
2020-11-12 21:58 - 2020-11-12 21:58 - 026274304 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 024265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 023452160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 019870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 018083840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 010840904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 010336904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 008895680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 008235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 008009872 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 007990232 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 007783936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 007636448 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 007621632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 007107584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 006422016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 006368392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 006231040 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 006196736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 006001208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 005430992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004902400 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004830720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004783840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004752896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004732928 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004651032 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 004629328 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 004281856 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 004069992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 004008448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003933696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003893248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003869184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003821064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003815936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 003811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003779392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 003750400 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003388928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003305984 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003157816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 003089920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

Uživatelský avatar
miruska27
Level 3.5
Level 3.5
Příspěvky: 735
Registrován: leden 09
Pohlaví: Muž

Re: Kontroja logu

Příspěvekod miruska27 » 15 lis 2020 20:06

2020-11-12 21:58 - 2020-11-12 21:58 - 003070464 _____ (Microsoft Corporation) C:\WINDOWS\system32\FluencyDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002983736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 002979840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 002850616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 002809776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002760704 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 002648576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002607104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002520056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002477384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002426168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002318848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002268456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002250240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002048000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002024248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 002012672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001953792 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001828352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001827648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001751944 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001715200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001695728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001683456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001664160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001649664 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001590784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001590584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001557816 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 001523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MoUsoCoreWorker.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 001516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001515520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001481216 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001478464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 001449984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001414656 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 001391616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001361920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsf3gip.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001352240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001272320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 001255424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001245280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001239040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_IME.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001238528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001228800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001210136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 001192096 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001128520 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001117328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001070392 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001025768 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 001017472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000988000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000926720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000904008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000894776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000885248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000873272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000867328 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000860672 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000859400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000828432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000820552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000805168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000802304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000763392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000763344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000756680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000732448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000712296 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000705008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000700376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000648712 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntimewindows.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000635840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\agentactivationruntime.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000628224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_9.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.ConversationalAgent.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000603448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_9.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000562688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000546968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxAPDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\IESettingSync.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000538952 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000534536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000521088 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxHAPDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000509792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000502584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-11-12 21:58 - 2020-11-12 21:58 - 000501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000489128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000488056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000482120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtCangjieDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtBopomofoDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtHkStrokeDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChsStrokeDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtQuickDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000454968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000442168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000429712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DataModel.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000423224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000413208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000410072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000409408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprdim.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SpeechPrivacy.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000382712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpndecoder.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChxDecoder.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxinputrouter.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AarSvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MtfDecoder.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000305472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000303104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000298808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpnranker.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000288680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000260920 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000253016 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000250176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-11-12 21:58 - 2020-11-12 21:58 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreCommonProxyStub.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000228680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000218936 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000201536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000195400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000195144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_InkingTypingPrivacy.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-11-12 21:58 - 2020-11-12 21:58 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\diskpart.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000180040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\trie.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFFuzzyDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPolEng.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdvancedEmojiDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtm.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000158208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000153912 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcl.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BrowserDeclutter.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPolEng.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinAUG.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000133448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcl.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000132744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\VocabRoamingHandler.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerApi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netid.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbnetlib.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\chxranker.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000118600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000117064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFSpellcheckDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HashtagDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbnetlib.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChtAdvancedDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000104760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PktMon.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MTFAppServiceDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\RuleBasedDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManagerApi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000098120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmk.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000095048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000092960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcXtrnal.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\jpninputrouter.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\amsi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000070968 _____ (Microsoft Corporation) C:\WINDOWS\system32\GameInput.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msobjs.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msobjs.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransliterationRanker.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000061760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GameInput.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmojiDS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\amsi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\devauthe.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000042824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\gmsaclient.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gmsaclient.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000024792 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregtask.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000021320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000020280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-11-12 21:58 - 2020-11-12 21:58 - 000020144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nsi.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsregtask.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsilog.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000016136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\drmkaud.sys
2020-11-12 21:58 - 2020-11-12 21:58 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcXtrnal.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\amsiproxy.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-12 21:58 - 2020-11-12 21:58 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtprio.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2020-11-12 21:58 - 2020-11-12 21:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2020-11-12 21:57 - 2020-11-12 21:58 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2020-11-12 21:52 - 2020-10-15 04:22 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-11-12 21:52 - 2020-10-15 04:14 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-11-11 11:45 - 2020-11-11 11:45 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Local\mbam
2020-11-11 11:44 - 2020-11-11 11:44 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-11-11 11:41 - 2020-11-11 11:41 - 000000000 ____D C:\AdwCleaner
2020-11-10 11:11 - 2020-11-10 11:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-11-10 11:10 - 2020-11-10 11:10 - 000000000 ___HD C:\Users\Miroslav Jančík\MicrosoftEdgeBackups
2020-11-10 09:14 - 2020-11-11 11:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-10-28 18:52 - 2020-11-10 11:10 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Local\MicrosoftEdge
2020-10-23 06:44 - 2020-11-13 12:13 - 000000000 ___RD C:\Users\Miroslav Jančík\Desktop\Vertera

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-11-15 19:42 - 2018-10-13 09:55 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\LocalLow\Mozilla
2020-11-15 19:32 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-11-15 19:21 - 2020-08-14 15:15 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-11-15 19:21 - 2019-12-07 15:41 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2020-11-15 19:21 - 2019-12-07 15:41 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2020-11-15 19:21 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-11-15 19:17 - 2020-08-14 15:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-11-15 19:17 - 2020-08-14 15:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-11-15 19:17 - 2020-08-14 15:07 - 000008192 ___SH C:\DumpStack.log.tmp
2020-11-15 19:17 - 2020-02-11 21:10 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2020-11-15 19:17 - 2018-10-13 09:53 - 000000000 __SHD C:\Users\Miroslav Jančík\IntelGraphicsProfiles
2020-11-15 15:19 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-11-14 11:20 - 2020-02-18 21:05 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Roaming\vlc
2020-11-14 09:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-11-13 23:05 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-11-13 11:32 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-11-13 07:57 - 2020-08-14 15:08 - 000436784 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-11-12 23:35 - 2020-08-13 16:02 - 000000000 ___DC C:\WINDOWS\Panther
2020-11-12 23:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-12 23:25 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-11-12 23:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-12 23:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-11-12 23:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-12 23:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-12 23:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-12 23:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-11-12 23:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-12 23:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-12 23:25 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-11-12 22:01 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-11-12 21:58 - 2020-08-14 15:08 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-12 05:04 - 2020-06-06 11:29 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-11-12 05:04 - 2020-06-06 11:29 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-11-12 05:04 - 2020-06-06 11:29 - 000002260 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-11-11 11:57 - 2020-02-11 21:23 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-11-11 11:42 - 2020-02-11 19:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-11-11 11:38 - 2020-02-11 19:21 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Local\Comms
2020-11-10 11:11 - 2020-08-14 15:12 - 000004632 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-11-10 11:11 - 2020-08-14 15:12 - 000004464 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater
2020-11-10 11:11 - 2020-02-11 19:25 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-11-10 11:11 - 2019-12-07 10:18 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-11-10 11:11 - 2019-12-07 10:18 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-11-10 11:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-11-10 11:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-11-10 11:10 - 2020-08-14 14:49 - 000000000 ____D C:\Users\Miroslav Jančík
2020-11-09 23:20 - 2020-06-26 07:18 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Roaming\Skype
2020-11-09 23:19 - 2020-02-11 19:16 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Local\Packages
2020-11-03 21:49 - 2020-02-18 21:11 - 000000000 ____D C:\Users\Miroslav Jančík\AppData\Roaming\DVDFab11
2020-11-03 21:48 - 2020-02-18 21:11 - 000000000 ____D C:\ProgramData\boost_interprocess
2020-10-29 11:49 - 2020-02-18 08:12 - 000000000 ____D C:\Program Files\Microsoft Office
2020-10-29 11:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-10-29 10:25 - 2020-08-14 15:12 - 000003400 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4097425250-4243495393-2995953177-1001
2020-10-29 10:25 - 2020-08-14 14:49 - 000002395 _____ C:\Users\Miroslav Jančík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-29 10:25 - 2018-10-13 09:47 - 000000000 ___RD C:\Users\Miroslav Jančík\OneDrive

==================== Files in the root of some directories ========

2020-02-18 21:11 - 2020-02-18 21:11 - 000000171 _____ () C:\Users\Miroslav Jančík\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41285
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontroja logu

Příspěvekod jaro3 » 15 lis 2020 21:13

Kde je Adition.txt?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
miruska27
Level 3.5
Level 3.5
Příspěvky: 735
Registrován: leden 09
Pohlaví: Muž

Re: Kontroja logu

Příspěvekod miruska27 » 16 lis 2020 07:38

Už je tu :-(

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-11-2020
Ran by Miroslav Jančík (15-11-2020 19:48:24)
Running from C:\Users\Miroslav Jančík\Desktop
Windows 10 Home Version 2004 19041.630 (X64) (2020-08-14 14:12:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4097425250-4243495393-2995953177-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4097425250-4243495393-2995953177-503 - Limited - Disabled)
Guest (S-1-5-21-4097425250-4243495393-2995953177-501 - Limited - Disabled)
Miroslav Jančík (S-1-5-21-4097425250-4243495393-2995953177-1001 - Administrator - Enabled) => C:\Users\Miroslav Jančík
WDAGUtilityAccount (S-1-5-21-4097425250-4243495393-2995953177-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Disabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 20.00 alpha (x64) (HKLM\...\7-Zip) (Version: 20.00 alpha - Igor Pavlov)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.453 - Adobe)
DVDFab (x64) 11.0.8.9 (22/05/2020) (HKLM-x32\...\DVDFab 11(x64)) (Version: 11.0.8.9 - DVDFab Software Inc.)
ESET Endpoint Security (HKLM\...\{92B271E8-4616-42CD-BFF0-E6E3BB0561FF}) (Version: 7.3.2041.0 - ESET, spol. s r.o.)
ESET Management Agent (HKLM\...\{803B32D1-B688-4CF5-AE19-4559D120C299}) (Version: 7.2.1266.0 - ESET, spol. s r.o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.193 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
Malwarebytes version 4.2.3.96 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.2.3.96 - Malwarebytes)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.12527.21236 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4097425250-4243495393-2995953177-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0008 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox 82.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 82.0.3 (x64 cs)) (Version: 82.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 72.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12527.21236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12527.20988 - Microsoft Corporation) Hidden
Revo Uninstaller 2.1.7 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.7 - VS Revo Group, Ltd.)
RogueKiller version 14.7.4.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.7.4.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.2.2756 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
Zemana AntiMalware verze 3.2.27 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.2.27 - Zemana)
Zoom (HKU\S-1-5-21-4097425250-4243495393-2995953177-1001\...\ZoomUMX) (Version: 4.6 - Zoom Video Communications, Inc.)

Packages:
=========
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-07-30] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2020-07-30] (Microsoft Corporation)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12109.10002.53004.0_x64__nzyj5cx40ttqa [2020-10-22] (Apple Inc.) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.10142.0_x64__8wekyb3d8bbwe [2020-10-24] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4097425250-4243495393-2995953177-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation -> Intel Corporation)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2020-02-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-08-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-08-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-13] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2020-02-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2018-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2020-07-29] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2020-02-06] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2020-08-06] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-11-13] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Miroslav Jančík\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DVDFab 11 (x64)\DVDFab Online.lnk -> hxxp://www.dvdfab.cn/?s=dvdfab11&p=x64&v=11.0.8.

==================== Loaded Modules (Whitelisted) =============

2020-02-24 08:10 - 2020-02-06 14:00 - 000076800 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKU\S-1-5-21-4097425250-4243495393-2995953177-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4097425250-4243495393-2995953177-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-20] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-29] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-20] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2020-02-11 15:21 - 2020-11-15 19:39 - 000000813 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4097425250-4243495393-2995953177-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Miroslav Jančík\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\_DSC5748.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-4097425250-4243495393-2995953177-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41285
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontroja logu

Příspěvekod jaro3 » 16 lis 2020 17:07

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
Task: {A46BCCCC-069C-44FA-B9B4-A6F53ABB9B43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-06] (Google LLC -> Google LLC)
Task: {DB9D67F0-6881-46EA-AD7A-52D68C72EAC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-06] (Google LLC -> Google LLC)
FF Extension: (No Name) - C:\Users\Miroslav Jančík\AppData\Roaming\Mozilla\Firefox\Profiles\vhhb4v6d.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-09]
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-4097425250-4243495393-2995953177-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4097425250-4243495393-2995953177-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
HKU\S-1-5-21-4097425250-4243495393-2995953177-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
Hosts:

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
miruska27
Level 3.5
Level 3.5
Příspěvky: 735
Registrován: leden 09
Pohlaví: Muž

Re: Kontroja logu

Příspěvekod miruska27 » 16 lis 2020 17:36

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-11-2020
Ran by Miroslav Jančík (16-11-2020 17:33:38) Run:1
Running from C:\Users\Miroslav Jančík\Desktop
Loaded Profiles: Miroslav Jančík
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Task: {A46BCCCC-069C-44FA-B9B4-A6F53ABB9B43} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-06] (Google LLC -> Google LLC)
Task: {DB9D67F0-6881-46EA-AD7A-52D68C72EAC2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-06-06] (Google LLC -> Google LLC)
FF Extension: (No Name) - C:\Users\Miroslav Jančík\AppData\Roaming\Mozilla\Firefox\Profiles\vhhb4v6d.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-09-09]
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKU\S-1-5-21-4097425250-4243495393-2995953177-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4097425250-4243495393-2995953177-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
HKU\S-1-5-21-4097425250-4243495393-2995953177-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
Hosts:

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A46BCCCC-069C-44FA-B9B4-A6F53ABB9B43}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A46BCCCC-069C-44FA-B9B4-A6F53ABB9B43}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DB9D67F0-6881-46EA-AD7A-52D68C72EAC2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DB9D67F0-6881-46EA-AD7A-52D68C72EAC2}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Users\Miroslav Jančík\AppData\Roaming\Mozilla\Firefox\Profiles\vhhb4v6d.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi => moved successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4 => removed successfully
C:\Program Files\VideoLAN\VLC\npvlc.dll => moved successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.8 => removed successfully
"C:\Program Files\VideoLAN\VLC\npvlc.dll" => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ihcjicgdanjaechkgeegckofjjedodee => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKU\S-1-5-21-4097425250-4243495393-2995953177-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-4097425250-4243495393-2995953177-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
"HKU\S-1-5-21-4097425250-4243495393-2995953177-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\com.squirrel.Teams.Teams" => removed successfully
"HKU\S-1-5-21-4097425250-4243495393-2995953177-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\com.squirrel.Teams.Teams" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 48775431 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 996400 B
Edge => 41838 B
Chrome => 425984 B
Firefox => 230918288 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 73394 B
NetworkService => 73394 B
Miroslav Jančík => 4571357 B

RecycleBin => 12795472 B
EmptyTemp: => 294.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:34:01 ====

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41285
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontroja logu

Příspěvekod jaro3 » 16 lis 2020 18:02

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
miruska27
Level 3.5
Level 3.5
Příspěvky: 735
Registrován: leden 09
Pohlaví: Muž

Re: Kontroja logu

Příspěvekod miruska27 » 16 lis 2020 21:06

Jaro pořád stejný, po zapnutí PC se chce aktivovat Skype pro firmy a já to musím pokaždé odstraňovat a rušit :evil:

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41285
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontroja logu

Příspěvekod jaro3 » 16 lis 2020 21:48

Je to v souvislosti s Office365- nemáš Office 365 pro firmy? Microsoft Skype.
zkoušel jsem smazat spouštěcí klíč , ale po restartu se zase obnovil.

https://techcommunity.microsoft.com/t5/ ... m-p/727148
https://docs.microsoft.com/en-us/deploy ... stallation

Start--do okna napsat:
msconfig a dej OK.

v záložce po spuštění zkus najít microsoft team/from auto lunch
pokud najdeš , odeber vlevo to zatržítko. Klik na "použít" a pak OK.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
miruska27
Level 3.5
Level 3.5
Příspěvky: 735
Registrován: leden 09
Pohlaví: Muž

Re: Kontroja logu

Příspěvekod miruska27 » 19 lis 2020 22:05

Jaro je vyřešeno, Office 365 smazal půlku Windows a tak musela přijít nová instalace Windows, a hlavně jiný Office :shock:


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 1 host