log Hijack Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Paull
Level 1
Level 1
Příspěvky: 75
Registrován: říjen 06
Pohlaví: Nespecifikováno

Re: log Hijack

Příspěvekod Paull » 19 pro 2020 18:45

DRV:64bit: - (megasas35i) -- C:\Windows\SysNative\drivers\megasas35i.sys (Avago Technologies)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (umbus) -- C:\Windows\SysNative\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\uefi.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (usbaudio2) -- C:\Windows\SysNative\drivers\usbaudio2.sys (Microsoft Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (rhproxy) -- C:\Windows\SysNative\drivers\rhproxy.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys (Microsoft Corporation)
DRV:64bit: - (swenum) -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys (Microsoft Corporation)
DRV:64bit: - (PNPMEM) -- C:\Windows\SysNative\drivers\pnpmem.sys (Microsoft Corporation)
DRV:64bit: - (BthA2dp) -- C:\Windows\SysNative\drivers\BthA2dp.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_I2C_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_GLK.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_CNL.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\BthHfEnum.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_CNL) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_CNL.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_GLK) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_GLK.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation)
DRV:64bit: - (Microsoft_Bluetooth_AvrcpTransport) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.AvrcpTransport.sys (Microsoft Corporation)
DRV:64bit: - (amdi2c) -- C:\Windows\SysNative\drivers\amdi2c.sys (Advanced Micro Devices, Inc)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (intelpmax) -- C:\Windows\SysNative\drivers\intelpmax.sys (Microsoft Corporation)
DRV:64bit: - (amdgpio2) -- C:\Windows\SysNative\drivers\amdgpio2.sys (Advanced Micro Devices, Inc)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:64bit: - (cmdboot) -- C:\Windows\SysNative\drivers\cmdboot.sys (COMODO)
DRV:64bit: - (nvlddmkm) -- C:\Windows\SysNative\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (AppleLowerFilter) -- C:\Windows\SysNative\drivers\AppleLowerFilter.sys (Apple Inc.)
DRV:64bit: - (AppleKmdfFilter) -- C:\Windows\SysNative\drivers\AppleKmdfFilter.sys (Apple Inc.)
DRV:64bit: - (WirelessKeyboardFilter) -- C:\Windows\SysNative\drivers\WirelessKeyboardFilter.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys (Intel Corporation)
DRV - (afunix) -- C:\Windows\SysWOW64\drivers\afunix.sys (Microsoft Corporation)
DRV - (BasicRender) -- C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_49a8589f00d970d9\BasicRender.sys (Microsoft Corporation)
DRV - (VirtualRender) -- C:\WINDOWS\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys (Microsoft Corporation)
DRV - (UfxChipidea) -- C:\WINDOWS\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys (Microsoft Corporation)
DRV - (UrsChipidea) -- C:\WINDOWS\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys (Microsoft Corporation)
DRV - (UrsSynopsys) -- C:\WINDOWS\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys (Microsoft Corporation)
DRV - (genericusbfn) -- C:\WINDOWS\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys (Microsoft Corporation)
DRV - (BasicDisplay) -- C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_62ba5773ba05edee\BasicDisplay.sys (Microsoft Corporation)
DRV - (umbus) -- C:\WINDOWS\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys (Microsoft Corporation)
DRV - (UEFI) -- C:\WINDOWS\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys (Microsoft Corporation)
DRV - (swenum) -- C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_db678424d2641c3d\nvlddmkm.sys (NVIDIA Corporation)


========== Standard Registry (All) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = E2 E8 67 4D 78 33 D5 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.region: "CZ"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.271.2: C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.271.2: C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL (Microsoft Corporation)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 84.0\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 84.0\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\PROGRAM FILES\MCAFEE\WEBADVISOR\WEBADVISOR.MCAFEE.FIREFOX.EXTENSION.JSON [2020.11.21 08:02:02 | 000,000,273 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension\\: C:\PROGRAM FILES\MCAFEE\WEBADVISOR\WEBADVISOR_V2.MCAFEE.FIREFOX.EXTENSION.JSON [2020.11.21 08:02:03 | 000,000,272 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\Program Files\McAfee\WebAdvisor\webadvisor.mcafee.firefox.extension.json [2020.11.21 08:02:02 | 000,000,273 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension\\: C:\Program Files\McAfee\WebAdvisor\webadvisor_v2.mcafee.firefox.extension.json [2020.11.21 08:02:03 | 000,000,272 | ---- | M] ()
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 84.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 84.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2020.11.29 15:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\Extensions
[2020.11.29 15:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\SystemExtensionsDev
[2020.12.17 18:38:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\Firefox\Profiles\15meqnet.default-release\extensions
[2020.11.29 15:26:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\Firefox\Profiles\15meqnet.default-release\storage\default\moz-extension+++49c499b8-a92a-467b-8c4e-3539a19b609b^userContextId=4294967295
[2020.12.18 18:22:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\Firefox\Profiles\15meqnet.default-release\storage\default\moz-extension+++49c499b8-a92a-467b-8c4e-3539a19b609b^userContextId=4294967295\idb
[2020.11.29 15:27:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\Firefox\Profiles\15meqnet.default-release\storage\default\moz-extension+++a4a0b5b4-c30b-4875-aedd-d5d00efd1545^userContextId=4294967295
[2020.12.18 18:22:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\Firefox\Profiles\15meqnet.default-release\storage\default\moz-extension+++a4a0b5b4-c30b-4875-aedd-d5d00efd1545^userContextId=4294967295\idb

========== Chrome ==========

CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.5_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.21.0_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\4.0.116_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\4.62.0.1_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.3_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8720.1005.0.2_0\

O1 HOSTS File: ([2019.03.19 05:49:40 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho_64.dll (Microsoft Corporation)
O2:64bit: - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_271\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_271\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (IEToEdge BHO) - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\87.0.664.66\BHO\ie_to_edge_bho.dll (Microsoft Corporation)
O2 - BHO: (Skype for Business Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] C:\Program Files\COMODO\COMODO Internet Security\cis.exe (COMODO)
O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe File not found
O4:64bit: - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe File not found
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Windows\SysNative\SecurityHealthSystray.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Dropbox] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.)
O4 - HKCU..\Run: [CCleaner Smart Cleaning] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Software Ltd)
O4 - HKCU..\Run: [com.squirrel.Teams.Teams] C:\Users\Pavel\AppData\Local\Microsoft\Teams\Update.exe (Microsoft Corporation)
O4 - HKCU..\Run: [OneDrive] C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsHistory = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\x64\ieplugin.dll (McAfee, LLC)
O9:64bit: - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\x64\ieplugin.dll (McAfee, LLC)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\ieplugin.dll (McAfee, LLC)
O9 - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\ieplugin.dll (McAfee, LLC)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog_Before_Reset\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000014 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog_Before_Reset\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll (InterTrust Technologies Corporation, Inc.)
O1364bit: - gopher Prefix: missing



Reklama
Paull
Level 1
Level 1
Příspěvky: 75
Registrován: říjen 06
Pohlaví: Nespecifikováno

Re: log Hijack

Příspěvekod Paull » 19 pro 2020 18:46

O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7eb22d12-97e0-44b4-97ad-92edad7b2398}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vw-wi - No CLSID value found
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-minsb-roaming.16 {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf.16 {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf-roaming.16 {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\vw-wi {0F3C833F-FB28-40EA-8CB9-6A55B996C3F6} - C:\ElsaWin\bin\wiprot.dll (TODO: <Company name>)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\WINDOWS\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - C:\WINDOWS\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\SysWow64\msv1_0.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2020.12.19 18:19:22 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2020.12.19 16:39:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2020.12.18 23:52:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2020.12.18 23:52:00 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2020.12.17 21:12:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2020.12.17 21:06:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
[2020.12.17 21:05:22 | 000,220,160 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2020.12.17 21:02:17 | 000,017,576 | ---- | C] (COMODO) -- C:\WINDOWS\SysNative\drivers\cmdboot.sys
[2020.12.17 21:02:13 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2020.12.17 21:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2020.12.17 21:01:46 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\Comodo
[2020.12.17 21:01:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2020.12.16 16:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Shared Space
[2020.12.15 22:09:06 | 000,047,600 | ---- | C] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-stable.sys
[2020.12.15 22:09:06 | 000,047,600 | ---- | C] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-dev.sys
[2020.12.15 22:09:06 | 000,047,600 | ---- | C] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-canary.sys
[2020.12.15 22:09:06 | 000,044,552 | ---- | C] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\DbxSvc.exe
[2020.12.14 18:08:27 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\FRST-OlderVersion
[2020.12.14 10:36:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2020.12.14 10:36:32 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2020.12.13 17:46:36 | 000,000,000 | ---D | C] -- C:\FRST
[2020.12.13 17:44:33 | 002,286,592 | ---- | C] (Farbar) -- C:\Users\Pavel\Desktop\FRST64.exe
[2020.12.13 17:38:01 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\zoek1
[2020.12.13 14:26:53 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\ZemanaAntimalware
[2020.12.13 14:24:15 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\Zemana
[2020.12.13 14:24:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
[2020.12.13 14:24:13 | 000,232,792 | ---- | C] (Copyright 2018.) -- C:\WINDOWS\SysNative\drivers\amsdk.sys
[2020.12.13 14:24:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana
[2020.12.13 14:23:56 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\AMSDK
[2020.12.13 14:21:46 | 012,795,472 | ---- | C] (Zemana Ltd. ) -- C:\Users\Pavel\Desktop\AntiMalware_Setup.exe
[2020.12.12 23:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2020.12.12 23:14:10 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Roaming\Sun
[2020.12.12 23:13:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Oracle
[2020.12.12 23:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck
[2020.12.12 23:10:57 | 000,000,000 | ---D | C] -- C:\Program Files\UCheck
[2020.12.12 23:10:36 | 000,000,000 | ---D | C] -- C:\ProgramData\UCheck
[2020.12.12 23:09:54 | 026,045,184 | ---- | C] (Adlice Software ) -- C:\Users\Pavel\Desktop\ucheck.exe
[2020.12.12 19:19:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
[2020.12.12 19:19:22 | 000,000,000 | ---D | C] -- C:\Program Files\RogueKiller
[2020.12.12 19:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2020.12.12 19:18:36 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\Programs
[2020.12.12 19:17:15 | 040,473,968 | ---- | C] (Adlice Software ) -- C:\Users\Pavel\Desktop\setup.exe
[2020.12.12 16:23:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2020.12.12 16:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2020.12.12 16:23:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2020.12.12 16:21:27 | 181,496,840 | ---- | C] (Sophos Limited) -- C:\Users\Pavel\Desktop\Sophos Virus Removal Tool.exe
[2020.12.12 15:31:07 | 001,790,024 | ---- | C] (Malwarebytes) -- C:\Users\Pavel\Desktop\JRT.exe
[2020.12.12 13:09:55 | 000,248,968 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2020.12.12 13:09:53 | 000,019,912 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamElam.sys
[2020.12.10 20:34:53 | 000,978,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2020.12.10 20:34:53 | 000,751,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fveapi.dll
[2020.12.10 20:34:53 | 000,681,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2020.12.10 20:34:53 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Picker.dll
[2020.12.10 20:34:53 | 000,435,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2020.12.10 20:34:53 | 000,363,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fveapibase.dll
[2020.12.10 20:34:53 | 000,345,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Picker.dll
[2020.12.10 20:34:47 | 000,951,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll
[2020.12.10 20:34:46 | 003,658,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2020.12.10 20:34:46 | 002,339,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2020.12.10 20:34:46 | 002,254,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2020.12.10 20:34:46 | 001,014,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2020.12.10 20:34:46 | 000,864,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2020.12.10 20:34:46 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dlnashext.dll
[2020.12.10 20:34:45 | 005,346,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2020.12.10 20:34:45 | 003,556,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2020.12.10 20:34:45 | 001,301,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2020.12.10 20:34:45 | 001,250,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2020.12.10 20:34:45 | 001,127,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2020.12.10 20:34:45 | 000,607,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2020.12.10 20:34:45 | 000,129,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2020.12.10 20:34:44 | 004,282,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHolographicDisplay.dll
[2020.12.10 20:34:44 | 001,250,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2020.12.10 20:34:44 | 000,489,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HolographicRuntimes.dll
[2020.12.10 20:34:44 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_AnalogShell.dll
[2020.12.10 20:34:43 | 024,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2020.12.10 20:34:43 | 018,767,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll
[2020.12.10 20:34:43 | 001,792,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2020.12.10 20:34:43 | 000,644,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2020.12.10 20:34:43 | 000,574,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMRServer.dll
[2020.12.10 20:34:42 | 007,545,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2020.12.10 20:34:42 | 004,307,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2020.12.10 20:34:42 | 002,523,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2020.12.10 20:34:42 | 002,520,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2020.12.10 20:34:42 | 002,453,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2020.12.10 20:34:42 | 001,352,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2020.12.10 20:34:42 | 001,350,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2020.12.10 20:34:42 | 001,145,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2020.12.10 20:34:42 | 000,423,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll
[2020.12.10 20:34:42 | 000,341,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dlnashext.dll
[2020.12.10 20:34:42 | 000,266,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2020.12.10 20:34:41 | 004,794,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2020.12.10 20:34:41 | 001,956,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2020.12.10 20:34:41 | 001,502,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
[2020.12.10 20:34:41 | 000,860,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\assignedaccessmanagersvc.dll
[2020.12.10 20:34:41 | 000,788,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.Office2013CustomActions.dll
[2020.12.10 20:34:41 | 000,685,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2020.12.10 20:34:41 | 000,592,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AssignedAccessManager.dll
[2020.12.10 20:34:41 | 000,535,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft.Uev.Office2013CustomActions.dll
[2020.12.10 20:34:41 | 000,530,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2020.12.10 20:34:41 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CIWmi.dll
[2020.12.10 20:34:41 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CIWmi.dll
[2020.12.10 20:34:40 | 001,259,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntSubsystemController.dll
[2020.12.10 20:34:40 | 000,771,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.PrinterCustomActions.dll
[2020.12.10 20:34:39 | 000,153,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PerceptionDevice.dll
[2020.12.10 20:34:35 | 003,376,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2020.12.10 20:34:35 | 001,315,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2020.12.10 20:34:35 | 000,579,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
[2020.12.10 20:34:35 | 000,415,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcLayers.dll
[2020.12.10 20:34:35 | 000,408,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2020.12.10 20:34:35 | 000,193,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.Profile.HardwareId.dll
[2020.12.10 20:34:35 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcXtrnal.dll
[2020.12.10 20:34:34 | 001,075,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpcore.dll
[2020.12.10 20:34:34 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2020.12.10 20:34:34 | 000,121,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2020.12.10 20:34:34 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakrathunk.dll
[2020.12.10 20:34:34 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptuiwizard.dll
[2020.12.10 20:34:34 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iemigplugin.dll
[2020.12.10 20:34:34 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertPKICmdlet.dll
[2020.12.10 20:34:33 | 005,833,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2020.12.10 20:34:32 | 000,837,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2020.12.10 20:34:32 | 000,804,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2020.12.10 20:34:31 | 019,870,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2020.12.10 20:34:31 | 000,859,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\imapi2fs.dll
[2020.12.10 20:34:31 | 000,686,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2020.12.10 20:34:30 | 000,851,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe
[2020.12.10 20:34:30 | 000,831,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autofmt.exe
[2020.12.10 20:34:30 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsecedit.dll
[2020.12.10 20:34:30 | 000,289,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BioCredProv.dll
[2020.12.10 20:34:30 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wecutil.exe
[2020.12.10 20:34:30 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wecapi.dll
[2020.12.10 20:34:29 | 000,875,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Spectrum.exe
[2020.12.10 20:34:29 | 000,863,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Mirage.Internal.dll
[2020.12.10 20:34:29 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsregcmd.exe
[2020.12.10 20:34:29 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PerceptionDevice.dll
[2020.12.10 20:34:29 | 000,148,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvsocket.sys
[2020.12.10 20:34:28 | 004,363,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Mirage.dll
[2020.12.10 20:34:28 | 001,982,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2020.12.10 20:34:28 | 001,720,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2020.12.10 20:34:28 | 001,611,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2020.12.10 20:34:28 | 001,287,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcore.dll
[2020.12.10 20:34:28 | 000,994,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2020.12.10 20:34:28 | 000,534,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2020.12.10 20:34:28 | 000,520,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2020.12.10 20:34:28 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServerClient.dll
[2020.12.10 20:34:28 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsensorgroup.dll
[2020.12.10 20:34:28 | 000,326,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcLayers.dll
[2020.12.10 20:34:28 | 000,200,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdsdwmdr.dll
[2020.12.10 20:34:28 | 000,149,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Profile.HardwareId.dll
[2020.12.10 20:34:28 | 000,134,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptuiwizard.dll
[2020.12.10 20:34:28 | 000,101,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FsIso.exe
[2020.12.10 20:34:28 | 000,097,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2020.12.10 20:34:28 | 000,031,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2020.12.10 20:34:28 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcXtrnal.dll
[2020.12.10 20:34:27 | 000,785,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2020.12.10 20:34:27 | 000,540,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IESettingSync.exe
[2020.12.10 20:34:27 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2020.12.10 20:34:26 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2020.12.10 20:34:25 | 007,783,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2020.12.10 20:34:25 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakrathunk.dll
[2020.12.10 20:34:23 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2020.12.10 20:34:23 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2020.12.10 20:34:22 | 026,274,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2020.12.10 20:34:22 | 001,005,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imapi2fs.dll
[2020.12.10 20:34:22 | 000,957,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe
[2020.12.10 20:34:22 | 000,931,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autofmt.exe
[2020.12.10 20:34:22 | 000,864,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2020.12.10 20:34:22 | 000,107,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wecutil.exe
[2020.12.10 20:34:22 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wecapi.dll
[2020.12.10 20:34:22 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\defragproxy.dll
[2020.12.10 20:34:22 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\defragres.dll
[2020.12.10 20:34:21 | 000,704,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsecedit.dll
[2020.12.10 20:34:21 | 000,678,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\computecore.dll
[2020.12.10 20:34:21 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinHvEmulation.dll
[2020.12.10 20:34:20 | 001,570,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2020.12.10 20:34:20 | 001,272,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdclt.exe
[2020.12.10 20:34:20 | 001,268,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2020.12.10 20:34:20 | 001,240,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdengin2.dll
[2020.12.10 20:34:20 | 000,920,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2020.12.10 20:34:20 | 000,805,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2020.12.10 20:34:20 | 000,417,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2020.12.10 20:34:20 | 000,413,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2020.12.10 20:34:20 | 000,303,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2020.12.10 20:34:20 | 000,218,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2020.12.10 20:34:20 | 000,171,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2020.12.10 20:34:20 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdshext.dll
[2020.12.10 20:34:20 | 000,118,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2020.12.10 20:34:20 | 000,095,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2020.12.10 20:34:20 | 000,021,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll
[2020.12.10 20:34:15 | 001,831,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsservices.dll
[2020.12.10 20:34:15 | 001,436,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvbvm60.dll
[2020.12.10 20:34:15 | 001,039,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2020.12.10 20:34:15 | 001,029,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2020.12.10 20:34:15 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2020.12.10 20:34:15 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twext.dll
[2020.12.10 20:34:15 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvsetup.dll
[2020.12.10 20:34:15 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncpa.cpl
[2020.12.10 20:34:15 | 000,077,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2020.12.10 20:34:15 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MitigationConfiguration.dll
[2020.12.10 20:34:14 | 008,890,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2020.12.10 20:34:14 | 001,449,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2020.12.10 20:34:14 | 000,887,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2020.12.10 20:34:14 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netshell.dll
[2020.12.10 20:34:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDJPN.DLL
[2020.12.10 20:34:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbd106n.dll
[2020.12.10 20:34:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbd106.dll
[2020.12.10 20:34:14 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbd101.DLL
[2020.12.10 20:34:13 | 000,884,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2020.12.10 20:34:13 | 000,712,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2020.12.10 20:34:13 | 000,688,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2020.12.10 20:34:13 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2020.12.10 20:34:13 | 000,534,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2020.12.10 20:34:13 | 000,201,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2020.12.10 20:34:13 | 000,147,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmcmnutils.dll
[2020.12.10 20:34:13 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2020.12.10 20:34:13 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MuiUnattend.exe
[2020.12.10 20:34:13 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2020.12.10 20:34:13 | 000,039,936 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2020.12.10 20:34:12 | 002,634,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2020.12.10 20:34:12 | 001,494,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2020.12.10 20:34:12 | 000,907,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2020.12.10 20:34:12 | 000,710,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2020.12.10 20:34:12 | 000,297,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2020.12.10 20:34:12 | 000,274,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2020.12.10 20:34:12 | 000,225,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offlinesam.dll
[2020.12.10 20:34:12 | 000,195,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\weretw.dll
[2020.12.10 20:34:12 | 000,139,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wldp.dll
[2020.12.10 20:34:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dtdump.exe
[2020.12.10 20:34:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2020.12.10 20:34:11 | 001,653,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceFlows.DataModel.dll
[2020.12.10 20:34:11 | 001,454,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2020.12.10 20:34:11 | 000,964,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2020.12.10 20:34:11 | 000,875,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2020.12.10 20:34:11 | 000,721,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2020.12.10 20:34:11 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\btpanui.dll
[2020.12.10 20:34:11 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2020.12.10 20:34:11 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchTM.exe
[2020.12.10 20:34:10 | 002,749,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2020.12.10 20:34:10 | 000,550,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2020.12.10 20:34:10 | 000,518,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2020.12.10 20:34:10 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2020.12.10 20:34:10 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2020.12.10 20:34:10 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2020.12.10 20:34:10 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\container.dll
[2020.12.10 20:34:10 | 000,189,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ifsutil.dll
[2020.12.10 20:34:10 | 000,149,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ulib.dll
[2020.12.10 20:34:10 | 000,092,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2020.12.10 20:34:09 | 006,368,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2020.12.10 20:34:09 | 001,591,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2020.12.10 20:34:09 | 001,276,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpsharercom.dll
[2020.12.10 20:34:09 | 000,763,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2020.12.10 20:34:09 | 000,507,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ngccredprov.dll
[2020.12.10 20:34:09 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2020.12.10 20:34:08 | 002,433,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2020.12.10 20:34:08 | 000,967,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputHost.dll
[2020.12.10 20:34:08 | 000,758,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2020.12.10 20:34:08 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2020.12.10 20:34:08 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.Ngc.dll
[2020.12.10 20:34:08 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.dll
[2020.12.10 20:34:08 | 000,124,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DSCache.dll
[2020.12.10 20:34:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2020.12.10 20:34:08 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2020.12.10 20:34:08 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsregtask.dll
[2020.12.10 20:34:07 | 002,542,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2020.12.10 20:34:07 | 001,115,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2020.12.10 20:34:07 | 001,055,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2020.12.10 20:34:07 | 000,334,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadauthhelper.dll
[2020.12.10 20:34:07 | 000,293,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2020.12.10 20:34:07 | 000,061,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2020.12.10 20:34:06 | 014,758,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2020.12.10 20:34:06 | 000,543,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskschd.dll
[2020.12.10 20:34:06 | 000,430,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2020.12.10 20:34:06 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskcomp.dll
[2020.12.10 20:34:06 | 000,217,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\schtasks.exe
[2020.12.10 20:34:06 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TaskSchdPS.dll
[2020.12.10 20:34:05 | 004,125,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2020.12.10 20:34:05 | 001,373,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2020.12.10 20:34:05 | 000,385,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2020.12.10 20:34:05 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2020.12.10 20:34:04 | 000,647,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\agentactivationruntimewindows.dll
[2020.12.10 20:34:04 | 000,635,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.ConversationalAgent.dll
[2020.12.10 20:34:04 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\agentactivationruntime.dll
[2020.12.10 20:34:04 | 000,339,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AarSvc.dll
[2020.12.10 20:34:04 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngctasks.dll
[2020.12.10 20:34:04 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SpatialAudioLicenseSrv.exe
[2020.12.10 20:34:04 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MitigationConfiguration.dll
[2020.12.10 20:34:04 | 000,072,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\remoteaudioendpoint.dll
[2020.12.10 20:34:03 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twext.dll
[2020.12.10 20:33:59 | 002,844,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsservices.dll
[2020.12.10 20:33:59 | 001,660,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2020.12.10 20:33:59 | 000,858,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2020.12.10 20:33:59 | 000,622,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2020.12.10 20:33:59 | 000,309,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RASMM.dll
[2020.12.10 20:33:58 | 001,328,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2020.12.10 20:33:58 | 001,240,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_IME.dll

Paull
Level 1
Level 1
Příspěvky: 75
Registrován: říjen 06
Pohlaví: Nespecifikováno

Re: log Hijack

Příspěvekod Paull » 19 pro 2020 18:46

[2020.12.10 20:33:58 | 000,569,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netshell.dll
[2020.12.10 20:33:58 | 000,349,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2020.12.10 20:33:58 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2020.12.10 20:33:58 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppnp.dll
[2020.12.10 20:33:58 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvsetup.dll
[2020.12.10 20:33:58 | 000,104,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2020.12.10 20:33:58 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncpa.cpl
[2020.12.10 20:33:57 | 001,751,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2020.12.10 20:33:57 | 000,756,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskschd.dll
[2020.12.10 20:33:57 | 000,608,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2020.12.10 20:33:57 | 000,572,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2020.12.10 20:33:57 | 000,539,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2020.12.10 20:33:57 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DDDS.dll
[2020.12.10 20:33:57 | 000,470,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskcomp.dll
[2020.12.10 20:33:57 | 000,430,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SDDS.dll
[2020.12.10 20:33:57 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingASDS.dll
[2020.12.10 20:33:57 | 000,275,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\schtasks.exe
[2020.12.10 20:33:57 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpnServiceDS.dll
[2020.12.10 20:33:57 | 000,176,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WPTaskScheduler.dll
[2020.12.10 20:33:57 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FilterDS.dll
[2020.12.10 20:33:57 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingFilterDS.dll
[2020.12.10 20:33:57 | 000,097,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostw.exe
[2020.12.10 20:33:57 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TaskSchdPS.dll
[2020.12.10 20:33:56 | 001,875,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2020.12.10 20:33:56 | 001,711,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2020.12.10 20:33:56 | 001,125,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2020.12.10 20:33:56 | 001,068,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2020.12.10 20:33:56 | 001,015,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2020.12.10 20:33:56 | 000,878,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2020.12.10 20:33:56 | 000,671,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2020.12.10 20:33:56 | 000,648,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2020.12.10 20:33:56 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2020.12.10 20:33:56 | 000,329,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll
[2020.12.10 20:33:56 | 000,203,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcmnutils.dll
[2020.12.10 20:33:56 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profsvcext.dll
[2020.12.10 20:33:56 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2020.12.10 20:33:56 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceMetadataRetrievalClient.dll
[2020.12.10 20:33:56 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2020.12.10 20:33:56 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDJPN.DLL
[2020.12.10 20:33:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d8thk.dll
[2020.12.10 20:33:56 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kbd106n.dll
[2020.12.10 20:33:56 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kbd106.dll
[2020.12.10 20:33:56 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kbd101.dll
[2020.12.10 20:33:55 | 002,922,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2020.12.10 20:33:55 | 001,223,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2020.12.10 20:33:55 | 001,130,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2020.12.10 20:33:55 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2020.12.10 20:33:55 | 000,843,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2020.12.10 20:33:55 | 000,628,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2020.12.10 20:33:55 | 000,523,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2020.12.10 20:33:55 | 000,502,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2020.12.10 20:33:55 | 000,375,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2020.12.10 20:33:55 | 000,213,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NetAdapterCx.sys
[2020.12.10 20:33:55 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2020.12.10 20:33:55 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MuiUnattend.exe
[2020.12.10 20:33:55 | 000,048,640 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2020.12.10 20:33:55 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dciman32.dll
[2020.12.10 20:33:55 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpk.dll
[2020.12.10 20:33:54 | 010,841,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2020.12.10 20:33:54 | 000,713,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2020.12.10 20:33:54 | 000,603,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2020.12.10 20:33:54 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2020.12.10 20:33:54 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspisrv.dll
[2020.12.10 20:33:53 | 003,815,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2020.12.10 20:33:53 | 002,025,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2020.12.10 20:33:53 | 000,898,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2020.12.10 20:33:53 | 000,866,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2020.12.10 20:33:53 | 000,488,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2020.12.10 20:33:53 | 000,419,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininit.exe
[2020.12.10 20:33:53 | 000,350,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2020.12.10 20:33:53 | 000,260,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2020.12.10 20:33:53 | 000,253,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\weretw.dll
[2020.12.10 20:33:53 | 000,228,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2020.12.10 20:33:53 | 000,153,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncrypt.dll
[2020.12.10 20:33:53 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2020.12.10 20:33:53 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\utcutil.dll
[2020.12.10 20:33:53 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagnosticdataquery.dll
[2020.12.10 20:33:53 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2020.12.10 20:33:53 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmsgapi.dll
[2020.12.10 20:33:52 | 003,508,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2020.12.10 20:33:52 | 001,400,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2020.12.10 20:33:52 | 000,914,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2020.12.10 20:33:52 | 000,450,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthAgent.dll
[2020.12.10 20:33:52 | 000,436,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2020.12.10 20:33:52 | 000,173,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2020.12.10 20:33:52 | 000,146,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2020.12.10 20:33:52 | 000,098,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthHost.exe
[2020.12.10 20:33:48 | 010,338,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2020.12.10 20:33:48 | 003,586,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2020.12.10 20:33:48 | 001,984,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2020.12.10 20:33:48 | 000,988,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe
[2020.12.10 20:33:48 | 000,843,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2020.12.10 20:33:48 | 000,352,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2020.12.10 20:33:48 | 000,118,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthProxyStub.dll
[2020.12.10 20:33:48 | 000,021,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2020.12.10 20:33:47 | 001,969,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceFlows.DataModel.dll
[2020.12.10 20:33:47 | 001,822,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2020.12.10 20:33:47 | 001,555,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2020.12.10 20:33:47 | 001,393,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2020.12.10 20:33:47 | 001,212,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2020.12.10 20:33:47 | 001,198,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2020.12.10 20:33:47 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2020.12.10 20:33:47 | 000,985,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2020.12.10 20:33:47 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cldflt.sys
[2020.12.10 20:33:47 | 000,233,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wof.sys
[2020.12.10 20:33:47 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\btpanui.dll
[2020.12.10 20:33:47 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchTM.exe
[2020.12.10 20:33:45 | 003,898,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2020.12.10 20:33:45 | 002,454,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2020.12.10 20:33:45 | 001,765,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2020.12.10 20:33:45 | 001,210,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2020.12.10 20:33:45 | 000,380,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2020.12.10 20:33:45 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2020.12.10 20:33:45 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2020.12.10 20:33:44 | 006,245,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2020.12.10 20:33:44 | 002,592,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2020.12.10 20:33:44 | 001,523,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MoUsoCoreWorker.exe
[2020.12.10 20:33:44 | 001,414,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2020.12.10 20:33:44 | 000,909,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2020.12.10 20:33:44 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2020.12.10 20:33:44 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2020.12.10 20:33:44 | 000,567,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2020.12.10 20:33:44 | 000,516,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2020.12.10 20:33:44 | 000,384,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_SpeechPrivacy.dll
[2020.12.10 20:33:44 | 000,365,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioCredProv.dll
[2020.12.10 20:33:44 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2020.12.10 20:33:44 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploymentProvider.dll
[2020.12.10 20:33:44 | 000,269,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\container.dll
[2020.12.10 20:33:44 | 000,226,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ifsutil.dll
[2020.12.10 20:33:44 | 000,185,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ulib.dll
[2020.12.10 20:33:44 | 000,149,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bindflt.sys
[2020.12.10 20:33:44 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bindfltapi.dll
[2020.12.10 20:33:44 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2020.12.10 20:33:44 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2020.12.10 20:33:43 | 003,815,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2020.12.10 20:33:43 | 001,828,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2020.12.10 20:33:43 | 001,702,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2020.12.10 20:33:43 | 001,182,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Services.TargetedContent.dll
[2020.12.10 20:33:43 | 001,026,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2020.12.10 20:33:43 | 000,382,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2020.12.10 20:33:43 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2020.12.10 20:33:43 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2020.12.10 20:33:43 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerServer.dll
[2020.12.10 20:33:43 | 000,132,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2020.12.10 20:33:43 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerClient.dll
[2020.12.10 20:33:43 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CSystemEventsBrokerClient.dll
[2020.12.10 20:33:42 | 007,990,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2020.12.10 20:33:42 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2020.12.10 20:33:42 | 002,631,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2020.12.10 20:33:42 | 002,250,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2020.12.10 20:33:42 | 001,522,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpsharercom.dll
[2020.12.10 20:33:42 | 001,380,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputHost.dll
[2020.12.10 20:33:42 | 001,132,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2020.12.10 20:33:42 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2020.12.10 20:33:42 | 000,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2020.12.10 20:33:42 | 000,093,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2020.12.10 20:33:42 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicPS.dll
[2020.12.10 20:33:41 | 009,035,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2020.12.10 20:33:41 | 004,733,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2020.12.10 20:33:41 | 002,939,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2020.12.10 20:33:41 | 001,368,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsf3gip.dll
[2020.12.10 20:33:41 | 001,058,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2020.12.10 20:33:41 | 001,027,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2020.12.10 20:33:41 | 000,161,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2020.12.10 20:33:41 | 000,158,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DSCache.dll
[2020.12.10 20:33:41 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2020.12.10 20:33:41 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2020.12.10 20:33:41 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2020.12.10 20:33:40 | 003,750,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2020.12.10 20:33:40 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2020.12.10 20:33:40 | 000,924,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcsvc.dll
[2020.12.10 20:33:40 | 000,906,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2020.12.10 20:33:40 | 000,770,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnrSvc.dll
[2020.12.10 20:33:40 | 000,657,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngccredprov.dll
[2020.12.10 20:33:40 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2020.12.10 20:33:40 | 000,454,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2020.12.10 20:33:40 | 000,450,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
[2020.12.10 20:33:40 | 000,253,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcpopkeysrv.dll
[2020.12.10 20:33:36 | 001,089,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ClipSp.sys
[2020.12.10 20:33:36 | 000,377,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll
[2020.12.10 20:33:36 | 000,266,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2020.12.10 20:33:36 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mskeyprotect.dll
[2020.12.10 20:33:35 | 017,543,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2020.12.10 20:33:35 | 003,068,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2020.12.10 20:33:35 | 001,415,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2020.12.10 20:33:35 | 000,993,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2020.12.10 20:33:35 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadauthhelper.dll
[2020.12.10 20:33:35 | 000,070,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2020.12.10 20:33:35 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.Common.dll
[2020.12.10 20:33:34 | 005,785,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2020.12.10 20:33:34 | 004,710,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2020.12.10 20:33:34 | 001,289,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2020.12.10 20:33:34 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2020.12.10 20:33:34 | 000,845,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pkeyhelper.dll
[2020.12.10 20:33:34 | 000,842,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2020.12.10 20:33:34 | 000,798,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll
[2020.12.10 20:33:34 | 000,764,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2020.12.10 20:33:34 | 000,408,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmicmiplugin.dll
[2020.12.10 20:33:34 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.Ngc.dll
[2020.12.10 20:33:34 | 000,321,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2020.12.10 20:33:34 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.dll
[2020.12.10 20:33:34 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UtcDecoderHost.exe
[2020.12.10 20:33:34 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2020.12.10 20:33:34 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsregtask.dll
[2020.12.10 20:33:34 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2020.12.10 20:33:33 | 002,119,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2020.12.10 20:33:33 | 001,909,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcDesktopMonSvc.dll
[2020.12.10 20:33:33 | 001,648,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2020.12.10 20:33:33 | 001,575,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2020.12.10 20:33:33 | 001,278,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2020.12.10 20:33:33 | 001,189,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2020.12.10 20:33:33 | 001,036,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcRefreshTask.dll
[2020.12.10 20:33:33 | 000,751,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2020.12.10 20:33:33 | 000,586,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2020.12.10 20:33:33 | 000,432,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2020.12.10 20:33:33 | 000,291,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcTok.exe
[2020.12.10 20:33:33 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpatialAudioLicenseSrv.exe
[2020.12.10 20:33:33 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2020.12.10 20:33:33 | 000,090,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remoteaudioendpoint.dll
[2020.12.10 20:33:33 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audioresourceregistrar.dll
[2020.12.10 20:33:32 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2020.12.10 20:33:32 | 000,884,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\agentactivationruntimewindows.dll
[2020.12.10 20:33:32 | 000,849,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\agentactivationruntime.dll
[2020.12.10 20:33:32 | 000,809,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.ConversationalAgent.dll
[2020.12.10 20:33:32 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AarSvc.dll
[2020.12.10 20:33:32 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ManageCI.dll
[2020.12.10 20:33:32 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanprotdim.dll
[2020.12.10 20:33:32 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2020.12.10 20:33:32 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
[2020.12.10 20:33:32 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\KNetPwrDepBroker.sys
[2020.12.10 20:33:31 | 003,856,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tellib.dll
[2020.12.10 20:33:29 | 000,602,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2020.12.10 20:33:29 | 000,418,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2020.12.10 20:33:29 | 000,168,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ufxsynopsys.sys
[2020.12.10 20:33:29 | 000,155,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2020.12.10 20:33:29 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2020.12.10 20:33:29 | 000,029,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmbuspipe.dll
[2020.12.10 20:24:13 | 000,495,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2020.12.10 20:24:13 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2020.12.07 17:02:50 | 000,000,000 | ---D | C] -- C:\Users\Pavel\Desktop\Vojta
[2020.11.30 09:51:30 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\OneDrive
[2020.11.29 20:48:40 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2020.11.29 15:49:23 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\mbam
[2020.11.29 15:49:02 | 000,153,312 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2020.11.29 15:48:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2020.11.29 15:48:45 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2020.11.29 15:39:54 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2020.11.29 15:39:35 | 008,447,152 | ---- | C] (Malwarebytes) -- C:\Users\Pavel\Desktop\AdwCleaner.exe
[2020.11.29 15:26:53 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Roaming\Mozilla
[2020.11.29 15:26:49 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\Mozilla
[2020.11.29 15:26:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2020.11.29 15:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2020.11.29 14:52:50 | 000,000,000 | ---D | C] -- C:\Users\Pavel\AppData\Local\CEF
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2020.12.19 18:27:33 | 004,786,880 | ---- | M] () -- C:\WINDOWS\ZAM.krnl.trace
[2020.12.19 18:21:32 | 001,474,832 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\sfi.dat
[2020.12.19 18:19:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pavel\Desktop\OTL.exe
[2020.12.19 15:45:01 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2020.12.19 13:19:48 | 000,002,257 | ---- | M] () -- C:\Users\Public\Desktop\Microsoft Edge.lnk
[2020.12.19 13:18:29 | 3402,182,656 | -HS- | M] () -- C:\hiberfil.sys
[2020.12.18 23:52:05 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2020.12.18 12:21:30 | 000,008,396 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\fvstore.dat
[2020.12.17 21:12:25 | 001,605,602 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2020.12.17 21:12:25 | 000,682,184 | ---- | M] () -- C:\WINDOWS\SysNative\perfh005.dat
[2020.12.17 21:12:25 | 000,665,934 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2020.12.17 21:12:25 | 000,137,000 | ---- | M] () -- C:\WINDOWS\SysNative\perfc005.dat
[2020.12.17 21:12:25 | 000,125,292 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2020.12.17 21:05:22 | 000,220,160 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2020.12.17 21:05:12 | 016,777,216 | -HS- | M] () -- C:\swapfile.sys
[2020.12.17 21:02:26 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Antivirus.lnk
[2020.12.17 21:01:48 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2020.12.17 21:01:48 | 000,002,122 | ---- | M] () -- C:\Users\Public\Desktop\Virtual Comodo Dragon.lnk
[2020.12.16 17:08:18 | 000,050,785 | ---- | M] () -- C:\Users\Pavel\Desktop\hláška Comodo.PNG
[2020.12.16 16:51:15 | 000,002,479 | ---- | M] () -- C:\Users\Pavel\Desktop\Microsoft Teams.lnk
[2020.12.16 16:51:15 | 000,002,084 | ---- | M] () -- C:\Users\Pavel\Desktop\TLauncher.lnk
[2020.12.15 22:09:06 | 000,047,600 | ---- | M] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-stable.sys
[2020.12.15 22:09:06 | 000,047,600 | ---- | M] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-dev.sys
[2020.12.15 22:09:06 | 000,047,600 | ---- | M] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\drivers\dbx-canary.sys
[2020.12.15 22:09:06 | 000,044,552 | ---- | M] (Dropbox, Inc.) -- C:\WINDOWS\SysNative\DbxSvc.exe
[2020.12.14 18:19:52 | 000,852,798 | ---- | M] () -- C:\Users\Pavel\Desktop\SecurityCheck.exe
[2020.12.14 18:08:27 | 002,286,592 | ---- | M] (Farbar) -- C:\Users\Pavel\Desktop\FRST64.exe
[2020.12.14 10:36:33 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\Revo Uninstaller.lnk
[2020.12.13 15:40:44 | 000,429,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdFilter.sys
[2020.12.13 15:40:44 | 000,070,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdNisDrv.sys
[2020.12.13 15:40:44 | 000,065,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdDevFlt.sys
[2020.12.13 15:40:44 | 000,048,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wd\WdBoot.sys
[2020.12.13 14:24:14 | 000,001,333 | ---- | M] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2020.12.13 14:24:13 | 000,232,792 | ---- | M] (Copyright 2018.) -- C:\WINDOWS\SysNative\drivers\amsdk.sys
[2020.12.13 14:21:51 | 012,795,472 | ---- | M] (Zemana Ltd. ) -- C:\Users\Pavel\Desktop\AntiMalware_Setup.exe
[2020.12.12 23:13:55 | 000,192,168 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysNative\WindowsAccessBridge-64.dll
[2020.12.12 23:11:01 | 000,000,797 | ---- | M] () -- C:\Users\Public\Desktop\UCheck.lnk
[2020.12.12 23:09:57 | 026,045,184 | ---- | M] (Adlice Software ) -- C:\Users\Pavel\Desktop\ucheck.exe
[2020.12.12 19:19:26 | 000,000,859 | ---- | M] () -- C:\Users\Public\Desktop\RogueKiller.lnk
[2020.12.12 19:17:18 | 040,473,968 | ---- | M] (Adlice Software ) -- C:\Users\Pavel\Desktop\setup.exe
[2020.12.12 16:23:04 | 000,002,775 | ---- | M] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2020.12.12 16:21:33 | 181,496,840 | ---- | M] (Sophos Limited) -- C:\Users\Pavel\Desktop\Sophos Virus Removal Tool.exe
[2020.12.12 15:31:23 | 001,790,024 | ---- | M] (Malwarebytes) -- C:\Users\Pavel\Desktop\JRT.exe
[2020.12.12 13:10:08 | 000,001,981 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2020.12.12 13:09:55 | 000,248,968 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2020.12.12 13:09:17 | 000,153,312 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2020.12.12 13:09:17 | 000,019,912 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamElam.sys
[2020.12.11 23:46:45 | 000,000,938 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job
[2020.12.11 23:46:45 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job
[2020.12.10 23:04:41 | 000,437,992 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2020.12.10 20:34:53 | 000,978,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2020.12.10 20:34:53 | 000,751,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fveapi.dll
[2020.12.10 20:34:53 | 000,681,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppReadiness.dll
[2020.12.10 20:34:53 | 000,486,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Picker.dll
[2020.12.10 20:34:53 | 000,435,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2020.12.10 20:34:53 | 000,363,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fveapibase.dll
[2020.12.10 20:34:53 | 000,345,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Picker.dll
[2020.12.10 20:34:50 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\en-US\PktMon.sys.mui
[2020.12.10 20:34:47 | 000,951,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DolbyDecMFT.dll
[2020.12.10 20:34:46 | 003,658,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2020.12.10 20:34:46 | 002,339,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
[2020.12.10 20:34:46 | 002,254,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2020.12.10 20:34:46 | 001,014,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
[2020.12.10 20:34:46 | 000,864,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2020.12.10 20:34:46 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dlnashext.dll
[2020.12.10 20:34:45 | 005,346,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2020.12.10 20:34:45 | 003,556,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2020.12.10 20:34:45 | 001,301,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2020.12.10 20:34:45 | 001,250,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
[2020.12.10 20:34:45 | 001,127,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DolbyDecMFT.dll
[2020.12.10 20:34:45 | 000,607,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
[2020.12.10 20:34:45 | 000,129,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfps.dll
[2020.12.10 20:34:44 | 024,265,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Hydrogen.dll
[2020.12.10 20:34:44 | 004,282,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DHolographicDisplay.dll
[2020.12.10 20:34:44 | 001,250,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramCompositor.dll
[2020.12.10 20:34:44 | 000,489,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HolographicRuntimes.dll
[2020.12.10 20:34:44 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_AnalogShell.dll
[2020.12.10 20:34:43 | 018,767,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\HologramWorld.dll
[2020.12.10 20:34:43 | 001,792,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2020.12.10 20:34:43 | 000,644,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpdshext.dll
[2020.12.10 20:34:43 | 000,574,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DMRServer.dll
[2020.12.10 20:34:42 | 007,545,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2020.12.10 20:34:42 | 004,794,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2020.12.10 20:34:42 | 004,307,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2020.12.10 20:34:42 | 002,523,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2020.12.10 20:34:42 | 002,520,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msmpeg2vdec.dll
[2020.12.10 20:34:42 | 002,453,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVCORE.DLL
[2020.12.10 20:34:42 | 001,352,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmpeg2srcsnk.dll
[2020.12.10 20:34:42 | 001,350,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Audio.dll
[2020.12.10 20:34:42 | 001,145,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2020.12.10 20:34:42 | 000,423,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll
[2020.12.10 20:34:42 | 000,341,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dlnashext.dll
[2020.12.10 20:34:42 | 000,266,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2020.12.10 20:34:41 | 001,956,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2020.12.10 20:34:41 | 001,502,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
[2020.12.10 20:34:41 | 000,860,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\assignedaccessmanagersvc.dll
[2020.12.10 20:34:41 | 000,788,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.Office2013CustomActions.dll
[2020.12.10 20:34:41 | 000,685,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFCaptureEngine.dll
[2020.12.10 20:34:41 | 000,592,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AssignedAccessManager.dll
[2020.12.10 20:34:41 | 000,535,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Microsoft.Uev.Office2013CustomActions.dll
[2020.12.10 20:34:41 | 000,530,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mf.dll
[2020.12.10 20:34:41 | 000,041,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CIWmi.dll
[2020.12.10 20:34:41 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CIWmi.dll
[2020.12.10 20:34:40 | 001,259,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppVEntSubsystemController.dll
[2020.12.10 20:34:40 | 000,771,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Microsoft.Uev.PrinterCustomActions.dll
[2020.12.10 20:34:39 | 000,153,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PerceptionDevice.dll
[2020.12.10 20:34:35 | 003,376,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2020.12.10 20:34:35 | 001,315,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsp_health.dll
[2020.12.10 20:34:35 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
[2020.12.10 20:34:35 | 000,415,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcLayers.dll
[2020.12.10 20:34:35 | 000,408,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CPFilters.dll
[2020.12.10 20:34:35 | 000,193,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.System.Profile.HardwareId.dll

Paull
Level 1
Level 1
Příspěvky: 75
Registrován: říjen 06
Pohlaví: Nespecifikováno

Re: log Hijack

Příspěvekod Paull » 19 pro 2020 18:47

[2020.12.10 20:34:35 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AcXtrnal.dll
[2020.12.10 20:34:34 | 005,833,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakra.dll
[2020.12.10 20:34:34 | 001,075,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpcore.dll
[2020.12.10 20:34:34 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2020.12.10 20:34:34 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakradiag.dll
[2020.12.10 20:34:34 | 000,105,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Chakrathunk.dll
[2020.12.10 20:34:34 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptuiwizard.dll
[2020.12.10 20:34:34 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iemigplugin.dll
[2020.12.10 20:34:34 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\CertPKICmdlet.dll
[2020.12.10 20:34:32 | 019,870,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\edgehtml.dll
[2020.12.10 20:34:32 | 000,837,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webplatstorageserver.dll
[2020.12.10 20:34:32 | 000,804,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EdgeManager.dll
[2020.12.10 20:34:31 | 000,859,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\imapi2fs.dll
[2020.12.10 20:34:31 | 000,686,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2020.12.10 20:34:30 | 000,851,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autoconv.exe
[2020.12.10 20:34:30 | 000,831,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autofmt.exe
[2020.12.10 20:34:30 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsecedit.dll
[2020.12.10 20:34:30 | 000,289,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BioCredProv.dll
[2020.12.10 20:34:30 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wecutil.exe
[2020.12.10 20:34:30 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wecapi.dll
[2020.12.10 20:34:29 | 004,363,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Mirage.dll
[2020.12.10 20:34:29 | 000,875,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Spectrum.exe
[2020.12.10 20:34:29 | 000,863,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Mirage.Internal.dll
[2020.12.10 20:34:29 | 000,468,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsregcmd.exe
[2020.12.10 20:34:29 | 000,200,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PerceptionDevice.dll
[2020.12.10 20:34:29 | 000,148,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvsocket.sys
[2020.12.10 20:34:28 | 001,982,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_fs.dll
[2020.12.10 20:34:28 | 001,720,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsp_health.dll
[2020.12.10 20:34:28 | 001,611,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2020.12.10 20:34:28 | 001,287,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcore.dll
[2020.12.10 20:34:28 | 000,994,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServer.dll
[2020.12.10 20:34:28 | 000,534,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nltest.exe
[2020.12.10 20:34:28 | 000,520,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CPFilters.dll
[2020.12.10 20:34:28 | 000,422,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FrameServerClient.dll
[2020.12.10 20:34:28 | 000,414,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsensorgroup.dll
[2020.12.10 20:34:28 | 000,326,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcLayers.dll
[2020.12.10 20:34:28 | 000,200,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdsdwmdr.dll
[2020.12.10 20:34:28 | 000,149,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.System.Profile.HardwareId.dll
[2020.12.10 20:34:28 | 000,134,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptuiwizard.dll
[2020.12.10 20:34:28 | 000,101,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FsIso.exe
[2020.12.10 20:34:28 | 000,097,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2020.12.10 20:34:28 | 000,031,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2020.12.10 20:34:28 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AcXtrnal.dll
[2020.12.10 20:34:27 | 000,785,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2020.12.10 20:34:27 | 000,540,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IESettingSync.exe
[2020.12.10 20:34:27 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iemigplugin.dll
[2020.12.10 20:34:26 | 000,158,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakradiag.dll
[2020.12.10 20:34:25 | 007,783,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakra.dll
[2020.12.10 20:34:25 | 000,140,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Chakrathunk.dll
[2020.12.10 20:34:23 | 026,274,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\edgehtml.dll
[2020.12.10 20:34:23 | 001,233,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webplatstorageserver.dll
[2020.12.10 20:34:23 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeManager.dll
[2020.12.10 20:34:22 | 001,005,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imapi2fs.dll
[2020.12.10 20:34:22 | 000,957,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autoconv.exe
[2020.12.10 20:34:22 | 000,931,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autofmt.exe
[2020.12.10 20:34:22 | 000,864,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2020.12.10 20:34:22 | 000,704,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsecedit.dll
[2020.12.10 20:34:22 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wecutil.exe
[2020.12.10 20:34:22 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wecapi.dll
[2020.12.10 20:34:22 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\defragproxy.dll
[2020.12.10 20:34:22 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\defragres.dll
[2020.12.10 20:34:21 | 000,678,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\computecore.dll
[2020.12.10 20:34:21 | 000,129,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinHvEmulation.dll
[2020.12.10 20:34:20 | 001,570,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvix64.exe
[2020.12.10 20:34:20 | 001,272,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdclt.exe
[2020.12.10 20:34:20 | 001,268,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvax64.exe
[2020.12.10 20:34:20 | 001,240,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdengin2.dll
[2020.12.10 20:34:20 | 000,920,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\securekernel.exe
[2020.12.10 20:34:20 | 000,805,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcblaunch.exe
[2020.12.10 20:34:20 | 000,417,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave.dll
[2020.12.10 20:34:20 | 000,413,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SgrmEnclave_secure.dll
[2020.12.10 20:34:20 | 000,303,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\skci.dll
[2020.12.10 20:34:20 | 000,218,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tcbloader.dll
[2020.12.10 20:34:20 | 000,171,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vertdll.dll
[2020.12.10 20:34:20 | 000,128,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdshext.dll
[2020.12.10 20:34:20 | 000,118,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hvloader.dll
[2020.12.10 20:34:20 | 000,095,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hvservice.sys
[2020.12.10 20:34:20 | 000,021,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdhvcom.dll
[2020.12.10 20:34:20 | 000,010,912 | ---- | M] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2020.12.10 20:34:15 | 001,831,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\xpsservices.dll
[2020.12.10 20:34:15 | 001,436,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvbvm60.dll
[2020.12.10 20:34:15 | 001,039,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2020.12.10 20:34:15 | 001,029,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2020.12.10 20:34:15 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\newdev.dll
[2020.12.10 20:34:15 | 000,157,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twext.dll
[2020.12.10 20:34:15 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvsetup.dll
[2020.12.10 20:34:15 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncpa.cpl
[2020.12.10 20:34:15 | 000,077,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2020.12.10 20:34:15 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MitigationConfiguration.dll
[2020.12.10 20:34:14 | 008,890,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
[2020.12.10 20:34:14 | 001,449,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2020.12.10 20:34:14 | 000,887,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gdi32full.dll
[2020.12.10 20:34:14 | 000,400,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netshell.dll
[2020.12.10 20:34:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDJPN.DLL
[2020.12.10 20:34:14 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbd106n.dll
[2020.12.10 20:34:14 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbd106.dll
[2020.12.10 20:34:14 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kbd101.DLL
[2020.12.10 20:34:13 | 000,884,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdh.dll
[2020.12.10 20:34:13 | 000,712,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
[2020.12.10 20:34:13 | 000,688,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontdrvhost.exe
[2020.12.10 20:34:13 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmenrollengine.dll
[2020.12.10 20:34:13 | 000,534,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\policymanager.dll
[2020.12.10 20:34:13 | 000,201,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wermgr.exe
[2020.12.10 20:34:13 | 000,147,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmcmnutils.dll
[2020.12.10 20:34:13 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fontsub.dll
[2020.12.10 20:34:13 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MuiUnattend.exe
[2020.12.10 20:34:13 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\enrollmentapi.dll
[2020.12.10 20:34:13 | 000,039,936 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2020.12.10 20:34:12 | 002,634,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2020.12.10 20:34:12 | 001,494,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dbghelp.dll
[2020.12.10 20:34:12 | 000,907,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2020.12.10 20:34:12 | 000,710,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wer.dll
[2020.12.10 20:34:12 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wincorlib.dll
[2020.12.10 20:34:12 | 000,274,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptprov.dll
[2020.12.10 20:34:12 | 000,225,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\offlinesam.dll
[2020.12.10 20:34:12 | 000,195,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\weretw.dll
[2020.12.10 20:34:12 | 000,139,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wldp.dll
[2020.12.10 20:34:12 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dtdump.exe
[2020.12.10 20:34:12 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\werdiagcontroller.dll
[2020.12.10 20:34:11 | 001,653,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DeviceFlows.DataModel.dll
[2020.12.10 20:34:11 | 001,454,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dcomp.dll
[2020.12.10 20:34:11 | 000,964,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Taskmgr.exe
[2020.12.10 20:34:11 | 000,875,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2020.12.10 20:34:11 | 000,721,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2020.12.10 20:34:11 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\btpanui.dll
[2020.12.10 20:34:11 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2020.12.10 20:34:11 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LaunchTM.exe
[2020.12.10 20:34:10 | 002,749,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32kfull.sys
[2020.12.10 20:34:10 | 000,550,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2020.12.10 20:34:10 | 000,518,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2020.12.10 20:34:10 | 000,509,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\daxexec.dll
[2020.12.10 20:34:10 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32k.sys
[2020.12.10 20:34:10 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mdmregistration.dll
[2020.12.10 20:34:10 | 000,192,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\container.dll
[2020.12.10 20:34:10 | 000,189,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ifsutil.dll
[2020.12.10 20:34:10 | 000,149,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ulib.dll
[2020.12.10 20:34:10 | 000,092,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\win32u.dll
[2020.12.10 20:34:09 | 006,368,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\windows.storage.dll
[2020.12.10 20:34:09 | 001,591,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpserverbase.dll
[2020.12.10 20:34:09 | 001,276,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdpsharercom.dll
[2020.12.10 20:34:09 | 000,763,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
[2020.12.10 20:34:09 | 000,507,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ngccredprov.dll
[2020.12.10 20:34:09 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptngc.dll
[2020.12.10 20:34:08 | 002,433,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MapRouter.dll
[2020.12.10 20:34:08 | 001,333,248 | ---- | M] () -- C:\WINDOWS\SysWow64\TextInputMethodFormatter.dll
[2020.12.10 20:34:08 | 001,055,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsreg.dll
[2020.12.10 20:34:08 | 000,967,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputHost.dll
[2020.12.10 20:34:08 | 000,758,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TextInputFramework.dll
[2020.12.10 20:34:08 | 000,702,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
[2020.12.10 20:34:08 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.Ngc.dll
[2020.12.10 20:34:08 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UserDeviceRegistration.dll
[2020.12.10 20:34:08 | 000,124,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\D3DSCache.dll
[2020.12.10 20:34:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\EditBufferTestHook.dll
[2020.12.10 20:34:08 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WordBreakers.dll
[2020.12.10 20:34:08 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dsregtask.dll
[2020.12.10 20:34:07 | 014,758,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2020.12.10 20:34:07 | 002,542,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2020.12.10 20:34:07 | 001,115,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadtb.dll
[2020.12.10 20:34:07 | 000,334,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aadauthhelper.dll
[2020.12.10 20:34:07 | 000,293,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
[2020.12.10 20:34:07 | 000,061,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GameInput.dll
[2020.12.10 20:34:06 | 000,543,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskschd.dll
[2020.12.10 20:34:06 | 000,430,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\InputSwitch.dll
[2020.12.10 20:34:06 | 000,400,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskcomp.dll
[2020.12.10 20:34:06 | 000,266,240 | ---- | M] () -- C:\WINDOWS\SysWow64\Windows.Internal.UI.Shell.WindowTabManager.dll
[2020.12.10 20:34:06 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\schtasks.exe
[2020.12.10 20:34:06 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\TaskSchdPS.dll
[2020.12.10 20:34:05 | 004,125,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2020.12.10 20:34:05 | 001,373,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Wpc.dll
[2020.12.10 20:34:05 | 000,385,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2020.12.10 20:34:05 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2020.12.10 20:34:04 | 000,647,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\agentactivationruntimewindows.dll
[2020.12.10 20:34:04 | 000,635,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.ConversationalAgent.dll
[2020.12.10 20:34:04 | 000,628,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\agentactivationruntime.dll
[2020.12.10 20:34:04 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AarSvc.dll
[2020.12.10 20:34:04 | 000,257,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngctasks.dll
[2020.12.10 20:34:04 | 000,240,640 | ---- | M] () -- C:\WINDOWS\SysWow64\CoreMas.dll
[2020.12.10 20:34:04 | 000,131,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SpatialAudioLicenseSrv.exe
[2020.12.10 20:34:04 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MitigationConfiguration.dll
[2020.12.10 20:34:04 | 000,072,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\remoteaudioendpoint.dll
[2020.12.10 20:34:04 | 000,010,752 | ---- | M] () -- C:\WINDOWS\SysWow64\agentactivationruntimestarter.exe
[2020.12.10 20:34:03 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twext.dll
[2020.12.10 20:33:59 | 002,844,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\xpsservices.dll
[2020.12.10 20:33:59 | 001,660,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2020.12.10 20:33:59 | 000,858,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2020.12.10 20:33:59 | 000,622,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2020.12.10 20:33:59 | 000,309,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RASMM.dll
[2020.12.10 20:33:58 | 001,328,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2020.12.10 20:33:58 | 001,240,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_IME.dll
[2020.12.10 20:33:58 | 000,569,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netshell.dll
[2020.12.10 20:33:58 | 000,349,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2020.12.10 20:33:58 | 000,325,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\newdev.dll
[2020.12.10 20:33:58 | 000,316,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppnp.dll
[2020.12.10 20:33:58 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvsetup.dll
[2020.12.10 20:33:58 | 000,104,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2020.12.10 20:33:58 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncpa.cpl
[2020.12.10 20:33:57 | 001,751,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2020.12.10 20:33:57 | 000,756,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskschd.dll
[2020.12.10 20:33:57 | 000,608,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppcext.dll
[2020.12.10 20:33:57 | 000,572,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SppExtComObj.Exe
[2020.12.10 20:33:57 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputSwitch.dll
[2020.12.10 20:33:57 | 000,501,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DDDS.dll
[2020.12.10 20:33:57 | 000,470,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskcomp.dll
[2020.12.10 20:33:57 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SDDS.dll
[2020.12.10 20:33:57 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingASDS.dll
[2020.12.10 20:33:57 | 000,275,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\schtasks.exe
[2020.12.10 20:33:57 | 000,245,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JpnServiceDS.dll
[2020.12.10 20:33:57 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WPTaskScheduler.dll
[2020.12.10 20:33:57 | 000,169,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FilterDS.dll
[2020.12.10 20:33:57 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingFilterDS.dll
[2020.12.10 20:33:57 | 000,097,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostw.exe
[2020.12.10 20:33:57 | 000,059,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TaskSchdPS.dll
[2020.12.10 20:33:56 | 001,875,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d9.dll
[2020.12.10 20:33:56 | 001,711,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2020.12.10 20:33:56 | 001,125,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdh.dll
[2020.12.10 20:33:56 | 001,068,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32full.dll
[2020.12.10 20:33:56 | 001,015,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Internal.Management.dll
[2020.12.10 20:33:56 | 000,878,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LogonController.dll
[2020.12.10 20:33:56 | 000,671,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenrollengine.dll
[2020.12.10 20:33:56 | 000,648,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\policymanager.dll
[2020.12.10 20:33:56 | 000,459,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceEnroller.exe
[2020.12.10 20:33:56 | 000,329,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmenterprisediagnostics.dll
[2020.12.10 20:33:56 | 000,203,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmcmnutils.dll
[2020.12.10 20:33:56 | 000,155,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\profsvcext.dll
[2020.12.10 20:33:56 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmmigrator.dll
[2020.12.10 20:33:56 | 000,148,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceMetadataRetrievalClient.dll
[2020.12.10 20:33:56 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\enrollmentapi.dll
[2020.12.10 20:33:56 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDJPN.DLL
[2020.12.10 20:33:56 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d8thk.dll
[2020.12.10 20:33:56 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kbd106n.dll
[2020.12.10 20:33:56 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kbd106.dll
[2020.12.10 20:33:56 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kbd101.dll
[2020.12.10 20:33:55 | 002,922,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2020.12.10 20:33:55 | 001,223,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2020.12.10 20:33:55 | 001,130,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2020.12.10 20:33:55 | 000,907,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2020.12.10 20:33:55 | 000,843,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontdrvhost.exe
[2020.12.10 20:33:55 | 000,628,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sechost.dll
[2020.12.10 20:33:55 | 000,523,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2020.12.10 20:33:55 | 000,502,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2020.12.10 20:33:55 | 000,375,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2020.12.10 20:33:55 | 000,213,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NetAdapterCx.sys
[2020.12.10 20:33:55 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fontsub.dll
[2020.12.10 20:33:55 | 000,120,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MuiUnattend.exe
[2020.12.10 20:33:55 | 000,048,640 | ---- | M] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2020.12.10 20:33:55 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dciman32.dll
[2020.12.10 20:33:55 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpk.dll
[2020.12.10 20:33:54 | 010,841,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2020.12.10 20:33:54 | 000,713,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2020.12.10 20:33:54 | 000,603,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2020.12.10 20:33:54 | 000,230,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2020.12.10 20:33:54 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspisrv.dll
[2020.12.10 20:33:53 | 003,815,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagtrack.dll
[2020.12.10 20:33:53 | 002,025,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2020.12.10 20:33:53 | 000,898,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wer.dll
[2020.12.10 20:33:53 | 000,866,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2020.12.10 20:33:53 | 000,488,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-system-events.dll
[2020.12.10 20:33:53 | 000,419,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wininit.exe
[2020.12.10 20:33:53 | 000,350,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptprov.dll
[2020.12.10 20:33:53 | 000,260,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\offlinesam.dll
[2020.12.10 20:33:53 | 000,253,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\weretw.dll
[2020.12.10 20:33:53 | 000,228,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wermgr.exe
[2020.12.10 20:33:53 | 000,153,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncrypt.dll
[2020.12.10 20:33:53 | 000,132,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2020.12.10 20:33:53 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\utcutil.dll
[2020.12.10 20:33:53 | 000,060,928 | ---- | M] () -- C:\WINDOWS\SysNative\runexehelper.exe
[2020.12.10 20:33:53 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\diagnosticdataquery.dll
[2020.12.10 20:33:53 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\werdiagcontroller.dll
[2020.12.10 20:33:53 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmsgapi.dll
[2020.12.10 20:33:52 | 003,508,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2020.12.10 20:33:52 | 001,400,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2020.12.10 20:33:52 | 000,914,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2020.12.10 20:33:52 | 000,450,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthAgent.dll
[2020.12.10 20:33:52 | 000,436,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wincorlib.dll
[2020.12.10 20:33:52 | 000,173,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wldp.dll
[2020.12.10 20:33:52 | 000,146,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcrypt.dll
[2020.12.10 20:33:52 | 000,098,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthHost.exe
[2020.12.10 20:33:48 | 010,338,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Protection.PlayReady.dll
[2020.12.10 20:33:48 | 003,586,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2020.12.10 20:33:48 | 001,984,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dcomp.dll
[2020.12.10 20:33:48 | 001,011,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2020.12.10 20:33:48 | 000,988,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthService.exe
[2020.12.10 20:33:48 | 000,843,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2020.12.10 20:33:48 | 000,352,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64.dll
[2020.12.10 20:33:48 | 000,118,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SecurityHealthProxyStub.dll
[2020.12.10 20:33:48 | 000,021,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wow64cpu.dll
[2020.12.10 20:33:47 | 001,969,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceFlows.DataModel.dll
[2020.12.10 20:33:47 | 001,822,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2020.12.10 20:33:47 | 001,555,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2020.12.10 20:33:47 | 001,393,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2020.12.10 20:33:47 | 001,212,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Taskmgr.exe
[2020.12.10 20:33:47 | 001,198,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2020.12.10 20:33:47 | 000,985,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2020.12.10 20:33:47 | 000,491,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\cldflt.sys
[2020.12.10 20:33:47 | 000,233,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wof.sys
[2020.12.10 20:33:47 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\btpanui.dll
[2020.12.10 20:33:47 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LaunchTM.exe
[2020.12.10 20:33:45 | 006,245,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.pcshell.dll
[2020.12.10 20:33:45 | 003,898,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2020.12.10 20:33:45 | 002,454,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.onecore.dll
[2020.12.10 20:33:45 | 001,765,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.desktop.dll
[2020.12.10 20:33:45 | 001,210,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ApplyTrustOffline.exe
[2020.12.10 20:33:45 | 000,380,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxAllUserStore.dll
[2020.12.10 20:33:45 | 000,210,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXApplicabilityBlob.dll
[2020.12.10 20:33:45 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CustomInstallExec.exe
[2020.12.10 20:33:44 | 002,592,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateAgent.dll
[2020.12.10 20:33:44 | 001,523,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MoUsoCoreWorker.exe
[2020.12.10 20:33:44 | 001,414,656 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usocoreworker.exe
[2020.12.10 20:33:44 | 000,909,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2020.12.10 20:33:44 | 000,708,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2020.12.10 20:33:44 | 000,600,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2020.12.10 20:33:44 | 000,567,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usosvc.dll
[2020.12.10 20:33:44 | 000,516,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsEnvironment.Desktop.dll
[2020.12.10 20:33:44 | 000,384,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_SpeechPrivacy.dll
[2020.12.10 20:33:44 | 000,365,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BioCredProv.dll
[2020.12.10 20:33:44 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mdmregistration.dll
[2020.12.10 20:33:44 | 000,324,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UpdateDeploymentProvider.dll
[2020.12.10 20:33:44 | 000,269,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\container.dll
[2020.12.10 20:33:44 | 000,226,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ifsutil.dll
[2020.12.10 20:33:44 | 000,185,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ulib.dll
[2020.12.10 20:33:44 | 000,149,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\bindflt.sys
[2020.12.10 20:33:44 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bindfltapi.dll
[2020.12.10 20:33:44 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UsoClient.exe
[2020.12.10 20:33:44 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2020.12.10 20:33:43 | 007,990,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\windows.storage.dll
[2020.12.10 20:33:43 | 003,815,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kfull.sys
[2020.12.10 20:33:43 | 001,828,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpserverbase.dll
[2020.12.10 20:33:43 | 001,702,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2020.12.10 20:33:43 | 001,182,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Services.TargetedContent.dll
[2020.12.10 20:33:43 | 001,026,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentClient.dll
[2020.12.10 20:33:43 | 000,382,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2020.12.10 20:33:43 | 000,251,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2020.12.10 20:33:43 | 000,247,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2020.12.10 20:33:43 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerServer.dll
[2020.12.10 20:33:43 | 000,132,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32u.dll
[2020.12.10 20:33:43 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerClient.dll
[2020.12.10 20:33:43 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CSystemEventsBrokerClient.dll
[2020.12.10 20:33:42 | 003,181,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapRouter.dll
[2020.12.10 20:33:42 | 002,631,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapGeocoder.dll
[2020.12.10 20:33:42 | 002,250,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ISM.dll
[2020.12.10 20:33:42 | 001,522,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpsharercom.dll
[2020.12.10 20:33:42 | 001,380,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputHost.dll
[2020.12.10 20:33:42 | 001,132,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MapsStore.dll
[2020.12.10 20:33:42 | 000,407,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicSvc.dll
[2020.12.10 20:33:42 | 000,292,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicCapsule.dll
[2020.12.10 20:33:42 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicAgent.exe
[2020.12.10 20:33:42 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WaaSMedicPS.dll
[2020.12.10 20:33:41 | 009,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BingMaps.dll
[2020.12.10 20:33:41 | 004,733,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputService.dll
[2020.12.10 20:33:41 | 002,939,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32kbase.sys
[2020.12.10 20:33:41 | 002,260,480 | ---- | M] () -- C:\WINDOWS\SysNative\TextInputMethodFormatter.dll
[2020.12.10 20:33:41 | 001,368,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tsf3gip.dll
[2020.12.10 20:33:41 | 001,058,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Core.TextInput.dll
[2020.12.10 20:33:41 | 001,027,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TextInputFramework.dll
[2020.12.10 20:33:41 | 000,161,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2020.12.10 20:33:41 | 000,158,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\D3DSCache.dll
[2020.12.10 20:33:41 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InputLocaleManager.dll
[2020.12.10 20:33:41 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EditBufferTestHook.dll
[2020.12.10 20:33:41 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WordBreakers.dll
[2020.12.10 20:33:40 | 003,750,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EdgeContent.dll
[2020.12.10 20:33:40 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dosvc.dll
[2020.12.10 20:33:40 | 000,924,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcsvc.dll
[2020.12.10 20:33:40 | 000,906,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms2.sys
[2020.12.10 20:33:40 | 000,770,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NgcCtnrSvc.dll
[2020.12.10 20:33:40 | 000,657,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngccredprov.dll
[2020.12.10 20:33:40 | 000,490,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\domgmt.dll
[2020.12.10 20:33:40 | 000,454,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dxgmms1.sys
[2020.12.10 20:33:40 | 000,450,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptngc.dll
[2020.12.10 20:33:40 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ngcpopkeysrv.dll
[2020.12.10 20:33:36 | 003,068,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2020.12.10 20:33:36 | 001,089,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ClipSp.sys
[2020.12.10 20:33:36 | 000,377,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\CryptoWinRT.dll
[2020.12.10 20:33:36 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cdd.dll
[2020.12.10 20:33:36 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mskeyprotect.dll
[2020.12.10 20:33:35 | 017,543,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2020.12.10 20:33:35 | 001,415,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadtb.dll
[2020.12.10 20:33:35 | 000,993,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadcloudap.dll
[2020.12.10 20:33:35 | 000,764,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2020.12.10 20:33:35 | 000,459,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aadauthhelper.dll
[2020.12.10 20:33:35 | 000,070,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GameInput.dll
[2020.12.10 20:33:35 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.Resources.Common.dll
[2020.12.10 20:33:34 | 005,785,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\StartTileData.dll
[2020.12.10 20:33:34 | 004,710,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2020.12.10 20:33:34 | 001,289,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsreg.dll
[2020.12.10 20:33:34 | 001,278,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2020.12.10 20:33:34 | 000,951,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdiWiFi.sys
[2020.12.10 20:33:34 | 000,845,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pkeyhelper.dll
[2020.12.10 20:33:34 | 000,842,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2020.12.10 20:33:34 | 000,798,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers_StorageSense.dll
[2020.12.10 20:33:34 | 000,408,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmicmiplugin.dll
[2020.12.10 20:33:34 | 000,363,520 | ---- | M] () -- C:\WINDOWS\SysNative\Windows.Internal.UI.Shell.WindowTabManager.dll
[2020.12.10 20:33:34 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.Ngc.dll
[2020.12.10 20:33:34 | 000,321,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsbas.dll
[2020.12.10 20:33:34 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UserDeviceRegistration.dll
[2020.12.10 20:33:34 | 000,165,376 | ---- | M] () -- C:\WINDOWS\SysNative\DataStoreCacheDumpTool.exe
[2020.12.10 20:33:34 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UtcDecoderHost.exe
[2020.12.10 20:33:34 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FaxPrinterInstaller.dll
[2020.12.10 20:33:34 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dsregtask.dll
[2020.12.10 20:33:34 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2020.12.10 20:33:33 | 002,119,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2020.12.10 20:33:33 | 001,909,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcDesktopMonSvc.dll
[2020.12.10 20:33:33 | 001,648,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wpc.dll
[2020.12.10 20:33:33 | 001,575,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2020.12.10 20:33:33 | 001,189,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2020.12.10 20:33:33 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcRefreshTask.dll
[2020.12.10 20:33:33 | 000,751,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2020.12.10 20:33:33 | 000,586,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2020.12.10 20:33:33 | 000,432,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2020.12.10 20:33:33 | 000,291,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcTok.exe
[2020.12.10 20:33:33 | 000,287,232 | ---- | M] () -- C:\WINDOWS\SysNative\CoreMas.dll
[2020.12.10 20:33:33 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SpatialAudioLicenseSrv.exe
[2020.12.10 20:33:33 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\splwow64.exe
[2020.12.10 20:33:33 | 000,090,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\remoteaudioendpoint.dll
[2020.12.10 20:33:33 | 000,089,088 | ---- | M] () -- C:\WINDOWS\SysNative\windows.applicationmodel.conversationalagent.proxystub.dll
[2020.12.10 20:33:33 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audioresourceregistrar.dll
[2020.12.10 20:33:32 | 000,941,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.Service.dll
[2020.12.10 20:33:32 | 000,884,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\agentactivationruntimewindows.dll
[2020.12.10 20:33:32 | 000,849,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\agentactivationruntime.dll
[2020.12.10 20:33:32 | 000,809,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.ConversationalAgent.dll
[2020.12.10 20:33:32 | 000,443,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AarSvc.dll
[2020.12.10 20:33:32 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ManageCI.dll
[2020.12.10 20:33:32 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanprotdim.dll
[2020.12.10 20:33:32 | 000,088,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autopilot.dll
[2020.12.10 20:33:32 | 000,073,216 | ---- | M] () -- C:\WINDOWS\SysNative\windows.applicationmodel.conversationalagent.internal.proxystub.dll
[2020.12.10 20:33:32 | 000,071,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
[2020.12.10 20:33:32 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\KNetPwrDepBroker.sys
[2020.12.10 20:33:32 | 000,013,312 | ---- | M] () -- C:\WINDOWS\SysNative\agentactivationruntimestarter.exe
[2020.12.10 20:33:31 | 003,856,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tellib.dll
[2020.12.10 20:33:29 | 000,602,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2020.12.10 20:33:29 | 000,418,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\intelpep.sys
[2020.12.10 20:33:29 | 000,224,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\RdpIdd.dll
[2020.12.10 20:33:29 | 000,168,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\ufxsynopsys.sys
[2020.12.10 20:33:29 | 000,155,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\stornvme.sys
[2020.12.10 20:33:29 | 000,137,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UMDF\UsbXhciCompanion.dll
[2020.12.10 20:33:29 | 000,045,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthMini.SYS
[2020.12.10 20:33:29 | 000,029,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vmbuspipe.dll
[2020.12.08 10:07:00 | 000,932,181 | ---- | M] () -- C:\Users\Pavel\Desktop\Digitální přihřívač s climatronic.pdf
[2020.12.03 16:55:19 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2020.12.01 21:15:03 | 000,002,438 | ---- | M] () -- C:\Users\Pavel\Desktop\Petra - Chrome.lnk
[2020.12.01 20:06:07 | 000,002,394 | ---- | M] () -- C:\Users\Pavel\Desktop\Pavel - Chrome.lnk
[2020.11.29 15:39:41 | 008,447,152 | ---- | M] (Malwarebytes) -- C:\Users\Pavel\Desktop\AdwCleaner.exe
[2020.11.29 15:26:49 | 000,000,895 | ---- | M] () -- C:\Users\Public\Desktop\Firefox.lnk
[2020.11.24 23:22:14 | 000,191,489 | ---- | M] () -- C:\Users\Pavel\Desktop\Informace o správci příloh v systému Microsoft Windows.pdf
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2020.12.19 17:48:44 | 000,932,181 | ---- | C] () -- C:\Users\Pavel\Desktop\Digitální přihřívač s climatronic.pdf
[2020.12.18 23:52:05 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2020.12.17 21:02:26 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Antivirus.lnk
[2020.12.17 21:01:48 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2020.12.17 21:01:48 | 000,002,122 | ---- | C] () -- C:\Users\Public\Desktop\Virtual Comodo Dragon.lnk
[2020.12.16 18:14:48 | 000,008,396 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\fvstore.dat
[2020.12.16 17:08:18 | 000,050,785 | ---- | C] () -- C:\Users\Pavel\Desktop\hláška Comodo.PNG
[2020.12.16 17:00:27 | 001,474,832 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\sfi.dat
[2020.12.14 18:19:46 | 000,852,798 | ---- | C] () -- C:\Users\Pavel\Desktop\SecurityCheck.exe
[2020.12.14 10:36:33 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\Revo Uninstaller.lnk
[2020.12.13 14:24:18 | 004,785,660 | ---- | C] () -- C:\WINDOWS\ZAM.krnl.trace
[2020.12.13 14:24:14 | 000,001,333 | ---- | C] () -- C:\Users\Public\Desktop\Zemana AntiMalware.lnk
[2020.12.12 23:11:01 | 000,000,797 | ---- | C] () -- C:\Users\Public\Desktop\UCheck.lnk
[2020.12.12 19:19:26 | 000,000,859 | ---- | C] () -- C:\Users\Public\Desktop\RogueKiller.lnk
[2020.12.12 16:23:04 | 000,002,775 | ---- | C] () -- C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
[2020.12.10 20:34:20 | 000,010,912 | ---- | C] () -- C:\WINDOWS\SysNative\DrtmAuthTxt.wim
[2020.12.10 20:34:08 | 001,333,248 | ---- | C] () -- C:\WINDOWS\SysWow64\TextInputMethodFormatter.dll
[2020.12.10 20:34:06 | 000,266,240 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Internal.UI.Shell.WindowTabManager.dll
[2020.12.10 20:34:04 | 000,240,640 | ---- | C] () -- C:\WINDOWS\SysWow64\CoreMas.dll
[2020.12.10 20:34:04 | 000,010,752 | ---- | C] () -- C:\WINDOWS\SysWow64\agentactivationruntimestarter.exe
[2020.12.10 20:33:53 | 000,060,928 | ---- | C] () -- C:\WINDOWS\SysNative\runexehelper.exe
[2020.12.10 20:33:41 | 002,260,480 | ---- | C] () -- C:\WINDOWS\SysNative\TextInputMethodFormatter.dll
[2020.12.10 20:33:34 | 000,363,520 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Internal.UI.Shell.WindowTabManager.dll
[2020.12.10 20:33:34 | 000,165,376 | ---- | C] () -- C:\WINDOWS\SysNative\DataStoreCacheDumpTool.exe
[2020.12.10 20:33:33 | 000,287,232 | ---- | C] () -- C:\WINDOWS\SysNative\CoreMas.dll
[2020.12.10 20:33:33 | 000,089,088 | ---- | C] () -- C:\WINDOWS\SysNative\windows.applicationmodel.conversationalagent.proxystub.dll
[2020.12.10 20:33:32 | 000,073,216 | ---- | C] () -- C:\WINDOWS\SysNative\windows.applicationmodel.conversationalagent.internal.proxystub.dll
[2020.12.10 20:33:32 | 000,013,312 | ---- | C] () -- C:\WINDOWS\SysNative\agentactivationruntimestarter.exe
[2020.12.01 19:05:12 | 000,002,438 | ---- | C] () -- C:\Users\Pavel\Desktop\Petra - Chrome.lnk
[2020.12.01 18:57:36 | 000,002,394 | ---- | C] () -- C:\Users\Pavel\Desktop\Pavel - Chrome.lnk
[2020.11.29 20:48:47 | 000,002,247 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[2020.11.29 20:48:46 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2020.11.29 15:49:18 | 000,001,993 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
[2020.11.29 15:49:18 | 000,001,981 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2020.11.29 15:26:49 | 000,000,907 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
[2020.11.29 15:26:49 | 000,000,895 | ---- | C] () -- C:\Users\Public\Desktop\Firefox.lnk
[2020.11.24 23:22:14 | 000,191,489 | ---- | C] () -- C:\Users\Pavel\Desktop\Informace o správci příloh v systému Microsoft Windows.pdf
[2020.10.14 18:05:32 | 000,047,472 | ---- | C] () -- C:\WINDOWS\SysWow64\umpdc.dll
[2020.10.14 18:05:27 | 000,455,168 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowManagementAPI.dll
[2020.10.14 18:05:24 | 000,611,952 | ---- | C] () -- C:\WINDOWS\SysWow64\TextShaping.dll
[2020.09.11 20:01:36 | 000,101,688 | ---- | C] () -- C:\WINDOWS\SysWow64\HvsiManagementApi.dll
[2020.07.26 18:01:12 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2020.03.24 13:49:54 | 000,000,017 | ---- | C] () -- C:\Users\Pavel\AppData\Local\resmon.resmoncfg
[2020.02.28 19:02:54 | 000,000,051 | ---- | C] () -- C:\WINDOWS\SysWow64\lgAxconfig.ini
[2019.12.07 10:15:00 | 000,003,103 | ---- | C] () -- C:\WINDOWS\SysWow64\mmc.exe.config
[2019.12.07 10:15:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2019.12.07 10:14:59 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2019.12.07 10:10:05 | 000,019,485 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2019.12.07 10:10:05 | 000,011,292 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr-v.dat
[2019.12.07 10:10:02 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2019.12.07 10:09:57 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2019.12.07 10:09:22 | 000,002,404 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2019.12.07 10:09:18 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2019.12.07 10:09:17 | 003,595,776 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2019.12.07 10:09:17 | 000,235,520 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2019.12.07 10:09:17 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2019.12.07 10:09:17 | 000,060,416 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2019.12.07 10:09:17 | 000,054,784 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2019.12.07 10:09:13 | 000,223,744 | ---- | C] () -- C:\WINDOWS\SysWow64\TpmTool.exe
[2019.12.07 10:09:11 | 000,330,752 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2019.12.07 10:09:11 | 000,049,664 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.proxystub.dll
[2019.12.07 10:09:11 | 000,040,448 | ---- | C] () -- C:\WINDOWS\SysWow64\windows.applicationmodel.conversationalagent.internal.proxystub.dll
[2019.12.07 10:09:04 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2019.12.07 10:08:58 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2019.12.07 07:07:07 | 000,870,096 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1-999-0-0-0.dll
[2019.12.07 07:07:07 | 000,870,096 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkan-1.dll
[2019.12.07 07:07:07 | 000,260,304 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo-1-999-0-0-0.exe
[2019.12.07 07:07:07 | 000,260,304 | ---- | C] () -- C:\WINDOWS\SysWow64\vulkaninfo.exe
[2019.12.07 07:07:05 | 000,544,160 | ---- | C] () -- C:\WINDOWS\SysWow64\nvofapi.dll
[2019.11.06 17:10:34 | 000,000,344 | ---- | C] () -- C:\WINDOWS\ODBC.INI

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2020.12.10 20:33:43 | 007,990,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2020.12.10 20:34:09 | 006,368,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2020.10.14 18:04:23 | 001,075,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2020.10.14 18:05:19 | 000,804,352 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2019.12.07 10:08:19 | 000,514,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2020.12.19 13:19:44 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\.minecraft
[2020.12.19 13:19:30 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\.tlauncher
[2020.11.13 10:58:29 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Axolot Games
[2019.06.27 21:25:51 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Dropbox
[2019.06.22 08:58:34 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\GHISLER
[2020.11.13 10:58:29 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Goldberg SteamEmu Saves
[2019.08.03 09:10:10 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\InterTrust
[2019.12.16 13:24:27 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\java
[2020.11.06 10:46:49 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Teams
[2020.12.18 23:53:33 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\TeamViewer
[2019.06.29 15:37:40 | 000,000,000 | ---D | M] -- C:\Users\Pavel\AppData\Roaming\Transcend Elite

========== Purity Check ==========



< End of report >

Paull
Level 1
Level 1
Příspěvky: 75
Registrován: říjen 06
Pohlaví: Nespecifikováno

Re: log Hijack

Příspěvekod Paull » 19 pro 2020 18:48

OTL Extras

OTL Extras logfile created on: 19.12.2020 18:22:24 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pavel\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.19041.0)
Locale: 00000405 | Country: Česko | Language: CSY | Date Format: dd.MM.yyyy

7,92 Gb Total Physical Memory | 5,38 Gb Available Physical Memory | 67,98% Memory free
17,92 Gb Paging File | 13,74 Gb Available in Paging File | 76,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,56 Gb Total Space | 231,17 Gb Free Space | 51,77% Space Free | Partition Type: NTFS
Drive D: | 1863,01 Gb Total Space | 1237,47 Gb Free Space | 66,42% Space Free | Partition Type: NTFS

Computer Name: DESKTOP-54V8III | User Name: Pavel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- Reg Error: Key error.
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Powershell] -- powershell.exe -noexit -command Set-Location -literalPath '%V' (Microsoft Corporation)
Directory [UpdateEncryptionSettings] -- Reg Error: Key error.
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]
"DataMigrated" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{05AFA9EE-1ABD-A226-D250-B41671D7635C}]
"GUID" = {05AFA9EE-1ABD-A226-D250-B41671D7635C}
"DISPLAYNAME" = COMODO Antivirus
"STATE" = 401408
"PRODUCTEXE" = C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe -- (COMODO)
"REPORTINGEXE" = C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (COMODO)

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}]
"GUID" = {05BC7AB5-FF0E-71EC-1054-15DA19B62DC7}
"DISPLAYNAME" = COMODO Antivirus
"STATE" = 397312
"PRODUCTEXE" = C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe -- (COMODO)
"REPORTINGEXE" = C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (COMODO)

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}]
"GUID" = {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}
"DISPLAYNAME" = COMODO Antivirus
"STATE" = 401408
"PRODUCTEXE" = C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe -- (COMODO)
"REPORTINGEXE" = C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (COMODO)

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av\{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}]
"GUID" = {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
"DISPLAYNAME" = Antivirová ochrana v programu Windows Defender
"STATE" = 393472
"PRODUCTEXE" = windowsdefender://
"REPORTINGEXE" = %ProgramFiles%\Windows Defender\MsMpeng.exe -- (Microsoft Corporation)

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP\eb15227e-fe30-45c4-a714-40e91667eec4]
"GUID" = eb15227e-fe30-45c4-a714-40e91667eec4
"CALLINGBINARY" = C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe -- (Microsoft Corporation)
"NAMESPACE" = C:\Users\Pavel\OneDrive -- [2020.12.19 13:18:58 | 000,000,000 | R--D | M]
"DISPLAYNAME" = OneDrive
"EXEPATH" = C:\Users\Pavel\AppData\Local\Microsoft\OneDrive\OneDrive.exe -- (Microsoft Corporation)
"ACCOUNTNAME" = pavel.klima@centrum.cz
"USERSID" = S-1-5-21-1980947671-2380292906-1612769214-1001
"TYPE" = 0
"SIGNED" = 1
"FLAGS" = 0
"STATE" = 0
"RESTOREURL" = https://onedrive.live.com?v=restore&sug ... T12:18:58Z

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]
"DataMigrated" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = C8 3F BD 76 67 63 D6 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Feature]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Av]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\CBP]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\DPA]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\Fw]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Provider\SecurityApp\WebProtection]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B6EEF71-4118-4836-9448-BB7546AB5EBC}" = COMODO Antivirus
"{26A24AE4-039D-4CA4-87B4-2F64180271F0}" = Java 8 Update 271 (64-bit)
"{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1" = Malwarebytes version 4.3.0.98
"{90160000-007E-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Licensing Component
"{90160000-008C-0000-1000-0000000FF1CE}" = Office 16 Click-to-Run Extensibility Component
"{90160000-008C-0405-1000-0000000FF1CE}" = Office 16 Click-to-Run Localization Component
"{90160000-008C-0409-1000-0000000FF1CE}" = Office 16 Click-to-Run Localization Component
"{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1" = Revo Uninstaller 2.2.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel" = NVIDIA Ansel
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Ovládací panel NVIDIA 432.00
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer" = NVIDIA Display Container
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS" = NVIDIA Display Container LS
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog" = NVIDIA Display Watchdog Plugin
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer" = NVIDIA Display Session Container
"8B3D7924-ED89-486B-8322-E8594065D5CB_is1" = RogueKiller version 14.8.0.0
"C4E7EE54-826F-41C4-BE3C-375CC70DC1D8_is1" = UCheck version 3.10.0.0
"CCleaner" = CCleaner
"COMODO Internet Security" = COMODO Antivirus
"Mozilla Firefox 84.0 (x64 cs)" = Mozilla Firefox 84.0 (x64 cs)
"ProPlus2019Retail - cs-cz" = Microsoft Office Professional Plus 2019 - cs-cz
"ProPlus2019Retail - en-us" = Microsoft Office Professional Plus 2019 - en-us
"WinRAR archiver" = WinRAR 5.71 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{099218A5-A723-43DC-8DB5-6173656A1E94}" = Dropbox Update Helper
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{30837A37-8F9F-4817-8B52-C501B67DC3BE}" = Trust WB-1400T Webcam
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = WebAdvisor od společnosti McAfee
"{3F490D0E-3131-438C-BCF9-7549CB88DF41}" = LG Mobile Driver
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1" = Zemana AntiMalware verze 3.2.27
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{A85568D7-A01E-4E05-AFEE-4A1852D70281}" = LEGO® Piráti z Karibiku Počítačová hra UKÁZKA
"{B829E117-D072-41EA-9606-9826A38D34C1}" = Sophos Virus Removal Tool
"{C679F9B9-C65D-4C65-BD6C-BF90B859E281}" = Trust 100K Series Webcam
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Comodo Dragon" = Comodo Dragon
"Dropbox" = Dropbox
"ElsaWin" = ElsaWin
"Google Chrome" = Google Chrome
"InstallShield_{30837A37-8F9F-4817-8B52-C501B67DC3BE}" = Trust WB-1400T Webcam
"Microsoft Edge" = Microsoft Edge
"Microsoft Edge Update" = Microsoft Edge Update
"TeamViewer" = TeamViewer
"The KMPlayer" = KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"1b837d0bf93d01407352736c91b7bf50" = Word
"1fc5b090eab9aa41f8a2f5987367e6da" = Excel
"319814cb56b667dff88f54e08be8f51f" = PowerPoint
"6b0f23e57a39ebfbf2814acb1a24293d" = Outlook
"OneDriveSetup.exe" = Microsoft OneDrive
"Teams" = Microsoft Teams

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 16.12.2020 16:59:56 | Computer Name = DESKTOP-54V8III | Source = VSS | ID = 8194
Description =

Error - 16.12.2020 17:00:19 | Computer Name = DESKTOP-54V8III | Source = VSS | ID = 8193
Description =

Error - 16.12.2020 17:03:49 | Computer Name = DESKTOP-54V8III | Source = VSS | ID = 8193
Description =

Error - 16.12.2020 17:05:27 | Computer Name = DESKTOP-54V8III | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Internet
Security Essentials. System Error: Systém nemůže nalézt uvedený soubor. .

Error - 16.12.2020 17:05:48 | Computer Name = DESKTOP-54V8III | Source = VSS | ID = 8193
Description =

Error - 16.12.2020 17:14:54 | Computer Name = DESKTOP-54V8III | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Internet
Security Essentials. System Error: Systém nemůže nalézt uvedený soubor. .

Error - 17.12.2020 10:25:50 | Computer Name = DESKTOP-54V8III | Source = Firefox Default Browser Agent | ID = 0
Description =

Error - 17.12.2020 10:25:50 | Computer Name = DESKTOP-54V8III | Source = Firefox Default Browser Agent | ID = 470759
Description =

Error - 17.12.2020 13:37:53 | Computer Name = DESKTOP-54V8III | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Služba Šifrování selhala při volání OnIdentity() v objektu System
Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Internet
Security Essentials. System Error: Systém nemůže nalézt uvedený soubor. .

Error - 17.12.2020 13:38:16 | Computer Name = DESKTOP-54V8III | Source = VSS | ID = 8193
Description =

[ Parameters Events ]
OTL encountered an error while reading this event log. It may be corrupt.
[ State Events ]
OTL encountered an error while reading this event log. It may be corrupt.
Error - 17.12.2020 16:04:47 | Computer Name = DESKTOP-54V8III | Source = DCOM | ID = 10010
Description =

Error - 17.12.2020 16:04:47 | Computer Name = DESKTOP-54V8III | Source = DCOM | ID = 10010
Description =

Error - 17.12.2020 16:04:47 | Computer Name = DESKTOP-54V8III | Source = DCOM | ID = 10010
Description =

Error - 17.12.2020 16:04:47 | Computer Name = DESKTOP-54V8III | Source = DCOM | ID = 10010
Description =

Error - 17.12.2020 16:04:47 | Computer Name = DESKTOP-54V8III | Source = DCOM | ID = 10010
Description =

Error - 17.12.2020 16:05:17 | Computer Name = DESKTOP-54V8III | Source = Service Control Manager | ID = 7000
Description = Služba McAfee WebAdvisor neuspěla při spuštění v důsledku následující
chyby: %%1392

Error - 18.12.2020 14:48:26 | Computer Name = DESKTOP-54V8III | Source = DCOM | ID = 10010
Description =

Error - 18.12.2020 14:50:26 | Computer Name = DESKTOP-54V8III | Source = DCOM | ID = 10010
Description =

Error - 18.12.2020 14:52:26 | Computer Name = DESKTOP-54V8III | Source = DCOM | ID = 10010
Description =

Error - 19.12.2020 12:01:43 | Computer Name = DESKTOP-54V8III | Source = volsnap | ID = 393252
Description = Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného
uživatelem se nepodařilo zvětšit úložiště stínové kopie.


< End of report >

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41333
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: log Hijack

Příspěvekod jaro3 » 19 pro 2020 20:56

Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:

Kód: Vybrat vše

:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
SRV:64bit: - (McAfee WebAdvisor) -- C:\Program Files\McAfee\WebAdvisor\servicehost.exe ()
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\PROGRAM FILES\MCAFEE\WEBADVISOR\WEBADVISOR.MCAFEE.FIREFOX.EXTENSION.JSON [2020.11.21 08:02:02 | 000,000,273 | ---- | M] ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension\\: C:\PROGRAM FILES\MCAFEE\WEBADVISOR\WEBADVISOR_V2.MCAFEE.FIREFOX.EXTENSION.JSON [2020.11.21 08:02:03 | 000,000,272 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\siteadvisor.mcafee.chrome.extension\\: C:\Program Files\McAfee\WebAdvisor\webadvisor.mcafee.firefox.extension.json [2020.11.21 08:02:02 | 000,000,273 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\NativeMessagingHosts\webadvisor.mcafee.chrome.extension\\: C:\Program Files\McAfee\WebAdvisor\webadvisor_v2.mcafee.firefox.extension.json [2020.11.21 08:02:03 | 000,000,272 | ---- | M] ()
[2020.11.29 15:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\Extensions
[2020.11.29 15:26:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\SystemExtensionsDev
[2020.12.17 18:38:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\Firefox\Profiles\15meqnet.default-release\extensions
[2020.11.29 15:26:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\Firefox\Profiles\15meqnet.default-release\storage\default\moz-extension+++49c499b8-a92a-467b-8c4e-3539a19b609b^userContextId=4294967295
[2020.12.18 18:22:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\Firefox\Profiles\15meqnet.default-release\storage\default\moz-extension+++49c499b8-a92a-467b-8c4e-3539a19b609b^userContextId=4294967295\idb
[2020.11.29 15:27:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pavel\AppData\Roaming\mozilla\Firefox\Profiles\15meqnet.default-release\storage\default\moz-extension+++a4a0b5b4-c30b-4875-aedd-d5d00efd1545^userContextId=4294967295
[2020.12.18 18:22:02 | 000,000,000 | ---D | M] (No name found) --
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.5_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.21.0_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic\4.0.116_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\4.62.0.1_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.3_0\
CHR - Extension: No name found = C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\8720.1005.0.2_0\
O4:64bit: - HKLM..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe File not found
O4:64bit: - HKLM..\Run: [PAC207_Monitor] C:\Windows\PixArt\PAC207\Monitor.exe File not found
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105 File not found
O9:64bit: - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\x64\ieplugin.dll (McAfee, LLC)
O9:64bit: - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\x64\ieplugin.dll (McAfee, LLC)
O9 - Extra Button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\ieplugin.dll (McAfee, LLC)
O9 - Extra 'Tools' menuitem : McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\ieplugin.dll (McAfee, LLC)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Program Files\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\Windows\SysNative\drivers\*.tmp
C:\Windows\SysWow64\drivers\*.tmp
C:\Program Files (x86)\*.tmp
C:\Windows\SysWow64\*.tmp
C:\Windows\SysNative\*.tmp
C:\Program Files (x86)\*.tmp

:Reg
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]

Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.

pak napiš co s tím stahováním.-
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Paull
Level 1
Level 1
Příspěvky: 75
Registrován: říjen 06
Pohlaví: Nespecifikováno

Re: log Hijack

Příspěvekod Paull » 19 pro 2020 22:04

Situace beze změny, stále nelze stahovat.
Log bych raději někde uložil, neboť bych jej kvůli jeho velikosti musel vkládat ca na 15x
Najdeš jej na
https://ulozto.cz/tam/eeaf3e13-106f-4f2 ... c77826aea6
Je to tak OK?

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41333
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: log Hijack

Příspěvekod jaro3 » 19 pro 2020 23:12

OK , bylo toho hodně moc ke smazání.
Viry v tom nehrají roli.
Možná něco s prohlížečema , windows , opravdu nevím.
Navštiv ještě sekci Internet a internetové prohlížeče.

zde :
Stáhni si zde DelFix
Další odkazy:
https://toolslib.net/downloads/viewdownload/2-delfix/
http://ccm.net/download/download-24087-delfix
https://www.bleepingcomputer.com/download/delfix/

ulož si soubor na plochu.
Poklepáním na ikonu spusť nástroj Delfix.exe
( Ve Windows Vista, Windows 7, 8 a10 musíš spustit soubor pravým tlačítkem myši -> Spustit jako správce .
V hlavním menu, zkontroluj tyto možnosti - Odstranění dezinfekce nástrojů (Remove desinfection tools) – Vyčistit body obnovy (Purge System Restore)
Poté klikněte na tlačítko Spustit (Run) a nech nástroj dělat svoji práci

Poté se zpráva se otevře (DelFix.txt). Vlož celý obsah zprávy sem.Jinak je zpráva zde:
v C: \ DelFix.txt

ostatní použité nástroje můžeš odinstalovat.

téma nech otevřené , mohli bychom ještě udělat znovu FRST , kdyby kolegové nepomohli.
Ccleaner si dělal? Koukni se ještě do nastavení těch prohlížečů
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Paull
Level 1
Level 1
Příspěvky: 75
Registrován: říjen 06
Pohlaví: Nespecifikováno

Re: log Hijack

Příspěvekod Paull » 20 pro 2020 10:28

Vkládám Log od DelFix

# DelFix v1.013 - Logfile created 20/12/2020 at 10:24:23
# Updated 17/04/2016 by Xplode
# Username : Pavel - DESKTOP-54V8III
# Operating System : Windows 10 Enterprise (64 bits)

~ Removing disinfection tools ...

Deleted : C:\_OTL
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Pavel\Desktop\FRST-OlderVersion
Deleted : C:\Users\Pavel\Desktop\Addition.txt
Deleted : C:\Users\Pavel\Desktop\AdwCleaner.exe
Deleted : C:\Users\Pavel\Desktop\AdwCleaner[C07].txt
Deleted : C:\Users\Pavel\Desktop\Extras.Txt
Deleted : C:\Users\Pavel\Desktop\Fixlog.txt
Deleted : C:\Users\Pavel\Desktop\FRST.txt
Deleted : C:\Users\Pavel\Desktop\FRST64.exe
Deleted : C:\Users\Pavel\Desktop\JRT.exe
Deleted : C:\Users\Pavel\Desktop\JRT.txt
Deleted : C:\Users\Pavel\Desktop\hijackthis.log
Deleted : C:\Users\Pavel\Desktop\Log-9B6 1187-TMBBS61Z2A2086954-383680km.txt
Deleted : C:\Users\Pavel\Desktop\Log-RogueKiller12_12_20.txt
Deleted : C:\Users\Pavel\Desktop\OTL-LogPaul123.txt
Deleted : C:\Users\Pavel\Desktop\OTL.Txt
Deleted : C:\Users\Pavel\Desktop\OTL.exe
Deleted : C:\Users\Pavel\Desktop\SecurityCheck.exe
Deleted : C:\Users\Public\Desktop\RogueKiller.lnk
Deleted : C:\Users\Pavel\Downloads\AdwCleaner(1).exe
Deleted : C:\Users\Pavel\Downloads\HijackThis.exe
Deleted : C:\Users\Pavel\Downloads\hijackthis.log
Deleted : C:\Users\Pavel\Downloads\TFC.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis

~ Cleaning system restore ...


New restore point created !

########## - EOF - ##########

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41333
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: log Hijack

Příspěvekod jaro3 » 20 pro 2020 15:17

Zkus ještě to nastavení:
https://playfmrussia.ru/cs/facebook/cht ... ailov.html


nebo zkuzs ještě deaktivovat windows defender.
https://school38vrn.ru/cs/fail-soderzha ... hrome.html
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Paull
Level 1
Level 1
Příspěvky: 75
Registrován: říjen 06
Pohlaví: Nespecifikováno

Re: log Hijack

Příspěvekod Paull » 22 pro 2020 13:39

Četl jsem si ty odkazy, ale jednak mně stahování na Firefoxu funguje, dále jsme zkoušeli i odinstalovat antiviry a zablokovat FireWall a situace se nezměnila. A i ta chybová hláška není mezi těmi uváděnými na netu a není problém se stahování EXE nýbrž všech typů souborů....

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41333
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: log Hijack

Příspěvekod jaro3 » 22 pro 2020 19:32

Zkusil bych odinstalovat Chrome , použít znovu Ccleaner a pak zase nainstalovat.
FF jde co Opera?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 4 hosti