Tranfer přes CMD - prosím o kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

mastík
nováček
Příspěvky: 15
Registrován: leden 18
Pohlaví: Muž

Tranfer přes CMD - prosím o kontrolu logu  Vyřešeno

Příspěvekod mastík » 09 led 2018 20:48

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:46:11, on 09/01/2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0850)


Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
C:\Users\honza\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-118-756
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-118-756
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?bcutc=sp-118-756
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?bcutc=sp-118-756
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\honza\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Startup: Sidebar23.lnk = C:\Program Files\Windows Sidebar\sidebar.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ArcGIS License Manager - Flexera Software LLC - C:\Program Files (x86)\ArcGIS\License10.4\bin\lmgrd.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\ki124538.inf_amd64_38801626506e1429\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\ki124538.inf_amd64_38801626506e1429\IntelCpHDCPSvc.exe
O23 - Service: Dell Data Vault Service API (DDVCollectorSvcApi) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
O23 - Service: Dell Data Vault Collector (DDVDataCollector) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
O23 - Service: Dell Data Vault Processor (DDVRulesProcessor) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem22.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Unknown owner - C:\Windows\system32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem37.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\Windows\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\ki124538.inf_amd64_38801626506e1429\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Synaptics WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12716 bytes



Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38221
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Tranfer přes CMD - prosím o kontrolu logu

Příspěvekod jaro3 » 09 led 2018 21:57

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Scan“
Po skenu klikni na „Logfile“ ,objeví se okno „Log Manager“ a pak poklepej na odpovídající log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Skenovat nyní
- po proběhnutí programu se ti objeví hláška vpravo dole, tak klikni na Uložit výsledky a vyber zkopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mastík
nováček
Příspěvky: 15
Registrován: leden 18
Pohlaví: Muž

Re: Tranfer přes CMD - prosím o kontrolu logu

Příspěvekod mastík » 09 led 2018 22:29

# AdwCleaner 7.0.6.0 - Logfile created on Tue Jan 09 21:27:18 2018
# Updated on 2017/21/12 by Malwarebytes
# Database: 01-08-2018.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Reimage, [Key] - HKU\S-1-5-21-3112688569-585586772-3143591606-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage, [Key] - HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
PUP.Optional.Reimage, [Key] - HKU\S-1-5-21-3112688569-585586772-3143591606-1001\Software\Reimage
PUP.Optional.Reimage, [Key] - HKCU\Software\Reimage
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-3112688569-585586772-3143591606-1001\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Google\Chrome\NativeMessagingHosts\ru.mail.go.ext_info_host
PUP.Optional.DriverAgentPlus, [Value] - HKU\S-1-5-21-3112688569-585586772-3143591606-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | DriverAgent Plus


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy, SearchProvider found: azlyrics.com - azlyrics.com
PUP.Optional.Legacy, SearchProvider found: slunecnice.cz - slunecnice.cz
PUP.Optional.Legacy, SearchProvider found: google.com - google.com_

/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271


*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########



____________________________________________________________________________
Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/9/18
Scan Time: 10:23 PM
Log File: 683f5c80-f583-11e7-977a-a44cc8275a39.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3660
License: Free

-System Information-
OS: Windows 10 (Build 15063.850)
CPU: x64
File System: NTFS
User: DELL\honza

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 357340
Threats Detected: 24
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 1 min, 49 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 9
PUP.Optional.Reimage, HKU\S-1-5-21-3112688569-585586772-3143591606-1001\SOFTWARE\Reimage, No Action By User, [1095], [357494],1.0.3660
PUP.Optional.Reimage, HKU\S-1-5-21-3112688569-585586772-3143591606-1001\SOFTWARE\REIMAGE\PC REPAIR, No Action By User, [1095], [327204],1.0.3660
PUP.Optional.Reimage, HKU\S-1-5-21-3112688569-585586772-3143591606-1001\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., No Action By User, [1095], [327203],1.0.3660
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ligncphnohhjkgekjkghahajihclailj, No Action By User, [10], [475758],1.0.3660
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine.1, No Action By User, [1095], [327197],1.0.3660
PUP.Optional.Reimage, HKU\S-1-5-21-3112688569-585586772-3143591606-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, No Action By User, [1095], [327197],1.0.3660
PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\REI_AxControl.ReiEngine, No Action By User, [1095], [327197],1.0.3660
PUP.Optional.ChromeSearchClub.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, No Action By User, [15191], [-1],0.0.0
PUP.Optional.ChromeSearchClub.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, No Action By User, [15191], [-1],0.0.0

Registry Value: 3
PUP.Optional.Reimage, HKU\S-1-5-21-3112688569-585586772-3143591606-1001\SOFTWARE\REIMAGE\PC REPAIR|QUITMESSAGE, No Action By User, [1095], [327204],1.0.3660
PUP.Optional.ChromeSearchClub.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME|DefaultSearchProviderSearchURL, No Action By User, [15191], [475079],1.0.3660
PUP.Optional.ChromeSearchClub.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME|DefaultSearchProviderSearchURL, No Action By User, [15191], [475079],1.0.3660

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 12
PUP.Optional.RussAd, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, [10], [475758],1.0.3660
PUP.Optional.ChromeSearchClub.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, No Action By User, [15191], [475079],1.0.3660
PUP.Optional.ChromeSearchClub.ChrPRST, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, No Action By User, [15191], [475079],1.0.3660
PUP.Optional.ChromeSearchClub.ChrPRST, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [15191], [475079],1.0.3660
PUP.Optional.ChromeSearchClub.ChrPRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, No Action By User, [15191], [-1],0.0.0
PUP.Optional.ChromeSearchClub.ChrPRST, C:\PROGRAMDATA\NTUSER.POL, No Action By User, [15191], [-1],0.0.0
PUP.Optional.ChromeSearchClub.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, No Action By User, [15191], [-1],0.0.0
Adware.Elex.ShrtCln, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [2192], [454709],1.0.3660
PUP.Optional.ChromeSearchClub.ChrPRST, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [15191], [475079],1.0.3660
Adware.Elex.ShrtCln, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, No Action By User, [2192], [454702],1.0.3660
PUP.Optional.SearchYa, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, No Action By User, [4444], [477034],1.0.3660
PUP.Optional.SearchYa, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, [4444], [477034],1.0.3660

Physical Sector: 0
(No malicious items detected)


(end)

Uživatelský avatar
Orcus
člen Security týmu
Elite Level 10.5
Elite Level 10.5
Příspěvky: 10618
Registrován: duben 10
Bydliště: Okolo rostou 3 růže =o)
Pohlaví: Muž

Re: Tranfer přes CMD - prosím o kontrolu logu

Příspěvekod Orcus » 10 led 2018 07:23

- Spusť znovu MbAM a dej Skenovat nyní
- Po proběhnutí programu, se ti objeví hláška, tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

====================================================

- Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
- Klikni na „ Smazat“
- Program provede opravu, po automatickém restartu neukáže log (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

====================================================

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

====================================================

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.

====================================================

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
nebo:
http://www.adlice.com/download/roguekil ... HlwZT14ODY

64bit.:
http://www.sur-la-toile.com/RogueKiller ... lerX64.exe
nebo:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků.
Láska hřeje, ale uhlí je uhlí. :fire:



Log z HJT vkládejte do HJT sekce. Je-li moc dlouhý, rozděl jej do více zpráv.

Pár rad k bezpečnosti PC.

Po dobu mé nepřítomnosti mě zastupuje memphisto, jaro3 a jerabina

Pokud budete spokojeni , můžete podpořit naše fórum.

mastík
nováček
Příspěvky: 15
Registrován: leden 18
Pohlaví: Muž

Re: Tranfer přes CMD - prosím o kontrolu logu

Příspěvekod mastík » 11 led 2018 12:02

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 1/11/18
Scan Time: 9:25 AM
Log File: ff948148-f6a8-11e7-b6c0-a44cc8275a39.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.262
Update Package Version: 1.0.3672
License: Free

-System Information-
OS: Windows 10 (Build 15063.850)
CPU: x64
File System: NTFS
User: DELL\honza

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 357312
Threats Detected: 21
Threats Quarantined: 17
Time Elapsed: 2 min, 16 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 3
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ligncphnohhjkgekjkghahajihclailj, Quarantined, [10], [475758],1.0.3672
PUP.Optional.ChromeSearchClub.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Quarantined, [15195], [-1],0.0.0
PUP.Optional.ChromeSearchClub.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, Quarantined, [15195], [-1],0.0.0

Registry Value: 2
PUP.Optional.ChromeSearchClub.ChrPRST, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME|DefaultSearchProviderSearchURL, Quarantined, [15195], [475079],1.0.3672
PUP.Optional.ChromeSearchClub.ChrPRST, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME|DefaultSearchProviderSearchURL, Quarantined, [15195], [475079],1.0.3672

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 16
PUP.Optional.RussAd, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [10], [475758],1.0.3672
Adware.FileTour, C:\USERS\HONZA\APPDATA\LOCAL\TEMP\IS-JB2OQ.TMP\BB84DC3F, Quarantined, [149], [423225],1.0.3672
Adware.FileTour, C:\USERS\HONZA\APPDATA\LOCAL\TEMP\IS-CQBLS.TMP\E5F065BE, Quarantined, [149], [413261],1.0.3672
Adware.FileTour, C:\USERS\HONZA\APPDATA\LOCAL\TEMP\IS-JB2OQ.TMP\BAC0E949, Quarantined, [149], [413261],1.0.3672
Adware.Elex.ShrtCln, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Removal Failed, [2193], [454709],1.0.3672
Adware.Elex.ShrtCln, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Replaced, [2193], [454702],1.0.3672
PUP.Optional.SearchYa, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [4446], [477034],1.0.3672
PUP.Optional.SearchYa, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Removal Failed, [4446], [477034],1.0.3672
PUP.Optional.ChromeSearchClub.ChrPRST, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Removal Failed, [15195], [475079],1.0.3672
PUP.Optional.ChromeSearchClub.ChrPRST, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, Quarantined, [15195], [-1],0.0.0
PUP.Optional.ChromeSearchClub.ChrPRST, C:\PROGRAMDATA\NTUSER.POL, Quarantined, [15195], [-1],0.0.0
PUP.Optional.ChromeSearchClub.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Quarantined, [15195], [-1],0.0.0
Adware.FileTour, C:\USERS\HONZA\APPDATA\LOCAL\TEMP\IS-CQBLS.TMP\982078BB, Quarantined, [149], [423225],1.0.3672
PUP.Optional.ChromeSearchClub.ChrPRST, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Quarantined, [15195], [475079],1.0.3672
PUP.Optional.ChromeSearchClub.ChrPRST, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Replaced, [15195], [475079],1.0.3672
PUP.Optional.ChromeSearchClub.ChrPRST, C:\USERS\HONZA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Removal Failed, [15195], [475079],1.0.3672

Physical Sector: 0
(No malicious items detected)


(end)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x64
Ran by honza (Administrator) on 11/01/2018 at 10:38:48.96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg (Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11/01/2018 at 10:40:39.94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


# AdwCleaner 7.0.6.0 - Logfile created on Thu Jan 11 08:54:14 2018
# Updated on 2017/21/12 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\honza\Desktop\Mail.Ru


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: azlyrics.com - azlyrics.com
SearchProvider deleted: slunecnice.cz - slunecnice.cz
SearchProvider deleted: slunecnice.cz - slunecnice.cz


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1266 B] - [2018/1/11 8:34:54]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########


RogueKiller V12.11.32.0 (x64) [Jan 8 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.15063) 64 bits version
Started in : Normal mode
User : honza [Administrator]
Started from : C:\Users\honza\Desktop\vir\RogueKiller_portable64.exe
Mode : Scan -- Date : 01/11/2018 11:30:21 (Duration : 00:28:55)

¤¤¤ Processes : 1 ¤¤¤
[VT.Detected] ARCGIS.exe(9580) -- C:\Program Files (x86)\ArcGIS\License10.4\bin\ARCGIS.exe[-] -> Found

¤¤¤ Registry : 2 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {58013D73-AAE6-4239-9DDA-960F509EFE90} : v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\honza\AppData\Local\Recovery\msiexec64.exe|Name=msiexec64.exe|Desc=msiexec64.exe| [x] -> Found
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {7F3F335B-EB1C-4F11-A3C6-2D0276565E77} : v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\honza\AppData\Local\Recovery\msiexec64.exe|Name=msiexec64.exe|Desc=msiexec64.exe| [x] -> Found

¤¤¤ Tasks : 1 ¤¤¤
[Suspicious.Path] \eYoxIin -- "C:\Users\honza\AppData\Local\dkwJEOcAvXUE.exe" (/i http://lurpclubs.net/gniqfagvfevt.iwq /q) -> Found

¤¤¤ Files : 1 ¤¤¤
[PUP.uTorrentAds][File] C:\Users\honza\AppData\Roaming\uTorrent\updates\3.5.0_44178\utorrentie.exe -> Found

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 4 ¤¤¤
[PUP.Gen0][Chrome:Addon] Default : Extensity [jjmflmamggggndanpgfnpelongoepncg] -> Found
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://www.luckystarting.com/] -> Found
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://google.com/|http://www.seznam.cz/|https://www.google.com/|https://www.google.com/|https://www.google.com/|http://mail.ru/cnt/10445?gp=811138] -> Found
[PUM.SearchPage][Chrome:Config] Default [SecurePrefs] : default_search_provider_data.template_url_data.keyword [google.cz] -> Found

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Micron 1100 SATA 256GB +++++
--- User ---
[MBR] 48b3decd9d3c01bb5fefdfc111c18a0b
[BSP] 4aaca035cab8b973a0b1563e0121a784 : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 500 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1026048 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 1288192 | Size: 232039 MB
3 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 476504064 | Size: 498 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 477523968 | Size: 9826 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 497649664 | Size: 1205 MB
User = LL1 ... OK
User = LL2 ... OK

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38221
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Tranfer přes CMD - prosím o kontrolu logu

Příspěvekod jaro3 » 11 led 2018 18:58

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe

klik nahoře vpravo na .rar-file a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mastík
nováček
Příspěvky: 15
Registrován: leden 18
Pohlaví: Muž

Re: Tranfer přes CMD - prosím o kontrolu logu

Příspěvekod mastík » 12 led 2018 11:53

RogueKiller V12.11.32.0 (x64) [Jan 8 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 10 (10.0.15063) 64 bits version
Started in : Normal mode
User : honza [Administrator]
Started from : C:\Users\honza\Desktop\vir\RogueKiller_portable64.exe
Mode : Delete -- Date : 01/12/2018 10:50:56 (Duration : 00:23:07)

¤¤¤ Processes : 1 ¤¤¤
[VT.Detected] ARCGIS.exe(10412) -- C:\Program Files (x86)\ArcGIS\License10.4\bin\ARCGIS.exe[-] -> Found

¤¤¤ Registry : 3 ¤¤¤
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {B0CE2EB3-7A68-4458-B45F-2C386115B66E} : v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\honza\AppData\Local\Recovery\msiexec64.exe|Name=msiexec64.exe|Desc=msiexec64.exe| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {A17161B1-DB4A-43B4-A4A7-81D9200C8E07} : v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\honza\AppData\Local\Recovery\msiexec64.exe|Name=msiexec64.exe|Desc=msiexec64.exe| [x] -> Deleted
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {4C7B92F4-5D0B-4E03-9DEE-9A2036F3FF48} : v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\honza\AppData\Local\Recovery\msiexec64.exe|Name=msiexec64.exe|Desc=msiexec64.exe| [x] -> Deleted

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 4 ¤¤¤
[PUP.Gen0][Chrome:Addon] Default : Extensity [jjmflmamggggndanpgfnpelongoepncg] -> Deleted
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : homepage [http://www.luckystarting.com/] -> Deleted
[PUM.HomePage][Chrome:Config] Default [SecurePrefs] : session.startup_urls [http://google.com/|http://www.seznam.cz/|https://www.google.com/|https://www.google.com/|https://www.google.com/|https://www.google.com/] -> Deleted
[PUM.SearchPage][Chrome:Config] Default [SecurePrefs] : default_search_provider_data.template_url_data.keyword [google.com__] -> Deleted

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Micron 1100 SATA 256GB +++++
--- User ---
[MBR] 48b3decd9d3c01bb5fefdfc111c18a0b
[BSP] 4aaca035cab8b973a0b1563e0121a784 : Empty|VT.Unknown MBR Code
Partition table:
0 - [MAN-MOUNT] EFI system partition | Offset (sectors): 2048 | Size: 500 MB
1 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 1026048 | Size: 128 MB
2 - Basic data partition | Offset (sectors): 1288192 | Size: 232039 MB
3 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 476504064 | Size: 498 MB
4 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 477523968 | Size: 9826 MB
5 - [SYSTEM][MAN-MOUNT] | Offset (sectors): 497649664 | Size: 1205 MB
User = LL1 ... OK
User = LL2 ... OK





Zoek.exe v5.0.0.1 Updated 24-October-2017
Tool run by honza on 12/01/2018 at 11:33:01.78.
Microsoft Windows 10 Pro 10.0.15063 x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\honza\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12/01/2018 11:34:52 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3112688569-585586772-3143591606-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{8E8F97CD-60B5-456F-A201-73065652D099} deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?bcutc=sp-118-756"
"Search Page"="https://www.google.com/search?bcutc=sp-118-756&q={searchTerms}"
"Search Bar"="https://www.google.com/?bcutc=sp-118-756"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?bcutc=sp-118-756"
"Search Page"="https://www.google.com/search?bcutc=sp-118-756&q={searchTerms}"
"Search Bar"="https://www.google.com/?bcutc=sp-118-756"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?bcutc=sp-118-756"
"Search Page"="https://www.google.com/search?bcutc=sp-118-756&q={searchTerms}"
"Search Bar"="https://www.google.com/?bcutc=sp-118-756"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{A38510F9-0FD8-43C6-8081-2926A75C0C77}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{A38510F9-0FD8-43C6-8081-2926A75C0C77} - http://www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=DCTE
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}"
HKLM\Wow6432Node\SearchScopes\{A38510F9-0FD8-43C6-8081-2926A75C0C77} - http://www.bing.com/search?q={searchTerms}&form=PRDLR1&src=IE11TR&pc=DCTE
HKLM\Wow6432Node\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
HKCU\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?bcutc=sp-118-756&q={searchTerms}

==== Reset Google Chrome ======================

C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.bad was reset successfully
C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\honza\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\honza\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\honza\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 12/01/2018 at 11:36:44.00 ======================


Zemana AntiMalware 2.74.2.150 (Installed)

-------------------------------------------------------
Scan Result : Completed
Scan Date : 2018/1/12
Operating System : Windows 10 64-bit
Processor : 4X Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
BIOS Mode : UEFI
CUID : 1255E125916F2B2AA39966
Scan Type : System Scan
Duration : 2m 50s
Scanned Objects : 164025
Detected Objects : 2
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Chrome Homepage
Status : Scanned
Object : http://www.luckystarting.com/
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Chrome Homepage

Chrome Cleaner Pro
Status : Scanned
Object : %localappdata%\google\chrome\user data\default\extensions\ccjleegmemocfpghkhpjmiccjcacackp
MD5 : -
Publisher : -
Size : -
Version : -
Detection : PUA.ChromeExt!Gr
Cleaning Action : Repair
Related Objects :
Browser Extension - Chrome Cleaner Pro


Cleaning Result
-------------------------------------------------------
Cleaned : 2
Reported as safe : 0
Failed : 0



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:50:53, on 12/01/2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0850)


Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\system32\spacedeskServiceTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\honza\Desktop\vir\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\honza\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Startup: Sidebar436.lnk = C:\Program Files\Windows Sidebar\sidebar.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: ArcGIS License Manager - Flexera Software LLC - C:\Program Files (x86)\ArcGIS\License10.4\bin\lmgrd.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\ki124538.inf_amd64_38801626506e1429\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\ki124538.inf_amd64_38801626506e1429\IntelCpHDCPSvc.exe
O23 - Service: Dell Data Vault Service API (DDVCollectorSvcApi) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
O23 - Service: Dell Data Vault Collector (DDVDataCollector) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
O23 - Service: Dell Data Vault Processor (DDVRulesProcessor) - Dell Inc. - C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @oem22.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Unknown owner - C:\Windows\system32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service - Flexera Software LLC - C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @oem37.inf,%SERVICE_NAME%;Intel Bluetooth Service (ibtsiva) - Unknown owner - C:\Windows\system32\ibtsiva (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\System32\DriverStore\FileRepository\ki124538.inf_amd64_38801626506e1429\igfxCUIService.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: spacedeskService - Unknown owner - C:\Windows\system32\spacedeskService.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Dell SupportAssist Agent (SupportAssistAgent) - Dell Inc. - C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Synaptics WBF Policy Service (valWBFPolicyService) - Unknown owner - C:\Windows\system32\valWBFPolicyService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: Waves Audio Services (WavesSysSvc) - Waves Audio Ltd. - c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 12634 bytes




Před restartem po Zoek to vypadalo, ze uz je to pryc, nicmene po restartu se okno s CMD znovu objevilo.
To stejné se mi děje MbAM - když provedu sken a vyčištění, tak je vše v pohodě, ale po vypnutí a zapnutí pc se cmd s "transferem" znovu objevi.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 38221
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Tranfer přes CMD - prosím o kontrolu logu

Příspěvekod jaro3 » 12 led 2018 16:58

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"


Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

mastík
nováček
Příspěvky: 15
Registrován: leden 18
Pohlaví: Muž

Re: Tranfer přes CMD - prosím o kontrolu logu

Příspěvekod mastík » 12 led 2018 18:12

Zjistil jsem, co cmd log vlastne dělá:
pokazdé, když ukončí "transfer", vytvoří se v C:\Users\honza\AppData\Local\Temp soubor (zatím jsem zaznamenal tři) - 1529915770.exe, 128027985.exe, 2019716523.exe.

Kdyz tyto soubory projedu Avastem, tak okamžitě hlásí přesunutí do virové truhly a označí soubor za FileRepMetagen [Adw].

Zjistil jsem, že pokud tam tento soubor nechám a vypnu (restartuju) PC, tak se místo toho ukáže modrá obrazovka se smutným smajlíkem typu CRITICAL PROCESS DIED a PC se automaticky restartuje.

P.S.: Ty logy pošlu v příští zprávě.

mastík
nováček
Příspěvky: 15
Registrován: leden 18
Pohlaví: Muž

Re: Tranfer přes CMD - prosím o kontrolu logu

Příspěvekod mastík » 12 led 2018 18:22

!!ČAST 1!!


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
Ran by honza (administrator) on DELL (12-01-2018 18:19:24)
Running from C:\Users\honza\Desktop
Loaded Profiles: honza (Available Profiles: honza)
Platform: Windows 10 Pro Version 1703 15063.850 (X64) Language: Czech (Czech Republic)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124538.inf_amd64_38801626506e1429\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124538.inf_amd64_38801626506e1429\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\System32\spacedeskService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124538.inf_amd64_38801626506e1429\IntelCpHeciSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Windows\System32\SpaceDeskServiceTray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124538.inf_amd64_38801626506e1429\igfxEM.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Flexera Software LLC) C:\Program Files (x86)\ArcGIS\License10.4\bin\lmgrd.exe
(Flexera Software LLC) C:\Program Files (x86)\ArcGIS\License10.4\bin\lmgrd.exe
(ESRI) C:\Program Files (x86)\ArcGIS\License10.4\bin\ARCGIS.exe
(Flexera Software LLC) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [7823824 2016-05-23] (Dell Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235464 2017-05-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1494024 2017-05-08] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => c:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [975744 2017-05-01] (Waves Audio Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-10-31] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2018-01-05] (AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3112688569-585586772-3143591606-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd)
Startup: C:\Users\honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2018-01-12]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar673.lnk [2018-01-12]
ShortcutTarget: Sidebar673.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6ab66d84-b3cc-4a7e-9def-563278d96004}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3112688569-585586772-3143591606-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-118-756&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-01-12] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2018-01-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-04] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-12-19] (Microsoft Corporation)

Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-10-20]

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2018-01-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2018-01-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-12-19] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://www.seznam.cz/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/"
CHR DefaultSearchKeyword: Default -> google.com__
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default [2018-01-12]
CHR Extension: (Překladač Google) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2018-01-12]
CHR Extension: (Prezentace) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-12]
CHR Extension: (Dokumenty) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-12]
CHR Extension: (Disk Google) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-01-12]
CHR Extension: (WOT: Web of Trust, hodnocení webů) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-01-12]
CHR Extension: (YouTube) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-01-12]
CHR Extension: (Facebook) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2018-01-12]
CHR Extension: (EasyBib) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbpiiblghhnlalifiaddecedaeaijdpe [2018-01-12]
CHR Extension: (Drumtrackz) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cciklmellmkeeeibdekdkbacdllgfbpa [2018-01-12]
CHR Extension: (Guitarist's Reference) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cddaabhppoebkmalboinjhgofbhdbcgk [2018-01-12]
CHR Extension: (Adblock Plus) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-12]
CHR Extension: (OneTab) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2018-01-12]
CHR Extension: (Give Up) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\diippoclinjdbklinhchgedilfncehbi [2018-01-12]
CHR Extension: (Wikiwand: Wikipedia Modernized) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\emffkefkbkpkgpdeeooapgaicgmcbolj [2018-01-12]
CHR Extension: (Avast SafePrice) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-01-12]
CHR Extension: (Tabulky) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-12]
CHR Extension: (Stylish - Custom themes for any website) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2018-01-12]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-01-12]
CHR Extension: (Unshorten.link) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbobdaaeaihkghbokihkofcbndhmbdpd [2018-01-12]
CHR Extension: (HTTPS Everywhere) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2018-01-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-01-12]
CHR Extension: (Plypp Piano) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\hofckkgpnnjabffkjemconojemcibifh [2018-01-12]
CHR Extension: (Extensity) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjmflmamggggndanpgfnpelongoepncg [2018-01-12]
CHR Extension: (Grammarly for Chrome) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-01-12]
CHR Extension: (The Great Suspender) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg [2018-01-12]
CHR Extension: (Mapy Google) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-01-12]
CHR Extension: (Email Tracking for Gmail & Inbox - Mailtrack) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2018-01-12]
CHR Extension: (Awesome Screenshot: Screen Video Recorder) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlipoenfbbikpbjkfpfillcgkoblgpmj [2018-01-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-01-12]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2018-01-12]
CHR Extension: (Print Friendly & PDF) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohlencieiipommannpdfcmfdpjjmeolj [2018-01-12]
CHR Extension: (Origami Player) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiomepakkenneiifjocbinkmmampfbdn [2018-01-12]
CHR Extension: (Bloxorz Block Puzzle) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\phiaicokjaoaobiobphcfkmbeiejdang [2018-01-12]
CHR Extension: (Gmail) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-01-12]
CHR Extension: (Chrome Media Router) - C:\Users\honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-12]
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ArcGIS License Manager; C:\Program Files (x86)\ArcGIS\License10.4\bin\lmgrd.exe [1558072 2016-01-06] (Flexera Software LLC)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2018-01-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2018-01-05] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761576 2018-01-02] (Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2017-12-14] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3294608 2017-12-14] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2017-12-14] (Dell Inc.)
R2 esifsvc; C:\Windows\system32\Intel\DPTF\esif_uf.exe [2210424 2016-12-27] (Intel Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-10-31] (Intel Corporation)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [190216 2016-11-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [630048 2016-10-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-12-05] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [333320 2017-05-08] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-08-16] (Microsoft Corporation)
R2 spacedeskService; C:\Windows\system32\spacedeskService.exe [798208 2018-01-08] ()
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [41432 2017-12-22] (Dell Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [67584 2015-07-16] (Synaptics Incorporated) [File not signed]
R2 WavesSysSvc; c:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [592776 2017-05-01] (Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2018-01-05] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2018-01-05] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2018-01-05] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2018-01-05] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2018-01-05] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2018-01-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146648 2018-01-11] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2018-01-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2018-01-05] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2018-01-05] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457896 2018-01-11] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2018-01-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2018-01-05] (AVAST Software)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [41608 2017-12-14] (Dell Inc.)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [41208 2017-12-14] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [22864 2016-10-27] (OSR Open Systems Resources, Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [72576 2016-12-27] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [67968 2016-12-27] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [355200 2016-12-27] (Intel Corporation)
R3 iaLPSS2_GPIO2; C:\Windows\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-30] (Intel Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [356608 2016-11-16] (Intel Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253880 2018-01-02] (Malwarebytes)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [7237392 2016-07-31] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [946696 2016-09-29] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [436224 2016-12-15] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R1 spacedeskDispKmode; C:\Windows\system32\DRIVERS\spacedeskDispKmode.sys [284160 2018-01-08] (datronicsoft Inc.)
R3 spacedeskKtmInputKeybd; C:\Windows\System32\drivers\spacedeskKtmInputKeybd.sys [35384 2017-09-13] ()
R3 spacedeskKtmInputMouse; C:\Windows\System32\drivers\spacedeskKtmInputMouse.sys [35384 2017-09-13] ()
R3 ST_ACCEL; C:\Windows\system32\DRIVERS\ST_Accel.sys [154280 2016-10-13] (STMicroelectronics)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2018-01-12] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2018-01-12] (Zemana Ltd.)
S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-12 18:19 - 2018-01-12 18:19 - 000025213 _____ C:\Users\honza\Desktop\FRST.txt
2018-01-12 18:18 - 2018-01-12 18:18 - 002393088 _____ (Farbar) C:\Users\honza\Desktop\FRST64.exe
2018-01-12 18:00 - 2018-01-12 18:00 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-01-12 18:00 - 2018-01-12 18:00 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2018-01-12 17:56 - 2018-01-12 17:56 - 000000000 ____D C:\ProgramData\Emsisoft
2018-01-12 17:54 - 2018-01-12 18:00 - 000000000 ____D C:\EEK
2018-01-12 17:51 - 2018-01-12 17:53 - 309978664 _____ C:\Users\honza\Desktop\EmsisoftEmergencyKit.exe
2018-01-12 17:45 - 2018-01-12 17:49 - 000000000 ____D C:\ProgramData\HitmanPro
2018-01-12 17:44 - 2018-01-12 17:45 - 011584088 _____ (SurfRight B.V.) C:\Users\honza\Desktop\hitmanpro_x64.exe
2018-01-12 13:36 - 2018-01-12 13:46 - 000000000 ____D C:\Program Files\rempl
2018-01-12 11:40 - 2018-01-12 18:19 - 000092384 _____ C:\Windows\ZAM.krnl.trace
2018-01-12 11:40 - 2018-01-12 18:19 - 000061093 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-01-12 11:40 - 2018-01-12 11:40 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2018-01-12 11:40 - 2018-01-12 11:40 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2018-01-12 11:40 - 2018-01-12 11:40 - 000001221 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2018-01-12 11:40 - 2018-01-12 11:40 - 000000000 ____D C:\Users\honza\AppData\Local\Zemana
2018-01-12 11:40 - 2018-01-12 11:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-01-12 11:40 - 2018-01-12 11:40 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-01-12 11:39 - 2018-01-12 11:39 - 006625600 _____ (Zemana Ltd. ) C:\Users\honza\Desktop\Zemana.AntiMalware.Setup.exe
2018-01-12 11:35 - 2018-01-12 11:33 - 000024064 _____ C:\Windows\zoek-delete.exe
2018-01-12 11:32 - 2018-01-12 11:32 - 000000000 ____D C:\zoek_backup
2018-01-12 11:31 - 2018-01-12 11:51 - 000024182 _____ C:\Users\honza\Desktop\Roque.txt
2018-01-12 11:31 - 2018-01-12 11:31 - 001313792 _____ C:\Users\honza\Desktop\zoek.exe
2018-01-11 23:39 - 2018-01-11 23:39 - 000806444 _____ C:\Windows\Minidump\011118-9500-01.dmp
2018-01-11 15:36 - 2018-01-11 15:36 - 001564382 _____ C:\Users\honza\Desktop\karta.pdf
2018-01-11 11:30 - 2018-01-12 10:50 - 000028272 _____ C:\Windows\system32\Drivers\TrueSight.sys
2018-01-11 11:30 - 2018-01-11 14:12 - 000000000 ____D C:\ProgramData\RogueKiller
2018-01-11 10:57 - 2018-01-11 10:57 - 002256896 _____ C:\Users\honza\Desktop\spacedesk_driver_Win_10_64_v099z47_BETA.msi
2018-01-11 10:45 - 2018-01-11 10:45 - 000000000 ____D C:\ProgramData\Sophos
2018-01-11 10:45 - 2018-01-11 10:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2018-01-11 10:45 - 2018-01-11 10:45 - 000000000 ____D C:\Program Files (x86)\Sophos
2018-01-11 10:42 - 2018-01-11 09:54 - 000001267 _____ C:\Users\honza\Desktop\AdwCleaner[C0].txt
2018-01-11 10:40 - 2018-01-11 10:40 - 000000684 _____ C:\Users\honza\Desktop\JRT.txt
2018-01-11 09:28 - 2018-01-11 09:28 - 000003874 _____ C:\Users\honza\Desktop\MbAM.txt
2018-01-11 00:15 - 2018-01-11 23:39 - 1045585825 _____ C:\Windows\MEMORY.DMP
2018-01-11 00:15 - 2018-01-11 00:15 - 000775476 _____ C:\Windows\Minidump\011118-8812-01.dmp
2018-01-10 19:18 - 2018-01-11 10:58 - 000000000 ____D C:\Program Files\datronicsoft
2018-01-10 19:18 - 2018-01-10 19:18 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_spacedeskDisplayUmode_02_15_00.Wdf
2018-01-10 11:58 - 2018-01-12 11:39 - 000000000 ____D C:\Users\honza\AppData\Local\Adobe
2018-01-10 10:57 - 2018-01-10 10:57 - 016018759 _____ C:\Users\honza\Desktop\prezentace_z_hodin.zip
2018-01-10 10:52 - 2018-01-10 10:52 - 003116071 _____ C:\Users\honza\Desktop\karta_testy.zip
2018-01-09 22:40 - 2018-01-12 18:17 - 000000000 ____D C:\Users\honza\Desktop\vir
2018-01-09 22:21 - 2018-01-09 22:21 - 000000000 ____D C:\Users\honza\AppData\Local\CEF
2018-01-09 22:10 - 2018-01-09 22:10 - 000000000 ____D C:\Users\honza\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2018-01-09 22:00 - 2018-01-11 09:54 - 000000000 ____D C:\AdwCleaner
2018-01-09 21:07 - 2018-01-09 21:07 - 000029696 _____ C:\Users\honza\AppData\Local\MSGBOX.EXE
2018-01-09 21:04 - 2018-01-12 18:19 - 000000000 ____D C:\FRST
2018-01-09 20:45 - 2018-01-09 20:45 - 000000000 ____D C:\Users\honza\AppData\Local\VirtualStore
2018-01-09 02:43 - 2018-01-09 02:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 10
2018-01-09 02:43 - 2018-01-09 02:43 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 10
2018-01-09 02:43 - 2017-03-23 09:04 - 003547136 _____ C:\Windows\system32\pwNative.exe
2018-01-09 02:43 - 2013-09-30 15:26 - 000019152 _____ C:\Windows\system32\pwdrvio.sys
2018-01-09 02:43 - 2013-09-30 15:26 - 000012504 _____ C:\Windows\system32\pwdspio.sys
2018-01-09 02:33 - 2018-01-09 02:33 - 000000000 ____D C:\Program Files (x86)\Secunia
2018-01-09 01:47 - 2018-01-09 01:47 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-01-08 18:45 - 2018-01-08 18:45 - 000798208 _____ C:\Windows\system32\spacedeskService.exe
2018-01-08 18:45 - 2018-01-08 18:45 - 000364032 _____ C:\Windows\system32\SpaceDeskServiceTray.exe
2018-01-08 18:45 - 2018-01-08 18:45 - 000284160 _____ (datronicsoft Inc.) C:\Windows\system32\Drivers\spacedeskDispKmode.sys
2018-01-08 16:31 - 2018-01-01 07:03 - 000891904 _____ (Microsoft Corporation) C:\Windows\system32\Spectrum.exe
2018-01-08 16:31 - 2018-01-01 03:27 - 001021336 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2018-01-08 16:31 - 2018-01-01 03:27 - 000751576 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2018-01-08 16:31 - 2018-01-01 03:27 - 000544152 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2018-01-08 16:31 - 2018-01-01 03:27 - 000382864 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-01-08 16:31 - 2018-01-01 03:27 - 000074648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2018-01-08 16:31 - 2018-01-01 03:26 - 000107416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2018-01-08 16:31 - 2018-01-01 03:25 - 001065608 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-01-08 16:31 - 2018-01-01 03:25 - 000900880 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-01-08 16:31 - 2018-01-01 03:24 - 008345496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-01-08 16:31 - 2018-01-01 03:24 - 002327448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-01-08 16:31 - 2018-01-01 03:24 - 001188544 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-01-08 16:31 - 2018-01-01 03:24 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2018-01-08 16:31 - 2018-01-01 03:24 - 000135576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-01-08 16:31 - 2018-01-01 03:24 - 000105880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2018-01-08 16:31 - 2018-01-01 03:24 - 000102808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2018-01-08 16:31 - 2018-01-01 03:24 - 000052632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pcw.sys
2018-01-08 16:31 - 2018-01-01 03:24 - 000033688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2018-01-08 16:31 - 2018-01-01 03:23 - 000456088 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-01-08 16:31 - 2018-01-01 03:23 - 000386456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fltMgr.sys
2018-01-08 16:31 - 2018-01-01 03:22 - 001239448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-01-08 16:31 - 2018-01-01 03:22 - 001194784 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-01-08 16:31 - 2018-01-01 03:22 - 000181912 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-01-08 16:31 - 2018-01-01 03:22 - 000119704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2018-01-08 16:31 - 2018-01-01 03:21 - 000587160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-01-08 16:31 - 2018-01-01 03:21 - 000063896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fsdepends.sys
2018-01-08 16:31 - 2018-01-01 03:20 - 007319912 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-01-08 16:31 - 2018-01-01 03:20 - 002647216 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-01-08 16:31 - 2018-01-01 03:20 - 000036760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
2018-01-08 16:31 - 2018-01-01 03:19 - 000870896 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2018-01-08 16:31 - 2018-01-01 03:19 - 000730008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2018-01-08 16:31 - 2018-01-01 03:19 - 000714648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2018-01-08 16:31 - 2018-01-01 03:19 - 000643704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-01-08 16:31 - 2018-01-01 03:19 - 000546712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2018-01-08 16:31 - 2018-01-01 03:19 - 000184728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-01-08 16:31 - 2018-01-01 03:19 - 000164760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2018-01-08 16:31 - 2018-01-01 03:19 - 000082328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmcl.sys
2018-01-08 16:31 - 2018-01-01 03:19 - 000054168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-01-08 16:31 - 2018-01-01 03:19 - 000047512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
2018-01-08 16:31 - 2018-01-01 03:19 - 000027456 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2018-01-08 16:31 - 2018-01-01 03:18 - 021354736 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-01-08 16:31 - 2018-01-01 03:18 - 001146776 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2018-01-08 16:31 - 2018-01-01 03:18 - 000966040 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.efi
2018-01-08 16:31 - 2018-01-01 03:18 - 000822680 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.exe
2018-01-08 16:31 - 2018-01-01 03:18 - 000110600 _____ (Microsoft Corporation) C:\Windows\system32\rmclient.dll
2018-01-08 16:31 - 2018-01-01 03:18 - 000057752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbios.sys
2018-01-08 16:31 - 2018-01-01 03:16 - 002672024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-01-08 16:31 - 2018-01-01 03:16 - 001107352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2018-01-08 16:31 - 2018-01-01 03:16 - 000610712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2018-01-08 16:31 - 2018-01-01 03:15 - 001396680 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-01-08 16:31 - 2018-01-01 03:15 - 000644696 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-01-08 16:31 - 2018-01-01 03:15 - 000083352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-01-08 16:31 - 2018-01-01 03:14 - 000159640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2018-01-08 16:31 - 2018-01-01 03:09 - 000142744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2018-01-08 16:31 - 2018-01-01 03:09 - 000070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WindowsTrustedRT.sys
2018-01-08 16:31 - 2018-01-01 03:08 - 001325960 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-01-08 16:31 - 2018-01-01 03:07 - 000583688 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110_win.dll
2018-01-08 16:31 - 2018-01-01 03:03 - 000627584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2018-01-08 16:31 - 2018-01-01 03:03 - 000311704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-01-08 16:31 - 2018-01-01 02:52 - 023680512 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-01-08 16:31 - 2018-01-01 02:52 - 000195768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2018-01-08 16:31 - 2018-01-01 02:50 - 000787704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-01-08 16:31 - 2018-01-01 02:49 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Storage.ApplicationData.dll
2018-01-08 16:31 - 2018-01-01 02:48 - 005828768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2018-01-08 16:31 - 2018-01-01 02:48 - 002167320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-01-08 16:31 - 2018-01-01 02:48 - 000073896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wwapi.dll
2018-01-08 16:31 - 2018-01-01 02:47 - 001998416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-01-08 16:31 - 2018-01-01 02:47 - 000433888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWanAPI.dll
2018-01-08 16:31 - 2018-01-01 02:47 - 000186520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logoncli.dll
2018-01-08 16:31 - 2018-01-01 02:47 - 000016592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshhyperv.dll
2018-01-08 16:31 - 2018-01-01 02:46 - 000702032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2018-01-08 16:31 - 2018-01-01 02:46 - 000087352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rmclient.dll
2018-01-08 16:31 - 2018-01-01 02:45 - 020374424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-01-08 16:31 - 2018-01-01 02:45 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2018-01-08 16:31 - 2018-01-01 02:44 - 000411184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp110_win.dll
2018-01-08 16:31 - 2018-01-01 02:43 - 003670016 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-01-08 16:31 - 2018-01-01 02:43 - 000558080 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-01-08 16:31 - 2018-01-01 02:42 - 000480912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-01-08 16:31 - 2018-01-01 02:42 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2018-01-08 16:31 - 2018-01-01 02:42 - 000083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbkmclr.sys
2018-01-08 16:31 - 2018-01-01 02:42 - 000047104 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-01-08 16:31 - 2018-01-01 02:41 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\irda.sys
2018-01-08 16:31 - 2018-01-01 02:41 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenanceClient.dll
2018-01-08 16:31 - 2018-01-01 02:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasacd.sys
2018-01-08 16:31 - 2018-01-01 02:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgid.sys
2018-01-08 16:31 - 2018-01-01 02:40 - 000378880 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-01-08 16:31 - 2018-01-01 02:40 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\container.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\WcnApi.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000130560 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2018-01-08 16:31 - 2018-01-01 02:40 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc.sys
2018-01-08 16:31 - 2018-01-01 02:40 - 000111616 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\container_xml.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000082944 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-01-08 16:31 - 2018-01-01 02:40 - 000079872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storqosflt.sys
2018-01-08 16:31 - 2018-01-01 02:40 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcnfs.sys
2018-01-08 16:31 - 2018-01-01 02:40 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2018-01-08 16:31 - 2018-01-01 02:40 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Synth3dVsc.sys
2018-01-08 16:31 - 2018-01-01 02:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\tetheringclient.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dmvsc.sys
2018-01-08 16:31 - 2018-01-01 02:40 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RfxVmt.sys
2018-01-08 16:31 - 2018-01-01 02:40 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\LicenseManagerSvc.dll
2018-01-08 16:31 - 2018-01-01 02:40 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2018-01-08 16:31 - 2018-01-01 02:40 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-01-08 16:31 - 2018-01-01 02:39 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2018-01-08 16:31 - 2018-01-01 02:39 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-01-08 16:31 - 2018-01-01 02:39 - 000200192 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2018-01-08 16:31 - 2018-01-01 02:39 - 000167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2018-01-08 16:31 - 2018-01-01 02:39 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2018-01-08 16:31 - 2018-01-01 02:39 - 000144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2018-01-08 16:31 - 2018-01-01 02:39 - 000142848 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2018-01-08 16:31 - 2018-01-01 02:39 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2018-01-08 16:31 - 2018-01-01 02:39 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\rasauto.dll
2018-01-08 16:31 - 2018-01-01 02:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-01-08 16:31 - 2018-01-01 02:39 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2018-01-08 16:31 - 2018-01-01 02:39 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2018-01-08 16:31 - 2018-01-01 02:39 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2018-01-08 16:31 - 2018-01-01 02:39 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2018-01-08 16:31 - 2018-01-01 02:39 - 000014848 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2018-01-08 16:31 - 2018-01-01 02:38 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-01-08 16:31 - 2018-01-01 02:38 - 000457728 _____ (Microsoft Corporation)

mastík
nováček
Příspěvky: 15
Registrován: leden 18
Pohlaví: Muž

Re: Tranfer přes CMD - prosím o kontrolu logu

Příspěvekod mastík » 12 led 2018 18:23

!!!ČÁST 2!!!


C:\Windows\system32\webplatstorageserver.dll
2018-01-08 16:31 - 2018-01-01 02:38 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-01-08 16:31 - 2018-01-01 02:38 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\wc_storage.dll
2018-01-08 16:31 - 2018-01-01 02:38 - 000304640 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2018-01-08 16:31 - 2018-01-01 02:38 - 000293376 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2018-01-08 16:31 - 2018-01-01 02:38 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\PimIndexMaintenance.dll
2018-01-08 16:31 - 2018-01-01 02:38 - 000151040 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-01-08 16:31 - 2018-01-01 02:38 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-01-08 16:31 - 2018-01-01 02:38 - 000096256 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-01-08 16:31 - 2018-01-01 02:38 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\dot3dlg.dll
2018-01-08 16:31 - 2018-01-01 02:38 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 023683072 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 002953216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2018-01-08 16:31 - 2018-01-01 02:37 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000582656 _____ (Microsoft Corporation) C:\Windows\system32\SmsRouterSvc.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000473600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000434176 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000305152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2018-01-08 16:31 - 2018-01-01 02:37 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\SCardSvr.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-01-08 16:31 - 2018-01-01 02:37 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000209408 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000189952 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000072704 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2018-01-08 16:31 - 2018-01-01 02:37 - 000038912 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-01-08 16:31 - 2018-01-01 02:36 - 000773120 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2018-01-08 16:31 - 2018-01-01 02:36 - 000626176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Bluetooth.dll
2018-01-08 16:31 - 2018-01-01 02:36 - 000548864 _____ (Microsoft Corporation) C:\Windows\system32\SensorService.dll
2018-01-08 16:31 - 2018-01-01 02:36 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2018-01-08 16:31 - 2018-01-01 02:36 - 000457728 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-01-08 16:31 - 2018-01-01 02:36 - 000388096 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-01-08 16:31 - 2018-01-01 02:36 - 000328704 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2018-01-08 16:31 - 2018-01-01 02:36 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-01-08 16:31 - 2018-01-01 02:36 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2018-01-08 16:31 - 2018-01-01 02:36 - 000209920 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000996864 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000847360 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000692736 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000538624 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000422912 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000421888 _____ (Microsoft Corporation) C:\Windows\system32\p2psvc.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000365568 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000343040 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000278016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usoapi.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PimIndexMaintenanceClient.dll
2018-01-08 16:31 - 2018-01-01 02:35 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\virtdisk.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000752640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000203264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\container.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2018-01-08 16:31 - 2018-01-01 02:34 - 000132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Microsoft.Bluetooth.Profiles.Gatt.Interface.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcnApi.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-01-08 16:31 - 2018-01-01 02:34 - 000058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tetheringclient.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rfxvmt.dll
2018-01-08 16:31 - 2018-01-01 02:34 - 000013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2018-01-08 16:31 - 2018-01-01 02:34 - 000013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2018-01-08 16:31 - 2018-01-01 02:34 - 000010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 003306496 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 001627648 _____ (Microsoft Corporation) C:\Windows\system32\rdpserverbase.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 001177600 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 000687616 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\ncryptprov.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistCleaner.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fwpolicyiomgr.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 000152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2018-01-08 16:31 - 2018-01-01 02:33 - 000120320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssdpapi.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 000039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2018-01-08 16:31 - 2018-01-01 02:33 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 002078720 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-01-08 16:31 - 2018-01-01 02:32 - 001094656 _____ (Microsoft Corporation) C:\Windows\system32\rdpbase.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 001028608 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 000970752 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 000922112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 000365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-01-08 16:31 - 2018-01-01 02:32 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 000253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\unimdm.tsp
2018-01-08 16:31 - 2018-01-01 02:32 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 000123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-01-08 16:31 - 2018-01-01 02:32 - 000099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 000097280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 000069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\keyiso.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2018-01-08 16:31 - 2018-01-01 02:32 - 000048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3dlg.dll
2018-01-08 16:31 - 2018-01-01 02:31 - 008188928 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-01-08 16:31 - 2018-01-01 02:31 - 007339520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-01-08 16:31 - 2018-01-01 02:31 - 001736704 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2018-01-08 16:31 - 2018-01-01 02:31 - 001398272 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2018-01-08 16:31 - 2018-01-01 02:31 - 000934912 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2018-01-08 16:31 - 2018-01-01 02:31 - 000757760 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2018-01-08 16:31 - 2018-01-01 02:31 - 000370688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-01-08 16:31 - 2018-01-01 02:31 - 000266240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-01-08 16:31 - 2018-01-01 02:31 - 000242176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2018-01-08 16:31 - 2018-01-01 02:31 - 000232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppLockerCSP.dll
2018-01-08 16:31 - 2018-01-01 02:31 - 000173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2018-01-08 16:31 - 2018-01-01 02:30 - 020514304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2018-01-08 16:31 - 2018-01-01 02:30 - 019337216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-01-08 16:31 - 2018-01-01 02:30 - 012803584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-01-08 16:31 - 2018-01-01 02:30 - 004719104 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-01-08 16:31 - 2018-01-01 02:30 - 003206656 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-01-08 16:31 - 2018-01-01 02:30 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2018-01-08 16:31 - 2018-01-01 02:30 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2018-01-08 16:31 - 2018-01-01 02:30 - 000432640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Bluetooth.dll
2018-01-08 16:31 - 2018-01-01 02:30 - 000397824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-01-08 16:31 - 2018-01-01 02:30 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-01-08 16:31 - 2018-01-01 02:30 - 000304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2018-01-08 16:31 - 2018-01-01 02:30 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 002516480 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 001954816 _____ (Microsoft Corporation) C:\Windows\system32\PeerDistSvc.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 001628672 _____ (Microsoft Corporation) C:\Windows\system32\UserDataService.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 001583616 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 000969728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Unistore.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 000755200 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 000664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 000552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 000358400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\ncbservice.dll
2018-01-08 16:31 - 2018-01-01 02:29 - 000126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-01-08 16:31 - 2018-01-01 02:28 - 001802752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-01-08 16:31 - 2018-01-01 02:28 - 001452544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpserverbase.dll
2018-01-08 16:31 - 2018-01-01 02:28 - 000754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-01-08 16:31 - 2018-01-01 02:28 - 000522752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2018-01-08 16:31 - 2018-01-01 02:28 - 000260096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2018-01-08 16:31 - 2018-01-01 02:28 - 000233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-01-08 16:31 - 2018-01-01 02:27 - 006249472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2018-01-08 16:31 - 2018-01-01 02:27 - 000946176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpbase.dll
2018-01-08 16:31 - 2018-01-01 02:27 - 000879104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-01-08 16:31 - 2018-01-01 02:27 - 000267264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptprov.dll
2018-01-08 16:31 - 2018-01-01 02:26 - 011888640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-01-08 16:31 - 2018-01-01 02:26 - 005964288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2018-01-08 16:31 - 2018-01-01 02:26 - 000750592 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2018-01-08 16:31 - 2018-01-01 02:26 - 000722944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-01-08 16:31 - 2018-01-01 02:26 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2018-01-08 16:31 - 2018-01-01 02:26 - 000385536 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2018-01-08 16:31 - 2018-01-01 02:26 - 000183296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2018-01-08 16:31 - 2018-01-01 02:26 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\rdvvmtransport.dll
2018-01-08 16:31 - 2018-01-01 02:26 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpbus.sys
2018-01-08 16:31 - 2018-01-01 02:25 - 002010112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-01-08 16:31 - 2018-01-01 02:25 - 000824832 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-01-08 16:31 - 2018-01-01 02:25 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\xolehlp.dll
2018-01-08 16:31 - 2018-01-01 02:24 - 003651072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-01-08 16:31 - 2018-01-01 02:24 - 002859520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-01-08 16:31 - 2018-01-01 02:24 - 001463296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-01-08 16:31 - 2018-01-01 02:24 - 000658944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-01-08 16:31 - 2018-01-01 02:24 - 000208896 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2018-01-08 16:31 - 2018-01-01 02:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\wscproxystub.dll
2018-01-08 16:31 - 2018-01-01 02:23 - 001627136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-01-08 16:31 - 2018-01-01 02:23 - 000239616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2018-01-08 16:31 - 2018-01-01 02:23 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-01-08 16:31 - 2018-01-01 02:23 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\offreg.dll
2018-01-08 16:31 - 2018-01-01 02:23 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2018-01-08 16:31 - 2018-01-01 02:23 - 000031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2018-01-08 16:31 - 2018-01-01 02:23 - 000007680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\null.sys
2018-01-08 16:31 - 2018-01-01 02:22 - 000367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2018-01-08 16:31 - 2018-01-01 02:21 - 000337920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2018-01-08 16:31 - 2018-01-01 02:21 - 000066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvvmtransport.dll
2018-01-08 16:31 - 2018-01-01 02:20 - 000708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-01-08 16:31 - 2018-01-01 02:20 - 000052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2018-01-08 16:31 - 2018-01-01 02:19 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscproxystub.dll
2018-01-08 16:31 - 2018-01-01 02:18 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offreg.dll
2018-01-08 16:31 - 2018-01-01 02:18 - 000048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdPnp.dll
2018-01-08 16:31 - 2018-01-01 02:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmiprop.dll
2018-01-08 16:31 - 2018-01-01 02:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdWNet.dll
2018-01-08 16:31 - 2018-01-01 02:18 - 000021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfhost.exe
2018-01-08 16:30 - 2018-01-01 03:27 - 000264536 _____ (Microsoft Corporation) C:\Windows\system32\LsaIso.exe
2018-01-08 16:30 - 2018-01-01 03:27 - 000074648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2018-01-08 16:30 - 2018-01-01 03:27 - 000066712 _____ (Microsoft Corporation) C:\Windows\system32\iumcrypt.dll
2018-01-08 16:30 - 2018-01-01 03:27 - 000022800 _____ (Microsoft Corporation) C:\Windows\system32\iumbase.dll
2018-01-08 16:30 - 2018-01-01 03:27 - 000022208 _____ (Microsoft Corporation) C:\Windows\system32\IumSdk.dll
2018-01-08 16:30 - 2018-01-01 03:27 - 000020376 _____ (Microsoft Corporation) C:\Windows\system32\kdhvcom.dll
2018-01-08 16:30 - 2018-01-01 03:27 - 000015632 _____ (Microsoft Corporation) C:\Windows\system32\iumdll.dll
2018-01-08 16:30 - 2018-01-01 03:22 - 000503704 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2018-01-08 16:30 - 2018-01-01 03:21 - 000328616 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2018-01-08 16:30 - 2018-01-01 03:20 - 000524760 _____ (Microsoft Corporation) C:\Windows\system32\WWanAPI.dll
2018-01-08 16:30 - 2018-01-01 03:20 - 000459160 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2018-01-08 16:30 - 2018-01-01 03:19 - 002466392 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-01-08 16:30 - 2018-01-01 03:19 - 000282520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2018-01-08 16:30 - 2018-01-01 03:19 - 000247472 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2018-01-08 16:30 - 2018-01-01 03:19 - 000123800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2018-01-08 16:30 - 2018-01-01 03:19 - 000118680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvsocket.sys
2018-01-08 16:30 - 2018-01-01 03:19 - 000031640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2018-01-08 16:30 - 2018-01-01 03:19 - 000018672 _____ (Microsoft Corporation) C:\Windows\system32\wshhyperv.dll
2018-01-08 16:30 - 2018-01-01 03:18 - 000316240 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-01-08 16:30 - 2018-01-01 03:18 - 000175800 _____ (Microsoft Corporation) C:\Windows\system32\skci.dll
2018-01-08 16:30 - 2018-01-01 03:18 - 000059800 _____ (Microsoft Corporation) C:\Windows\system32\hvhostsvc.dll
2018-01-08 16:30 - 2018-01-01 03:17 - 000154520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-01-08 16:30 - 2018-01-01 03:10 - 000100800 _____ (Microsoft Corporation) C:\Windows\system32\wwapi.dll
2018-01-08 16:30 - 2018-01-01 03:09 - 000434072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2018-01-08 16:30 - 2018-01-01 03:09 - 000114584 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-01-08 16:30 - 2018-01-01 02:42 - 000122880 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-01-08 16:30 - 2018-01-01 02:42 - 000055296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhvr.sys
2018-01-08 16:30 - 2018-01-01 02:41 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\usoapi.dll
2018-01-08 16:30 - 2018-01-01 02:41 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2018-01-08 16:30 - 2018-01-01 02:41 - 000062976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2018-01-08 16:30 - 2018-01-01 02:41 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\sysntfy.dll
2018-01-08 16:30 - 2018-01-01 02:41 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
2018-01-08 16:30 - 2018-01-01 02:41 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2018-01-08 16:30 - 2018-01-01 02:41 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\VmApplicationHealthMonitorProxy.dll
2018-01-08 16:30 - 2018-01-01 02:41 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hyperkbd.sys
2018-01-08 16:30 - 2018-01-01 02:41 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmgencounter.sys
2018-01-08 16:30 - 2018-01-01 02:41 - 000009216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
2018-01-08 16:30 - 2018-01-01 02:40 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\wificonnapi.dll
2018-01-08 16:30 - 2018-01-01 02:40 - 000081408 _____ (Microsoft Corporation) C:\Windows\system32\efslsaext.dll
2018-01-08 16:30 - 2018-01-01 02:40 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\lltdio.sys
2018-01-08 16:30 - 2018-01-01 02:40 - 000057344 _____ (Microsoft Corporation) C:\Windows\system32\efssvc.dll
2018-01-08 16:30 - 2018-01-01 02:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\virtdisk.dll
2018-01-08 16:30 - 2018-01-01 02:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-01-08 16:30 - 2018-01-01 02:40 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2018-01-08 16:30 - 2018-01-01 02:40 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\gpuenergydrv.sys
2018-01-08 16:30 - 2018-01-01 02:39 - 000215040 _____ (Microsoft Corporation) C:\Windows\system32\fwpolicyiomgr.dll
2018-01-08 16:30 - 2018-01-01 02:39 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2018-01-08 16:30 - 2018-01-01 02:39 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\SCardDlg.dll
2018-01-08 16:30 - 2018-01-01 02:39 - 000080384 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2018-01-08 16:30 - 2018-01-01 02:39 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\ssdpapi.dll
2018-01-08 16:30 - 2018-01-01 02:38 - 000283648 _____ (Microsoft Corporation) C:\Windows\system32\icsvc.dll
2018-01-08 16:30 - 2018-01-01 02:38 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
2018-01-08 16:30 - 2018-01-01 02:38 - 000165888 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2018-01-08 16:30 - 2018-01-01 02:38 - 000150528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2018-01-08 16:30 - 2018-01-01 02:38 - 000149504 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2018-01-08 16:30 - 2018-01-01 02:38 - 000093696 _____ (Microsoft Corporation) C:\Windows\system32\keyiso.dll
2018-01-08 16:30 - 2018-01-01 02:37 - 000723968 _____ (Microsoft Corporation) C:\Windows\system32\NaturalAuth.dll
2018-01-08 16:30 - 2018-01-01 02:37 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2018-01-08 16:30 - 2018-01-01 02:37 - 000342528 _____ (Microsoft Corporation) C:\Windows\system32\APHostService.dll
2018-01-08 16:30 - 2018-01-01 02:37 - 000336384 _____ (Microsoft Corporation) C:\Windows\system32\AppLockerCSP.dll
2018-01-08 16:30 - 2018-01-01 02:37 - 000250368 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2018-01-08 16:30 - 2018-01-01 02:36 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\wifiprofilessettinghandler.dll
2018-01-08 16:30 - 2018-01-01 02:36 - 000307712 _____ (Microsoft Corporation) C:\Windows\system32\icsvcext.dll
2018-01-08 16:30 - 2018-01-01 02:35 - 000741376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2018-01-08 16:30 - 2018-01-01 02:35 - 000292352 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2018-01-08 16:30 - 2018-01-01 02:34 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2018-01-08 16:30 - 2018-01-01 02:34 - 000399872 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2018-01-08 16:30 - 2018-01-01 02:34 - 000239616 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2018-01-08 16:30 - 2018-01-01 02:33 - 000877568 _____ (Microsoft Corporation) C:\Windows\system32\usermgr.dll
2018-01-08 16:30 - 2018-01-01 02:33 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2018-01-08 16:30 - 2018-01-01 02:33 - 000583168 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2018-01-08 16:30 - 2018-01-01 02:33 - 000365568 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2018-01-08 16:30 - 2018-01-01 02:31 - 001355264 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2018-01-08 16:30 - 2018-01-01 02:30 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-01-08 16:30 - 2018-01-01 02:30 - 000397312 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2018-01-08 16:30 - 2018-01-01 02:29 - 002426368 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-01-08 16:30 - 2018-01-01 02:29 - 000877568 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-01-08 16:30 - 2018-01-01 02:29 - 000272384 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2018-01-08 16:30 - 2018-01-01 02:26 - 000502272 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2018-01-08 16:30 - 2018-01-01 02:25 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\beep.sys
2018-01-08 16:30 - 2018-01-01 02:23 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\fdPnp.dll
2018-01-08 16:30 - 2018-01-01 02:23 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2018-01-08 16:30 - 2018-01-01 02:23 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2018-01-08 16:30 - 2018-01-01 02:23 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\fdWNet.dll
2018-01-08 16:30 - 2018-01-01 02:23 - 000029184 _____ (Microsoft Corporation) C:\Windows\system32\wmiprop.dll
2018-01-07 21:24 - 2018-01-07 21:24 - 000000000 ___HD C:\OneDriveTemp
2018-01-05 20:36 - 2018-01-05 20:36 - 000001737 _____ C:\Users\honza\Desktop\CivilizationVI.lnk
2018-01-05 20:32 - 2018-01-05 20:32 - 000000778 _____ C:\Users\honza\Desktop\Banished.lnk
2018-01-05 16:47 - 2018-01-05 16:46 - 000365680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-01-05 13:20 - 2018-01-05 13:20 - 000000000 ____D C:\Users\honza\Documents\Banished
2018-01-05 10:58 - 2018-01-05 10:58 - 000000000 ____D C:\Users\honza\Documents\Empire Earth III
2018-01-05 10:58 - 2018-01-05 10:58 - 000000000 ____D C:\Users\honza\AppData\Roaming\Sierra Entertainment
2018-01-05 10:47 - 2018-01-05 10:47 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-01-05 10:47 - 2018-01-05 10:47 - 000000000 ____D C:\Program Files (x86)\AGEIA Technologies
2018-01-05 10:41 - 2018-01-05 10:41 - 000000000 ____D C:\GOG Games
2018-01-04 13:12 - 2018-01-04 13:12 - 000000000 ___HD C:\$AV_ASW
2018-01-02 21:04 - 2018-01-02 21:04 - 000000000 ____D C:\Users\honza\Documents\Empire Earth II The Art of Supremacy
2018-01-02 20:43 - 2018-01-02 20:43 - 000253880 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-01-02 20:43 - 2018-01-02 20:43 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-02 20:43 - 2018-01-02 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-02 20:43 - 2017-11-29 09:11 - 000077432 _____ C:\Windows\system32\Drivers\mbae64.sys
2018-01-02 13:37 - 2018-01-02 21:04 - 000000000 ____D C:\Users\honza\AppData\Roaming\Sierra
2018-01-02 13:37 - 2018-01-02 13:37 - 000000000 ____D C:\Users\honza\Documents\Empire Earth II
2018-01-02 13:37 - 2018-01-02 13:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-01-02 13:34 - 2018-01-02 13:34 - 000000000 ____D C:\Program Files (x86)\GOG.com
2018-01-01 23:03 - 2018-01-01 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-01-01 15:42 - 2018-01-12 18:04 - 000003526 _____ C:\Windows\System32\Tasks\wRoOQ
2018-01-01 15:42 - 2018-01-12 17:39 - 000003334 _____ C:\Windows\System32\Tasks\qacOUAiUfjXn
2018-01-01 15:42 - 2018-01-01 15:42 - 000000001 _____ C:\Users\honza\AppData\Local\WMI.ini
2018-01-01 15:42 - 2017-03-18 21:59 - 000001079 _____ C:\Windows\yyCcIhyYadIe
2018-01-01 15:42 - 2017-03-18 21:59 - 000001032 _____ C:\Windows\SysWOW64\mihLk
2018-01-01 15:42 - 2017-03-18 21:59 - 000000055 _____ C:\Program Files (x86)\uWiiwHfuJiKta
2018-01-01 15:42 - 2017-03-18 21:59 - 000000053 _____ C:\Users\honza\AppData\Local\kTaAyUTOs
2018-01-01 15:42 - 2017-03-18 21:58 - 000174592 _____ (Microsoft Corporation) C:\Windows\cumyZkIPowIa.exe
2017-12-31 18:13 - 2017-12-31 18:13 - 000000000 ____D C:\Users\honza\AppData\Local\UnrealEngine
2017-12-31 18:13 - 2017-12-31 18:13 - 000000000 ____D C:\Users\honza\AppData\Local\TslGame
2017-12-31 17:06 - 2017-12-31 17:20 - 000000000 ____D C:\Users\Public\Documents\iSumsoft ZIP Password Refixer
2017-12-31 17:06 - 2017-12-31 17:06 - 000000000 ____D C:\Users\honza\AppData\Roaming\Microsoft\Windows\Start

mastík
nováček
Příspěvky: 15
Registrován: leden 18
Pohlaví: Muž

Re: Tranfer přes CMD - prosím o kontrolu logu

Příspěvekod mastík » 12 led 2018 18:23

!!!ČÁST 3!!!


Menu\Programs\iSumsoft ZIP Password Refixer
2017-12-31 17:06 - 2017-12-31 17:06 - 000000000 ____D C:\Program Files (x86)\iSumsoft ZIP Password Refixer
2017-12-27 17:50 - 2017-12-27 17:52 - 000000000 ____D C:\Program Files\Tor Browser
2017-12-25 18:07 - 2017-12-25 18:07 - 000124725 _____ C:\Users\honza\Desktop\Volunteer _guide.pdf
2017-12-22 16:32 - 2017-12-22 16:32 - 000000000 ____D C:\Program Files\Common Files\AVG
2017-12-19 16:59 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2017-12-19 16:59 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2017-12-19 16:59 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2017-12-19 16:59 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2017-12-19 16:59 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2017-12-19 16:59 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2017-12-19 16:59 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2017-12-19 16:59 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2017-12-19 16:59 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2017-12-19 16:59 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2017-12-19 16:59 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2017-12-19 16:59 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2017-12-19 16:59 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2017-12-19 16:59 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2017-12-19 16:59 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2017-12-19 16:59 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2017-12-19 16:59 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2017-12-19 16:59 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2017-12-19 16:59 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2017-12-19 16:59 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2017-12-19 16:59 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2017-12-19 16:59 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2017-12-19 16:59 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2017-12-19 16:59 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2017-12-19 16:59 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2017-12-19 16:59 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2017-12-19 16:59 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2017-12-19 16:59 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2017-12-19 16:59 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2017-12-19 16:59 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2017-12-19 16:59 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2017-12-19 16:59 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2017-12-19 16:59 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2017-12-19 16:59 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2017-12-19 16:59 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2017-12-19 16:59 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2017-12-19 16:59 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2017-12-19 16:59 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2017-12-19 16:59 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2017-12-19 16:59 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2017-12-19 16:59 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2017-12-19 16:59 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2017-12-19 16:59 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2017-12-19 16:59 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2017-12-19 16:59 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2017-12-19 16:59 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2017-12-19 16:59 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2017-12-19 16:59 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2017-12-19 16:59 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2017-12-19 16:59 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2017-12-19 16:59 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2017-12-19 16:59 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2017-12-19 16:59 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2017-12-19 16:59 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2017-12-19 16:59 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2017-12-19 16:59 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2017-12-19 16:59 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2017-12-19 16:59 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2017-12-19 16:59 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2017-12-19 16:59 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2017-12-19 16:59 - 2008-10-15 06:22 - 005631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2017-12-19 16:59 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2017-12-19 16:59 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2017-12-19 16:59 - 2008-10-15 06:22 - 002036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2017-12-19 16:59 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2017-12-19 16:59 - 2008-10-15 06:22 - 000452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2017-12-19 16:59 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2017-12-19 16:59 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2017-12-19 16:59 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2017-12-19 16:59 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2017-12-19 16:59 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2017-12-19 16:59 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2017-12-19 16:59 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2017-12-19 16:59 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2017-12-19 16:59 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2017-12-19 16:59 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2017-12-19 16:59 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2017-12-19 16:59 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2017-12-19 16:59 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2017-12-19 16:59 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2017-12-19 16:59 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2017-12-19 16:59 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2017-12-19 16:59 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2017-12-19 16:59 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2017-12-19 16:59 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2017-12-19 16:59 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2017-12-19 16:59 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2017-12-19 16:59 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2017-12-19 16:59 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2017-12-19 16:59 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2017-12-19 16:59 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2017-12-19 16:59 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2017-12-19 16:59 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2017-12-19 16:59 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2017-12-19 16:59 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2017-12-19 16:59 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2017-12-19 16:59 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2017-12-19 16:59 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2017-12-19 16:59 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2017-12-19 16:59 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2017-12-19 16:59 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2017-12-19 16:59 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2017-12-19 16:59 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2017-12-19 16:59 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2017-12-19 16:59 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2017-12-19 16:59 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2017-12-19 16:59 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2017-12-19 16:59 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2017-12-19 16:59 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2017-12-19 16:59 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2017-12-19 16:59 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2017-12-19 16:59 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2017-12-19 16:59 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2017-12-19 16:59 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2017-12-19 16:59 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2017-12-19 16:59 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2017-12-19 16:59 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2017-12-19 16:59 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2017-12-19 16:59 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2017-12-19 16:59 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2017-12-19 16:59 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2017-12-19 16:59 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2017-12-19 16:59 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2017-12-19 16:59 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2017-12-19 16:59 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2017-12-19 16:59 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2017-12-19 16:59 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2017-12-19 16:59 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2017-12-19 16:59 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2017-12-19 16:59 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2017-12-19 16:59 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2017-12-19 16:59 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2017-12-19 16:59 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2017-12-19 16:59 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2017-12-19 16:59 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2017-12-19 16:59 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2017-12-19 16:59 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2017-12-19 16:59 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2017-12-19 16:59 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2017-12-19 16:59 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2017-12-19 16:59 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2017-12-19 16:59 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2017-12-19 16:59 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2017-12-19 16:59 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2017-12-19 16:59 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2017-12-19 16:59 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2017-12-19 16:59 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2017-12-19 16:59 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2017-12-19 16:59 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2017-12-19 16:59 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2017-12-19 16:59 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2017-12-19 16:59 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2017-12-19 16:59 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2017-12-19 16:59 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2017-12-19 16:59 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2017-12-19 16:59 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2017-12-19 16:59 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2017-12-19 16:59 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2017-12-19 16:59 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2017-12-19 16:59 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2017-12-19 16:59 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2017-12-19 16:59 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2017-12-19 16:59 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2017-12-19 16:59 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2017-12-19 16:59 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2017-12-19 16:59 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2017-12-19 16:59 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2017-12-19 16:59 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2017-12-19 16:59 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2017-12-19 16:59 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2017-12-19 16:59 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2017-12-19 16:59 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2017-12-19 16:59 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2017-12-19 16:59 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2017-12-19 16:59 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2017-12-19 16:59 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2017-12-19 16:59 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2017-12-19 16:59 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2017-12-19 16:59 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2017-12-19 16:59 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-12-19 16:59 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2017-12-19 16:59 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2017-12-17 16:43 - 2017-12-17 16:43 - 000000000 ____D C:\Users\honza\AppData\LocalLow\Temp
2017-12-16 21:23 - 2018-01-11 00:13 - 000003190 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-12-16 21:22 - 2017-12-16 21:22 - 000000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-12-16 21:22 - 2017-12-16 21:22 - 000000000 ____D C:\Program Files\Dell Support Center
2017-12-16 20:20 - 2017-12-16 20:20 - 000000000 ____D C:\ProgramData\Dell Inc
2017-12-15 02:01 - 2017-12-15 02:01 - 000000000 ___SD C:\Windows\UpdateAssistantV2
2017-12-14 11:16 - 2017-12-14 11:16 - 000041608 _____ (Dell Inc.) C:\Windows\system32\Drivers\DDDriver64Dcsa.sys
2017-12-14 11:16 - 2017-12-14 11:16 - 000041208 _____ (Dell Computer Corporation) C:\Windows\system32\Drivers\DellProf.sys
2017-12-13 18:22 - 2017-11-30 03:58 - 006763128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-13 18:22 - 2017-11-30 03:43 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-12-13 18:22 - 2017-11-30 03:42 - 000148992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2017-12-13 18:22 - 2017-11-30 03:42 - 000100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscript.ocx
2017-12-13 18:22 - 2017-11-30 03:41 - 000146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2017-12-13 18:22 - 2017-11-30 03:40 - 000528384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2017-12-13 18:22 - 2017-11-30 03:40 - 000206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2017-12-13 18:22 - 2017-11-30 03:40 - 000143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2017-12-13 18:22 - 2017-11-30 03:38 - 001248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2017-12-13 18:22 - 2017-11-30 03:38 - 000636416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WpcWebFilter.dll
2017-12-13 18:22 - 2017-11-30 03:36 - 001019904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-12-13 18:22 - 2017-11-30 03:34 - 004559360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2017-12-13 18:21 - 2017-11-30 03:57 - 001123968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-12-13 18:21 - 2017-11-30 03:43 - 000002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-12-13 18:21 - 2017-11-17 10:31 - 000223640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aepic.dll
2017-12-13 18:16 - 2017-11-30 04:23 - 007910960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-12-13 18:16 - 2017-11-30 03:45 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-12-13 18:16 - 2017-11-30 03:44 - 000042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2017-12-13 18:16 - 2017-11-30 03:43 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2017-12-13 18:16 - 2017-11-30 03:42 - 001878016 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-12-13 18:16 - 2017-11-30 03:42 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2017-12-13 18:16 - 2017-11-30 03:41 - 000527360 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-12-13 18:16 - 2017-11-30 03:41 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2017-12-13 18:16 - 2017-11-30 03:37 - 001293824 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-12-13 18:16 - 2017-11-30 03:36 - 005557760 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2017-12-13 18:16 - 2017-11-17 09:59 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-12-13 18:15 - 2017-11-30 04:33 - 000038808 _____ (Microsoft Corporation) C:\Windows\system32\OOBEUpdater.exe
2017-12-13 18:15 - 2017-11-30 04:23 - 001194248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-12-13 18:15 - 2017-11-30 03:42 - 000560640 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2017-12-13 18:15 - 2017-11-30 03:41 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2017-12-13 18:15 - 2017-11-30 03:39 - 000925696 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebFilter.dll
2017-12-13 18:15 - 2017-11-17 10:39 - 005477088 _____ (Microsoft Corporation) C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
2017-12-13 18:15 - 2017-11-17 09:56 - 000757248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2017-12-13 18:14 - 2017-11-30 03:45 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-12-13 18:14 - 2017-11-30 03:44 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2017-12-13 18:14 - 2017-11-30 03:39 - 002809344 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-12-13 18:14 - 2017-11-17 10:46 - 002032536 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-12-13 18:14 - 2017-11-17 10:46 - 001578904 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-12-13 18:14 - 2017-11-17 10:46 - 000678808 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-12-13 18:14 - 2017-11-17 10:46 - 000613784 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-12-13 18:14 - 2017-11-17 10:46 - 000612248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-12-13 18:14 - 2017-11-17 10:46 - 000484248 _____ (Microsoft Corporation) C:\Windows\system32\dcntel.dll
2017-12-13 18:14 - 2017-11-17 10:46 - 000379288 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-12-13 18:14 - 2017-11-17 10:46 - 000190360 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-12-13 18:14 - 2017-11-17 10:46 - 000136088 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-12-13 18:14 - 2017-11-17 10:46 - 000067992 _____ (Microsoft Corporation) C:\Windows\system32\win32appinventorycsp.dll
2017-12-13 18:14 - 2017-11-17 10:46 - 000034712 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2017-12-13 18:13 - 2017-11-17 10:46 - 000259992 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-12 18:07 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-12 18:07 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\AppReadiness
2018-01-12 18:06 - 2017-08-17 16:12 - 003515786 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-12 18:06 - 2017-04-05 16:36 - 001620942 _____ C:\Windows\system32\perfh005.dat
2018-01-12 18:06 - 2017-04-05 16:36 - 000409758 _____ C:\Windows\system32\perfc005.dat
2018-01-12 18:01 - 2017-10-06 19:38 - 000000000 __SHD C:\Users\honza\IntelGraphicsProfiles
2018-01-12 18:00 - 2017-10-06 19:37 - 000000000 ____D C:\Users\honza
2018-01-12 18:00 - 2017-08-17 16:14 - 000000000 ____D C:\ProgramData\Synaptics
2018-01-12 18:00 - 2017-08-15 20:27 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-12 18:00 - 2017-03-18 12:40 - 001048576 _____ C:\Windows\system32\config\BBI
2018-01-12 17:46 - 2017-10-06 19:38 - 000000000 ____D C:\Users\honza\AppData\Local\Packages
2018-01-12 17:44 - 2017-10-06 20:58 - 000004210 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{071816E5-9019-4C93-AF88-441AF8B0A51B}
2018-01-12 16:53 - 2017-08-15 20:27 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-01-12 13:48 - 2017-03-18 22:01 - 000000000 ____D C:\Windows\INF
2018-01-12 11:36 - 2017-08-15 20:27 - 005113160 _____ C:\Windows\system32\FNTCACHE.DAT
2018-01-12 10:54 - 2017-08-17 16:17 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-01-12 10:54 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-01-11 23:39 - 2017-11-04 18:53 - 000000000 ____D C:\Windows\Minidump
2018-01-11 18:00 - 2017-10-14 09:08 - 000000000 ____D C:\Users\honza\AppData\Local\CrashDumps
2018-01-11 11:59 - 2017-10-06 19:56 - 000000000 ____D C:\Windows\system32\MRT
2018-01-11 11:57 - 2017-10-11 20:03 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-01-11 11:57 - 2017-10-06 19:56 - 129365736 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-01-11 11:57 - 2017-03-18 21:51 - 000000000 ____D C:\Windows\CbsTemp
2018-01-11 10:34 - 2017-10-06 20:34 - 000457896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-01-11 10:34 - 2017-10-06 20:34 - 000146648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-01-11 09:56 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\LiveKernelReports
2018-01-11 09:24 - 2017-03-18 12:40 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-01-11 00:15 - 2017-10-29 11:54 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2018-01-11 00:13 - 2017-11-08 22:43 - 000002038 _____ C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2018-01-11 00:13 - 2017-11-05 13:56 - 000003094 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2018-01-11 00:13 - 2017-10-31 15:49 - 000002804 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-honza.ch88@gmail.com
2018-01-11 00:13 - 2017-10-06 20:50 - 000002218 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-01-11 00:13 - 2017-10-06 20:35 - 000003482 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-01-11 00:13 - 2017-10-06 19:45 - 000003398 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-01-11 00:13 - 2017-10-06 19:45 - 000003174 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-01-11 00:13 - 2017-10-06 19:43 - 000003256 _____ C:\Windows\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2018-01-11 00:13 - 2017-10-06 19:42 - 000002856 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3112688569-585586772-3143591606-1001
2018-01-11 00:13 - 2017-10-06 19:33 - 000003100 _____ C:\Windows\System32\Tasks\PCDDataUploadTask
2018-01-11 00:13 - 2017-10-06 19:33 - 000002982 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest
2018-01-11 00:13 - 2017-08-17 16:14 - 000003118 _____ C:\Windows\System32\Tasks\Intel PTT EK Recertification
2018-01-11 00:13 - 2017-08-15 20:30 - 000002768 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2018-01-09 22:55 - 2017-10-06 19:40 - 000000000 ____D C:\Users\honza\AppData\Local\Comms
2018-01-09 22:39 - 2017-11-04 19:13 - 000029696 ___SH C:\Users\honza\Desktop\Thumbs.db
2018-01-09 21:54 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\rescache
2018-01-09 10:47 - 2017-10-10 16:45 - 000000000 ____D C:\Users\honza\.matplotlib
2018-01-09 02:57 - 2017-10-14 09:03 - 000002276 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-09 02:57 - 2017-10-14 09:03 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-09 02:36 - 2017-11-05 13:42 - 000000000 ____D C:\Program Files (x86)\AVG
2018-01-09 02:25 - 2017-10-06 19:40 - 000000000 ___RD C:\Users\honza\OneDrive
2018-01-09 01:35 - 2017-10-06 19:57 - 000545440 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-01-09 01:28 - 2017-08-15 20:30 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-01-09 01:27 - 2017-03-18 22:03 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-01-09 01:27 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\F12
2018-01-09 01:27 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\en-GB
2018-01-07 21:23 - 2017-11-05 13:41 - 000000000 ____D C:\ProgramData\Avg
2018-01-07 16:41 - 2017-10-07 10:11 - 000000000 ____D C:\Users\honza\AppData\Roaming\vlc
2018-01-05 20:35 - 2017-10-28 14:18 - 000000000 ____D C:\Games
2018-01-05 16:47 - 2017-10-06 20:34 - 000061304 _____ () C:\Windows\system32\Drivers\lpsport.sys
2018-01-05 16:47 - 2017-10-06 20:34 - 000003994 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-01-05 16:46 - 2017-11-19 14:08 - 000185096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-01-05 16:46 - 2017-10-06 20:34 - 001025176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-01-05 16:46 - 2017-10-06 20:34 - 000358672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-01-05 16:46 - 2017-10-06 20:34 - 000343768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
2018-01-05 16:46 - 2017-10-06 20:34 - 000321512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2018-01-05 16:46 - 2017-10-06 20:34 - 000204456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-01-05 16:46 - 2017-10-06 20:34 - 000199448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
2018-01-05 16:46 - 2017-10-06 20:34 - 000110336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-01-05 16:46 - 2017-10-06 20:34 - 000084384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-01-05 16:46 - 2017-10-06 20:34 - 000057696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
2018-01-05 16:46 - 2017-10-06 20:34 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-01-05 10:41 - 2017-10-07 17:37 - 000000000 ____D C:\Users\honza\AppData\Roaming\uTorrent
2018-01-04 13:20 - 2017-10-06 20:58 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2018-01-04 13:20 - 2017-10-06 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-01-04 13:20 - 2017-10-06 20:58 - 000000000 ____D C:\Program Files (x86)\Java
2018-01-04 12:35 - 2017-12-04 21:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.4
2018-01-04 12:35 - 2017-08-17 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2018-01-04 12:35 - 2017-08-17 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-01-04 12:32 - 2017-11-19 18:14 - 000000000 ___RD C:\Users\honza\3D Objects
2018-01-02 20:43 - 2017-10-19 14:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-01 15:41 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-12-26 10:38 - 2017-10-06 22:55 - 000000000 ____D C:\Users\honza\Documents\ArcGIS
2017-12-26 10:34 - 2017-11-28 11:38 - 000000000 ____D C:\Users\honza\Desktop\KMZ_KML
2017-12-21 09:23 - 2017-10-28 11:44 - 000000000 ____D C:\Users\honza\.qgis2
2017-12-21 05:35 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-12-21 05:35 - 2017-03-18 22:06 - 000177648 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-16 21:22 - 2017-10-06 20:05 - 000000000 ____D C:\Users\honza\AppData\Roaming\PCDr
2017-12-16 21:22 - 2017-08-17 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-12-16 21:21 - 2017-08-17 16:12 - 000000000 ____D C:\ProgramData\PCDr
2017-12-16 20:20 - 2017-10-06 19:42 - 000000000 ____D C:\ProgramData\SupportAssist
2017-12-15 02:01 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\SysWOW64\en-GB
2017-12-15 02:01 - 2017-03-18 22:03 - 000000000 ____D C:\Windows\system32\oobe

==================== Files in the root of some directories =======

2018-01-01 15:42 - 2017-03-18 21:59 - 000000055 _____ () C:\Program Files (x86)\uWiiwHfuJiKta
2017-03-18 21:59 - 2017-03-18 21:59 - 000000055 _____ () C:\Program Files (x86)\uWiiwHfuJiKta.bat
2017-11-28 12:56 - 2017-12-02 10:58 - 000000034 _____ () C:\Users\honza\AppData\Roaming\AdobeWLCMCache.dat
2017-10-12 10:21 - 2017-10-12 10:21 - 000000624 _____ () C:\Users\honza\AppData\Roaming\All CPU MeterV3_Settings.ini
2017-10-13 08:06 - 2017-10-13 08:06 - 000000600 _____ () C:\Users\honza\AppData\Roaming\winscp.rnd
2018-01-01 15:42 - 2017-03-18 21:59 - 000000053 _____ () C:\Users\honza\AppData\Local\kTaAyUTOs
2017-03-18 21:59 - 2017-03-18 21:59 - 000000053 _____ () C:\Users\honza\AppData\Local\kTaAyUTOs.bat
2018-01-09 21:07 - 2018-01-09 21:07 - 000029696 _____ () C:\Users\honza\AppData\Local\MSGBOX.EXE
2017-11-09 23:28 - 2017-11-09 23:28 - 000012876 _____ () C:\Users\honza\AppData\Local\recently-used.xbel
2018-01-01 15:42 - 2018-01-01 15:42 - 000000001 _____ () C:\Users\honza\AppData\Local\WMI.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-07 21:34

==================== End of FRST.txt ============================


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 2 hosti