Preventivní kontrola

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7845
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Preventivní kontrola

Příspěvekod mmmartin » 15 led 2019 16:21

Prosím o kontrolu.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:12:35, on 15.01.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Creative\Sound Blaster Omni\Sound Blaster Omni Control Panel\SBOmni.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Users\MARTIN\Documents\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Norton Password Manager - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine32\22.16.3.21\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.16.3.21\coIEPlg.dll
O4 - HKLM\..\Run: [PowerDVD15Agent] "C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Sound Blaster Omni Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Omni\Sound Blaster Omni Control Panel\SBOmni.exe" /r
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
O4 - HKCU\..\Run: [Web Companion] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe "C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe" "C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe" "C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" -Embedding
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Logitech . Registrace produktu.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.webcompanion.com
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - http://files.creative.com/Web/softwareu ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://files.creative.com/Web/softwareu ... /CTPID.cab
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Acronis Active Protection (TM) Service (AcronisActiveProtectionService) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper\ABService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 15\DfsdkS64.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Acronis Managed Machine Service Mini (mmsminisrv) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
O23 - Service: Server záloh mobilního zařízení Acronis (mobile_backup_server) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
O23 - Service: Stav serveru záloh mobilního zařízení Acronis (mobile_backup_status_server) - Unknown owner - C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Security (NortonSecurity) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.16.3.21\NortonSecurity.exe
O23 - Service: Norton WSC Service (nsWscSvc) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.16.3.21\nsWscSvc.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13897 bytes

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-15-2019
# Duration: 00:00:16
# OS: Windows 10 Pro
# Scanned: 32265
# Detected: 5


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 15.01.19
Čas skenování: 16:07
Logovací soubor: 3cfa1b28-18d7-11e9-a89e-6c626d9cd1bc.json

-Informace o softwaru-
Verze: 3.6.1.2711
Verze komponentů: 1.0.519
Aktualizovat verzi balíku komponent: 1.0.8798
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 17763.195)
CPU: x64
Systém souborů: NTFS
Uživatel: DESKTOP-DGB63JL\MARTIN

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 310587
Zjištěné hrozby: 0
Hrozby umístěné do karantény: 0
Uplynulý čas: 2 min, 34 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)



Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39234
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod jaro3 » 15 led 2019 18:07

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce
klikni na „Skenování“ , po prohledání klikni na „ Čištění

Program provede opravu, po automatickém restartu klikni na „Log soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/files/details ... _tool.html
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7845
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 16 led 2019 19:46

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-16-2019
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.




*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1719 octets] - [15/01/2019 15:55:53]
AdwCleaner[S01].txt - [1780 octets] - [16/01/2019 17:35:24]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by MARTIN (Administrator) on 16.01.2019 at 17:45:21,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\ProgramData\mntemp (File)

Deleted the following from C:\Users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\4m302y62.default\prefs.js
user_pref(browser.uiCustomization.state, {\placements\:{\widget-overflow-fixed-list\:[],\PersonalToolbar\:[\personal-bookmarks\],\nav-bar\:[\back-button\,\forw
user_pref(extensions.webextensions.uuids, {\formautofill@mozilla.org\:\c4e0e004-cc3e-4ecd-9e50-22718dfe6ead\,\screenshots@mozilla.org\:\e58f610a-142e-4a44-9e2e-f8e1c



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.01.2019 at 17:48:54,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Sophos Virus Removal Tool

bez nálezu

RogueKiller Anti-Malware V13.0.22.0 (x64) [Jan 14 2019] (Free) by Adlice Software
mail : https://adlice.com/contact/

Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17763) 64 bits
Started in : Normal mode
User : MARTIN [Administrator]
Started from : C:\Users\MARTIN\Desktop\Kontrola 15_01_2019\Rouge Killer\RogueKiller_portable64.exe
Mode : Standard Scan, Scan -- Date : 2019/01/16 19:10:24 (Duration : 00:13:24)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> O23 - Services
[Bad.Extension (Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CLFCL5.15 -- (CyberLink Corp.) C:\Windows\System32\drivers\CLFCL5.15\000.fcl -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

A ještě: při každém načtení PC-help se objeví hláška
pharma.jpg
Nemáte oprávnění prohlížet přiložené soubory.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39234
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod jaro3 » 16 led 2019 21:00

Ta doména Ti něco říká?

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7845
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 17 led 2019 07:48

RogueKiller Anti-Malware V13.0.22.0 (x64) [Jan 14 2019] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17763) 64 bits
Started in : Normal mode
User : MARTIN [Administrator]
Started from : C:\Users\MARTIN\Desktop\Kontrola 15_01_2019\Rouge Killer\RogueKiller_portable64.exe
Mode : Standard Scan, Delete -- Date : 2019/01/17 04:37:54 (Duration : 00:13:11)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Delete ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[Bad.Extension (Malicious)] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\CLFCL5.15 -- [%SystemRoot%\System32\drivers\CLFCL5.15\000.fcl] -> Deleted

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by MARTIN on 17.01.2019 at 4:46:00,62.
Microsoft Windows 10 Pro 10.0.17763 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\MARTIN\Desktop\Kontrola 15_01_2019\ZOEK\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

17.01.2019 4:48:58 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Zemana AntiMalware deleted successfully
C:\PROGRA~3\Acronis Mobile Backup Data deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking deleted successfully
C:\Users\MARTIN\AppData\Local\DBG deleted successfully
C:\Users\MARTIN\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\4m302y62.default\prefs.js:
user_pref("browser.startup.homepage", "moz-extension://a3bf8492-148a-4e2c-a115-d57982b99fb5/homePageRedirect.html");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\4m302y62.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\MARTIN\AppData\Roaming\Thunderbird\Profiles\p1dm6hkj.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\MARTIN\AppData\Roaming\Thunderbird\Profiles\p1dm6hkj.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\4m302y62.default

user.js not found
---- Lines searchengine removed from prefs.js ----
user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"addSearchEng
---- FireFox user.js and prefs.js backups ----

prefs__0604_.backup

ProfilePath: C:\Users\MARTIN\AppData\Roaming\Thunderbird\Profiles\p1dm6hkj.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_201526.09._2039_.backup
prefs_201625.03._0034_.backup
prefs_24.01.2015_1131_.backup
prefs__0604_.backup
prefs__2012_.backup
prefs__2219_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Zemana AntiMalware not found
C:\Users\MARTIN\AppData\Roaming\Aegisub deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\MARTIN\Desktop\Free Rapid Downloader.lnk deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\4m302y62.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\MARTIN\AppData\Roaming\Thunderbird\Profiles\p1dm6hkj.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\4m302y62.default
- __MSG_hpName__ - %ProfilePath%\extensions\nortonhomepage@symantec.com.xpi
- __MSG_dsName__ - %ProfilePath%\extensions\nortonsafesearch_ul_2@symantec.com.xpi

ProfilePath: C:\Users\MARTIN\AppData\Roaming\Thunderbird\Profiles\p1dm6hkj.default
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- ConfirmBeforeDelete - %ProfilePath%\extensions\{51fff70c-0f33-4769-b411-67bd86836012}.xpi
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\4m302y62.default
FC18E6D133877BE07C753552705A5B8C - C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll - Silverlight Plug-In
81D6D6EE6226773449C5CBE9496EDAF6 - C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll - Microsoft® Silverlight


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files\Norton Security\Engine\22.16.3.21\Exts\Chrome.crx[]
iikflkcanblccfahdhdonehdalibjnif - No path found[]

youtubeflashhtml - MARTIN\Appdata\Roaming\Opera Software\Opera Stable\Extensions\abpeogmjbjonedcakbihofgpoelmfbgj
Ant Video downloader - MARTIN\Appdata\Roaming\Opera Software\Opera Stable\Extensions\ekoimfmkeigjoobkpleplpfjahljcdla

==== Chromium Fix ======================

C:\Users\MARTIN\Appdata\Roaming\Opera Software\Opera Stable\Extensions\ekoimfmkeigjoobkpleplpfjahljcdla deleted successfully
C:\Users\MARTIN\Appdata\Roaming\Opera Software\Opera Stable\Local Extension Settings\ekoimfmkeigjoobkpleplpfjahljcdla deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\MARTIN\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\MARTIN\Appdata\Roaming\Opera Software\Opera Stable\Preferences.backup was reset successfully
C:\Users\MARTIN\Appdata\Roaming\Opera Software\Opera Stable\Secure Preferences was reset successfully
C:\Users\MARTIN\Appdata\Roaming\Opera Software\Opera Stable\Secure Preferences.backup was reset successfully
C:\Users\MARTIN\Appdata\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\MARTIN\Appdata\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\MARTIN\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\MARTIN\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\MARTIN\AppData\Local\Mozilla\Firefox\Profiles\4m302y62.default\cache2 emptied successfully

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\MARTIN\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=124 folders=37 286003874 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\MARTIN\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\MARTIN\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 17.01.2019 at 6:54:56,34 ======================

Zemana AntiMalware 2.74.2.150 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2019.1.17
Operating System : Windows 10 64-bit
Processor : 4X AMD Athlon(tm) II X4 640 Processor
BIOS Mode : Legacy
CUID : 12D0E5AC87233F73B449E8
Scan Type : Skenování systému
Duration : 3m 44s
Scanned Objects : 132086
Detected Objects : 1
Excluded Objects : 0
Read Level : SCSI
Auto Upload : Vypnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

nortonsafesearch_ul_2@symantec.com
Status : Skenováno
Object : %appdata%\mozilla\firefox\profiles\4m302y62.default\extensions\nortonsafesearch_ul_2@symantec.com.xpi
MD5 : 6E09FF404AE0B9DF8C18C5657A96BDE8
Publisher : -
Size : 613809
Version : -
Detection : PUA.FirefoxExt!Gr
Cleaning Action : Opravit
Related Objects :
Rozšíření prohlížeče - nortonsafesearch_ul_2@symantec.com
Soubor - %appdata%\mozilla\firefox\profiles\4m302y62.default\extensions\nortonsafesearch_ul_2@symantec.com.xpi


Cleaning Result
-------------------------------------------------------
Cleaned : 1
Reported as safe : 0
Failed : 0

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:19:02, on 17.01.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0001)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\SpeedFan\speedfan.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
C:\Program Files (x86)\Creative\Sound Blaster Omni\Sound Blaster Omni Control Panel\SBOmni.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
J:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Norton Password Manager - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Security\Engine32\22.16.3.21\coIEPlg.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.16.3.21\coIEPlg.dll
O4 - HKLM\..\Run: [PowerDVD15Agent] "C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe"
O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
O4 - HKLM\..\Run: [DriveUtilitiesHelper] C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
O4 - HKLM\..\Run: [WD Quick View] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [Sound Blaster Omni Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster Omni\Sound Blaster Omni Control Panel\SBOmni.exe" /r
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
O4 - HKCU\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe "C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe" "C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe" "C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe" -Embedding
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Logitech . Registrace produktu.lnk = C:\Program Files (x86)\Logitech\Ereg\eReg.exe
O4 - Global Startup: AVer HID Receiver.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - http://files.creative.com/Web/softwareu ... PIDPDE.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://files.creative.com/Web/softwareu ... /CTPID.cab
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: 602Updater (602XML Updater) - Software602 a.s. - C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
O23 - Service: Acronis Active Protection (TM) Service (AcronisActiveProtectionService) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: AOMEI Backupper Scheduler Service (Backupper Service) - AOMEI Tech Co., Ltd. - C:\Program Files (x86)\AOMEI Backupper\ABService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 15\DfsdkS64.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Acronis Managed Machine Service Mini (mmsminisrv) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
O23 - Service: Server záloh mobilního zařízení Acronis (mobile_backup_server) - Acronis International GmbH - C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
O23 - Service: Stav serveru záloh mobilního zařízení Acronis (mobile_backup_status_server) - Unknown owner - C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Norton Security (NortonSecurity) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.16.3.21\NortonSecurity.exe
O23 - Service: Norton WSC Service (nsWscSvc) - Symantec Corporation - C:\Program Files\Norton Security\Engine\22.16.3.21\nsWscSvc.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: Acronis Sync Agent Service (syncagentsrv) - Unknown owner - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 13904 bytes

Problém (?): Na krtenek jsem jednou omylem kliknul při nějakém hledání, podle informaci GOOGLA se jedná o stránky, které radí o všem kolem domácnosti, Virustotal je ohledně stránek v klidu, Norton Security nehlásí nic, ohledně zablokování píše MBA toto.
Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum události ochrany: 16.01.19
Čas události ochrany: 17:58
Logovací soubor: f0b958bc-19af-11e9-8e0b-6c626d9cd1bc.json

-Informace o softwaru-
Verze: 3.6.1.2711
Verze komponentů: 1.0.519
Aktualizovat verzi balíku komponent: 1.0.8818
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 17763.195)
CPU: x64
Systém souborů: NTFS
Uživatel: System

-Podrobnosti o zablokovaném webu-
Škodlivý web: 1
, , Zablokováno, [-1], [-1],0.0.0

-Údaje o webu-
Kategorie: Pharma
Doména: krtenek.unas.cz
IP Adresa: 185.64.219.7
Port: [49992]
Typ: Odchozí
Soubor: C:\Program Files\Opera\57.0.3098.116\opera.exe

(end).

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 39234
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod jaro3 » 17 led 2019 17:48

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost



Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7845
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 18 led 2019 11:46

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2019 01
Ran by MARTIN (administrator) on DESKTOP-DGB63JL (18-01-2019 11:31:18)
Running from C:\Users\MARTIN\Desktop\Kontrola 15_01_2019\FABAR
Loaded Profiles: MARTIN (Available Profiles: MARTIN)
Platform: Windows 10 Pro Version 1809 17763.253 (X64) Language: Čeština (Česko)
Default browser: Opera
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 15\DfSdkS64.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.16.3.21\NortonSecurity.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.16.3.21\nsWscSvc.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Symantec Corporation) C:\Program Files\Norton Security\Engine\22.16.3.21\NortonSecurity.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Omni\Sound Blaster Omni Control Panel\SBOmni.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
(Opera Software) C:\Program Files\Opera\57.0.3098.116\opera.exe
(Opera Software) C:\Program Files\Opera\57.0.3098.116\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\57.0.3098.116\opera.exe
(Opera Software) C:\Program Files\Opera\57.0.3098.116\opera.exe
(Opera Software) C:\Program Files\Opera\57.0.3098.116\opera.exe
(Opera Software) C:\Program Files\Opera\57.0.3098.116\opera.exe
(Opera Software) C:\Program Files\Opera\57.0.3098.116\opera.exe
(Opera Software) C:\Program Files\Opera\57.0.3098.116\opera.exe

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7845
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 18 led 2019 11:47

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Creative SB Monitoring Utility Launcher] => RunDll32 SBAVMonL.dll,SBAVMonitorLauncher
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [585296 2017-12-22] ()
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [PowerDVD15Agent] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe [958504 2017-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1890664 2016-01-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5571944 2016-04-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Sound Blaster Omni Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Omni\Sound Blaster Omni Control Panel\SBOmni.exe [930304 2013-10-28] (Creative Technology Ltd)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4630488 2018-06-18] ()
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-12-22] (Acronis International GmbH)
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30872640 2018-11-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe [370688 2018-09-15] (Microsoft Corporation)
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\MountPoints2: {0afceacc-b122-11e8-9c27-0009dd509689} - "H:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\MountPoints2: {67273a38-0fa1-11e9-9c63-0009dd509689} - "H:\WD Drive Unlock.exe" autoplay=true
HKLM\...\Drivers32: [msacm.dvacm_vspX11] => C:\Program Files\Corel\Corel VideoStudio 2018\DVACM.acm [23552 2018-01-04] (Corel TW Corp.)
HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2013-08-17] (proDAD GmbH)
HKLM\...\Drivers32: [MSVideo] => C:\WINDOWS\system32\vfwwdm32.dll [68096 2018-09-15] (Microsoft Corporation)
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\...\Drivers32: [vidc.i420] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2018-12-10]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2018-12-10]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Registrace produktu.lnk [2018-09-28]
ShortcutTarget: Logitech . Registrace produktu.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{395c4dd8-9357-44e7-a3b0-58ce53cb5a51}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{8de52b96-bab1-4a57-a62c-eea344f7ebe5}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKU\S-1-5-21-3529494443-4293947711-600217252-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
SearchScopes: HKU\S-1-5-21-3529494443-4293947711-600217252-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation)
BHO-x32: Norton Password Manager -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files\Norton Security\Engine32\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-07-20] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-07-20] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Security\Engine32\22.16.3.21\coIEPlg.dll [2018-12-12] (Symantec Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareu ... PIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareu ... /CTPID.cab

Edge:
======
Edge Extension: (Norton Password Manager) -> EdgeExtension_SymantecCorporation5478111E43ACF_v68kp9n051hdp => C:\Program Files\WindowsApps\SymantecCorporation.5478111E43ACF_6.2.3.0_neutral__v68kp9n051hdp [2019-01-10]

FireFox:
========
FF DefaultProfile: 4m302y62.default
FF ProfilePath: C:\Users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\4m302y62.default [2019-01-17]
FF Homepage: Mozilla\Firefox\Profiles\4m302y62.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\4m302y62.default -> about:newtab
FF HomepageOverride: Mozilla\Firefox\Profiles\4m302y62.default -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\4m302y62.default -> Enabled: nortonhomepage@symantec.com
FF NewTabOverride: Mozilla\Firefox\Profiles\4m302y62.default -> Enabled: nortonsafesearch_ul_2@symantec.com
FF Extension: (Norton Home Page) - C:\Users\MARTIN\AppData\Roaming\Mozilla\Firefox\Profiles\4m302y62.default\Extensions\nortonhomepage@symantec.com.xpi [2019-01-12]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-07-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-07-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.16.3.21\Exts\Chrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files\Norton Security\Engine\22.16.3.21\Exts\Chrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (YouTube™ toggle Flash and HTML Players) - C:\Users\MARTIN\AppData\Roaming\Opera Software\Opera Stable\Extensions\bhdcenkpoonlmlpfeifipcnlhpenacci [2019-01-17]
OPR Extension: (Ant Video downloader) - C:\Users\MARTIN\AppData\Roaming\Opera Software\Opera Stable\Extensions\ekoimfmkeigjoobkpleplpfjahljcdla [2019-01-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s.)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [2725920 2018-06-18] (Acronis International GmbH)
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1216760 2017-12-22] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6096688 2019-01-09] ()
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [377664 2015-06-25] (AVerMedia)
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [771072 2017-02-06] () [File not signed]
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [462704 2018-12-07] (AOMEI Tech Co., Ltd.)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [429056 2013-10-28] (Creative Technology Ltd) [File not signed]
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 15\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2017-12-22] (Acronis International GmbH)
R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2017-12-22] (Acronis International GmbH)
R2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1747296 2018-06-18] ()
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.16.3.21\NortonSecurity.exe [328648 2018-12-12] (Symantec Corporation)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.16.3.21\nsWscSvc.exe [915712 2018-12-12] (Symantec Corporation)
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSI_SVC_2_x64; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-01-17] (Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7003048 2017-12-22] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [331144 2017-04-11] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] ()
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] ()
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] ()
S3 AVer871BDA; C:\WINDOWS\System32\Drivers\AVer9303.sys [323096 2016-10-28] (AVerMedia)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.12.0.104\Definitions\BASHDefs\20190115.003\BHDrvx64.sys [1925104 2018-09-17] (Symantec Corporation)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\ccSetx64.sys [189152 2018-12-12] (Symantec Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [515792 2018-11-28] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153296 2019-01-01] (Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [569392 2019-01-09] (Acronis International GmbH)
R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [379664 2019-01-09] (Acronis International GmbH)
R3 FocusriteUSB; C:\WINDOWS\System32\drivers\FocusriteUSB.sys [96400 2018-01-09] (Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBAudio; C:\WINDOWS\system32\drivers\FocusriteUSBAudio.sys [54416 2018-01-09] (Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\WINDOWS\System32\drivers\FocusriteUSBSwRoot.sys [97936 2018-01-09] (Focusrite Audio Engineering Ltd.)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.12.0.104\Definitions\IPSDefs\20190117.001\IDSvia64.sys [1424904 2019-01-16] (Symantec Corporation)
R3 ksaud; C:\WINDOWS\system32\drivers\ksaud.sys [2081024 2015-04-30] (Creative Technology Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [198512 2019-01-18] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2019-01-18] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2019-01-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-01-18] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2019-01-18] (Malwarebytes)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-12-07] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2018-02-21] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SRTSP64.SYS [855256 2018-12-12] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SRTSPX64.SYS [49880 2018-12-12] (Symantec Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SYMEFASI64.SYS [1969328 2018-12-12] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SymELAM.sys [25744 2018-12-12] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [99920 2018-06-16] (Symantec Corporation)
S4 SymEvnt; C:\Program Files\Norton Security\NortonData\22.12.0.104\SymPlatform\SymEvnt.sys [675544 2018-12-12] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\Ironx64.SYS [308416 2018-12-12] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\symnets.sys [567024 2018-12-12] (Symantec Corporation)
R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1310552 2019-01-09] (Acronis International GmbH)
R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [213336 2019-01-09] (Acronis International GmbH)
S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [690520 2019-01-09] (Acronis International GmbH)
R1 UimBus; C:\WINDOWS\System32\drivers\uimbus.sys [108896 2017-09-12] (Paragon Software GmbH)
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uimdevim.sys [44904 2017-09-12] (Paragon Software GmbH)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Corporation)
R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2019-01-09] (Acronis International GmbH)
R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2019-01-09] (Acronis International GmbH)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1610030.015\wpCtrlDrv.sys [1011056 2018-12-12] (Symantec Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2019-01-17] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2018-02-27] (Zemana Ltd.)

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7845
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 18 led 2019 11:53

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-18 11:31 - 2019-01-18 11:31 - 000000000 ____D C:\FRST
2019-01-18 10:46 - 2019-01-18 10:46 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2019-01-18 10:18 - 2019-01-18 10:20 - 000113016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-01-18 10:18 - 2019-01-18 10:18 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-01-18 10:18 - 2019-01-18 10:18 - 000198512 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-01-18 10:18 - 2019-01-18 10:18 - 000126624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-01-18 10:18 - 2019-01-18 10:18 - 000072536 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-01-17 21:36 - 2019-01-17 21:36 - 000000000 ____D C:\Users\MARTIN\AppData\Local\PeerDistRepub
2019-01-17 21:00 - 2019-01-17 21:00 - 000000000 ____D C:\Users\MARTIN\AppData\Local\Comms
2019-01-17 09:11 - 2019-01-17 09:11 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 020811776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 012858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 012151808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 009677352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-01-17 09:11 - 2019-01-17 09:11 - 007857152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 006544800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 006057984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 005440016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-01-17 09:11 - 2019-01-17 09:11 - 003952952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 003338328 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 002986352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 002929152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 002777432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-01-17 09:11 - 2019-01-17 09:11 - 002594872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 002469648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 002437552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 001255736 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-01-17 09:11 - 2019-01-17 09:11 - 001212416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 001201136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 001058848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-01-17 09:11 - 2019-01-17 09:11 - 001050936 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-01-17 09:11 - 2019-01-17 09:11 - 001022464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000870400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000387384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000178696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-17 09:11 - 2019-01-17 09:11 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000140808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-17 09:11 - 2019-01-17 09:11 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
2019-01-17 09:11 - 2019-01-17 09:11 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-17 09:11 - 2019-01-17 09:11 - 000047112 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-17 09:11 - 2019-01-17 09:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-01-17 09:11 - 2019-01-17 09:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-01-17 09:11 - 2019-01-17 09:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-01-17 09:11 - 2019-01-17 09:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-01-17 09:11 - 2019-01-17 09:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-01-17 09:11 - 2019-01-17 09:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-01-17 09:11 - 2019-01-17 09:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-01-17 09:11 - 2019-01-17 09:11 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-01-17 07:05 - 2019-01-17 07:05 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2019-01-17 07:05 - 2019-01-17 07:05 - 000001223 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2019-01-17 07:05 - 2019-01-17 07:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-01-17 07:05 - 2019-01-17 07:05 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2019-01-17 06:39 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2019-01-17 04:45 - 2019-01-17 06:19 - 000000000 ____D C:\zoek_backup
2019-01-16 19:31 - 2019-01-16 19:31 - 000000735 _____ C:\Users\MARTIN\Desktop\mbm.txt
2019-01-16 19:09 - 2019-01-16 19:09 - 000003228 _____ C:\WINDOWS\System32\Tasks\RogueKiller Anti-Malware
2019-01-16 18:31 - 2019-01-18 10:19 - 000008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2019-01-16 17:48 - 2019-01-16 17:48 - 000001048 _____ C:\Users\MARTIN\Desktop\JRT.txt
2019-01-16 17:15 - 2019-01-16 17:15 - 004852579 _____ C:\Users\MARTIN\Documents\test.pptx
2019-01-15 23:02 - 2019-01-15 23:02 - 000000000 ____D C:\Users\MARTIN\AppData\Local\Adobe
2019-01-15 19:29 - 2019-01-15 19:29 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\Ant.com
2019-01-15 18:25 - 2019-01-15 18:25 - 002542518 _____ C:\Users\MARTIN\Desktop\AVD-NEX-4.1.24-Release.nex
2019-01-15 16:58 - 2019-01-15 16:58 - 001728878 _____ C:\Users\MARTIN\Desktop\Maturita1.pptx
2019-01-15 16:40 - 2019-01-15 16:40 - 000000000 ____D C:\Users\MARTIN\Desktop\Maturitní prezentace kopie
2019-01-15 16:05 - 2019-01-15 16:05 - 000000000 ____D C:\Users\MARTIN\AppData\Local\mbamtray
2019-01-15 16:05 - 2019-01-15 16:05 - 000000000 ____D C:\Users\MARTIN\AppData\Local\mbam
2019-01-15 16:04 - 2019-01-15 16:04 - 000001918 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-15 16:04 - 2019-01-15 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-15 16:04 - 2019-01-15 16:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-15 16:04 - 2019-01-15 16:04 - 000000000 ____D C:\Program Files\Malwarebytes
2019-01-15 16:04 - 2018-12-04 08:09 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-01-15 15:55 - 2019-01-16 17:36 - 000000000 ____D C:\AdwCleaner
2019-01-15 15:47 - 2019-01-15 17:15 - 056758713 _____ C:\Users\MARTIN\Desktop\Maturitní prezentace kopie.pptx
2019-01-15 15:34 - 2019-01-15 15:34 - 056849477 _____ C:\Users\MARTIN\Desktop\Maturitní prezentace.pptx
2019-01-15 15:32 - 2019-01-15 15:32 - 000000000 ____D C:\Users\MARTIN\AppData\Local\AVerMedia
2019-01-15 15:20 - 2019-01-18 11:21 - 000000000 ____D C:\Users\MARTIN\Desktop\Kontrola 15_01_2019
2019-01-15 15:19 - 2019-01-15 15:19 - 000388608 _____ (Trend Micro Inc.) C:\Users\MARTIN\Documents\HijackThis.exe
2019-01-14 21:53 - 2018-12-07 11:36 - 000036600 _____ (Riverbed Technology, Inc.) C:\WINDOWS\system32\Drivers\npf.sys
2019-01-14 21:48 - 2019-01-14 21:48 - 074481192 _____ (APOWERSOFT LIMITED ) C:\Users\MARTIN\Documents\video-download-capture.exe
2019-01-14 17:45 - 2019-01-14 17:45 - 000451264 _____ C:\Users\MARTIN\Documents\dvojitý tisk canon.pdf
2019-01-12 19:53 - 2019-01-16 17:22 - 000046080 _____ C:\Users\MARTIN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-01-12 14:53 - 2019-01-12 14:56 - 000000000 ____D C:\Users\MARTIN\AppData\Local\Mozilla
2019-01-12 14:53 - 2019-01-12 14:53 - 000001011 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-01-12 14:53 - 2019-01-12 14:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-01-12 05:30 - 2019-01-12 07:31 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2019-01-12 05:30 - 2019-01-12 05:30 - 000003376 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2019-01-11 20:11 - 2019-01-11 20:11 - 000334345 _____ C:\Users\MARTIN\Desktop\Cenik UPC.pdf
2019-01-10 18:38 - 2019-01-10 18:38 - 000001292 _____ C:\Users\MARTIN\Desktop\Acronis True Image.lnk
2019-01-10 18:36 - 2019-01-12 01:43 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\Acronis
2019-01-10 16:44 - 2019-01-15 19:02 - 000000000 ____D C:\Users\MARTIN\Desktop\BSOD
2019-01-10 16:43 - 2019-01-16 19:51 - 000000000 ____D C:\WINDOWS\Minidump
2019-01-10 14:01 - 2019-01-10 14:02 - 000002298 _____ C:\Users\MARTIN\AppData\Roaming\ASSDraw3.cfg
2019-01-09 16:30 - 2019-01-09 16:30 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv2310.sys
2019-01-09 15:57 - 2019-01-09 16:31 - 000569392 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_protector.sys
2019-01-09 15:57 - 2019-01-09 16:31 - 000379664 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\file_tracker.sys
2019-01-09 15:56 - 2019-01-10 22:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2019-01-09 15:56 - 2019-01-10 22:59 - 000000000 ____D C:\Program Files (x86)\Acronis
2019-01-09 15:56 - 2019-01-09 16:31 - 000690520 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tnd.sys
2019-01-09 15:56 - 2019-01-09 16:31 - 000331976 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\virtual_file.sys
2019-01-09 15:56 - 2019-01-09 16:31 - 000243472 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\volume_tracker.sys
2019-01-09 15:56 - 2019-01-09 16:30 - 001310552 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib.sys
2019-01-09 15:56 - 2019-01-09 16:30 - 000373808 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2019-01-09 15:56 - 2019-01-09 16:30 - 000213336 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\tib_mounter.sys
2019-01-09 15:56 - 2019-01-09 16:30 - 000182832 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2019-01-09 15:56 - 2019-01-09 16:30 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk
2019-01-08 20:52 - 2019-01-12 01:03 - 000000000 ____D C:\Users\MARTIN\Desktop\video TOP hotel
2019-01-08 11:01 - 2019-01-10 14:08 - 000000000 ____D C:\Users\MARTIN\AppData\Local\JDownloader 2.0
2019-01-06 10:47 - 2019-01-06 10:47 - 000001001 _____ C:\Users\MARTIN\Desktop\HD Tune.lnk
2019-01-06 10:47 - 2019-01-06 10:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2019-01-06 10:47 - 2019-01-06 10:47 - 000000000 ____D C:\Program Files (x86)\HD Tune
2019-01-06 10:30 - 2019-01-08 20:30 - 000000000 ___RD C:\Users\MARTIN\Desktop\Piriform
2019-01-06 08:40 - 2019-01-06 08:42 - 000000000 ____D C:\Program Files\Speccy
2019-01-06 08:40 - 2019-01-06 08:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2019-01-06 08:38 - 2019-01-06 08:42 - 000000000 ____D C:\Program Files\Defraggler
2019-01-06 08:38 - 2019-01-06 08:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2019-01-06 00:08 - 2019-01-06 00:08 - 000000000 ____D C:\WINDOWS\System32\Tasks\Western Digital
2019-01-03 22:12 - 2019-01-03 22:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2019-01-03 22:12 - 2019-01-03 22:12 - 000000000 ____D C:\Program Files (x86)\Western Digital Corporation
2019-01-02 23:08 - 2019-01-18 10:18 - 000000104 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2019-01-02 23:08 - 2019-01-02 23:08 - 000000000 ____D C:\ProgramData\Aomei
2019-01-02 23:05 - 2019-01-02 23:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Backupper
2019-01-02 23:04 - 2019-01-18 10:18 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2019-01-02 23:04 - 2017-09-01 18:12 - 000038320 _____ C:\WINDOWS\system32\amwrtdrv.sys
2019-01-02 23:04 - 2016-12-21 22:54 - 000051120 _____ C:\WINDOWS\system32\ambakdrv.sys
2019-01-02 23:04 - 2016-12-21 22:52 - 000171952 _____ C:\WINDOWS\system32\ammntdrv.sys
2019-01-02 11:27 - 2019-01-02 11:27 - 000000000 ____D C:\Users\Public\Documents\Paragon
2019-01-02 11:27 - 2019-01-02 11:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Manager 16 Basic
2019-01-01 11:49 - 2019-01-06 21:28 - 000000000 ___RD C:\Users\MARTIN\Desktop\Paragon
2018-12-31 18:05 - 2018-12-31 18:05 - 000001305 _____ C:\Users\Public\Desktop\Ashampoo WinOptimizer 15.lnk
2018-12-31 18:05 - 2009-08-24 22:13 - 000034304 _____ (mst software GmbH, Germany) C:\WINDOWS\system32\DfSdkBt.exe
2018-12-31 15:37 - 2018-12-31 15:37 - 000000080 ___SH C:\bootTel.dat
2018-12-29 18:23 - 2018-12-29 18:23 - 000000000 ____D C:\Users\MARTIN\AppData\Local\Creative
2018-12-28 12:30 - 2018-12-28 12:30 - 000001362 _____ C:\Users\MARTIN\Desktop\Sound Blaster Omni Control Panel.lnk
2018-12-28 12:16 - 2018-12-28 12:16 - 000001354 _____ C:\Users\MARTIN\Desktop\EQ config.lnk
2018-12-28 12:04 - 2018-12-28 12:04 - 000000911 _____ C:\Users\MARTIN\Desktop\Configuration Editor.lnk
2018-12-28 11:47 - 2018-12-28 11:47 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Equalizer APO 1.1
2018-12-27 19:31 - 2018-12-28 11:54 - 000000000 ____D C:\Program Files\EqualizerAPO
2018-12-27 18:23 - 2018-12-27 18:23 - 000000000 ____D C:\Users\Public\Documents\Creative
2018-12-27 17:50 - 2018-12-27 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2018-12-27 17:50 - 2014-04-17 11:06 - 000175104 ____N (Creative Technology Ltd) C:\WINDOWS\system32\CtUsAs64.DLL
2018-12-27 17:50 - 2014-04-17 11:06 - 000163840 ____N (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CtUsAsio.DLL
2018-12-27 17:48 - 2018-12-27 17:50 - 000000000 ____D C:\Program Files (x86)\Creative
2018-12-27 17:48 - 2018-12-27 17:48 - 000000000 ____D C:\Program Files\Creative
2018-12-27 17:48 - 2015-04-27 10:10 - 000050936 _____ C:\WINDOWS\system32\kschimp.ini
2018-12-27 16:16 - 2014-11-28 13:41 - 000089600 _____ C:\WINDOWS\system32\CmdRtr64.DLL
2018-12-27 16:16 - 2014-11-28 13:41 - 000074240 _____ C:\WINDOWS\SysWOW64\CmdRtr.DLL
2018-12-27 16:16 - 2014-11-28 13:40 - 000365568 _____ C:\WINDOWS\system32\APOMgr64.DLL
2018-12-27 16:16 - 2014-11-28 13:38 - 000274944 _____ C:\WINDOWS\SysWOW64\APOMngr.DLL
2018-12-26 18:36 - 2015-04-30 11:23 - 002081024 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\Drivers\ksaud.sys
2018-12-26 18:36 - 2015-04-20 16:25 - 000032506 _____ C:\WINDOWS\system32\MixerDefault.reg
2018-12-26 18:36 - 2015-04-20 09:45 - 000036742 _____ C:\WINDOWS\system32\ksaud.ini
2018-12-26 18:36 - 2015-02-11 19:28 - 000236544 _____ (Creative Technology Limited) C:\WINDOWS\system32\KsDvInst.dll
2018-12-26 18:36 - 2014-11-28 13:46 - 000732600 _____ (Creative Technology Ltd) C:\WINDOWS\KSAIM64.exe
2018-12-26 18:36 - 2014-06-04 13:27 - 003100672 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KsMalc64.DLL
2018-12-26 18:36 - 2014-06-04 13:26 - 002595328 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\KsMalc32.dll
2018-12-26 18:36 - 2014-03-11 18:37 - 000120320 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\SBAVMon.dll
2018-12-26 18:36 - 2014-02-26 15:02 - 000456704 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KSVSPI64.dll
2018-12-26 18:36 - 2014-02-26 15:01 - 000333312 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\KSVSPI32.dll
2018-12-26 18:36 - 2013-11-13 15:34 - 000057856 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\SBAVMonL.dll
2018-12-26 18:36 - 2013-09-09 15:02 - 001140224 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KSAPO64.dll
2018-12-26 18:36 - 2013-09-09 15:02 - 000057856 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KSPPLD64.dll
2018-12-26 18:36 - 2013-09-09 15:01 - 000944640 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\KSAPO32.dll
2018-12-26 18:36 - 2012-04-18 11:39 - 000042496 _____ (Creative Technology Ltd.) C:\WINDOWS\AddCat.exe
2018-12-26 18:36 - 2011-06-03 10:28 - 000487424 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\JDetect.exe
2018-12-26 18:36 - 2010-07-08 09:42 - 000053760 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KSPPCn64.dll
2018-12-26 18:36 - 2010-07-08 09:41 - 000074240 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KSWrap64.dll
2018-12-26 18:36 - 2010-07-08 09:41 - 000044032 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\KSPPCn32.dll
2018-12-26 18:36 - 2010-07-08 09:40 - 000063488 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\KSWrap32.dll
2018-12-26 18:36 - 2010-05-06 11:16 - 000067584 _____ (Creative Technology Ltd.) C:\WINDOWS\system32\KSDGFX64.dll
2018-12-26 18:36 - 2010-05-06 11:15 - 000059904 _____ (Creative Technology Ltd.) C:\WINDOWS\SysWOW64\KSDGFX32.dll

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7845
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 18 led 2019 11:54

2018-12-22 22:14 - 2018-12-22 22:14 - 000001180 _____ C:\Users\Public\Desktop\FastStone Image Viewer.lnk
2018-12-22 22:14 - 2018-12-22 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
2018-12-22 22:14 - 2018-12-22 22:14 - 000000000 ____D C:\Program Files (x86)\FastStone Image Viewer
2018-12-22 00:17 - 2018-12-22 00:17 - 000000020 ___SH C:\Users\MARTIN\ntuser.ini
2018-12-22 00:16 - 2018-12-22 00:16 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-12-22 00:16 - 2018-12-22 00:16 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-12-22 00:15 - 2019-01-18 10:26 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2018-12-22 00:15 - 2019-01-18 10:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-22 00:15 - 2019-01-12 05:32 - 000004668 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-22 00:15 - 2019-01-11 14:45 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1519238937
2018-12-22 00:15 - 2019-01-06 08:43 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-22 00:15 - 2018-12-22 00:15 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-12-22 00:15 - 2018-12-22 00:15 - 000002736 _____ C:\WINDOWS\System32\Tasks\VideoStudioUpdater
2018-12-22 00:15 - 2018-12-22 00:15 - 000002702 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2018-12-22 00:15 - 2018-12-22 00:15 - 000002440 _____ C:\WINDOWS\System32\Tasks\CorelUpdateHelperTaskCore
2018-12-22 00:15 - 2018-12-22 00:15 - 000002410 _____ C:\WINDOWS\System32\Tasks\Spustit SpeedFan
2018-12-22 00:15 - 2018-12-22 00:15 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-22 00:12 - 2019-01-18 10:24 - 001694558 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-22 00:10 - 2018-12-22 00:10 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-12-22 00:09 - 2019-01-17 07:06 - 000000000 ____D C:\Users\MARTIN
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\Šablony
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\Soubory cookie
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\Poslední
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\Okolní tiskárny
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\Okolní síť
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\Nabídka Start
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\Dokumenty
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\Documents\Obrázky
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\Documents\Hudba
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\Documents\Filmy
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\Data aplikací
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 _SHDL C:\Users\MARTIN\AppData\Local\Data aplikací
2018-12-22 00:09 - 2018-12-22 00:09 - 000000000 ____D C:\ProgramData\USOShared
2018-12-22 00:09 - 2018-09-15 08:29 - 000001105 _____ C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-22 00:09 - 2018-09-15 08:28 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-12-22 00:07 - 2019-01-17 21:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-22 00:07 - 2018-12-31 15:38 - 000669888 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-21 23:45 - 2018-12-22 00:06 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-12-21 23:43 - 2018-12-21 23:45 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-12-21 23:39 - 2018-12-21 23:39 - 024617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 019284992 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 015224832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 007724776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 006306152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 005585056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 005113008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 004918784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 004886016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-12-21 23:39 - 2018-12-21 23:39 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 003730352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-12-21 23:39 - 2018-12-21 23:39 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 003577856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-12-21 23:39 - 2018-12-21 23:39 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 002883584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 002832896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 002429752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-12-21 23:39 - 2018-12-21 23:39 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 002160160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-12-21 23:39 - 2018-12-21 23:39 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001749504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001675712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001590288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001483264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001456736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001294864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001289400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001282432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001279024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-12-21 23:39 - 2018-12-21 23:39 - 001259000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-12-21 23:39 - 2018-12-21 23:39 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-12-21 23:39 - 2018-12-21 23:39 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2018-12-21 23:39 - 2018-12-21 23:39 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2018-12-21 23:39 - 2018-12-21 23:39 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001073448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001026992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001024920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000964976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-12-21 23:39 - 2018-12-21 23:39 - 000854784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000763032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000604248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.applicationmodel.datatransfer.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-12-21 23:39 - 2018-12-21 23:39 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000373768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-12-21 23:39 - 2018-12-21 23:39 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2018-12-21 23:39 - 2018-12-21 23:39 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-12-21 23:39 - 2018-12-21 23:39 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2018-12-21 23:39 - 2018-12-21 23:39 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2018-12-21 23:39 - 2018-12-21 23:39 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000301096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000241680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastingShellExt.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CastingShellExt.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000114344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-12-21 23:39 - 2018-12-21 23:39 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 007685016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 006132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 005565440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 005312512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 005130752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 004765184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 004300800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 003983360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 003504640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 003379000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 003092480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002988544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002927104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 002893312 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002721792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 002702536 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002689536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002654208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002185728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002149352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 002072384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7845
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 18 led 2019 11:55

2018-12-21 23:38 - 2018-12-21 23:38 - 001842600 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001830912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001797128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001751560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001696216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-21 23:38 - 2018-12-21 23:38 - 001688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001674688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001672056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001612808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001520208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001466872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001401864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001395248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 001387496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 001341376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-21 23:38 - 2018-12-21 23:38 - 001331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001315840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001287776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001219584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001180760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001177632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 001162280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001097312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 001056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001051960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 001048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000897848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000863752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000850960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000828936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000818832 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.applicationmodel.datatransfer.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000756640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 000752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000744960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000743432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000667152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000650040 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 000649736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000582240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-12-21 23:38 - 2018-12-21 23:38 - 000578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000566584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000514112 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000495624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000473616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000402576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000306704 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000300024 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000298536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000294072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000252536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthA2dp.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000193016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000175096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 000164344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000151872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000130088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000102392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000094224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000091640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000083472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManMigrationPlugin.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2018-12-21 23:38 - 2018-12-21 23:38 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2018-12-21 23:38 - 2018-12-21 23:38 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-12-21 23:38 - 2018-12-21 23:38 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-12-21 23:35 - 2018-12-21 23:35 - 006347776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2018-12-21 23:35 - 2018-12-21 23:35 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2018-12-21 23:35 - 2018-12-21 23:35 - 005489664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2018-12-21 23:35 - 2018-12-21 23:35 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2018-12-21 23:35 - 2018-12-21 23:35 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-12-21 23:35 - 2018-12-21 23:35 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-12-21 23:35 - 2018-12-21 23:35 - 000000000 ____D C:\Program Files\MSBuild
2018-12-21 23:35 - 2018-12-21 23:35 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-12-21 23:35 - 2018-12-21 23:35 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-12-21 23:34 - 2018-12-21 23:34 - 001167960 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-12-21 23:34 - 2018-12-21 23:34 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-12-21 23:34 - 2018-12-21 23:34 - 000780376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-12-21 23:34 - 2018-12-21 23:34 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-12-21 23:34 - 2018-12-21 23:34 - 000126064 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-12-21 23:34 - 2018-12-21 23:34 - 000104560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-12-21 23:34 - 2018-12-21 23:34 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-12-21 23:34 - 2018-12-21 23:34 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-12-21 23:34 - 2018-12-21 23:34 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-12-21 23:34 - 2018-12-21 23:34 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-12-21 23:34 - 2018-12-21 23:34 - 000036896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-12-21 23:34 - 2018-12-21 23:34 - 000035440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-12-21 23:23 - 2018-12-22 00:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-12-21 23:23 - 2018-12-21 23:23 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-12-21 22:59 - 2018-12-22 00:17 - 000000000 ___DC C:\WINDOWS\Panther

Uživatelský avatar
mmmartin
Moderátor
Master Level 9
Master Level 9
Příspěvky: 7845
Registrován: srpen 04
Bydliště: Praha
Pohlaví: Muž

Re: Preventivní kontrola

Příspěvekod mmmartin » 18 led 2019 11:56

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-18 11:31 - 2018-02-27 20:25 - 000116625 _____ C:\WINDOWS\ZAM.krnl.trace
2019-01-18 11:31 - 2018-02-27 20:25 - 000079140 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2019-01-18 11:25 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-01-18 10:53 - 2018-02-21 18:33 - 000002262 __RSH C:\ProgramData\ntuser.pol
2019-01-18 10:26 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-01-18 10:24 - 2018-09-15 18:39 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-01-18 10:24 - 2018-09-15 18:39 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-01-18 10:24 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-01-18 10:21 - 2015-07-10 12:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2019-01-18 10:19 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-01-18 10:19 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2019-01-18 10:19 - 2018-02-22 08:04 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2019-01-18 10:18 - 2018-03-21 22:23 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-18 10:18 - 2018-03-21 22:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-18 10:18 - 2018-02-22 17:09 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-18 10:18 - 2018-02-22 15:11 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2019-01-18 10:18 - 2018-02-21 18:14 - 000000000 ____D C:\ProgramData\NVIDIA
2019-01-18 06:06 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-01-18 06:05 - 2018-09-15 18:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-01-18 06:05 - 2018-09-15 18:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-01-18 06:05 - 2018-09-15 18:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-01-18 06:05 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-01-17 09:11 - 2015-07-10 14:20 - 000408342 __RSH C:\bootmgr
2019-01-17 09:07 - 2018-03-21 22:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-17 09:06 - 2018-05-08 21:49 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore
2019-01-17 09:06 - 2018-02-21 18:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-17 09:02 - 2018-02-21 18:49 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-17 04:49 - 2018-03-24 20:27 - 000000000 ____D C:\Users\MARTIN\AppData\Local\CrashDumps
2019-01-16 19:52 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-01-16 18:02 - 2018-07-26 16:25 - 000001914 _____ C:\Users\MARTIN\Desktop\Sophos Virus Removal Tool.lnk
2019-01-15 22:56 - 2018-05-19 06:56 - 000000000 ____D C:\Users\MARTIN\AppData\Local\Microsoft Help
2019-01-15 18:24 - 2018-02-27 21:22 - 000000000 ____D C:\Users\MARTIN\AppData\LocalLow\Mozilla
2019-01-15 15:34 - 2018-02-26 18:11 - 000000000 ____D C:\Users\MARTIN\AppData\Local\ConnectedDevicesPlatform
2019-01-15 11:09 - 2018-09-15 07:09 - 000016384 _____ C:\WINDOWS\system32\config\ELAM
2019-01-14 10:28 - 2018-02-22 08:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-12 14:53 - 2018-02-22 08:17 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\Mozilla
2019-01-12 06:30 - 2018-02-21 23:18 - 000000000 ____D C:\Program Files\Common Files\AV
2019-01-12 05:32 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-01-12 05:32 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-01-12 05:30 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-12 05:30 - 2018-02-21 20:06 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2019-01-12 01:06 - 2018-07-01 16:34 - 000000000 ____D C:\Users\MARTIN\AppData\Local\NPE
2019-01-11 14:45 - 2018-02-21 19:49 - 000001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-01-11 14:45 - 2018-02-21 19:48 - 000000000 ____D C:\Program Files\Opera
2019-01-10 22:59 - 2018-02-23 17:23 - 000000000 ____D C:\ProgramData\Acronis
2019-01-10 16:05 - 2018-02-22 15:11 - 000000000 ____D C:\ProgramData\AomeiBR
2019-01-10 15:15 - 2018-02-22 15:11 - 000001024 ____H C:\SYSTAG.BIN
2019-01-10 14:25 - 2018-02-22 16:07 - 000000000 ____D C:\Users\MARTIN\.fontconfig
2019-01-10 13:37 - 2018-04-09 15:19 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2019-01-09 17:13 - 2018-06-16 19:11 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\uTorrent
2019-01-06 08:43 - 2018-06-10 13:56 - 000000000 ____D C:\Program Files\Recuva
2019-01-06 08:43 - 2018-02-23 18:11 - 000000000 ____D C:\Program Files\CCleaner
2019-01-05 19:40 - 2018-02-23 20:36 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 10
2019-01-05 19:15 - 2018-02-23 17:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-01-04 18:33 - 2018-02-22 08:17 - 000002167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2019-01-03 13:24 - 2018-12-16 21:46 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-01-02 20:48 - 2018-09-15 08:36 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-02 20:48 - 2018-09-15 08:36 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-02 11:27 - 2018-02-23 19:31 - 000000000 ____D C:\Program Files\Paragon Software
2019-01-02 09:34 - 2018-02-22 16:16 - 000000000 ____D C:\ProgramData\advlauncher
2019-01-01 21:25 - 2018-10-14 17:11 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\fontconfig
2018-12-31 18:05 - 2018-02-22 15:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2018-12-31 18:05 - 2018-02-22 15:14 - 000000000 ____D C:\ProgramData\Ashampoo
2018-12-31 18:05 - 2018-02-22 15:14 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2018-12-28 22:03 - 2018-05-19 08:05 - 000000000 ____D C:\Users\MARTIN\AppData\Local\D3DSCache
2018-12-27 17:49 - 2018-02-21 18:11 - 000000260 ___RH C:\WINDOWS\ctfile.rfc
2018-12-27 17:40 - 2018-02-21 23:21 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-12-22 20:52 - 2018-02-22 16:44 - 000002196 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2018-12-22 07:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\appcompat
2018-12-22 07:14 - 2018-07-11 17:23 - 000000000 ____D C:\ProgramData\Packages
2018-12-22 07:14 - 2018-02-21 18:10 - 000000000 ____D C:\Users\MARTIN\AppData\Local\Packages
2018-12-22 07:13 - 2018-02-22 00:00 - 000000000 ____D C:\Users\MARTIN\AppData\Local\PlaceholderTileLogoFolder
2018-12-22 00:17 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\windows nt
2018-12-22 00:17 - 2018-02-21 21:13 - 000000000 ___RD C:\Users\MARTIN\3D Objects
2018-12-22 00:17 - 2018-02-21 18:10 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-12-22 00:16 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Registration
2018-12-22 00:14 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-12-22 00:14 - 2018-02-21 21:11 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-12-22 00:13 - 2018-05-19 06:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-12-22 00:11 - 2018-07-30 17:39 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torrent Harvester
2018-12-22 00:11 - 2018-06-15 18:50 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2018-12-22 00:11 - 2018-06-09 22:12 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\R-Studio
2018-12-22 00:11 - 2018-02-22 17:18 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-12-22 00:11 - 2018-02-22 17:15 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinAVI Video Converter
2018-12-22 00:11 - 2018-02-22 08:04 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2018-12-22 00:09 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\USOPrivate
2018-12-22 00:09 - 2018-02-22 22:47 - 000000000 ____D C:\Program Files\Common Files\logishrd
2018-12-22 00:08 - 2018-02-21 18:14 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-12-22 00:08 - 2018-02-21 18:13 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-12-22 00:07 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ServiceState
2018-12-22 00:06 - 2018-12-17 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2018-12-22 00:06 - 2018-09-19 20:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kyodai Mahjongg
2018-12-22 00:06 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2018-12-22 00:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-12-22 00:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\spool
2018-12-22 00:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-12-22 00:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-22 00:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Help
2018-12-22 00:06 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-12-22 00:06 - 2018-09-15 08:31 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-12-22 00:06 - 2018-07-26 21:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-12-22 00:06 - 2018-06-23 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Video Converter 18 Premium
2018-12-22 00:06 - 2018-06-13 17:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite Audio Engineering Ltd
2018-12-22 00:06 - 2018-06-10 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2018-12-22 00:06 - 2018-06-10 12:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2018-12-22 00:06 - 2018-04-27 20:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2018-12-22 00:06 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-12-22 00:06 - 2018-03-21 22:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-12-22 00:06 - 2018-02-24 22:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2018-12-22 00:06 - 2018-02-23 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Migrate OS to SSD™ 5.0
2018-12-22 00:06 - 2018-02-23 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 10
2018-12-22 00:06 - 2018-02-22 22:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-12-22 00:06 - 2018-02-22 20:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\proDAD
2018-12-22 00:06 - 2018-02-22 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue
2018-12-22 00:06 - 2018-02-22 20:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel VideoStudio 2018
2018-12-22 00:06 - 2018-02-22 17:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-12-22 00:06 - 2018-02-22 17:37 - 000000000 ____D C:\WINDOWS\SHELLNEW
2018-12-22 00:06 - 2018-02-22 17:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPEG Video Wizard DVD 5.0
2018-12-22 00:06 - 2018-02-22 17:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-12-22 00:06 - 2018-02-22 16:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SureThing
2018-12-22 00:06 - 2018-02-22 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2018-12-22 00:06 - 2018-02-22 16:21 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2018-12-22 00:06 - 2018-02-22 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy MP3 Recorder
2018-12-22 00:06 - 2018-02-22 15:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 15
2018-12-22 00:06 - 2018-02-21 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jetAudio
2018-12-22 00:06 - 2018-02-21 23:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander
2018-12-22 00:06 - 2018-02-21 23:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2018-12-22 00:06 - 2018-02-21 18:13 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-12-22 00:05 - 2018-02-21 18:00 - 000008192 __RSH C:\BOOTSECT.BAK
2018-12-22 00:02 - 2018-09-15 08:36 - 000000000 ____D C:\WINDOWS\Setup
2018-12-21 23:56 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2018-12-21 23:55 - 2018-09-15 08:33 - 000000000 __RHD C:\Users\Public\Libraries
2018-12-21 23:46 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-12-21 23:45 - 2018-12-10 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVerMedia
2018-12-21 23:45 - 2018-09-18 15:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2018-12-21 23:45 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\Resources
2018-12-21 23:45 - 2018-09-05 16:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD Discovery
2018-12-21 23:45 - 2018-07-25 21:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2018-12-21 23:45 - 2018-05-31 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2018-12-21 23:45 - 2018-02-22 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2018-12-21 23:41 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-12-21 23:41 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput
2018-12-21 23:41 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-12-21 23:41 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-12-21 23:41 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-12-21 23:41 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-12-21 23:41 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2018-12-21 23:35 - 2018-09-15 18:40 - 000000000 ____D C:\WINDOWS\OCR
2018-12-21 23:35 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-12-21 23:35 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-12-21 23:34 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-12-21 23:34 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-12-21 23:34 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-12-21 23:34 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-12-21 23:34 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-12-21 23:34 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-12-21 23:34 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-12-21 23:34 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-12-21 23:26 - 2018-02-22 15:59 - 000000000 ____D C:\Users\MARTIN\AppData\Local\Garmin
2018-12-21 23:26 - 2018-02-22 15:59 - 000000000 ____D C:\ProgramData\Garmin
2018-12-21 23:24 - 2018-02-22 15:59 - 000000000 ____D C:\Program Files (x86)\Garmin
2018-12-19 00:14 - 2018-02-22 15:42 - 000000000 ____D C:\Users\MARTIN\AppData\Roaming\DesktopOK

==================== Files in the root of some directories =======

2019-01-10 14:01 - 2019-01-10 14:02 - 000002298 _____ () C:\Users\MARTIN\AppData\Roaming\ASSDraw3.cfg
2019-01-12 19:53 - 2019-01-16 17:22 - 000046080 _____ () C:\Users\MARTIN\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2019-01-17 06:55 - 2019-01-18 10:19 - 000192512 _____ () C:\Users\MARTIN\AppData\Local\Temp\sfamcc00001.dll
2019-01-17 06:55 - 2019-01-18 10:19 - 000158720 _____ () C:\Users\MARTIN\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 12 hostů