výpis HJT kontrola

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

iviste
nováček
Příspěvky: 39
Registrován: listopad 13
Pohlaví: Žena

Re: výpis HJT kontrola

Příspěvekod iviste » 19 říj 2019 13:02

Přetrvává problém v prohlížeči vždy, když něco vyhledávám koncovka ?trackid=sp-006
Děkuji



Reklama
Uživatelský avatar
fredik
člen Security týmu
Master Level 7
Master Level 7
Příspěvky: 4679
Registrován: červenec 06
Pohlaví: Muž

Re: výpis HJT kontrola

Příspěvekod fredik » 20 říj 2019 12:29

Stáhni si FRST (by Farbar) a ulož si ho na plochu.
  • Spusť program a potvrď způsob užití.
    • Neměň žádné z výchozích nastavení a klikni na tlačítko Scan a program začne skenovat počítač.
    • Po chvíli skenování vyběhnou celkem dva logy v Poznámkovém bloku - FRST.txt a Addition.txt, které budou rovněž uloženy na ploše.
    • Vlož sem oba logy
It may take a while to get a response, because the "HJT Team" are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.
Pokud máte nějaký problém, tak mi neposílejte SZ/PM zprávy s logy a dejte je do fóra. Na tyto SZ není možno odpovědět

iviste
nováček
Příspěvky: 39
Registrován: listopad 13
Pohlaví: Žena

Re: výpis HJT kontrola

Příspěvekod iviste » 20 říj 2019 18:31

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-10-2019
Ran by eveee (administrator) on LAPTOP-LGG9C96O (HP HP 250 G7 Notebook PC) (20-10-2019 18:29:55)
Running from C:\Users\eveee\Desktop
Loaded Profiles: eveee (Available Profiles: eveee)
Platform: Windows 8 Pro (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_19ec9c352a1b5135\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\SysInfoCap.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.4.1138.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.39.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9de8154b682af864\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9de8154b682af864\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_031414fb4f650e35\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_031414fb4f650e35\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_1bbd4ceec44f26c8\RstMwService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\eveee\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\windows\System32\RtkAudUService64.exe [856288 2019-05-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-14] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Winlogon: [Userinit]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1060881290-2587464125-2283398412-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [1121320 2019-04-29] (HP Inc. -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.120\Installer\chrmstp.exe [2019-10-14] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12A8161E-BA21-4922-93B1-2A46ACF8EF77} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-14] (AVAST Software s.r.o. -> AVAST Software)
Task: {143E1B0D-8853-4D4D-9CA4-DD3C5050EF03} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [162864 2019-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {165C107E-1AFA-4A57-BD06-F69F45136C94} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644984 2018-07-18] (HP Inc. -> HP Inc.)
Task: {268A351C-B3A7-4D55-848D-2B771774631C} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {2ED372C5-A4FB-411B-99D5-22079D37F498} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2355848 2019-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {2ED5C5B3-DA18-4DE5-9533-A7900F15E25F} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [415744 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {49B8C3E9-590F-459B-A461-04987A5E613B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2177168 2019-10-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {656CA6A0-0783-4AB5-864A-A5B060E3A95E} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27295760 2019-10-04] (Microsoft Corporation -> Microsoft Corporation)

iviste
nováček
Příspěvky: 39
Registrován: listopad 13
Pohlaví: Žena

Re: výpis HJT kontrola

Příspěvekod iviste » 20 říj 2019 18:39

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-10-2019
Ran by eveee (20-10-2019 18:34:18)
Running from C:\Users\eveee\Desktop
Windows 8 Pro (X64) (2019-10-14 07:57:09)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1060881290-2587464125-2283398412-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1060881290-2587464125-2283398412-503 - Limited - Disabled)
eveee (S-1-5-21-1060881290-2587464125-2283398412-1001 - Administrator - Enabled) => C:\Users\eveee
Guest (S-1-5-21-1060881290-2587464125-2283398412-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1060881290-2587464125-2283398412-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.120 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.301 - Google LLC) Hidden
HP Audio Switch (HKLM-x32\...\{20A40E7C-E470-4E9F-9B5C-DDB2C205E856}) (Version: 1.0.154.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.0 - HP Inc.)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.2.8.1029 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{94979CD2-0904-47DE-A4AC-04F1C4524650}) (Version: 17.2.8.1029 - Intel Corporation)
Malwarebytes verze 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.12026.20320 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12026.20320 - Microsoft Corporation)
Microsoft Office 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.12026.20320 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1060881290-2587464125-2283398412-1001\...\OneDriveSetup.exe) (Version: 19.152.0927.0012 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12026.20320 - Microsoft Corporation) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Zemana AntiMalware verze 3.1.395 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.395 - Zemana)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2019-08-15] (Amazon.com)
Booking.com EMEA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comEMEABigsavingso_1.0.4.0_x64__mgae2k3ys4ra0 [2019-10-18] (Priceline Partner Network)
Connect -> C:\windows\SystemApps\Microsoft.Windows.DevicesFlowHost_cw5n1h2txyewy [2019-10-18] (Microsoft Corporation)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.2.0_x64__xbfy0k16fey96 [2019-10-18] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2019-08-15] (HP Inc.)
Floor Adjustment -> C:\windows\SystemApps\RoomAdjustment_cw5n1h2txyewy [2019-10-18] (Microsoft Corporation)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.3.180.0_x64__dt26b99r8h8gj [2019-10-18] (Realtek Semiconductor Corp)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.4.1138.0_x64__v10z8vjag6ke6 [2019-10-18] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_1.6.1.0_x64__v10z8vjag6ke6 [2019-10-18] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.37.0_x64__v10z8vjag6ke6 [2019-10-18] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_105.1.618.0_x64__v10z8vjag6ke6 [2019-10-18] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.5.353.0_x64__v10z8vjag6ke6 [2019-10-18] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.39.0_x64__v10z8vjag6ke6 [2019-10-18] (HP Inc.)
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.2.0.0_x64__8j3eq9eme6ctt [2019-10-14] (INTEL CORP)
Learn Mixed Reality -> C:\windows\SystemApps\MixedRealityLearning_cw5n1h2txyewy [2019-10-18] (Microsoft Corporation)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-10-18] (LinkedIn)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-10-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-10-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-10-18] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-10-18] (Microsoft Corporation) [MS Ad]
New for You -> C:\windows\SystemApps\WhatsNew_cw5n1h2txyewy [2019-10-18] (Microsoft Corporation)
Passthrough -> C:\windows\SystemApps\passthrough_cw5n1h2txyewy [2019-10-18] (Microsoft Corporation)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-10-18] (Microsoft Corporation) [MS Ad]
Sign In -> C:\windows\SystemApps\WebAuthBridgeInternet_cw5n1h2txyewy [2019-10-18] (ms-resource:PublisherDisplayName)
Sign In -> C:\windows\SystemApps\WebAuthBridgeInternetSso_cw5n1h2txyewy [2019-10-18] (ms-resource:PublisherDisplayName)
Sign In -> C:\windows\SystemApps\WebAuthBridgeIntranetSso_cw5n1h2txyewy [2019-10-18] (ms-resource:PublisherDisplayName)
sMedio True DVD for HP -> C:\Program Files\WindowsApps\0E3921EB.sMedioTrueDVDforHP_1.1.104.0_x64__agwrg61xdd7p4 [2019-10-18] (sMedio Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0 [2019-10-16] (Spotify AB)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35042.0.0_x64__807d65c4rvak2 [2019-10-14] (Synaptics Incorporated)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-27] () [File not signed]
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-14] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-08-27] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-14] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-14] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-27] () [File not signed]
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-08-27] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-14] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ==================


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-10-19 12:30 - 2019-10-19 12:30 - 000138240 _____ ( ) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\41e1601f23e9d9211d1991df57d43b7a\Interop.IWshRuntimeLibrary.ni.dll
2019-10-19 12:30 - 2019-10-19 12:30 - 000134656 _____ (hardcodet.net) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\b4f304d1d010b9d8f324161f2da7c490\Hardcodet.Wpf.TaskbarNotification.ni.dll
2019-08-15 09:18 - 2019-08-15 09:18 - 000015360 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.39.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2019-03-27 15:29 - 2019-03-27 15:29 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2019-10-19 12:30 - 2019-10-19 12:30 - 001591808 _____ (Mark Heath) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\NAudio\c10d258d877bb027380e3767332c9c96\NAudio.ni.dll
2019-10-19 12:30 - 2019-10-19 12:30 - 003127808 _____ (Newtonsoft) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\5cf3ba8f236c1d1a5bf6e79c0b01f55f\Newtonsoft.Json.ni.dll
2019-10-19 12:30 - 2019-10-19 12:30 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\windows\assembly\NativeImages_v4.0.30319_32\log4net\df276c996822413a84f2cef6b0cc660b\log4net.ni.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-10-19 12:12 - 000000841 _____ C:\windows\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1060881290-2587464125-2283398412-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\eveee\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\IMG_20190607_134942.jpg
DNS Servers: 172.16.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{80DB21E0-2D33-4DCC-B426-F98F8E7B5DED}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{DB455ABD-B843-48BF-A612-7A4BFEA7F7F2}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe No File
FirewallRules: [{9B759053-4073-4072-9886-1B5BDACA68A6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{61061123-3374-43F1-BFAB-B907AA1E9E5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3A7C068E-9E79-4C96-8C33-CAA8D50231FE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2593C73D-9067-4B29-B40F-E8ABC5A0F6AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C9E0C7D6-A18E-47EF-8975-D38C6BC65FE7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8D79099F-ACD4-4635-9351-308CE4299D57}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6740F708-207A-4E46-9D22-B5D9759B1772}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{54409D4B-D4A8-40A2-BF9F-89722F8BC1AE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{CC9E51F2-E3F9-4D5B-89DE-D2F11F9D04FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.117.543.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{ED601DC3-66C1-4E24-8476-32675EBBBB40}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

16-10-2019 14:14:41 Odebrání jazykové sady
18-10-2019 10:00:57 JRT Pre-Junkware Removal
19-10-2019 12:11:21 zoek.exe restore point

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/19/2019 12:35:44 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 21768; požadovaná velikost: 30832.

Error: (10/19/2019 12:31:20 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/19/2019 12:31:20 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/19/2019 12:31:19 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (10/19/2019 12:31:19 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (10/19/2019 12:11:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko: 0x540c90b2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.418, časové razítko: 0xfba22159
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a839
ID chybujícího procesu: 0x1e88
Čas spuštění chybující aplikace: 0x01d586659a2e91c1
Cesta k chybující aplikaci: C:\Users\eveee\AppData\Local\Temp\DaS_21.exe
Cesta k chybujícímu modulu: C:\windows\System32\KERNELBASE.dll
ID zprávy: 0e8564b6-7312-45d6-95af-a94e3b59b74c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (10/19/2019 12:11:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DaS_21.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.IOException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.Console.SetWindowSize(Int32, Int32)
na DriverAndServicesOut.Program.Main(System.String[])

Error: (10/19/2019 12:09:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.418, časové razítko: 0x2b181c2c
Kód výjimky: 0xc0000409
Posun chyby: 0x00113572
ID chybujícího procesu: 0xc54
Čas spuštění chybující aplikace: 0x01d5866534730329
Cesta k chybující aplikaci: C:\Users\eveee\Downloads\zoek.exe
Cesta k chybujícímu modulu: C:\windows\System32\KERNELBASE.dll
ID zprávy: c3380a5e-35fa-4c6c-bae1-af69f58754a3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (10/19/2019 12:23:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (10/19/2019 12:23:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (10/19/2019 12:23:03 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (10/19/2019 12:23:03 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (10/19/2019 12:23:03 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (10/18/2019 11:40:51 AM) (Source: disk) (EventID: 154) (User: )
Description: Vstupně-výstupní operace na adrese logického bloku 0x7448b0 pro disk 1 se nezdařila z důvodu hardwarové chyby (název PDO: \Device\00000086).

Error: (10/18/2019 11:40:49 AM) (Source: disk) (EventID: 154) (User: )
Description: Vstupně-výstupní operace na adrese logického bloku 0xb000 pro disk 1 se nezdařila z důvodu hardwarové chyby (název PDO: \Device\00000086).

Error: (10/18/2019 11:40:47 AM) (Source: disk) (EventID: 154) (User: )
Description: Vstupně-výstupní operace na adrese logického bloku 0x7448a8 pro disk 1 se nezdařila z důvodu hardwarové chyby (název PDO: \Device\00000086).


CodeIntegrity:
===================================

Date: 2019-10-20 08:58:36.605
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-20 08:58:36.596
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-20 08:58:36.586
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-20 08:58:36.577
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-20 08:58:36.559
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-19 12:35:02.838
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-19 12:35:02.829
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2019-10-19 12:35:02.817
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.20 06/28/2019
Motherboard: HP 8532
Processor: Intel(R) Core(TM) i5-8265U CPU @ 1.60GHz
Percentage of memory in use: 69%
Total physical RAM: 8078.3 MB
Available physical RAM: 2488.28 MB
Total Virtual: 9998.3 MB
Available Virtual: 3556.41 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:930.76 GB) (Free:875.42 GB) NTFS

\\?\Volume{092d9eef-23a6-492a-b007-705cf54a092c}\ (Windows RE tools) (Fixed) (Total:0.48 GB) (Free:0.06 GB) NTFS
\\?\Volume{5f86b0ec-94df-4493-824f-37a2578681ea}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.19 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 19FCEDE9)

Partition: GPT.

==================== End of Addition.txt ============================

iviste
nováček
Příspěvky: 39
Registrován: listopad 13
Pohlaví: Žena

Re: výpis HJT kontrola

Příspěvekod iviste » 20 říj 2019 18:40

C:\windows\system32\RemovableMediaProvisioningPlugin.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\CertEnrollCtrl.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\tbauth.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\ByteCodeGenerator.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\AssignedAccessRuntime.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000057856 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000057856 _____ (Microsoft Corporation) C:\windows\system32\wcimage.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000057344 _____ (Microsoft Corporation) C:\windows\system32\audioresourceregistrar.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000056832 _____ (Microsoft Corporation) C:\windows\system32\GameInput.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000053248 _____ C:\windows\system32\Drivers\UsbPmApi.sys
2019-10-18 00:26 - 2019-10-18 00:26 - 000052224 _____ (Microsoft Corporation) C:\windows\system32\tetheringconfigsp.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000051200 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000049152 _____ (Microsoft Corporation) C:\windows\system32\XInputUap.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000047616 _____ C:\windows\system32\UsbPmApi.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000047000 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000046632 _____ (Microsoft Corporation) C:\windows\system32\browser_broker.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000045568 _____ (Microsoft Corporation) C:\windows\system32\cellulardatacapabilityhandler.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\cmintegrator.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Resources.Common.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\WiredNetworkCSP.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\WordBreakers.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\wfdprov.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\WiFiConfigSP.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000037176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wimmount.sys
2019-10-18 00:26 - 2019-10-18 00:26 - 000036864 _____ (Microsoft Corporation) C:\windows\system32\wlansvcpal.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000036864 _____ (Microsoft Corporation) C:\windows\system32\TokenBrokerCookies.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000036864 _____ (Microsoft Corporation) C:\windows\system32\IcsEntitlementHost.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicPS.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000027648 _____ (Microsoft Corporation) C:\windows\system32\Win32_DeviceGuard.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\vdsldr.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000025600 _____ (Microsoft Corporation) C:\windows\system32\appidtel.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000025088 _____ (Microsoft Corporation) C:\windows\system32\autopilotdiag.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000024576 _____ (Microsoft Corporation) C:\windows\system32\wfapigp.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000024064 _____ (Microsoft Corporation) C:\windows\system32\wci.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000024064 _____ (Microsoft Corporation) C:\windows\system32\CSystemEventsBrokerClient.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000018432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\applockerfltr.sys
2019-10-18 00:26 - 2019-10-18 00:26 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\bindflt.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\wlanhlp.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\dstokenclean.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000012800 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000003584 _____ (Microsoft Corporation) C:\windows\system32\TpmCertResources.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000002560 _____ (Microsoft Corporation) C:\windows\system32\tier2punctuations.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000002560 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2019-10-18 00:25 - 2019-10-18 00:25 - 001428992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000804880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000804664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\acpi.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000551952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Vid.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000436536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000425472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000355000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000324608 _____ (Microsoft Corporation) C:\windows\system32\Drivers\xboxgip.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000249656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000231936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthA2dp.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000223032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000208184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000201016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000199480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000151568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vmbus.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000114688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthenum.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BTHUSB.SYS
2019-10-18 00:25 - 2019-10-18 00:25 - 000079376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\uaspstor.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidspi.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000055304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storufs.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000052752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vmstorfl.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\devauthe.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000043536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storvsc.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000036864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthMini.SYS
2019-10-18 00:25 - 2019-10-18 00:25 - 000028936 _____ (Microsoft Corporation) C:\windows\system32\vmbuspipe.dll
2019-10-18 00:25 - 2019-10-18 00:25 - 000023352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\isapnp.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000019256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msisadrv.sys
2019-10-18 00:15 - 2019-09-20 06:36 - 000492544 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2019-10-18 00:15 - 2019-09-20 06:14 - 000390656 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2019-10-17 10:08 - 2019-10-17 10:08 - 000000000 ____D C:\Users\eveee\AppData\Local\CEF
2019-10-17 10:05 - 2019-10-17 10:05 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-17 10:05 - 2019-10-17 10:05 - 000000000 ____D C:\Users\eveee\AppData\Local\mbamtray
2019-10-17 10:05 - 2019-10-17 10:05 - 000000000 ____D C:\Users\eveee\AppData\Local\mbam
2019-10-17 10:05 - 2019-10-17 10:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-17 10:05 - 2019-10-17 10:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-10-17 10:05 - 2019-10-17 10:05 - 000000000 ____D C:\Program Files\Malwarebytes
2019-10-17 10:05 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2019-10-17 10:05 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamElam.sys
2019-10-17 10:03 - 2019-10-17 10:04 - 066367928 _____ (Malwarebytes ) C:\Users\eveee\Desktop\mb3-setup-37469.37469-3.8.3.2965-1.0.627-1.0.12633.exe
2019-10-17 10:00 - 2019-10-18 09:47 - 000000000 ____D C:\AdwCleaner
2019-10-17 09:58 - 2019-10-17 09:58 - 007622344 _____ (Malwarebytes) C:\Users\eveee\Desktop\AdwCleaner.exe
2019-10-17 09:51 - 2019-10-17 09:51 - 000448512 _____ (OldTimer Tools) C:\Users\eveee\Downloads\TFC (1).exe
2019-10-17 09:51 - 2019-10-17 09:51 - 000448512 _____ (OldTimer Tools) C:\Users\eveee\Desktop\TFC.exe
2019-10-17 09:50 - 2019-10-17 09:50 - 000050688 _____ (Atribune.org) C:\Users\eveee\Desktop\ATF-Cleaner.exe
2019-10-17 09:35 - 2019-10-20 12:45 - 000803350 _____ C:\Users\eveee\Desktop\Bezpečnost a kvalita potravin U3V.pptx
2019-10-17 09:29 - 2019-10-17 09:29 - 000000000 ____D C:\Users\eveee\Documents\Vlastní šablony Office
2019-10-16 12:38 - 2019-10-16 12:38 - 000388608 _____ (Trend Micro Inc.) C:\Users\eveee\Downloads\HijackThis (1).exe
2019-10-16 12:34 - 2019-10-16 12:34 - 000388608 _____ (Trend Micro Inc.) C:\Users\eveee\Downloads\HijackThis.exe
2019-10-16 11:40 - 2019-10-16 11:40 - 000107762 _____ C:\Users\eveee\Downloads\VypisZUctu_3987191004_3.pdf
2019-10-16 10:29 - 2019-10-16 10:29 - 000000000 ____D C:\Users\eveee\AppData\Roaming\Google
2019-10-16 10:28 - 2019-10-07 21:14 - 000012352 _____ C:\Users\eveee\Desktop\1.sh3d
2019-10-16 10:28 - 2019-10-07 13:14 - 000001214 _____ C:\Users\eveee\Desktop\Sweet Home 3D.lnk
2019-10-16 10:26 - 2019-10-16 12:21 - 000000000 ____D C:\Users\eveee\AppData\Local\Google
2019-10-14 14:17 - 2019-10-14 14:17 - 000002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-14 14:17 - 2019-10-14 14:17 - 000002343 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-14 14:16 - 2019-10-20 15:12 - 000003402 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-14 14:16 - 2019-10-20 15:12 - 000003178 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-14 14:16 - 2019-10-14 14:22 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-14 14:15 - 2019-10-14 14:15 - 000002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-10-14 14:15 - 2019-10-14 14:15 - 000002159 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-10-14 14:15 - 2019-10-14 14:15 - 000000000 ____D C:\Users\eveee\AppData\Roaming\AVAST Software
2019-10-14 14:14 - 2019-10-20 15:12 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2019-10-14 14:14 - 2019-10-17 09:50 - 000000000 ____D C:\Users\eveee\AppData\Local\Comms
2019-10-14 14:13 - 2019-10-14 14:13 - 000848432 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000460448 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000355720 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2019-10-14 14:13 - 2019-10-14 14:13 - 000316528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000276952 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000274456 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000236024 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000209552 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000204824 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000171520 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000110320 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000083792 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000065120 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000042736 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000037616 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000016304 _____ (AVAST Software) C:\windows\system32\Drivers\aswElam.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000003990 _____ C:\windows\system32\Tasks\Avast Emergency Update
2019-10-14 14:13 - 2019-10-14 14:13 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-10-14 14:12 - 2019-10-14 14:13 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-14 14:12 - 2019-10-14 14:12 - 000000000 ____D C:\Program Files\AVAST Software
2019-10-14 13:22 - 2019-10-16 10:39 - 000000000 ____D C:\Users\eveee\AppData\Local\Publishers
2019-10-14 13:08 - 2019-10-20 15:12 - 000002862 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1060881290-2587464125-2283398412-1001
2019-10-14 13:08 - 2019-10-18 09:51 - 000000000 ___RD C:\Users\eveee\OneDrive
2019-10-14 13:07 - 2019-10-14 13:18 - 000000000 ____D C:\Users\eveee\AppData\Roaming\HP
2019-10-14 13:06 - 2019-10-14 13:06 - 000001446 _____ C:\Users\eveee\Desktop\Microsoft Edge.lnk
2019-10-14 13:05 - 2019-10-19 12:34 - 000000000 __SHD C:\Users\eveee\IntelGraphicsProfiles
2019-10-14 13:05 - 2019-10-18 01:29 - 000000000 ____D C:\Users\eveee\AppData\Local\Packages
2019-10-14 13:05 - 2019-10-18 01:11 - 000000000 ___RD C:\Users\eveee\3D Objects
2019-10-14 13:05 - 2019-10-16 12:53 - 000000000 ____D C:\Users\eveee\AppData\Local\VirtualStore
2019-10-14 13:05 - 2019-10-16 10:25 - 000000000 ____D C:\Users\eveee\AppData\Local\ConnectedDevicesPlatform
2019-10-14 13:05 - 2019-10-14 13:06 - 000000000 ____D C:\Users\eveee\AppData\Local\Intel
2019-10-14 13:05 - 2019-10-14 13:05 - 000000000 ___HD C:\Users\eveee\MicrosoftEdgeBackups
2019-10-14 13:05 - 2019-10-14 13:05 - 000000000 ____D C:\Users\eveee\AppData\Roaming\Synaptics
2019-10-14 13:05 - 2019-10-14 13:05 - 000000000 ____D C:\Users\eveee\AppData\Roaming\Adobe
2019-10-14 13:05 - 2019-10-14 13:05 - 000000000 ____D C:\Users\eveee\AppData\Local\MicrosoftEdge
2019-10-14 12:50 - 2019-10-14 13:09 - 000002372 _____ C:\Users\eveee\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-14 12:50 - 2019-10-14 13:08 - 000000000 ____D C:\Users\eveee
2019-10-14 12:50 - 2019-10-14 12:50 - 000000020 ___SH C:\Users\eveee\ntuser.ini
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Šablony
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Soubory cookie
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Poslední
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Okolní tiskárny
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Okolní síť
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Nabídka Start
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Dokumenty
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Documents\Obrázky
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Documents\Hudba
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Documents\Filmy
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Data aplikací
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\AppData\Local\Data aplikací
2019-10-14 09:57 - 2019-10-14 09:57 - 000000000 ____D C:\windows\minidump
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Šablony
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Poslední
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start

iviste
nováček
Příspěvky: 39
Registrován: listopad 13
Pohlaví: Žena

Re: výpis HJT kontrola

Příspěvekod iviste » 20 říj 2019 18:41

C:\windows\system32\RemovableMediaProvisioningPlugin.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\CertEnrollCtrl.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\tbauth.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\ByteCodeGenerator.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\AssignedAccessRuntime.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000057856 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000057856 _____ (Microsoft Corporation) C:\windows\system32\wcimage.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000057344 _____ (Microsoft Corporation) C:\windows\system32\audioresourceregistrar.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000056832 _____ (Microsoft Corporation) C:\windows\system32\GameInput.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000053248 _____ C:\windows\system32\Drivers\UsbPmApi.sys
2019-10-18 00:26 - 2019-10-18 00:26 - 000052224 _____ (Microsoft Corporation) C:\windows\system32\tetheringconfigsp.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000051200 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000049152 _____ (Microsoft Corporation) C:\windows\system32\XInputUap.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000047616 _____ C:\windows\system32\UsbPmApi.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000047000 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000046632 _____ (Microsoft Corporation) C:\windows\system32\browser_broker.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000045568 _____ (Microsoft Corporation) C:\windows\system32\cellulardatacapabilityhandler.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000044544 _____ (Microsoft Corporation) C:\windows\system32\cmintegrator.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Resources.Common.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000043008 _____ (Microsoft Corporation) C:\windows\system32\WiredNetworkCSP.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\WordBreakers.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\wfdprov.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\WiFiConfigSP.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000037176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wimmount.sys
2019-10-18 00:26 - 2019-10-18 00:26 - 000036864 _____ (Microsoft Corporation) C:\windows\system32\wlansvcpal.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000036864 _____ (Microsoft Corporation) C:\windows\system32\TokenBrokerCookies.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000036864 _____ (Microsoft Corporation) C:\windows\system32\IcsEntitlementHost.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000033792 _____ (Microsoft Corporation) C:\windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\WaaSMedicPS.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000027648 _____ (Microsoft Corporation) C:\windows\system32\Win32_DeviceGuard.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\vdsldr.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000025600 _____ (Microsoft Corporation) C:\windows\system32\appidtel.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000025088 _____ (Microsoft Corporation) C:\windows\system32\autopilotdiag.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000024576 _____ (Microsoft Corporation) C:\windows\system32\wfapigp.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000024064 _____ (Microsoft Corporation) C:\windows\system32\wci.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000024064 _____ (Microsoft Corporation) C:\windows\system32\CSystemEventsBrokerClient.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000018432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\applockerfltr.sys
2019-10-18 00:26 - 2019-10-18 00:26 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\bindflt.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000016896 _____ (Microsoft Corporation) C:\windows\system32\wlanhlp.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\dstokenclean.exe
2019-10-18 00:26 - 2019-10-18 00:26 - 000012800 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000003584 _____ (Microsoft Corporation) C:\windows\system32\TpmCertResources.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000002560 _____ (Microsoft Corporation) C:\windows\system32\tier2punctuations.dll
2019-10-18 00:26 - 2019-10-18 00:26 - 000002560 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2019-10-18 00:25 - 2019-10-18 00:25 - 001428992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000804880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000804664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\acpi.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000551952 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Vid.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000436536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000425472 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000355000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000324608 _____ (Microsoft Corporation) C:\windows\system32\Drivers\xboxgip.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000249656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tpm.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000231936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthA2dp.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000223032 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000208184 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000201016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000199480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000151568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vmbus.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000114688 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bthenum.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000098304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BTHUSB.SYS
2019-10-18 00:25 - 2019-10-18 00:25 - 000079376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\uaspstor.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000064000 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidspi.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000055304 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storufs.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000052752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vmstorfl.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000047104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\devauthe.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000043536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storvsc.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000036864 _____ (Microsoft Corporation) C:\windows\system32\Drivers\BthMini.SYS
2019-10-18 00:25 - 2019-10-18 00:25 - 000028936 _____ (Microsoft Corporation) C:\windows\system32\vmbuspipe.dll
2019-10-18 00:25 - 2019-10-18 00:25 - 000023352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\isapnp.sys
2019-10-18 00:25 - 2019-10-18 00:25 - 000019256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msisadrv.sys
2019-10-18 00:15 - 2019-09-20 06:36 - 000492544 _____ (Microsoft Corporation) C:\windows\system32\poqexec.exe
2019-10-18 00:15 - 2019-09-20 06:14 - 000390656 _____ (Microsoft Corporation) C:\windows\SysWOW64\poqexec.exe
2019-10-17 10:08 - 2019-10-17 10:08 - 000000000 ____D C:\Users\eveee\AppData\Local\CEF
2019-10-17 10:05 - 2019-10-17 10:05 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-10-17 10:05 - 2019-10-17 10:05 - 000000000 ____D C:\Users\eveee\AppData\Local\mbamtray
2019-10-17 10:05 - 2019-10-17 10:05 - 000000000 ____D C:\Users\eveee\AppData\Local\mbam
2019-10-17 10:05 - 2019-10-17 10:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-10-17 10:05 - 2019-10-17 10:05 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-10-17 10:05 - 2019-10-17 10:05 - 000000000 ____D C:\Program Files\Malwarebytes
2019-10-17 10:05 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2019-10-17 10:05 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamElam.sys
2019-10-17 10:03 - 2019-10-17 10:04 - 066367928 _____ (Malwarebytes ) C:\Users\eveee\Desktop\mb3-setup-37469.37469-3.8.3.2965-1.0.627-1.0.12633.exe

iviste
nováček
Příspěvky: 39
Registrován: listopad 13
Pohlaví: Žena

Re: výpis HJT kontrola

Příspěvekod iviste » 20 říj 2019 18:41

2019-10-17 10:00 - 2019-10-18 09:47 - 000000000 ____D C:\AdwCleaner
2019-10-17 09:58 - 2019-10-17 09:58 - 007622344 _____ (Malwarebytes) C:\Users\eveee\Desktop\AdwCleaner.exe
2019-10-17 09:51 - 2019-10-17 09:51 - 000448512 _____ (OldTimer Tools) C:\Users\eveee\Downloads\TFC (1).exe
2019-10-17 09:51 - 2019-10-17 09:51 - 000448512 _____ (OldTimer Tools) C:\Users\eveee\Desktop\TFC.exe
2019-10-17 09:50 - 2019-10-17 09:50 - 000050688 _____ (Atribune.org) C:\Users\eveee\Desktop\ATF-Cleaner.exe
2019-10-17 09:35 - 2019-10-20 12:45 - 000803350 _____ C:\Users\eveee\Desktop\Bezpečnost a kvalita potravin U3V.pptx
2019-10-17 09:29 - 2019-10-17 09:29 - 000000000 ____D C:\Users\eveee\Documents\Vlastní šablony Office
2019-10-16 12:38 - 2019-10-16 12:38 - 000388608 _____ (Trend Micro Inc.) C:\Users\eveee\Downloads\HijackThis (1).exe
2019-10-16 12:34 - 2019-10-16 12:34 - 000388608 _____ (Trend Micro Inc.) C:\Users\eveee\Downloads\HijackThis.exe
2019-10-16 11:40 - 2019-10-16 11:40 - 000107762 _____ C:\Users\eveee\Downloads\VypisZUctu_3987191004_3.pdf
2019-10-16 10:29 - 2019-10-16 10:29 - 000000000 ____D C:\Users\eveee\AppData\Roaming\Google
2019-10-16 10:28 - 2019-10-07 21:14 - 000012352 _____ C:\Users\eveee\Desktop\1.sh3d
2019-10-16 10:28 - 2019-10-07 13:14 - 000001214 _____ C:\Users\eveee\Desktop\Sweet Home 3D.lnk
2019-10-16 10:26 - 2019-10-16 12:21 - 000000000 ____D C:\Users\eveee\AppData\Local\Google
2019-10-14 14:17 - 2019-10-14 14:17 - 000002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-14 14:17 - 2019-10-14 14:17 - 000002343 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-14 14:16 - 2019-10-20 15:12 - 000003402 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-14 14:16 - 2019-10-20 15:12 - 000003178 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-14 14:16 - 2019-10-14 14:22 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-14 14:15 - 2019-10-14 14:15 - 000002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-10-14 14:15 - 2019-10-14 14:15 - 000002159 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-10-14 14:15 - 2019-10-14 14:15 - 000000000 ____D C:\Users\eveee\AppData\Roaming\AVAST Software
2019-10-14 14:14 - 2019-10-20 15:12 - 000000000 ____D C:\windows\system32\Tasks\Avast Software
2019-10-14 14:14 - 2019-10-17 09:50 - 000000000 ____D C:\Users\eveee\AppData\Local\Comms
2019-10-14 14:13 - 2019-10-14 14:13 - 000848432 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000460448 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000355720 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2019-10-14 14:13 - 2019-10-14 14:13 - 000316528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000276952 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000274456 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdriver.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000236024 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000209552 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsh.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000204824 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000171520 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000110320 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000083792 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000065120 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniv.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000042736 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000037616 _____ (AVAST Software) C:\windows\system32\Drivers\aswArDisk.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000016304 _____ (AVAST Software) C:\windows\system32\Drivers\aswElam.sys
2019-10-14 14:13 - 2019-10-14 14:13 - 000003990 _____ C:\windows\system32\Tasks\Avast Emergency Update
2019-10-14 14:13 - 2019-10-14 14:13 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-10-14 14:12 - 2019-10-14 14:13 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-14 14:12 - 2019-10-14 14:12 - 000000000 ____D C:\Program Files\AVAST Software
2019-10-14 13:22 - 2019-10-16 10:39 - 000000000 ____D C:\Users\eveee\AppData\Local\Publishers
2019-10-14 13:08 - 2019-10-20 15:12 - 000002862 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1060881290-2587464125-2283398412-1001
2019-10-14 13:08 - 2019-10-18 09:51 - 000000000 ___RD C:\Users\eveee\OneDrive
2019-10-14 13:07 - 2019-10-14 13:18 - 000000000 ____D C:\Users\eveee\AppData\Roaming\HP
2019-10-14 13:06 - 2019-10-14 13:06 - 000001446 _____ C:\Users\eveee\Desktop\Microsoft Edge.lnk
2019-10-14 13:05 - 2019-10-19 12:34 - 000000000 __SHD C:\Users\eveee\IntelGraphicsProfiles
2019-10-14 13:05 - 2019-10-18 01:29 - 000000000 ____D C:\Users\eveee\AppData\Local\Packages
2019-10-14 13:05 - 2019-10-18 01:11 - 000000000 ___RD C:\Users\eveee\3D Objects
2019-10-14 13:05 - 2019-10-16 12:53 - 000000000 ____D C:\Users\eveee\AppData\Local\VirtualStore
2019-10-14 13:05 - 2019-10-16 10:25 - 000000000 ____D C:\Users\eveee\AppData\Local\ConnectedDevicesPlatform
2019-10-14 13:05 - 2019-10-14 13:06 - 000000000 ____D C:\Users\eveee\AppData\Local\Intel
2019-10-14 13:05 - 2019-10-14 13:05 - 000000000 ___HD C:\Users\eveee\MicrosoftEdgeBackups
2019-10-14 13:05 - 2019-10-14 13:05 - 000000000 ____D C:\Users\eveee\AppData\Roaming\Synaptics
2019-10-14 13:05 - 2019-10-14 13:05 - 000000000 ____D C:\Users\eveee\AppData\Roaming\Adobe
2019-10-14 13:05 - 2019-10-14 13:05 - 000000000 ____D C:\Users\eveee\AppData\Local\MicrosoftEdge
2019-10-14 12:50 - 2019-10-14 13:09 - 000002372 _____ C:\Users\eveee\AppData\Roaming\Microsoft\Windows\Start

iviste
nováček
Příspěvky: 39
Registrován: listopad 13
Pohlaví: Žena

Re: výpis HJT kontrola

Příspěvekod iviste » 20 říj 2019 18:42

Menu\Programs\OneDrive.lnk
2019-10-14 12:50 - 2019-10-14 13:08 - 000000000 ____D C:\Users\eveee
2019-10-14 12:50 - 2019-10-14 12:50 - 000000020 ___SH C:\Users\eveee\ntuser.ini
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Šablony
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Soubory cookie
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Poslední
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Okolní tiskárny
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Okolní síť
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Nabídka Start
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Dokumenty
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Documents\Obrázky
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Documents\Hudba
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Documents\Filmy
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\Data aplikací
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\AppData\Roaming\Microsoft\Windows\Start

iviste
nováček
Příspěvky: 39
Registrován: listopad 13
Pohlaví: Žena

Re: výpis HJT kontrola

Příspěvekod iviste » 20 říj 2019 18:42

Menu\Programy
2019-10-14 12:50 - 2019-10-14 12:50 - 000000000 _SHDL C:\Users\eveee\AppData\Local\Data aplikací
2019-10-14 09:57 - 2019-10-14 09:57 - 000000000 ____D C:\windows\minidump
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Šablony
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Poslední
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\StartMenu\Programy
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\Šablony
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\Soubory cookie
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\Poslední
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\Okolní tiskárny
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\Okolní síť
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\Nabídka Start
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\Dokumenty
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\Data aplikací
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\ProgramData\Šablony
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\ProgramData\Plocha
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\ProgramData\Dokumenty
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\ProgramData\Data aplikací
2019-10-14 09:55 - 2019-10-14 09:55 - 000000000 _SHDL C:\Documents and Settings

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-20 18:07 - 2019-04-15 17:38 - 000000000 ____D C:\windows\system32\SleepStudy
2019-10-20 15:12 - 2019-08-15 10:07 - 000002856 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1060881290-2587464125-2283398412-500
2019-10-20 15:12 - 2019-05-09 08:26 - 000002766 _____ C:\windows\system32\Tasks\HPAudioSwitch
2019-10-20 12:32 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-19 17:22 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-19 17:22 - 2019-03-19 06:52 - 000000000 ____D C:\windows\AppReadiness
2019-10-19 12:37 - 2019-05-09 17:26 - 000686306 _____ C:\windows\system32\perfh005.dat
2019-10-19 12:37 - 2019-05-09 17:26 - 000138470 _____ C:\windows\system32\perfc005.dat
2019-10-19 12:37 - 2019-05-09 08:14 - 001659978 _____ C:\windows\system32\PerfStringBackup.INI
2019-10-19 12:37 - 2019-03-19 06:50 - 000000000 ____D C:\windows\INF
2019-10-19 12:32 - 2019-04-15 17:38 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-10-19 12:31 - 2019-03-19 06:37 - 000524288 _____ C:\windows\system32\config\BBI
2019-10-18 11:43 - 2019-04-15 17:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-10-18 01:30 - 2019-08-15 09:00 - 000000000 ____D C:\ProgramData\Packages
2019-10-18 01:07 - 2019-04-15 17:38 - 000521888 _____ C:\windows\system32\FNTCACHE.DAT
2019-10-18 01:04 - 2019-03-19 06:52 - 000000000 ___SD C:\windows\system32\DiagSvcs
2019-10-18 01:04 - 2019-03-19 06:52 - 000000000 ____D C:\windows\TextInput
2019-10-18 01:04 - 2019-03-19 06:52 - 000000000 ____D C:\windows\SysWOW64\oobe
2019-10-18 01:04 - 2019-03-19 06:52 - 000000000 ____D C:\windows\SysWOW64\Dism
2019-10-18 01:04 - 2019-03-19 06:52 - 000000000 ____D C:\windows\SystemResources
2019-10-18 01:04 - 2019-03-19 06:52 - 000000000 ____D C:\windows\system32\WinMetadata
2019-10-18 01:04 - 2019-03-19 06:52 - 000000000 ____D C:\windows\system32\SystemResetPlatform
2019-10-18 01:04 - 2019-03-19 06:52 - 000000000 ____D C:\windows\system32\PerceptionSimulation
2019-10-18 01:04 - 2019-03-19 06:52 - 000000000 ____D C:\windows\system32\oobe
2019-10-18 01:04 - 2019-03-19 06:52 - 000000000 ____D C:\windows\system32\migwiz
2019-10-18 01:04 - 2019-03-19 06:52 - 000000000 ____D C:\windows\system32\Dism
2019-10-18 01:03 - 2019-08-15 18:14 - 000000000 ____D C:\windows\HoloShell
2019-10-18 01:03 - 2019-03-19 06:52 - 000000000 ___RD C:\windows\PrintDialog
2019-10-18 01:03 - 2019-03-19 06:52 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2019-10-18 01:03 - 2019-03-19 06:52 - 000000000 ____D C:\windows\ShellExperiences
2019-10-18 01:03 - 2019-03-19 06:52 - 000000000 ____D C:\windows\Provisioning
2019-10-18 01:03 - 2019-03-19 06:52 - 000000000 ____D C:\windows\PolicyDefinitions
2019-10-18 01:03 - 2019-03-19 06:52 - 000000000 ____D C:\windows\bcastdvr
2019-10-18 00:39 - 2019-03-19 06:37 - 000000000 ____D C:\windows\CbsTemp
2019-10-18 00:34 - 2019-03-19 08:20 - 000021504 _____ (Microsoft Corporation) C:\windows\system32\OEMDefaultAssociations.dll
2019-10-18 00:34 - 2019-03-19 08:20 - 000018903 _____ C:\windows\system32\OEMDefaultAssociations.xml
2019-10-18 00:34 - 2019-03-19 06:37 - 000000000 ____D C:\windows\servicing
2019-10-17 10:05 - 2019-03-19 06:52 - 000000000 ___HD C:\windows\ELAMBKUP
2019-10-17 09:02 - 2019-03-19 06:52 - 000000000 ____D C:\windows\LiveKernelReports
2019-10-16 14:17 - 2019-03-19 08:20 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-10-16 14:17 - 2019-03-19 08:20 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-10-16 14:17 - 2019-03-19 08:18 - 000000000 ____D C:\windows\SysWOW64\winrm
2019-10-16 14:17 - 2019-03-19 08:18 - 000000000 ____D C:\windows\SysWOW64\WCN
2019-10-16 14:17 - 2019-03-19 08:18 - 000000000 ____D C:\windows\SysWOW64\slmgr
2019-10-16 14:17 - 2019-03-19 08:18 - 000000000 ____D C:\windows\SysWOW64\Printing_Admin_Scripts
2019-10-16 14:17 - 2019-03-19 08:18 - 000000000 ____D C:\windows\system32\winrm
2019-10-16 14:17 - 2019-03-19 08:18 - 000000000 ____D C:\windows\system32\WCN
2019-10-16 14:17 - 2019-03-19 08:18 - 000000000 ____D C:\windows\system32\slmgr
2019-10-16 14:17 - 2019-03-19 08:18 - 000000000 ____D C:\windows\system32\Printing_Admin_Scripts
2019-10-16 14:17 - 2019-03-19 06:52 - 000000000 ___SD C:\windows\SysWOW64\F12
2019-10-16 14:17 - 2019-03-19 06:52 - 000000000 ___SD C:\windows\SysWOW64\DiagSvcs
2019-10-16 14:17 - 2019-03-19 06:52 - 000000000 ___SD C:\windows\system32\F12
2019-10-16 14:17 - 2019-03-19 06:52 - 000000000 ____D C:\windows\system32\WinBioPlugIns
2019-10-16 14:17 - 2019-03-19 06:52 - 000000000 ____D C:\windows\system32\Sysprep
2019-10-16 14:17 - 2019-03-19 06:52 - 000000000 ____D C:\windows\IME
2019-10-16 14:17 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2019-10-16 14:17 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\System
2019-10-16 14:17 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2019-10-16 14:13 - 2019-04-15 18:31 - 000000000 ____D C:\windows\Panther
2019-10-16 12:05 - 2019-03-19 06:37 - 000032768 _____ C:\windows\system32\config\ELAM
2019-10-16 12:04 - 2019-08-15 09:21 - 000000000 ____D C:\windows\system32\Tasks\McAfee
2019-10-16 10:45 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-10-16 10:43 - 2019-08-15 08:36 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-10-16 10:43 - 2019-05-09 08:28 - 000000000 ____D C:\Program Files\Microsoft Office
2019-10-16 10:28 - 2019-03-19 06:52 - 000000000 ____D C:\windows\appcompat
2019-10-14 13:06 - 2019-05-09 08:24 - 000000000 ____D C:\ProgramData\HP
2019-10-14 13:05 - 2019-02-15 18:22 - 000000000 ___HD C:\SYSTEM.SAV
2019-10-14 12:50 - 2019-03-19 06:52 - 000000000 ____D C:\windows\system32\WinBioDatabase
2019-10-14 10:02 - 2019-03-19 06:52 - 000000000 ____D C:\windows\ServiceState
2019-10-14 09:58 - 2019-03-19 06:52 - 000000000 ____D C:\windows\system32\spool
2019-10-14 09:58 - 2019-03-19 06:52 - 000000000 ____D C:\windows\system32\FxsTmp
2019-10-14 09:55 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows NT

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

iviste
nováček
Příspěvky: 39
Registrován: listopad 13
Pohlaví: Žena

Re: výpis HJT kontrola

Příspěvekod iviste » 20 říj 2019 18:54

Program FRST pravděpodobně obsahuje vir! Notebook začal neustále scanovat a vytvářet loga bez možnosti vypnutí. Po restartu se mi automaticky pokoušel několikrát přihlásit do notebooku s následnou blokací přihlášení. Momentálně je notebook dost zpomalený. Posílám nový HJT

iviste
nováček
Příspěvky: 39
Registrován: listopad 13
Pohlaví: Žena

Re: výpis HJT kontrola

Příspěvekod iviste » 20 říj 2019 18:57

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:56:51, on 20.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.18362.0001)


Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
C:\Users\eveee\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
C:\Users\eveee\Downloads\HijackThis (2).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://hp17win10.msn.com/?pc=HCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://hp17win10.msn.com/?pc=HCTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hp17win10.msn.com/?pc=HCTE
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O4 - HKCU\..\Run: [HPSEU_Host_Launcher] C:\System.sav\util\HpseuHostLauncher.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\eveee\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_031414fb4f650e35\IntelCpHeciSvc.exe
O23 - Service: Intel(R) Content Protection HDCP Service (cplspcon) - Intel Corporation - C:\windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_031414fb4f650e35\IntelCpHDCPSvc.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_165767f - Unknown owner - C:\windows\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @oem13.inf,%ServiceDisplayName%;Intel(R) Dynamic Platform and Thermal Framework service (esifsvc) - Unknown owner - C:\windows\System32\Intel\DPTF\esif_uf.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.120\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: @oem79.inf,%ServiceAppHelperDesc%;HP App Helper HSA Service (HPAppHelperCap) - HP Inc. - C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\AppHelperCap.exe
O23 - Service: @oem79.inf,%ServiceNetworkDesc%;HP Network HSA Service (HPNetworkCap) - HP Inc. - C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\NetworkCap.exe
O23 - Service: @oem79.inf,%ServiceSysInfoDesc%;HP System Info HSA Service (HPSysInfoCap) - HP Inc. - C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_7898ab4dfb5a2c7b\x64\SysInfoCap.exe
O23 - Service: @oem76.inf,%hpanalyticscomp%;HP Analytics service (HpTouchpointAnalyticsService) - HP Inc. - C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_19ec9c352a1b5135\x64\TouchpointAnalyticsClientService.exe
O23 - Service: @oem0.inf,%iaStorAfsWindowsService.Name%;Intel(R) Optane(TM) Memory Service (iaStorAfsService) - Unknown owner - C:\windows\System32\iaStorAfsService.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_9de8154b682af864\igfxCUIService.exe
O23 - Service: @oem14.inf,%SocketHECIServiceName%;Intel(R) Capability Licensing Service TCP IP Interface (Intel(R) Capability Licensing Service TCP IP Interface) - Intel(R) Corporation - C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_34687bf44d0a152a\lib\SocketHeciServer.exe
O23 - Service: @oem14.inf,%TPMProvisioningServiceName%;Intel(R) TPM Provisioning Service (Intel(R) TPM Provisioning Service) - Intel(R) Corporation - C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_34687bf44d0a152a\lib\TPMProvisioningService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Unknown owner - C:\windows\System32\jhi_service.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RstMwService - Intel Corporation - C:\windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_1bbd4ceec44f26c8\RstMwService.exe
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Unknown owner - C:\windows\System32\RtkAudUService64.exe (file missing)
O23 - Service: @oem55.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\windows\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Sound Research SECOMN Service (SECOMNService) - Unknown owner - C:\windows\System32\SECOMN64.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\windows\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\windows\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\windows\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @oem74.inf,%SynTPEnhService.SVCDESC%;SynTPEnhService (SynTPEnhService) - Unknown owner - C:\windows\System32\SynTPEnhService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13099 bytes

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40039
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: výpis HJT kontrola

Příspěvekod jaro3 » 22 říj 2019 18:14

frst----proto píšu Vypni antivir i firewall.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost


Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM , změň na 2048.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".

Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 23 hostů