Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Instagram hacknutý?

Návody, recenze, diskuze, řešení problémů

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
Zpráva
Autor
dj-paja
Návštěvník
Návštěvník
Příspěvky: 412
Registrován: 16 úno 2012 12:30

Instagram hacknutý?

#1 Příspěvek od dj-paja »

Zdravim,řešim můj instagram,kam jsem se nemohl dostat změnil jsem si heslo,jde o to,že v nastavení byl jiný email,sledujících bylo 2600 cca,které ani neznám,ani jsem nedal povel pro sledování.Co se týká,fotek ty zůstali a profilová fotka také.Poradíte,jak odstranit ty otravné sledujicí lidi respektive co to mohlo způsobit,setkal jste se táké někdo s tímto díky.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Instagram hacknutý?

#2 Příspěvek od Diallix »

Dobry den.

Tak tam staci len tolko, aby niekto napisal keyloggera, ktoreho staci spustit na vasom pocitaci. Obvykle odchytava klavesy, ktore nasledne uploaduje niekam na ftp, konkretne nieco take nie je tazke napisat. Osobne by ma zaujimalo, aky to bol email z ktorej krajiny.

To, ako zmazat sledovanych vam neporadim, nakolko ja istagram nepouzivam.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

dj-paja
Návštěvník
Návštěvník
Příspěvky: 412
Registrován: 16 úno 2012 12:30

Re: Instagram hacknutý?

#3 Příspěvek od dj-paja »

No email byl s tečkou ru. tak,poradíte co stím či nevíte díky.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Instagram hacknutý?

#4 Příspěvek od Diallix »

:arrow: Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

dj-paja
Návštěvník
Návštěvník
Příspěvky: 412
Registrován: 16 úno 2012 12:30

Re: Instagram hacknutý?

#5 Příspěvek od dj-paja »

# -------------------------------
# Malwarebytes AdwCleaner 8.0.3.0
# -------------------------------
# Build: 03-03-2020
# Database: 2020-03-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-23-2020
# Duration: 00:00:07
# OS: Windows 10 Home
# Cleaned: 15
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\c606230e2d10b5c62662d0522a079c91
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKCU\Software\Reimage
Deleted HKCU\Software\csastats
Deleted HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Deleted HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Deleted HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Deleted HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Deleted HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Deleted HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine
Deleted HKLM\Software\Classes\REI_AxControl.ReiEngine.1
Deleted HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Deleted HKLM\Software\Reimage

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2625 octets] - [23/03/2020 14:22:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Instagram hacknutý?

#6 Příspěvek od Diallix »

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

dj-paja
Návštěvník
Návštěvník
Příspěvky: 412
Registrován: 16 úno 2012 12:30

Re: Instagram hacknutý?

#7 Příspěvek od dj-paja »

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-03-2020
Ran by toxic (administrator) on DESKTOP-3HMT51S (Acer Aspire 6930G) (23-03-2020 16:57:59)
Running from D:\Stažené soubory
Loaded Profiles: toxic (Available Profiles: defaultuser0 & toxic)
Platform: Microsoft Windows 10 Home Version 1909 18363.720 (X86) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Nainstalovano\Avast \AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Nainstalovano\Avast \AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Nainstalovano\Avast \AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Nainstalovano\Avast \wsc_proxy.exe
(Malwarebytes Inc -> Malwarebytes) D:\Stažené soubory\adwcleaner_8.0.3.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12003.1001.1.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20012.135.0_x86__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Nainstalovano\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Nainstalovano\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Nainstalovano\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Nainstalovano\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Nainstalovano\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Nainstalovano\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Opera Software AS -> Opera Software) C:\Nainstalovano\Opera\assistant\browser_assistant.exe
(Opera Software AS -> Opera Software) C:\Nainstalovano\Opera\assistant\browser_assistant.exe
(Prolific Technology Inc.) [File not signed] C:\Windows\System32\IoctlSvc.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [570664 2008-05-28] (Nero AG -> Nero AG)
HKLM\...\Run: [AvastUI.exe] => C:\Nainstalovano\Avast \AvLaunch.exe [238392 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-1134202389-2396285059-191239155-1001\...\Run: [Opera Browser Assistant] => C:\Nainstalovano\Opera\assistant\browser_assistant.exe [3024408 2020-03-19] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1134202389-2396285059-191239155-1001\...\MountPoints2: {44e84d53-4b79-11ea-b132-00238b4d4eb9} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1134202389-2396285059-191239155-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\yowindow.scr
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1028E910-F232-4272-BCA5-37123A0423A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {274CC0BB-CC9D-467E-9475-E5DC3E8C9FF6} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1410152 2020-02-27] (Avast Software s.r.o. -> Avast Software)
Task: {28AFB791-C07F-4EB2-923D-09DFFAB77A07} - System32\Tasks\Avast Emergency Update => C:\Nainstalovano\Avast \AvEmUpdate.exe [3196864 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
Task: {3C3A201C-1DE3-4A93-9E80-24EBF5C2225B} - System32\Tasks\R@1n-KMS\Windows64Core => wmic path SoftwareLicensingProduct where (ID="58e97c99-f377-4ef1-81d5-4ad5522b5fd8") call Activate
Task: {65C688D3-89E2-496A-8105-42DBB0875149} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2019-11-27] (Google Inc -> Google Inc.)
Task: {C2E86555-C4A2-40D6-BC24-C22BDC1436BC} - System32\Tasks\Opera scheduled assistant Autoupdate 1576856810 => C:\Nainstalovano\Opera\launcher.exe [1355800 2020-03-19] (Opera Software AS -> Opera Software)
Task: {D9940D10-AA63-4D72-9155-CF8A8DE3209C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2019-11-27] (Google Inc -> Google Inc.)
Task: {DD5856EC-43E1-4D6E-9970-8DE5562A6CC6} - System32\Tasks\Opera scheduled Autoupdate 1574370956 => C:\Nainstalovano\Opera\launcher.exe [1355800 2020-03-19] (Opera Software AS -> Opera Software)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{35d52512-9f34-46a5-bf7d-a7cacdda0654}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: bkp0e99m.default
FF ProfilePath: C:\Users\toxic\AppData\Roaming\Mozilla\Firefox\Profiles\bkp0e99m.default [2019-11-27]
FF ProfilePath: C:\Users\toxic\AppData\Roaming\Mozilla\Firefox\Profiles\0ruyt16n.default-release [2020-03-23]
FF DownloadDir: D:\Stažené soubory
FF Homepage: Mozilla\Firefox\Profiles\0ruyt16n.default-release -> www.seznam.cz
FF Notifications: Mozilla\Firefox\Profiles\0ruyt16n.default-release -> hxxps://www.instagram.com; hxxps://plzensky.denik.cz
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-05] (Adobe Inc. -> Adobe Systems Inc.)
StartMenuInternet: Firefox-DE8BB025F0219FDF - C:\Nainstalovano\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default [2020-03-23]
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-27]
CHR Extension: (Dokumenty) - C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-27]
CHR Extension: (Disk Google) - C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-27]
CHR Extension: (YouTube) - C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-27]
CHR Extension: (Tabulky) - C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-27]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-02-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-27]
CHR Extension: (Gmail) - C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-27]
CHR Extension: (Chrome Media Router) - C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-23]

Opera:
=======
OPR DownloadDir: D:\Stažené soubory
OPR StartupUrls: "hxxp://www.seznam.cz/"

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88648 2020-02-25] (Adobe Inc. -> Adobe Systems)
S2 avast! Antivirus; C:\Nainstalovano\Avast \AvastSvc.exe [367184 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Nainstalovano\Avast \wsc_proxy.exe [57536 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
S3 Microsoft Office Groove Audit Service; C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveAuditService.exe [65824 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
S3 NBService; C:\Nainstalovano\Nero 7\Nero BackItUp\NBService.exe [800040 2008-04-08] (Nero AG -> Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [2258536 2019-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [85032 2019-11-29] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35752 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [175464 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15792 2020-02-26] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41448 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148416 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [95416 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [73552 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [690232 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [395096 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [177000 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [277648 2020-02-26] (Avast Software s.r.o. -> AVAST Software)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [243128 2019-12-02] (Disc Soft Ltd -> Disc Soft Ltd)
R3 L1E; C:\WINDOWS\System32\drivers\L1E62x86.sys [55296 2019-03-19] (Microsoft Windows -> Atheros Communications, Inc.)
R3 NETwNs32; C:\WINDOWS\System32\drivers\NETwNs32.sys [7518208 2019-03-19] (Microsoft Windows -> Intel Corporation)
S3 nmwcd; C:\WINDOWS\system32\drivers\ccdcmb.sys [18176 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\WINDOWS\system32\drivers\ccdcmbo.sys [23168 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 pccsmcfd; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [19072 2012-06-11] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
R3 SrvHsfHDA; C:\WINDOWS\system32\DRIVERS\VSTAZL3.SYS [207360 2019-03-19] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfV92; C:\WINDOWS\system32\DRIVERS\VSTDPV3.SYS [980992 2019-03-19] (Microsoft Windows -> Conexant Systems, Inc.)
R3 SrvHsfWinac; C:\WINDOWS\system32\DRIVERS\VSTCNXT3.SYS [661504 2019-03-19] (Microsoft Windows -> Conexant Systems, Inc.)
S3 upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [8192 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [8192 2012-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [38280 2019-11-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [275680 2019-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [38624 2019-11-29] (Microsoft Windows -> Microsoft Corporation)
S3 winbondcir; C:\WINDOWS\system32\DRIVERS\winbondcir.sys [43008 2007-03-28] (Microsoft Windows Hardware Compatibility Publisher -> Winbond Electronics Corporation)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [207360 2019-03-19] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-23 14:29 - 2020-02-26 14:16 - 000308600 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2020-03-15 21:11 - 2020-03-15 21:11 - 183140351 _____ C:\Users\toxic\Downloads\Pravda ohledně corona virusu Cz Dabing... - Edita Strbavá Lundra.wmv
2020-03-13 13:56 - 2020-03-13 13:56 - 006520776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-03-13 13:56 - 2020-03-13 13:56 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-03-13 13:56 - 2020-03-13 13:56 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-03-13 13:56 - 2020-03-13 13:56 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-03-13 13:56 - 2020-03-13 13:56 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2020-03-11 20:48 - 2020-03-11 20:48 - 000000000 ____D C:\Users\toxic\AppData\Local\ElevatedDiagnostics
2020-03-10 20:34 - 2020-03-10 20:34 - 009711616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 003488768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 003243296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 002315680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 001874328 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 001867816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 001792312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 001616912 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 001555904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 001474048 _____ C:\WINDOWS\system32\rdpnano.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 001417976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 001400320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 001108040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 001080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000757632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbc32.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000446232 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2020-03-10 20:34 - 2020-03-10 20:34 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacEncoder.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-03-10 20:34 - 2020-03-10 20:34 - 000079672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2020-03-10 20:34 - 2020-03-10 20:34 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-03-10 20:34 - 2020-03-10 20:34 - 000023864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2020-03-10 20:34 - 2020-03-10 20:34 - 000018448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2020-03-10 20:33 - 2020-03-10 20:34 - 006285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 018027008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 007070736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 005911040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 003860832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 003819520 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 002985984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 002797568 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-03-10 20:33 - 2020-03-10 20:33 - 002584008 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 002307584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 002259872 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 002235408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 002203664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 002077880 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 001797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 001659528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 001429096 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 001402880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 001298432 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 001223680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 001157120 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 001077632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 001071120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 001031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 001018552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 001007672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000980320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000915296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000892696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000769552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000746352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000732000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 000478792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprdim.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000362000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 000356368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000331280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2020-03-10 20:33 - 2020-03-10 20:33 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnphost.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000267280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000205840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtm.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000136328 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 000105832 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000102760 _____ (Microsoft Corporation) C:\WINDOWS\system32\profapi.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000097592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000080912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 000077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterpriseresourcemanager.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmRes.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlrmdr.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\udhisapi.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstUI.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000055376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000054800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000051512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmprovhost.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\upnpcont.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afunix.sys
2020-03-10 20:33 - 2020-03-10 20:33 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msauserext.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpnotify.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsmplpxy.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-03-10 20:33 - 2020-03-10 20:33 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtprio.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-03-10 20:33 - 2020-03-10 20:33 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 006084344 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 005112832 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 004868184 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 004755968 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 003971808 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 003560960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 003131392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 003037696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 002875904 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 002761016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 002740736 _____ (Microsoft Corporation) C:\WINDOWS\system32\directml.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 002561536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 002305536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 002058240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 002021888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001985104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001661952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001539888 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001484600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001454400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001264128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001257984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001150464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 001101312 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 001054376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 001000960 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000935040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000786040 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000776488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000689976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000670720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000668296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000627216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000622592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000551824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxs.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000538128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000531672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000425272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-03-10 20:32 - 2020-03-10 20:32 - 000415976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2020-03-10 20:32 - 2020-03-10 20:32 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000402528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000400440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000344376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000319976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000246288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Acx01000.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnservice.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000213984 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000173880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000167224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000160568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000152080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\viac7.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000144400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000142648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000133432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000120560 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000109072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\GraphicsCapture.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000105384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000104976 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Taskbar.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2020-03-10 20:32 - 2020-03-10 20:32 - 000068408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000046928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000042336 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000041784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciidex.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxstrace.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FaxPrinterInstaller.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthMini.SYS
2020-03-10 20:32 - 2020-03-10 20:32 - 000024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000023952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000023864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tbs.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\KNetPwrDepBroker.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000022840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\atapi.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wci.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000017208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelide.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000014648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pciide.sys
2020-03-10 20:32 - 2020-03-10 20:32 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchTM.exe
2020-03-10 20:32 - 2020-03-10 20:32 - 000003584 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCertResources.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tier2punctuations.dll
2020-03-10 20:32 - 2020-03-10 20:32 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
2020-03-10 20:18 - 2020-02-11 05:48 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-03-04 23:20 - 2020-03-04 23:20 - 000000000 ____D C:\Users\toxic\AppData\Local\Philipp Schmieder
2020-03-02 19:17 - 2020-03-11 21:24 - 000000000 ____D C:\Users\toxic\AppData\Local\WiFi Guard
2020-03-02 19:17 - 2020-03-02 19:17 - 000000916 _____ C:\Users\Public\Desktop\SoftPerfect WiFi Guard.lnk
2020-03-02 19:16 - 2020-03-02 19:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect WiFi Guard
2020-02-26 14:17 - 2020-02-26 14:16 - 000177000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2020-02-26 14:17 - 2020-02-26 14:16 - 000148416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2020-02-25 23:56 - 2020-02-25 23:56 - 000000000 ____D C:\Marek Ztracený kompletní diskografie 2020

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-23 16:59 - 2016-11-14 22:34 - 000000000 ____D C:\FRST
2020-03-23 16:56 - 2019-03-19 03:44 - 000000000 ____D C:\WINDOWS\INF
2020-03-23 16:53 - 2019-03-19 03:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-23 16:51 - 2019-11-28 23:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-23 14:32 - 2019-11-29 00:51 - 000000000 _____ C:\WINDOWS\system32\last.dump
2020-03-23 14:31 - 2019-11-27 00:24 - 000001512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2020-03-23 14:31 - 2019-11-27 00:24 - 000001500 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2020-03-23 14:30 - 2019-12-21 17:55 - 000000000 ____D C:\Users\toxic\Downloads\opera autoupdate
2020-03-23 14:30 - 2019-11-29 00:16 - 000003962 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2020-03-23 14:29 - 2019-03-19 03:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-03-23 14:27 - 2019-11-27 00:38 - 000000000 ____D C:\Users\toxic\AppData\LocalLow\Mozilla
2020-03-23 14:24 - 2019-11-29 00:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-23 14:23 - 2019-03-19 03:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-03-23 14:22 - 2016-11-17 21:20 - 000000000 ____D C:\AdwCleaner
2020-03-23 14:20 - 2019-11-27 22:12 - 000045354 _____ C:\Users\toxic\Desktop\Nový textový dokument (2).txt
2020-03-23 14:14 - 2014-04-11 15:15 - 000000000 ____D C:\Nainstalovano
2020-03-23 13:21 - 2019-12-06 13:42 - 000000976 _____ C:\Users\toxic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2020-03-23 13:21 - 2019-11-29 00:16 - 000004164 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1574370956
2020-03-23 01:04 - 2020-02-14 23:49 - 000000000 ____D C:\Program Files\bookingDesktopApp
2020-03-23 01:01 - 2019-11-27 22:11 - 000088766 _____ C:\Users\toxic\Desktop\Nový textový dokument.txt
2020-03-23 00:12 - 2019-12-24 14:43 - 000000000 ____D C:\Users\toxic\AppData\Roaming\Videoder
2020-03-22 20:14 - 2019-11-29 00:03 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-22 20:14 - 2019-03-19 08:13 - 000718018 _____ C:\WINDOWS\system32\perfh005.dat
2020-03-22 20:14 - 2019-03-19 08:13 - 000145062 _____ C:\WINDOWS\system32\perfc005.dat
2020-03-22 20:02 - 2019-03-19 03:35 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-22 18:44 - 2019-11-29 00:16 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1134202389-2396285059-191239155-1001
2020-03-22 18:44 - 2019-11-28 23:53 - 000002361 _____ C:\Users\toxic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-22 18:44 - 2019-11-26 02:27 - 000000000 ___RD C:\Users\toxic\OneDrive
2020-03-21 21:52 - 2019-03-19 03:46 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-21 21:52 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-03-21 19:50 - 2019-11-29 00:16 - 000003462 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 19:50 - 2019-11-29 00:16 - 000003338 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 00:37 - 2019-12-24 14:43 - 000000000 ____D C:\Users\toxic\AppData\Local\Videoder
2020-03-19 21:21 - 2019-11-27 00:27 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-19 21:21 - 2019-11-27 00:27 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-19 21:17 - 2019-12-20 16:46 - 000004376 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1576856810
2020-03-18 21:21 - 2019-12-06 00:59 - 000004550 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-03-18 21:20 - 2019-12-06 00:58 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-18 21:20 - 2019-12-06 00:56 - 000000000 ____D C:\Program Files\Common Files\Adobe
2020-03-13 15:18 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-03-13 15:18 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-03-11 21:09 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2020-03-11 14:15 - 2019-11-29 00:35 - 000000000 ___RD C:\Users\toxic\3D Objects
2020-03-11 14:15 - 2019-11-26 02:23 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-11 14:13 - 2019-11-28 23:47 - 000433704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-03-11 01:13 - 2019-03-19 03:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-03-11 01:13 - 2019-03-19 03:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-03-11 01:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\SystemResources
2020-03-11 01:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-03-11 01:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\setup
2020-03-11 01:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-03-11 01:13 - 2019-03-19 03:46 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-03-11 01:13 - 2019-03-19 03:46 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-11 01:13 - 2019-03-19 03:35 - 000000000 ____D C:\WINDOWS\servicing
2020-03-10 20:50 - 2019-11-27 02:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-03-10 20:42 - 2019-11-27 02:11 - 118379832 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-03-07 16:37 - 2019-11-29 20:00 - 000000000 ____D C:\ProgramData\Packages
2020-03-06 23:39 - 2019-04-09 15:14 - 000000000 ____D C:\Youtube klipy
2020-03-04 16:57 - 2019-11-29 20:09 - 000000000 ____D C:\Users\toxic\AppData\Local\PlaceholderTileLogoFolder
2020-03-04 16:57 - 2019-11-26 02:23 - 000000000 ____D C:\Users\toxic\AppData\Local\Packages
2020-03-03 19:06 - 2019-11-27 00:21 - 000000000 ____D C:\Users\toxic\AppData\Local\CrashDumps
2020-03-02 19:16 - 2019-11-21 20:45 - 000000000 ____D C:\Nainstalováno
2020-02-26 14:16 - 2019-11-27 00:21 - 000395096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2020-02-26 14:16 - 2019-11-27 00:21 - 000277648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2020-02-26 14:16 - 2019-11-27 00:21 - 000095416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2020-02-26 14:16 - 2019-11-27 00:21 - 000073552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2020-02-26 14:16 - 2019-11-27 00:21 - 000041448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2020-02-26 14:16 - 2019-11-27 00:21 - 000015792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2020-02-26 14:15 - 2019-11-27 00:21 - 000690232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2020-02-26 14:15 - 2019-11-27 00:21 - 000175464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2020-02-26 14:15 - 2019-11-27 00:21 - 000035752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2020-02-26 00:55 - 2019-11-26 23:12 - 000000000 ____D C:\Users\toxic\AppData\Roaming\uTorrent

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

dj-paja
Návštěvník
Návštěvník
Příspěvky: 412
Registrován: 16 úno 2012 12:30

Re: Instagram hacknutý?

#8 Příspěvek od dj-paja »

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-03-2020
Ran by toxic (23-03-2020 17:01:28)
Running from D:\Stažené soubory
Microsoft Windows 10 Home Version 1909 18363.720 (X86) (2019-11-28 23:17:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1134202389-2396285059-191239155-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1134202389-2396285059-191239155-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1134202389-2396285059-191239155-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1134202389-2396285059-191239155-501 - Limited - Disabled)
toxic (S-1-5-21-1134202389-2396285059-191239155-1001 - Administrator - Enabled) => C:\Users\toxic
WDAGUtilityAccount (S-1-5-21-1134202389-2396285059-191239155-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Out of date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.1 - )
7-Zip 19.00 (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
AIMP (HKLM\...\AIMP) (Version: v4.60.2161, 28.11.2019 - AIMP DevTeam)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Balíček ovladače systému Windows - Nokia Modem (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Balíček ovladače systému Windows - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
ClipGrab 3.8.10 (HKLM\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - The ClipGrab Project)
DEAD OR ALIVE 5 Last Round (HKLM\...\REVBRE9SQUxJVkU1TGFzdFJvdW5k_is1) (Version: 1 - )
FIFA 11 (HKLM\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts)
Google Chrome (HKLM\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
MassTube 12.9.8.361 (HKLM\...\{622A0A32-9711-43D3-A6F1-B0FC78F1A68A}_is1) (Version: 12.9.8.361 - Havy Alegria)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1134202389-2396285059-191239155-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mortal Kombat-Komplete Edition (HKLM\...\Mortal Kombat-Komplete Edition_is1) (Version: 1.0.0.2 - )
Mozilla Firefox 70.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 70.0.1 (x86 cs)) (Version: 70.0.1 - Mozilla)
Mozilla Firefox 74.0 (x86 cs) (HKU\S-1-5-21-1134202389-2396285059-191239155-1001\...\Mozilla Firefox 74.0 (x86 cs)) (Version: 74.0 - Mozilla)
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
Need for Speed(TM) Hot Pursuit (HKLM\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
Nero 7 Ultra Edition (HKLM\...\{C6115A28-F277-4E82-B067-84D28BF21029}) (Version: 7.03.1357 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM\...\{866C4563-ED53-43F3-A29D-8BEE2BD1BA3C}) (Version: 7.1.180.94 - Nokia) Hidden
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
Opera Stable 67.0.3575.97 (HKU\S-1-5-21-1134202389-2396285059-191239155-1001\...\Opera 67.0.3575.97) (Version: 67.0.3575.97 - Opera Software)
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
SoftPerfect WiFi Guard version 2.1.2 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 2.1.2 - SoftPerfect)
Ultra Street Fighter IV (HKLM\...\VWx0cmFTdHJlZXRGaWdodGVySVY=_is1) (Version: 1 - )
UpdateAssistant (HKLM\...\{A8CB3AA1-4ED7-4E95-BA0A-3DC927739A0E}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
Videoder 1.0.9 (HKLM\...\808fc302-3d01-59ce-8094-e0443a55877e) (Version: 1.0.9 - GlennioTech)

Packages:
=========
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.5.9.0_x86__kgqvnymyfvs32 [2020-02-20] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.164.200.0_x86__kgqvnymyfvs32 [2020-03-21] (king.com)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.33.3304.0_x86__ytsefhwckbdv6 [2020-02-28] (G5 Entertainment AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-26] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.6.1224.0_x86__8wekyb3d8bbwe [2020-02-28] (Microsoft Studios) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20503.0_x86__8wekyb3d8bbwe [2020-03-05] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.5.1.0_x86__nfy108tqq3p12 [2020-03-21] (Thumbmunkeys Ltd) [MS Ad]
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.5.1.0_x86__gs5k5vmxr2ste [2020-03-04] (Matt Hafner)
WinZip Universal -> C:\Program Files\WindowsApps\WinZipComputing.WinZipUniversal_1.5.13516.0_x86__3ykzqggjzj4z0 [2019-11-26] (WinZip Computing)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-1134202389-2396285059-191239155-1001_Classes\CLSID\{E7629152-0A34-4487-B787-5D1144304455}\localserver32 -> C:\Nainstalovano\Opera\67.0.3575.97\notification_helper.exe (Opera Software AS -> The Chromium Authors)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Nainstalovano\Avast \ashShell.dll [2020-02-26] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Nainstalovano\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Nainstalovano\Avast \ashShell.dll [2020-02-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Nainstalovano\Nero 7\Nero CoverDesigner\CoverEdExtension.dll [2007-07-24] (Nero AG -> Nero AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Nainstalovano\winrar\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Nainstalovano\Avast \ashShell.dll [2020-02-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Nainstalovano\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Nainstalovano\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Nainstalovano\Avast \ashShell.dll [2020-02-26] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Nainstalovano\winrar\rarext.dll [2013-08-22] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\toxic\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default

==================== Loaded Modules (Whitelisted) =============

2019-11-28 23:44 - 2019-11-28 23:44 - 000095744 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1\ATL80.DLL
2012-06-26 13:08 - 2012-06-26 13:08 - 000026112 _____ (Nokia) [File not signed] C:\Nainstalovano\Nokia Pc Suite\Nokia PC Suite 7\Lang\PhoneBrowser_eng-us.nlr
2012-06-26 11:57 - 2012-06-26 11:57 - 000918016 _____ (Nokia) [File not signed] C:\Nainstalovano\Nokia Pc Suite\Nokia PC Suite 7\NGSCM.DLL
2012-06-26 13:08 - 2012-06-26 13:08 - 000572928 _____ (Nokia) [File not signed] C:\Nainstalovano\Nokia Pc Suite\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 09:30 - 2016-07-16 09:27 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1134202389-2396285059-191239155-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B31BED72-3CC1-457A-964B-28B97AAF2CB4}] => (Allow) C:\Nainstalovano\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{683FC3F6-4699-49EC-AF2B-B093D9B930B9}] => (Allow) C:\Nainstalovano\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5BFF3B66-0E39-44D4-8CAD-4617B5B14B6F}] => (Allow) C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AE62D462-FE43-4427-BB9C-80FED63DE71D}] => (Allow) C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\ONENOTE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E20AB518-F9F3-4733-B4EB-AEDCB95B5904}] => (Allow) C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D49776E0-C381-47B7-AE8D-F9D3BA5C1E17}] => (Allow) C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\GROOVE.EXE (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{11230171-89DB-4505-A05B-EFB6111DD5AD}] => (Allow) C:\Nainstalovano\Microsoft Office Enterprise 2007\Office12\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{92045936-EC05-4EAF-B6DA-097C4A01F362}] => (Allow) C:\Nainstalovano\UTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{03F7477D-5189-4748-8364-B2CDA98B39C9}] => (Allow) C:\Nainstalovano\UTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{82396DAB-0755-4A8D-B989-8C274C1A9597}] => (Allow) C:\Windows\KMS-R@1n.exe No File
FirewallRules: [{43FE55AC-4C98-4B9D-A5AF-6E4F54F808FE}] => (Allow) C:\Windows\KMS-R@1n.exe No File
FirewallRules: [{65353CFF-4EC8-4F4A-8AD1-7098F594C13E}] => (Allow) D:\Hry\Need for Speed Hot Pursuit\Launcher.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [{4650C396-4E98-4237-9B9E-DCFDCD7DB469}] => (Allow) D:\Hry\Need for Speed Hot Pursuit\Launcher.exe (Electronic Arts -> Electronic Arts)
FirewallRules: [TCP Query User{48834D61-429C-49B1-870D-62DF079D27FB}D:\hry\need for speed hot pursuit\nfs11.exe] => (Allow) D:\hry\need for speed hot pursuit\nfs11.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{6E95A3C1-F062-4EEB-A903-A6B12DF840AB}D:\hry\need for speed hot pursuit\nfs11.exe] => (Allow) D:\hry\need for speed hot pursuit\nfs11.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{3EC0C9A7-01AE-49DE-9FAA-5BD7E4F6E6B1}D:\hry\fifa 2011\game\fifa.exe] => (Allow) D:\hry\fifa 2011\game\fifa.exe (Electronic Arts) [File not signed]
FirewallRules: [UDP Query User{97E5ABCF-49CA-4412-B1E9-DB68ADD1269E}D:\hry\fifa 2011\game\fifa.exe] => (Allow) D:\hry\fifa 2011\game\fifa.exe (Electronic Arts) [File not signed]
FirewallRules: [TCP Query User{32D95052-140A-46BF-BA2D-1E49FB499362}D:\hry\mortal kombat-komplete edition\disccontentpc\mkke.exe] => (Allow) D:\hry\mortal kombat-komplete edition\disccontentpc\mkke.exe () [File not signed]
FirewallRules: [UDP Query User{BE95EC90-571B-4006-93A3-7124D00F244B}D:\hry\mortal kombat-komplete edition\disccontentpc\mkke.exe] => (Allow) D:\hry\mortal kombat-komplete edition\disccontentpc\mkke.exe () [File not signed]
FirewallRules: [TCP Query User{DE440A82-6B6A-49A1-8A79-CA15CA30B061}C:\nainstalovano\airdroid\airdroid.exe] => (Allow) C:\nainstalovano\airdroid\airdroid.exe No File
FirewallRules: [UDP Query User{16B7A653-CF60-4006-95D8-68580A92A479}C:\nainstalovano\airdroid\airdroid.exe] => (Allow) C:\nainstalovano\airdroid\airdroid.exe No File
FirewallRules: [TCP Query User{D59F69E8-AF41-4F3E-9627-2C0CD79C802E}C:\nainstalovano\quickfiletransfer\quickfiletransfer.exe] => (Allow) C:\nainstalovano\quickfiletransfer\quickfiletransfer.exe No File
FirewallRules: [UDP Query User{C7014422-E6DD-4DC5-AAFE-3A49A1646758}C:\nainstalovano\quickfiletransfer\quickfiletransfer.exe] => (Allow) C:\nainstalovano\quickfiletransfer\quickfiletransfer.exe No File
FirewallRules: [{D3A52A78-3D3E-4814-AAF4-9E565BC63DAD}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:97.12 GB) (Free:34.54 GB) (36%)

==================== Faulty Device Manager Devices ============

Name: Winbond CIR Transceiver
Description: Winbond CIR Transceiver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Winbond Electronics Corporation
Service: winbondcir
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: ========================

Application errors:
==================
Error: (03/23/2020 04:56:55 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6596,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/23/2020 02:37:30 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2536,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/23/2020 01:26:09 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3252,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/23/2020 12:30:43 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1804,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/22/2020 11:58:33 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9584,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/22/2020 08:28:08 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2584,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/22/2020 08:21:01 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2584,R,98) TILEREPOSITORYS-1-5-18: Při otevírání souboru protokolu C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log došlo k chybě -1023 (0xfffffc01).

Error: (03/22/2020 07:53:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: sppsvc.exe, verze: 10.0.18362.693, časové razítko: 0xc39dcef5
Název chybujícího modulu: sppsvc.exe, verze: 10.0.18362.693, časové razítko: 0xc39dcef5
Kód výjimky: 0xc0000602
Posun chyby: 0x0022509c
ID chybujícího procesu: 0x2694
Čas spuštění chybující aplikace: 0x01d6007b1c657176
Cesta k chybující aplikaci: C:\WINDOWS\system32\sppsvc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\system32\sppsvc.exe
ID zprávy: 770ef487-1aa2-40e6-91f6-5db9cec3b2ed
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (03/23/2020 02:37:31 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (03/23/2020 02:32:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Avast Antivirus byla neočekávaně ukončena. Tento stav nastal již 4krát.

Error: (03/23/2020 02:27:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Antivirus byla nečekaně ukončena. Stalo se to 3 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Spustit nakonfigurovaný program pro obnovení.

Error: (03/23/2020 02:27:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Antivirus byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/23/2020 02:27:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Antivirus byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.

Error: (03/23/2020 02:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/23/2020 02:22:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Adobe Acrobat Update Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (03/23/2020 02:22:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PLFlash DeviceIoControl Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2019-11-29 00:35:25.895
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\KMS-R@1nHook.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\NETWORK SERVICE
Název procesu: C:\Windows\System32\svchost.exe
Verze bezpečnostních informací: AV: 1.305.3007.0, AS: 1.305.3007.0, NIS: 1.305.3007.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-11-29 00:35:22.382
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\KMS-R@1n.exe; file:_C:\Windows\KMS-R@1nHook.exe; imagefileexecoptions:_HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\OSppSvc.exe; imagefileexecoptions:_HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppExtComObj.exe; process:_pid:4652,ProcessStart:132194575828921540; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\OSppSvc.exe; regkey:_HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SppExtComObj.exe; service:_KMS-R@1n
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\svchost.exe
Verze bezpečnostních informací: AV: 1.305.3007.0, AS: 1.305.3007.0, NIS: 1.305.3007.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-11-29 00:35:03.034
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\KMS-R@1nHook.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: NT AUTHORITY\NETWORK SERVICE
Název procesu: C:\Windows\System32\svchost.exe
Verze bezpečnostních informací: AV: 1.305.3007.0, AS: 1.305.3007.0, NIS: 1.305.3007.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-11-29 00:34:05.240
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\KMS-R@1n.exe; file:_C:\Windows\KMS-R@1nHook.exe; process:_pid:4652,ProcessStart:132194575828921540; service:_KMS-R@1n
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\svchost.exe
Verze bezpečnostních informací: AV: 1.305.3007.0, AS: 1.305.3007.0, NIS: 1.305.3007.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2019-11-29 00:34:03.651
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Windows\KMS-R@1n.exe; file:_C:\Windows\KMS-R@1nHook.exe; process:_pid:4652,ProcessStart:132194575828921540; service:_KMS-R@1n
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.305.3007.0, AS: 1.305.3007.0, NIS: 1.305.3007.0
Verze modulu: AM: 1.1.16500.1, NIS: 1.1.16500.1

Date: 2020-03-02 22:01:29.674
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.3007.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-03-02 22:01:29.674
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.3007.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-03-02 22:01:29.673
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.3007.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-03-02 22:01:29.661
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.3007.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2020-03-02 22:01:29.661
Description:
Antivirová ochrana v programu Windows Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.305.3007.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16500.1
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2020-03-23 14:32:11.619
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Nainstalovano\Avast \aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-03-23 14:29:07.093
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Nainstalovano\Avast \aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-03-23 14:29:06.733
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Nainstalovano\Avast \aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-03-23 14:29:06.129
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Nainstalovano\Avast \aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2020-03-23 14:27:57.945
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Nainstalovano\Avast \aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-23 14:27:57.850
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Nainstalovano\Avast \aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-23 14:27:57.701
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Nainstalovano\Avast \aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2020-03-23 14:27:57.396
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Nainstalovano\Avast \aswAMSI.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Acer v0.3211 10/17/2008
Motherboard: Acer Makalu
Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentage of memory in use: 72%
Total physical RAM: 3066.86 MB
Available physical RAM: 855.75 MB
Total Virtual: 5498.86 MB
Available Virtual: 2569.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.12 GB) (Free:34.54 GB) NTFS
Drive d: () (Fixed) (Total:368.1 GB) (Free:0.72 GB) NTFS
Drive h: (Elements) (Fixed) (Total:1863.01 GB) (Free:1.46 GB) NTFS

\\?\Volume{95bc2171-0000-0000-0000-100000000000}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
\\?\Volume{95bc2171-0000-0000-0000-e04d18000000}\ () (Fixed) (Total:0.44 GB) (Free:0.1 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 95BC2171)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0002F734)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Instagram hacknutý?

#9 Příspěvek od Diallix »

Co tie cracknute windows? :?:
Udelil som Vam upozornenie.


Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

File: C:\Windows\System32\IoctlSvc.exe
File: C:\WINDOWS\yowindow.scr

HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [570664 2008-05-28] (Nero AG -> Nero AG)
HKU\S-1-5-21-1134202389-2396285059-191239155-1001\...\MountPoints2: {44e84d53-4b79-11ea-b132-00238b4d4eb9} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1134202389-2396285059-191239155-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\yowindow.scr
Task: {1028E910-F232-4272-BCA5-37123A0423A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {3C3A201C-1DE3-4A93-9E80-24EBF5C2225B} - System32\Tasks\R@1n-KMS\Windows64Core => wmic path SoftwareLicensingProduct where (ID="58e97c99-f377-4ef1-81d5-4ad5522b5fd8") call Activate
Task: {65C688D3-89E2-496A-8105-42DBB0875149} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2019-11-27] (Google Inc -> Google Inc.)
Task: {D9940D10-AA63-4D72-9155-CF8A8DE3209C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2019-11-27] (Google Inc -> Google Inc.)
FF DefaultProfile: bkp0e99m.default
FF ProfilePath: C:\Users\toxic\AppData\Roaming\Mozilla\Firefox\Profiles\bkp0e99m.default [2019-11-27]
FF ProfilePath: C:\Users\toxic\AppData\Roaming\Mozilla\Firefox\Profiles\0ruyt16n.default-release [2020-03-23]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-02-15]
FirewallRules: [{82396DAB-0755-4A8D-B989-8C274C1A9597}] => (Allow) C:\Windows\KMS-R@1n.exe No File
FirewallRules: [{43FE55AC-4C98-4B9D-A5AF-6E4F54F808FE}] => (Allow) C:\Windows\KMS-R@1n.exe No File
FirewallRules: [TCP Query User{DE440A82-6B6A-49A1-8A79-CA15CA30B061}C:\nainstalovano\airdroid\airdroid.exe] => (Allow) C:\nainstalovano\airdroid\airdroid.exe No File
FirewallRules: [UDP Query User{16B7A653-CF60-4006-95D8-68580A92A479}C:\nainstalovano\airdroid\airdroid.exe] => (Allow) C:\nainstalovano\airdroid\airdroid.exe No File
FirewallRules: [TCP Query User{D59F69E8-AF41-4F3E-9627-2C0CD79C802E}C:\nainstalovano\quickfiletransfer\quickfiletransfer.exe] => (Allow) C:\nainstalovano\quickfiletransfer\quickfiletransfer.exe No File
FirewallRules: [UDP Query User{C7014422-E6DD-4DC5-AAFE-3A49A1646758}C:\nainstalovano\quickfiletransfer\quickfiletransfer.exe] => (Allow) C:\nainstalovano\quickfiletransfer\quickfiletransfer.exe No File

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

dj-paja
Návštěvník
Návštěvník
Příspěvky: 412
Registrován: 16 úno 2012 12:30

Re: Instagram hacknutý?

#10 Příspěvek od dj-paja »

Zdravim,jak myslíte udělil upozornění a cracknuté Windows,můžete to nějak specifikovat blíže děkuji.Chcete tím říct,že s tím souvisí napadení crack nutí účtu instagram děkuji.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Instagram hacknutý?

#11 Příspěvek od Diallix »

Podla vsetkeho mate cracknute windows. Je to tak?
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

dj-paja
Návštěvník
Návštěvník
Příspěvky: 412
Registrován: 16 úno 2012 12:30

Re: Instagram hacknutý?

#12 Příspěvek od dj-paja »

Nevím jak vložit ten firs list,aby to začalo dělat tu fixaci viz program díky.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Instagram hacknutý?

#13 Příspěvek od Diallix »

Urobte to podla navodu o dve temy vyssie.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

dj-paja
Návštěvník
Návštěvník
Příspěvky: 412
Registrován: 16 úno 2012 12:30

Re: Instagram hacknutý?

#14 Příspěvek od dj-paja »

Můžete mne napsat,jak to udělat protože nevím jak díky.

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Instagram hacknutý?

#15 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
CreateRestorePoint:

File: C:\Windows\System32\IoctlSvc.exe
File: C:\WINDOWS\yowindow.scr

HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-06-29] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [570664 2008-05-28] (Nero AG -> Nero AG)
HKU\S-1-5-21-1134202389-2396285059-191239155-1001\...\MountPoints2: {44e84d53-4b79-11ea-b132-00238b4d4eb9} - "I:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1134202389-2396285059-191239155-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\yowindow.scr
Task: {1028E910-F232-4272-BCA5-37123A0423A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {3C3A201C-1DE3-4A93-9E80-24EBF5C2225B} - System32\Tasks\R@1n-KMS\Windows64Core => wmic path SoftwareLicensingProduct where (ID="58e97c99-f377-4ef1-81d5-4ad5522b5fd8") call Activate
Task: {65C688D3-89E2-496A-8105-42DBB0875149} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2019-11-27] (Google Inc -> Google Inc.)
Task: {D9940D10-AA63-4D72-9155-CF8A8DE3209C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2019-11-27] (Google Inc -> Google Inc.)
FF DefaultProfile: bkp0e99m.default
FF ProfilePath: C:\Users\toxic\AppData\Roaming\Mozilla\Firefox\Profiles\bkp0e99m.default [2019-11-27]
FF ProfilePath: C:\Users\toxic\AppData\Roaming\Mozilla\Firefox\Profiles\0ruyt16n.default-release [2020-03-23]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\toxic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-02-15]
FirewallRules: [{82396DAB-0755-4A8D-B989-8C274C1A9597}] => (Allow) C:\Windows\KMS-R@1n.exe No File
FirewallRules: [{43FE55AC-4C98-4B9D-A5AF-6E4F54F808FE}] => (Allow) C:\Windows\KMS-R@1n.exe No File
FirewallRules: [TCP Query User{DE440A82-6B6A-49A1-8A79-CA15CA30B061}C:\nainstalovano\airdroid\airdroid.exe] => (Allow) C:\nainstalovano\airdroid\airdroid.exe No File
FirewallRules: [UDP Query User{16B7A653-CF60-4006-95D8-68580A92A479}C:\nainstalovano\airdroid\airdroid.exe] => (Allow) C:\nainstalovano\airdroid\airdroid.exe No File
FirewallRules: [TCP Query User{D59F69E8-AF41-4F3E-9627-2C0CD79C802E}C:\nainstalovano\quickfiletransfer\quickfiletransfer.exe] => (Allow) C:\nainstalovano\quickfiletransfer\quickfiletransfer.exe No File
FirewallRules: [UDP Query User{C7014422-E6DD-4DC5-AAFE-3A49A1646758}C:\nainstalovano\quickfiletransfer\quickfiletransfer.exe] => (Allow) C:\nainstalovano\quickfiletransfer\quickfiletransfer.exe No File

EmptyTemp:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

Odpovědět