Zdravím, prosím o pomoc.. už se to t i řešilo ...
někdo mi na Facebook do zpráv zaslal link, ve kterém bylo napsáno: "(mé jméno) - private video" a k tomu byla přidána fotka mojí profilovky. Vím, že tohle otvírat je docela hloupost, ale bohužel, stalo se. Po otevření a následném stáhnutí Adobe Flash se ihned z mého účtu začly vysílat smajlíky: " :O " a k tomu link s nápisem: "(jméno dotyčného) - private video" ...
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Fujitsu (administrator) on FUJITSU-PC on 28-07-2014 18:17:20
Running from C:\Users\Fujitsu\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Fujitsu\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-23] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-09-30] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [DeskUpdateNotifier] => C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe [102968 2013-02-26] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-07-10] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1956760 2014-06-24] (APN)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3936689878-505427550-2512028315-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-04-23] (Samsung)
HKU\S-1-5-21-3936689878-505427550-2512028315-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-04-23] (Samsung)
HKU\S-1-5-21-3936689878-505427550-2512028315-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-3936689878-505427550-2512028315-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3936689878-505427550-2512028315-1000\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-04-01] ()
Startup: C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: "hxxp://www.google.cz/"
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchURL: http://www.search.ask.com/web?q={searchTerms}
CHR Extension: (Disk Google) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-03]
CHR Extension: (SEO SERP Workbench) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2014-07-02]
CHR Extension: (Kalendář Google) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-07-02]
CHR Extension: (Morsee) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjkfieaegepneclelmddaapilmjecnii [2014-07-02]
CHR Extension: (Facebook for Chrome) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-07-02]
CHR Extension: (No Name) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\godimpbmfohihoaikgfknnnmlncabkkp [2014-07-02]
CHR Extension: (Skype Click to Call) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-03-21]
CHR Extension: (Morse Chrome™) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcgjcnemliplogmakfelldipnhbpnmob [2014-07-02]
CHR Extension: (Peněženka Google) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-07-02]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Fujitsu\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-07-03]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2014-06-26]
CHR HKLM-x32\...\Chrome\Extension: [godimpbmfohihoaikgfknnnmlncabkkp] - C:\Windows\KBD2341Update-godimpbmfohihoaikgfknnnmlncabkkp\coc.crx [2014-06-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-24] (APN LLC.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-23] (FUJITSU LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 ktupdaterservice; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [950272 2014-04-08] (Kerio Technologies Inc.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24496 2012-03-09] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [638896 2012-03-09] (Intel Corporation)
S3 megasas2; C:\Windows\system32\drivers\megasas2.sys [51280 2010-11-02] (LSI Corporation)
S3 megasr1; C:\Windows\system32\drivers\megasr1.sys [806696 2012-02-08] (LSI Corporation, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-27] ()
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-28 18:17 - 2014-07-28 18:17 - 00020961 _____ () C:\Users\Fujitsu\Desktop\FRST.txt
2014-07-28 18:16 - 2014-07-28 18:17 - 00000000 ____D () C:\FRST
2014-07-28 18:15 - 2014-07-28 18:15 - 00112640 _____ (forum.viry.cz) C:\Users\Fujitsu\Desktop\FRSTLauncher.exe
2014-07-28 18:14 - 2014-07-28 18:14 - 02093568 _____ (Farbar) C:\Users\Fujitsu\Desktop\FRST64.exe
2014-07-27 20:44 - 2014-07-28 00:40 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\FileZilla
2014-07-27 20:44 - 2014-07-27 20:44 - 00002000 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-07-27 20:44 - 2014-07-27 20:44 - 00001919 _____ () C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\WeatherBug®.lnk
2014-07-27 20:44 - 2014-07-27 20:44 - 00001895 _____ () C:\Users\Fujitsu\Desktop\WeatherBug®.lnk
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Users\Fujitsu\AppData\Local\IsolatedStorage
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Program Files\Earth Networks
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-27 20:43 - 2014-07-27 20:43 - 05981830 _____ (Tim Kosse) C:\Users\Fujitsu\Downloads\FileZilla_3.9.0.1_win32-setup [1].exe
2014-07-22 18:27 - 2014-07-22 18:41 - 00000000 ____D () C:\temp
2014-07-22 18:26 - 2014-07-22 18:28 - 00000000 ____D () C:\Users\Fujitsu\.yawcam
2014-07-22 18:26 - 2014-07-22 18:26 - 00001863 _____ () C:\Users\Fujitsu\Desktop\Yawcam.lnk
2014-07-22 18:26 - 2014-07-22 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yawcam
2014-07-22 18:26 - 2014-07-22 18:26 - 00000000 ____D () C:\Program Files (x86)\Yawcam
2014-07-22 18:24 - 2014-07-22 18:24 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\Oracle
2014-07-22 18:23 - 2014-07-22 18:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-22 18:22 - 2014-07-22 18:22 - 00000000 ____D () C:\Users\Fujitsu\AppData\Local\AskPartnerNetwork
2014-07-22 18:22 - 2014-07-22 18:22 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-07-22 18:22 - 2014-07-22 18:22 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-07-22 18:20 - 2014-07-22 18:20 - 00000000 ____D () C:\ProgramData\Sun
2014-07-22 18:20 - 2014-07-22 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-22 18:20 - 2014-07-22 18:19 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-22 18:20 - 2014-07-22 18:19 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-22 18:20 - 2014-07-22 18:19 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-22 18:20 - 2014-07-22 18:19 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-22 18:19 - 2014-07-22 18:19 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-10 18:46 - 2014-07-10 18:46 - 00000025 _____ () C:\Users\Fujitsu\Desktop\Odkaz.txt
2014-07-10 13:06 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 13:06 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 13:06 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 13:06 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 13:06 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 13:06 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 13:06 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 13:06 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 13:05 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 13:05 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 13:05 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 13:05 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 13:05 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 13:05 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 13:05 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 13:05 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 13:05 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 13:05 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 13:05 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 13:05 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 13:05 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 13:05 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 13:05 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 13:05 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 13:05 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 13:05 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 13:05 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 13:05 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 13:05 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 13:05 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 13:05 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 13:05 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 13:05 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 13:05 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 13:05 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 13:05 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 13:05 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 13:05 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-10 13:05 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 13:05 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 13:05 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 13:05 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 13:05 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 13:05 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 13:05 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 13:05 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 13:05 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 13:05 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 13:05 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 13:05 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 13:05 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 13:05 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 13:05 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 13:05 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 13:05 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 13:05 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 13:05 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 13:05 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 13:05 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 13:05 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 13:05 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 13:05 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 13:05 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 13:05 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 13:04 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 13:04 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 13:04 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-08 00:37 - 2014-07-08 00:37 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\XMedia Recode
2014-07-07 20:05 - 2014-07-07 20:05 - 00001067 _____ () C:\Users\Public\Desktop\XMedia Recode.lnk
2014-07-07 20:05 - 2014-07-07 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-07-07 20:05 - 2014-07-07 20:05 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-07-02 21:17 - 2014-07-02 21:17 - 00000000 ___HD () C:\Windows\KBD2341Update-godimpbmfohihoaikgfknnnmlncabkkp
2014-07-02 21:16 - 2014-07-02 21:16 - 00168120 _____ () C:\Users\Fujitsu\Downloads\youtube-flash-player-update-v-8.exe
2014-06-30 12:43 - 2014-06-30 12:43 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-28 18:17 - 2014-07-28 18:17 - 00020961 _____ () C:\Users\Fujitsu\Desktop\FRST.txt
2014-07-28 18:17 - 2014-07-28 18:16 - 00000000 ____D () C:\FRST
2014-07-28 18:16 - 2014-03-31 19:10 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-28 18:15 - 2014-07-28 18:15 - 00112640 _____ (forum.viry.cz) C:\Users\Fujitsu\Desktop\FRSTLauncher.exe
2014-07-28 18:14 - 2014-07-28 18:14 - 02093568 _____ (Farbar) C:\Users\Fujitsu\Desktop\FRST64.exe
2014-07-28 18:12 - 2013-03-21 17:03 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\Skype
2014-07-28 18:12 - 2013-03-21 16:48 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-28 18:12 - 2013-03-21 12:44 - 01784358 _____ () C:\Windows\WindowsUpdate.log
2014-07-28 18:11 - 2013-03-21 16:48 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-28 13:13 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-28 13:13 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-28 13:07 - 2013-05-01 19:36 - 00000000 ___RD () C:\Users\Fujitsu\Disk Google
2014-07-28 13:05 - 2014-03-31 18:10 - 00011485 _____ () C:\Windows\setupact.log
2014-07-28 13:05 - 2014-03-31 18:09 - 00019708 _____ () C:\Windows\PFRO.log
2014-07-28 13:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-28 13:02 - 2013-12-29 20:43 - 00000000 ____D () C:\ProgramData\firebird
2014-07-28 13:02 - 2013-03-24 15:06 - 00000000 ____D () C:\Users\Fujitsu\Documents\Soubory aplikace Outlook
2014-07-28 13:01 - 2013-03-21 18:02 - 00000000 ____D () C:\ProgramData\Norton
2014-07-28 00:40 - 2014-07-27 20:44 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\FileZilla
2014-07-27 20:47 - 2013-03-21 21:38 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2014-07-27 20:47 - 2013-03-21 21:38 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2014-07-27 20:47 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-27 20:44 - 2014-07-27 20:44 - 00002000 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-07-27 20:44 - 2014-07-27 20:44 - 00001919 _____ () C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\WeatherBug®.lnk
2014-07-27 20:44 - 2014-07-27 20:44 - 00001895 _____ () C:\Users\Fujitsu\Desktop\WeatherBug®.lnk
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Users\Fujitsu\AppData\Local\IsolatedStorage
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Program Files\Earth Networks
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-27 20:43 - 2014-07-27 20:43 - 05981830 _____ (Tim Kosse) C:\Users\Fujitsu\Downloads\FileZilla_3.9.0.1_win32-setup [1].exe
2014-07-22 18:41 - 2014-07-22 18:27 - 00000000 ____D () C:\temp
2014-07-22 18:28 - 2014-07-22 18:26 - 00000000 ____D () C:\Users\Fujitsu\.yawcam
2014-07-22 18:26 - 2014-07-22 18:26 - 00001863 _____ () C:\Users\Fujitsu\Desktop\Yawcam.lnk
2014-07-22 18:26 - 2014-07-22 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yawcam
2014-07-22 18:26 - 2014-07-22 18:26 - 00000000 ____D () C:\Program Files (x86)\Yawcam
2014-07-22 18:26 - 2013-03-21 12:48 - 00000000 ____D () C:\Users\Fujitsu
2014-07-22 18:25 - 2013-03-23 17:35 - 00000000 ____D () C:\Users\Fujitsu\AppData\Local\CrashDumps
2014-07-22 18:24 - 2014-07-22 18:24 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\Oracle
2014-07-22 18:23 - 2014-07-22 18:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-22 18:22 - 2014-07-22 18:22 - 00000000 ____D () C:\Users\Fujitsu\AppData\Local\AskPartnerNetwork
2014-07-22 18:22 - 2014-07-22 18:22 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-07-22 18:22 - 2014-07-22 18:22 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-07-22 18:20 - 2014-07-22 18:20 - 00000000 ____D () C:\ProgramData\Sun
2014-07-22 18:20 - 2014-07-22 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-22 18:19 - 2014-07-22 18:20 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-22 18:19 - 2014-07-22 18:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-22 18:19 - 2014-07-22 18:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-22 18:19 - 2014-07-22 18:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-22 18:19 - 2014-07-22 18:19 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-19 18:44 - 2014-03-31 18:44 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-16 10:12 - 2014-03-31 19:13 - 00000977 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-16 10:12 - 2014-03-31 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-14 16:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 18:46 - 2014-07-10 18:46 - 00000025 _____ () C:\Users\Fujitsu\Desktop\Odkaz.txt
2014-07-10 15:11 - 2009-07-14 06:45 - 00343968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 15:09 - 2014-05-08 00:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 15:09 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 15:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 15:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 13:16 - 2013-03-21 16:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 13:15 - 2013-07-30 00:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 13:14 - 2013-03-24 20:10 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 12:25 - 2013-03-21 12:56 - 00000000 ____D () C:\Windows\System32\Tasks\Fujitsu
2014-07-09 18:43 - 2013-04-30 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-08 00:37 - 2014-07-08 00:37 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\XMedia Recode
2014-07-07 20:05 - 2014-07-07 20:05 - 00001067 _____ () C:\Users\Public\Desktop\XMedia Recode.lnk
2014-07-07 20:05 - 2014-07-07 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-07-07 20:05 - 2014-07-07 20:05 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-07-02 21:17 - 2014-07-02 21:17 - 00000000 ___HD () C:\Windows\KBD2341Update-godimpbmfohihoaikgfknnnmlncabkkp
2014-07-02 21:16 - 2014-07-02 21:16 - 00168120 _____ () C:\Users\Fujitsu\Downloads\youtube-flash-player-update-v-8.exe
2014-06-30 12:43 - 2014-06-30 12:43 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-06-30 04:09 - 2014-07-10 13:06 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-10 13:06 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
Some content of TEMP:
====================
C:\Users\Fujitsu\AppData\Local\Temp\APNSetup.exe
C:\Users\Fujitsu\AppData\Local\Temp\KTOutlk.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-22 10:15
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: () (Fixed) (Total:281 GB) (Free:222.55 GB) NTFS
Drive d: (Data) (Fixed) (Total:400.63 GB) (Free:206.46 GB) NTFS
Available physical RAM: 1190.95 MB
Total physical RAM: 3956.3 MB
Percentage of memory in use: 69%
==================== MBR and Partition Table ==================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: B875572B)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=697 GB) - (Type=OF Extended)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: AVG AntiVirus 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Fujitsu\Desktop" je 2 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
vir na facebooku - private video xxx
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
vir na facebooku - private video xxx
- Přílohy
-
- Addition Romrez.zip
- (8.14 KiB) Staženo 89 x
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vir na facebooku - private video xxx
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
C:\Program Files (x86)\AskPartnerNetwork
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1956760 2014-06-24] (APN)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
CHR HomePage: hxxp://www.search.ask.com/?gct=hp
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchURL: http://www.search.ask.com/web?q={searchTerms}
CHR Extension: (SEO SERP Workbench) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2014-07-02]
CHR Extension: (Facebook for Chrome) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-07-02]
CHR Extension: (No Name) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\godimpbmfohihoaikgfknnnmlncabkkp [2014-07-02]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2014-06-26]
CHR HKLM-x32\...\Chrome\Extension: [godimpbmfohihoaikgfknnnmlncabkkp] - C:\Windows\KBD2341Update-godimpbmfohihoaikgfknnnmlncabkkp\coc.crx [2014-06-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
C:\Users\Fujitsu\AppData\Local\AskPartnerNetwork
C:\ProgramData\AskPartnerNetwork
C:\Program Files (x86)\AskPartnerNetwork
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Fujitsu\AppData\Local\Temp
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vir na facebooku - private video xxx
výsledný log je moc dlouhý, tak je v příloze jako soubor...
pustil jsem FB a zatím ticho po pěšině. uvidíme, jestli se to třeba zase nerozjede.
zatím tedy děkuji moc
pustil jsem FB a zatím ticho po pěšině. uvidíme, jestli se to třeba zase nerozjede.
zatím tedy děkuji moc
- Přílohy
-
- Fixlog.zip
- (15.58 KiB) Staženo 107 x
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vir na facebooku - private video xxx
Vše bylo smazáno. Doufám, že bude vše v pořádku. Zatím není zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: vir na facebooku - private video xxx
Dobrý den, mám Windows 8.1 a nemám poznámkový blok ani microsoft office, nějaká rada jak se viru zbavit s tímto operačním systémem?
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vir na facebooku - private video xxx
2michaelaa: Založe si, prosím, vlastní topic. Děkuejeme.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
Zdeněk Dildo
- Návštěvník
- Příspěvky: 1
- Registrován: 31 říj 2017 14:17
Re: vir na facebooku - private video xxx
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
Ran by IdeaCentre (ATTENTION: The user is not administrator) on DESKTOP-QED2288 (31-10-2017 14:03:56)
Running from C:\Users\TEMP.DESKTOP-QED2288.000\Downloads
Loaded Profiles: IdeaCentre (Available Profiles: defaultuser0 & IdeaCentre & Administrator)
Platform: Windows 10 Home Version 1607 14393.1770 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> dwm.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> igfxCUIService.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> armsvc.exe
Failed to access process -> ekrn.exe
Failed to access process -> svchost.exe
Failed to access process -> TeamViewer_Service.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> dasHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120841.inf_amd64_5761f79d1981e5da\igfxEM.exe
Failed to access process -> tv_w32.exe
Failed to access process -> tv_x64.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> svchost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
Failed to access process -> BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process -> SearchProtocolHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
Startup: C:\Users\IdeaCentre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-07-03]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Facebook\Games\FacebookGameroom.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0f871bc6-cffd-4172-8735-225ee4b6883f}: [DhcpNameServer] 192.168.3.3 89.203.139.130 89.203.139.131
Tcpip\..\Interfaces\{1d7e3ee1-3abb-420f-a7f4-e420c94f3508}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default [2017-10-31]
CHR Extension: (Prezentace) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Dokumenty) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
CHR Extension: (Disk Google) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-31]
CHR Extension: (YouTube) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-31]
CHR Extension: (Tabulky) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-31]
CHR Extension: (Gmail) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-31]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [51872 2016-05-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1648224 2016-05-24] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [193696 2016-05-24] (ESET)
R3 lmhosts; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-08] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264864 2016-05-23] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [196768 2016-05-23] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [180384 2016-05-23] (ESET)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 pelmouse; C:\Windows\system32\DRIVERS\pelmouse.sys [23040 2015-12-17] (TPMX Electronics Ltd.)
S3 pelusblf; C:\Windows\system32\DRIVERS\pelusblf.sys [35328 2015-12-22] (TPMX Electronics Ltd.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [338952 2016-07-20] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [607512 2015-07-09] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-31 14:03 - 2017-10-31 14:04 - 000012512 _____ C:\Users\TEMP.DESKTOP-QED2288.000\Downloads\FRST.txt
2017-10-31 14:00 - 2017-10-31 14:03 - 000000000 ____D C:\FRST
2017-10-31 13:58 - 2017-10-31 13:58 - 002403328 _____ (Farbar) C:\Users\TEMP.DESKTOP-QED2288.000\Downloads\FRST64.exe
2017-10-31 13:55 - 2017-10-31 13:55 - 000002762 _____ C:\Users\TEMP.DESKTOP-QED2288.000\Desktop\flixlist.txt
2017-10-31 13:40 - 2017-10-31 13:40 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\MicrosoftEdge
2017-10-31 13:19 - 2017-10-31 13:21 - 000002444 _____ C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-31 13:19 - 2017-10-31 13:21 - 000000000 ___RD C:\Users\TEMP.DESKTOP-QED2288.000\OneDrive
2017-10-31 13:19 - 2017-10-31 13:19 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\NetworkTiles
2017-10-31 13:18 - 2017-10-31 13:18 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\ControlCenter4
2017-10-31 13:17 - 2017-10-31 13:27 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google
2017-10-31 13:17 - 2017-10-31 13:19 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Packages
2017-10-31 13:17 - 2017-10-31 13:19 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000
2017-10-31 13:17 - 2017-10-31 13:18 - 000002332 _____ C:\Users\TEMP.DESKTOP-QED2288.000\Desktop\Google Chrome.lnk
2017-10-31 13:17 - 2017-10-31 13:18 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\ConnectedDevicesPlatform
2017-10-31 13:17 - 2017-10-31 13:17 - 000001410 _____ C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aktualizace a nastavení ochrany osobních údajů.lnk
2017-10-31 13:17 - 2017-10-31 13:17 - 000000020 ___SH C:\Users\TEMP.DESKTOP-QED2288.000\ntuser.ini
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Šablony
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Soubory cookie
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Poslední
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Okolní tiskárny
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Okolní síť
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Nabídka Start
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Dokumenty
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Documents\Obrázky
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Documents\Hudba
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Documents\Filmy
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Data aplikací
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Data aplikací
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\Adobe
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\VirtualStore
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\TileDataLayer
2017-10-27 12:36 - 2017-10-27 13:18 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288\AppData\Local\Comms
2017-10-27 07:27 - 2017-10-27 13:18 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288
2017-10-27 07:25 - 2017-10-27 07:27 - 000000000 ____D C:\Users\TEMP
2017-10-26 08:52 - 2017-10-26 08:52 - 000000000 __SHD C:\found.000
2017-10-18 14:57 - 2017-10-18 14:57 - 000137888 _____ (Spotify Ltd) C:\Users\IdeaCentre\Downloads\spotify.exe
2017-10-12 13:51 - 2017-09-18 03:59 - 000341344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-12 13:51 - 2017-09-18 03:52 - 001845512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-10-12 13:51 - 2017-09-18 03:52 - 001277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-10-12 13:51 - 2017-09-18 03:29 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-10-12 13:51 - 2017-09-18 03:28 - 000237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-10-12 13:51 - 2017-09-18 03:27 - 004615168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-10-12 13:51 - 2017-09-18 03:24 - 000819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-10-12 13:51 - 2017-09-18 03:23 - 000857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2017-10-12 13:51 - 2017-09-18 03:23 - 000297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-12 13:51 - 2017-09-18 03:23 - 000238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-10-12 13:51 - 2017-09-18 03:20 - 002641920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-12 13:51 - 2017-09-18 03:17 - 000641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 002740224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 001556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 001170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 000675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-10-12 13:51 - 2017-09-18 03:13 - 001013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-10-12 13:51 - 2017-09-18 03:13 - 000773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-12 13:51 - 2017-09-18 03:13 - 000751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-10-12 13:51 - 2017-09-18 03:13 - 000598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-10-12 13:51 - 2017-09-18 03:13 - 000589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-10-12 13:51 - 2017-09-14 23:31 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-10-12 13:51 - 2017-09-14 23:30 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-12 13:51 - 2017-03-04 07:24 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-10-12 13:51 - 2017-03-04 07:23 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-10-12 13:51 - 2017-03-04 07:00 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-10-12 13:51 - 2017-03-04 07:00 - 000711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2017-10-12 13:50 - 2017-09-18 04:27 - 000218976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2017-10-12 13:50 - 2017-09-18 04:09 - 002213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-12 13:50 - 2017-09-18 04:09 - 000133984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-12 13:50 - 2017-09-18 04:08 - 000998920 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-10-12 13:50 - 2017-09-18 04:05 - 001177688 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-12 13:50 - 2017-09-18 04:05 - 000497424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2017-10-12 13:50 - 2017-09-18 04:05 - 000172536 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-12 13:50 - 2017-09-18 04:04 - 001706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-12 13:50 - 2017-09-18 04:04 - 000918304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-10-12 13:50 - 2017-09-18 04:03 - 000791272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-12 13:50 - 2017-09-18 04:02 - 007213464 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-10-12 13:50 - 2017-09-18 04:02 - 001860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-10-12 13:50 - 2017-09-18 04:01 - 000431456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-10-12 13:50 - 2017-09-18 04:01 - 000223072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-12 13:50 - 2017-09-18 04:00 - 001072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 022220864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 008173672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 004260072 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 001983408 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 001702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-10-12 13:50 - 2017-09-18 03:56 - 000057408 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-12 13:50 - 2017-09-18 03:55 - 005722320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-10-12 13:50 - 2017-09-18 03:55 - 001431240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-10-12 13:50 - 2017-09-18 03:54 - 001980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 020967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 006672680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 004023560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 001360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 000981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-10-12 13:50 - 2017-09-18 03:51 - 000178016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-10-12 13:50 - 2017-09-18 03:49 - 001435896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-10-12 13:50 - 2017-09-18 03:49 - 001412128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-10-12 13:50 - 2017-09-18 03:49 - 001260784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-12 13:50 - 2017-09-18 03:48 - 000117792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-12 13:50 - 2017-09-18 03:35 - 000372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-10-12 13:50 - 2017-09-18 03:34 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-10-12 13:50 - 2017-09-18 03:33 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-12 13:50 - 2017-09-18 03:33 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-10-12 13:50 - 2017-09-18 03:32 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-10-12 13:50 - 2017-09-18 03:32 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-12 13:50 - 2017-09-18 03:31 - 006288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-10-12 13:50 - 2017-09-18 03:31 - 000519168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2017-10-12 13:50 - 2017-09-18 03:31 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-10-12 13:50 - 2017-09-18 03:31 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-10-12 13:50 - 2017-09-18 03:31 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-12 13:50 - 2017-09-18 03:30 - 000232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-10-12 13:50 - 2017-09-18 03:30 - 000147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2017-10-12 13:50 - 2017-09-18 03:29 - 000411136 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2017-10-12 13:50 - 2017-09-18 03:29 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2017-10-12 13:50 - 2017-09-18 03:28 - 000536064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-12 13:50 - 2017-09-18 03:28 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-10-12 13:50 - 2017-09-18 03:28 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2017-10-12 13:50 - 2017-09-18 03:28 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2017-10-12 13:50 - 2017-09-18 03:27 - 000719872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2017-10-12 13:50 - 2017-09-18 03:27 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2017-10-12 13:50 - 2017-09-18 03:27 - 000590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-10-12 13:50 - 2017-09-18 03:27 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-12 13:50 - 2017-09-18 03:27 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-12 13:50 - 2017-09-18 03:27 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-10-12 13:50 - 2017-09-18 03:26 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-12 13:50 - 2017-09-18 03:26 - 000384000 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2017-10-12 13:50 - 2017-09-18 03:26 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2017-10-12 13:50 - 2017-09-18 03:26 - 000283136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-12 13:50 - 2017-09-18 03:26 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-10-12 13:50 - 2017-09-18 03:25 - 002333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-10-12 13:50 - 2017-09-18 03:25 - 000461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2017-10-12 13:50 - 2017-09-18 03:24 - 013107712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-12 13:50 - 2017-09-18 03:24 - 007626240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-10-12 13:50 - 2017-09-18 03:24 - 000755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-12 13:50 - 2017-09-18 03:24 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-12 13:50 - 2017-09-18 03:24 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-12 13:50 - 2017-09-18 03:23 - 000816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-10-12 13:50 - 2017-09-18 03:23 - 000636928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-10-12 13:50 - 2017-09-18 03:23 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-10-12 13:50 - 2017-09-18 03:23 - 000287744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2017-10-12 13:50 - 2017-09-18 03:22 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2017-10-12 13:50 - 2017-09-18 03:22 - 001137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2017-10-12 13:50 - 2017-09-18 03:21 - 018364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-10-12 13:50 - 2017-09-18 03:20 - 023677952 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-12 13:50 - 2017-09-18 03:20 - 019414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-12 13:50 - 2017-09-18 03:20 - 000343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-10-12 13:50 - 2017-09-18 03:20 - 000284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-10-12 13:50 - 2017-09-18 03:19 - 002750976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-10-12 13:50 - 2017-09-18 03:19 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-10-12 13:50 - 2017-09-18 03:19 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2017-10-12 13:50 - 2017-09-18 03:19 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 012204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 008114688 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 008077312 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 007470592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 001145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 000330752 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-10-12 13:50 - 2017-09-18 03:17 - 003401216 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-12 13:50 - 2017-09-18 03:17 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-12 13:50 - 2017-09-18 03:16 - 004743168 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-12 13:50 - 2017-09-18 03:16 - 004596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-10-12 13:50 - 2017-09-18 03:16 - 003520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-10-12 13:50 - 2017-09-18 03:15 - 006065152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-10-12 13:50 - 2017-09-18 03:15 - 002800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2017-10-12 13:50 - 2017-09-18 03:15 - 002538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-12 13:50 - 2017-09-18 03:15 - 002370048 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-12 13:50 - 2017-09-18 03:15 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 006474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-10-12 13:50 - 2017-09-18 03:14 - 003663360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 002997760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-10-12 13:50 - 2017-09-18 03:14 - 002682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 002649600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 002483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 001599488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 001518080 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-10-12 13:50 - 2017-09-18 03:14 - 000983552 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000908800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-12 13:50 - 2017-09-18 03:14 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000657408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-10-12 13:50 - 2017-09-18 03:13 - 000886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-10-12 13:50 - 2017-09-18 03:13 - 000164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2017-10-12 13:50 - 2017-09-18 03:12 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-10-12 13:50 - 2017-09-18 03:12 - 000532992 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-10-12 13:50 - 2017-09-18 03:12 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-10-12 13:50 - 2017-09-18 03:11 - 000783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-10-12 13:50 - 2017-09-18 03:11 - 000450048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-10-12 13:50 - 2017-09-15 00:05 - 001302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-10-12 13:50 - 2017-09-14 23:59 - 000096064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2017-10-12 13:50 - 2017-09-14 23:52 - 000136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-10-12 13:50 - 2017-09-14 23:49 - 001202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-10-12 13:50 - 2017-09-14 23:34 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2017-10-12 13:50 - 2017-09-14 23:32 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2017-10-12 13:50 - 2017-09-14 23:32 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnrollUI.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000194560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWB7.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2017-10-12 13:50 - 2017-09-14 23:28 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-10-12 13:50 - 2017-09-14 23:28 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll
2017-10-12 13:50 - 2017-09-14 23:27 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-10-12 13:50 - 2017-09-14 23:26 - 001167360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-10-12 13:50 - 2017-09-14 23:26 - 000636928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2017-10-12 13:50 - 2017-09-14 23:26 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certreq.exe
2017-10-12 13:50 - 2017-09-14 23:25 - 000529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-10-12 13:50 - 2017-09-14 23:22 - 000987648 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2017-10-12 13:50 - 2017-09-14 23:18 - 003299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-10-12 13:50 - 2017-09-14 23:18 - 000273920 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
2017-10-12 13:50 - 2017-09-14 23:16 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2017-10-12 13:50 - 2017-09-14 23:15 - 003106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-10-12 13:50 - 2017-09-14 03:04 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-12 13:50 - 2017-09-14 03:04 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-12 13:50 - 2017-09-14 03:04 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-12 13:50 - 2017-03-04 07:28 - 000224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-10-12 13:50 - 2017-03-04 07:25 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2017-10-12 13:50 - 2017-03-04 07:23 - 001184256 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-10-12 13:50 - 2017-03-04 07:18 - 000567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2017-10-12 13:50 - 2017-03-04 07:16 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-10-12 13:50 - 2016-08-27 06:12 - 000244816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-12 13:50 - 2016-08-02 09:13 - 001081856 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-10-12 13:49 - 2017-09-18 04:17 - 001564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-10-12 13:49 - 2017-09-18 04:17 - 000245600 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2017-10-12 13:49 - 2017-09-18 04:17 - 000136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-10-12 13:49 - 2017-09-18 04:09 - 007780192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-12 13:49 - 2017-09-18 04:09 - 000646688 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-10-12 13:49 - 2017-09-18 04:08 - 002253664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-12 13:49 - 2017-09-18 04:05 - 000168800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-12 13:49 - 2017-09-18 04:04 - 000404832 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-12 13:49 - 2017-09-18 04:01 - 002446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-10-12 13:49 - 2017-09-18 04:01 - 000624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-10-12 13:49 - 2017-09-18 03:59 - 000241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-10-12 13:49 - 2017-09-18 03:58 - 001600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-10-12 13:49 - 2017-09-18 03:58 - 000206688 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-10-12 13:49 - 2017-09-18 03:57 - 001566552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-10-12 13:49 - 2017-09-18 03:57 - 001460696 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-10-12 13:49 - 2017-09-18 03:57 - 001415712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-12 13:49 - 2017-09-18 03:36 - 022570496 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-10-12 13:49 - 2017-09-18 03:33 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\TransliterationRanker.dll
2017-10-12 13:49 - 2017-09-18 03:32 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-12 13:49 - 2017-09-18 03:32 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\jpninputrouter.dll
2017-10-12 13:49 - 2017-09-18 03:32 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\EmojiDS.dll
2017-10-12 13:49 - 2017-09-18 03:31 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\RuleBasedDS.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\jpnranker.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000257536 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000174592 _____ C:\Windows\system32\IHDS.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\VocabRoamingHandler.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\StaticDictDS.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\chxranker.dll
2017-10-12 13:49 - 2017-09-18 03:29 - 009129984 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-10-12 13:49 - 2017-09-18 03:29 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\ChsStrokeDS.dll
2017-10-12 13:49 - 2017-09-18 03:29 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\ChtHkStrokeDS.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000335872 _____ (Microsoft Corporation) C:\Windows\system32\ChsPinyinRanker.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\MtfDecoder.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000626176 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\ChxAPDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000480768 _____ (Microsoft Corporation) C:\Windows\system32\msimeChsPinyinMainDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\ChxHAPDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\ChtCangjieDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000410624 _____ (Microsoft Corporation) C:\Windows\system32\ChtQuickDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000336384 _____ (Microsoft Corporation) C:\Windows\system32\jpndecoder.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\chxinputrouter.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000326656 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\dsregcmd.exe
2017-10-12 13:49 - 2017-09-18 03:26 - 000562176 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-10-12 13:49 - 2017-09-18 03:25 - 001914368 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2017-10-12 13:49 - 2017-09-18 03:25 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-10-12 13:49 - 2017-09-18 03:25 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2017-10-12 13:49 - 2017-09-18 03:25 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2017-10-12 13:49 - 2017-09-18 03:24 - 002103808 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-10-12 13:49 - 2017-09-18 03:24 - 001589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-10-12 13:49 - 2017-09-18 03:24 - 001584640 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2017-10-12 13:49 - 2017-09-18 03:22 - 004749824 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-10-12 13:49 - 2017-09-18 03:22 - 003291648 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-10-12 13:49 - 2017-09-18 03:22 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-10-12 13:49 - 2017-09-18 03:22 - 000352256 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2017-10-12 13:49 - 2017-09-18 03:22 - 000198144 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-12 13:49 - 2017-09-18 03:20 - 000937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-10-12 13:49 - 2017-09-18 03:19 - 001060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-10-12 13:49 - 2017-09-18 03:19 - 000519168 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2017-10-12 13:49 - 2017-09-18 03:18 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-10-12 13:49 - 2017-09-18 03:18 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-10-12 13:49 - 2017-09-18 03:18 - 000932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-12 13:49 - 2017-09-18 03:17 - 002279424 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-10-12 13:49 - 2017-09-18 03:16 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 003202048 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 002919936 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 001692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 001282048 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 001231360 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 003615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-10-12 13:49 - 2017-09-18 03:14 - 002897408 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 002321408 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 001328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 001040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-10-12 13:49 - 2017-09-18 03:13 - 001726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-10-12 13:49 - 2017-09-18 03:13 - 001121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-10-12 13:49 - 2017-09-18 03:13 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-10-12 13:49 - 2017-09-18 03:13 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2017-10-12 13:49 - 2017-09-18 03:11 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\trie.dll
2017-10-12 13:49 - 2017-09-18 03:11 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\MTFFuzzyDS.dll
2017-10-12 13:49 - 2017-09-18 03:11 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\MTFSpellcheckDS.dll
2017-10-12 13:49 - 2017-09-15 00:14 - 000119328 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2017-10-12 13:49 - 2017-09-14 23:32 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\MSWB7.dll
2017-10-12 13:49 - 2017-09-14 23:32 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll
2017-10-12 13:49 - 2017-09-14 23:32 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\dinput.dll
2017-10-12 13:49 - 2017-09-14 23:31 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-10-12 13:49 - 2017-09-14 23:31 - 000280576 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2017-10-12 13:49 - 2017-09-14 23:29 - 000352256 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-10-12 13:49 - 2017-09-14 23:25 - 000821248 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2017-10-12 13:49 - 2017-09-14 23:24 - 000981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2017-10-12 13:49 - 2017-09-14 23:24 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2017-10-12 13:49 - 2017-09-14 23:23 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-10-12 13:49 - 2017-09-14 23:22 - 000820736 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-10-12 13:49 - 2017-09-14 23:22 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-10-12 13:49 - 2017-09-14 23:20 - 002852864 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-10-12 13:49 - 2017-09-14 23:19 - 001421824 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-10-12 13:49 - 2017-09-14 23:19 - 000928256 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2017-10-12 13:49 - 2017-03-04 08:10 - 000360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-10-12 13:49 - 2017-03-04 07:11 - 001643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-10-12 13:49 - 2017-03-04 07:07 - 001064448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-10-12 13:49 - 2016-08-06 05:16 - 000026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-10-11 12:50 - 2017-10-11 12:50 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-05 15:23 - 2017-10-05 15:23 - 000000000 ____D C:\Users\IdeaCentre\Downloads\Nová složka
2017-10-04 12:21 - 2017-10-04 12:21 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-31 13:30 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\AppReadiness
2017-10-31 13:22 - 2016-11-01 16:31 - 002760644 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-31 13:22 - 2016-07-16 23:25 - 001122760 _____ C:\Windows\system32\perfh005.dat
2017-10-31 13:22 - 2016-07-16 23:25 - 000295186 _____ C:\Windows\system32\perfc005.dat
2017-10-31 13:17 - 2016-11-01 16:39 - 000000000 __SHD C:\Users\IdeaCentre\IntelGraphicsProfiles
2017-10-31 13:17 - 2016-11-01 16:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-31 13:16 - 2016-11-01 23:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-31 13:16 - 2016-11-01 23:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-10-30 14:33 - 2016-07-16 12:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-30 13:31 - 2017-09-15 13:15 - 000000737 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-10-27 07:38 - 2016-07-16 12:45 - 000000000 ____D C:\Windows\INF
2017-10-27 07:28 - 2017-09-29 12:09 - 000000000 ____D C:\Program Files\rempl
2017-10-20 12:58 - 2016-11-01 16:31 - 000002402 _____ C:\Users\IdeaCentre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-20 12:58 - 2016-11-01 16:31 - 000000000 ___RD C:\Users\IdeaCentre\OneDrive
2017-10-18 15:28 - 2016-11-01 16:27 - 000000000 ____D C:\Users\IdeaCentre
2017-10-18 13:04 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\rescache
2017-10-18 12:06 - 2016-07-16 12:36 - 000000000 ____D C:\Windows\CbsTemp
2017-10-16 15:10 - 2016-11-01 23:16 - 000332304 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-12 23:27 - 2016-07-16 12:49 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-12 23:27 - 2016-07-16 12:49 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-12 16:49 - 2016-07-16 12:47 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-10-12 16:49 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\system32\oobe
2017-10-12 16:49 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\ShellExperiences
2017-10-11 12:53 - 2016-11-01 16:58 - 000000000 ____D C:\Windows\system32\MRT
2017-10-11 12:50 - 2016-11-01 16:58 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2016-11-01 16:35 - 2016-11-01 16:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD. The user is not administrator
==================== End of FRST.txt ============================
Ran by IdeaCentre (ATTENTION: The user is not administrator) on DESKTOP-QED2288 (31-10-2017 14:03:56)
Running from C:\Users\TEMP.DESKTOP-QED2288.000\Downloads
Loaded Profiles: IdeaCentre (Available Profiles: defaultuser0 & IdeaCentre & Administrator)
Platform: Windows 10 Home Version 1607 14393.1770 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> dwm.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> igfxCUIService.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> armsvc.exe
Failed to access process -> ekrn.exe
Failed to access process -> svchost.exe
Failed to access process -> TeamViewer_Service.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> dasHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120841.inf_amd64_5761f79d1981e5da\igfxEM.exe
Failed to access process -> tv_w32.exe
Failed to access process -> tv_x64.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> svchost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
Failed to access process -> BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process -> SearchProtocolHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
Startup: C:\Users\IdeaCentre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-07-03]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Facebook\Games\FacebookGameroom.exe (No File)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0f871bc6-cffd-4172-8735-225ee4b6883f}: [DhcpNameServer] 192.168.3.3 89.203.139.130 89.203.139.131
Tcpip\..\Interfaces\{1d7e3ee1-3abb-420f-a7f4-e420c94f3508}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default [2017-10-31]
CHR Extension: (Prezentace) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Dokumenty) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
CHR Extension: (Disk Google) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-31]
CHR Extension: (YouTube) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-31]
CHR Extension: (Tabulky) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-31]
CHR Extension: (Gmail) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-31]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [51872 2016-05-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1648224 2016-05-24] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [193696 2016-05-24] (ESET)
R3 lmhosts; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-08] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264864 2016-05-23] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [196768 2016-05-23] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [180384 2016-05-23] (ESET)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 pelmouse; C:\Windows\system32\DRIVERS\pelmouse.sys [23040 2015-12-17] (TPMX Electronics Ltd.)
S3 pelusblf; C:\Windows\system32\DRIVERS\pelusblf.sys [35328 2015-12-22] (TPMX Electronics Ltd.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [338952 2016-07-20] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [607512 2015-07-09] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-31 14:03 - 2017-10-31 14:04 - 000012512 _____ C:\Users\TEMP.DESKTOP-QED2288.000\Downloads\FRST.txt
2017-10-31 14:00 - 2017-10-31 14:03 - 000000000 ____D C:\FRST
2017-10-31 13:58 - 2017-10-31 13:58 - 002403328 _____ (Farbar) C:\Users\TEMP.DESKTOP-QED2288.000\Downloads\FRST64.exe
2017-10-31 13:55 - 2017-10-31 13:55 - 000002762 _____ C:\Users\TEMP.DESKTOP-QED2288.000\Desktop\flixlist.txt
2017-10-31 13:40 - 2017-10-31 13:40 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\MicrosoftEdge
2017-10-31 13:19 - 2017-10-31 13:21 - 000002444 _____ C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-31 13:19 - 2017-10-31 13:21 - 000000000 ___RD C:\Users\TEMP.DESKTOP-QED2288.000\OneDrive
2017-10-31 13:19 - 2017-10-31 13:19 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\NetworkTiles
2017-10-31 13:18 - 2017-10-31 13:18 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\ControlCenter4
2017-10-31 13:17 - 2017-10-31 13:27 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google
2017-10-31 13:17 - 2017-10-31 13:19 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Packages
2017-10-31 13:17 - 2017-10-31 13:19 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000
2017-10-31 13:17 - 2017-10-31 13:18 - 000002332 _____ C:\Users\TEMP.DESKTOP-QED2288.000\Desktop\Google Chrome.lnk
2017-10-31 13:17 - 2017-10-31 13:18 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\ConnectedDevicesPlatform
2017-10-31 13:17 - 2017-10-31 13:17 - 000001410 _____ C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aktualizace a nastavení ochrany osobních údajů.lnk
2017-10-31 13:17 - 2017-10-31 13:17 - 000000020 ___SH C:\Users\TEMP.DESKTOP-QED2288.000\ntuser.ini
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Šablony
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Soubory cookie
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Poslední
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Okolní tiskárny
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Okolní síť
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Nabídka Start
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Dokumenty
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Documents\Obrázky
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Documents\Hudba
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Documents\Filmy
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Data aplikací
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Data aplikací
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\Adobe
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\VirtualStore
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\TileDataLayer
2017-10-27 12:36 - 2017-10-27 13:18 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288\AppData\Local\Comms
2017-10-27 07:27 - 2017-10-27 13:18 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288
2017-10-27 07:25 - 2017-10-27 07:27 - 000000000 ____D C:\Users\TEMP
2017-10-26 08:52 - 2017-10-26 08:52 - 000000000 __SHD C:\found.000
2017-10-18 14:57 - 2017-10-18 14:57 - 000137888 _____ (Spotify Ltd) C:\Users\IdeaCentre\Downloads\spotify.exe
2017-10-12 13:51 - 2017-09-18 03:59 - 000341344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-12 13:51 - 2017-09-18 03:52 - 001845512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-10-12 13:51 - 2017-09-18 03:52 - 001277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-10-12 13:51 - 2017-09-18 03:29 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-10-12 13:51 - 2017-09-18 03:28 - 000237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-10-12 13:51 - 2017-09-18 03:27 - 004615168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-10-12 13:51 - 2017-09-18 03:24 - 000819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-10-12 13:51 - 2017-09-18 03:23 - 000857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2017-10-12 13:51 - 2017-09-18 03:23 - 000297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-12 13:51 - 2017-09-18 03:23 - 000238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-10-12 13:51 - 2017-09-18 03:20 - 002641920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-12 13:51 - 2017-09-18 03:17 - 000641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 002740224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 001556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 001170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 000675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-10-12 13:51 - 2017-09-18 03:13 - 001013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-10-12 13:51 - 2017-09-18 03:13 - 000773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-12 13:51 - 2017-09-18 03:13 - 000751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-10-12 13:51 - 2017-09-18 03:13 - 000598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-10-12 13:51 - 2017-09-18 03:13 - 000589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-10-12 13:51 - 2017-09-14 23:31 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-10-12 13:51 - 2017-09-14 23:30 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-12 13:51 - 2017-03-04 07:24 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-10-12 13:51 - 2017-03-04 07:23 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-10-12 13:51 - 2017-03-04 07:00 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-10-12 13:51 - 2017-03-04 07:00 - 000711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2017-10-12 13:50 - 2017-09-18 04:27 - 000218976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2017-10-12 13:50 - 2017-09-18 04:09 - 002213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-12 13:50 - 2017-09-18 04:09 - 000133984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-12 13:50 - 2017-09-18 04:08 - 000998920 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-10-12 13:50 - 2017-09-18 04:05 - 001177688 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-12 13:50 - 2017-09-18 04:05 - 000497424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2017-10-12 13:50 - 2017-09-18 04:05 - 000172536 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-12 13:50 - 2017-09-18 04:04 - 001706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-12 13:50 - 2017-09-18 04:04 - 000918304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-10-12 13:50 - 2017-09-18 04:03 - 000791272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-12 13:50 - 2017-09-18 04:02 - 007213464 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-10-12 13:50 - 2017-09-18 04:02 - 001860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-10-12 13:50 - 2017-09-18 04:01 - 000431456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-10-12 13:50 - 2017-09-18 04:01 - 000223072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-12 13:50 - 2017-09-18 04:00 - 001072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 022220864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 008173672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 004260072 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 001983408 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 001702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-10-12 13:50 - 2017-09-18 03:56 - 000057408 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-12 13:50 - 2017-09-18 03:55 - 005722320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-10-12 13:50 - 2017-09-18 03:55 - 001431240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-10-12 13:50 - 2017-09-18 03:54 - 001980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 020967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 006672680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 004023560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 001360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 000981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-10-12 13:50 - 2017-09-18 03:51 - 000178016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-10-12 13:50 - 2017-09-18 03:49 - 001435896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-10-12 13:50 - 2017-09-18 03:49 - 001412128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-10-12 13:50 - 2017-09-18 03:49 - 001260784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-12 13:50 - 2017-09-18 03:48 - 000117792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-12 13:50 - 2017-09-18 03:35 - 000372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-10-12 13:50 - 2017-09-18 03:34 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-10-12 13:50 - 2017-09-18 03:33 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-12 13:50 - 2017-09-18 03:33 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-10-12 13:50 - 2017-09-18 03:32 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-10-12 13:50 - 2017-09-18 03:32 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-12 13:50 - 2017-09-18 03:31 - 006288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-10-12 13:50 - 2017-09-18 03:31 - 000519168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2017-10-12 13:50 - 2017-09-18 03:31 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-10-12 13:50 - 2017-09-18 03:31 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-10-12 13:50 - 2017-09-18 03:31 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-12 13:50 - 2017-09-18 03:30 - 000232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-10-12 13:50 - 2017-09-18 03:30 - 000147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2017-10-12 13:50 - 2017-09-18 03:29 - 000411136 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2017-10-12 13:50 - 2017-09-18 03:29 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2017-10-12 13:50 - 2017-09-18 03:28 - 000536064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-12 13:50 - 2017-09-18 03:28 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-10-12 13:50 - 2017-09-18 03:28 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2017-10-12 13:50 - 2017-09-18 03:28 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2017-10-12 13:50 - 2017-09-18 03:27 - 000719872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2017-10-12 13:50 - 2017-09-18 03:27 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2017-10-12 13:50 - 2017-09-18 03:27 - 000590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-10-12 13:50 - 2017-09-18 03:27 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-12 13:50 - 2017-09-18 03:27 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-12 13:50 - 2017-09-18 03:27 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-10-12 13:50 - 2017-09-18 03:26 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-12 13:50 - 2017-09-18 03:26 - 000384000 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2017-10-12 13:50 - 2017-09-18 03:26 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2017-10-12 13:50 - 2017-09-18 03:26 - 000283136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-12 13:50 - 2017-09-18 03:26 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-10-12 13:50 - 2017-09-18 03:25 - 002333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-10-12 13:50 - 2017-09-18 03:25 - 000461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2017-10-12 13:50 - 2017-09-18 03:24 - 013107712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-12 13:50 - 2017-09-18 03:24 - 007626240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-10-12 13:50 - 2017-09-18 03:24 - 000755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-12 13:50 - 2017-09-18 03:24 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-12 13:50 - 2017-09-18 03:24 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-12 13:50 - 2017-09-18 03:23 - 000816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-10-12 13:50 - 2017-09-18 03:23 - 000636928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-10-12 13:50 - 2017-09-18 03:23 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-10-12 13:50 - 2017-09-18 03:23 - 000287744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2017-10-12 13:50 - 2017-09-18 03:22 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2017-10-12 13:50 - 2017-09-18 03:22 - 001137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2017-10-12 13:50 - 2017-09-18 03:21 - 018364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-10-12 13:50 - 2017-09-18 03:20 - 023677952 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-12 13:50 - 2017-09-18 03:20 - 019414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-12 13:50 - 2017-09-18 03:20 - 000343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-10-12 13:50 - 2017-09-18 03:20 - 000284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-10-12 13:50 - 2017-09-18 03:19 - 002750976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-10-12 13:50 - 2017-09-18 03:19 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-10-12 13:50 - 2017-09-18 03:19 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2017-10-12 13:50 - 2017-09-18 03:19 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 012204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 008114688 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 008077312 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 007470592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 001145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 000330752 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-10-12 13:50 - 2017-09-18 03:17 - 003401216 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-12 13:50 - 2017-09-18 03:17 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-12 13:50 - 2017-09-18 03:16 - 004743168 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-12 13:50 - 2017-09-18 03:16 - 004596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-10-12 13:50 - 2017-09-18 03:16 - 003520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-10-12 13:50 - 2017-09-18 03:15 - 006065152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-10-12 13:50 - 2017-09-18 03:15 - 002800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2017-10-12 13:50 - 2017-09-18 03:15 - 002538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-12 13:50 - 2017-09-18 03:15 - 002370048 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-12 13:50 - 2017-09-18 03:15 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 006474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-10-12 13:50 - 2017-09-18 03:14 - 003663360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 002997760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-10-12 13:50 - 2017-09-18 03:14 - 002682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 002649600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 002483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 001599488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 001518080 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-10-12 13:50 - 2017-09-18 03:14 - 000983552 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000908800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-12 13:50 - 2017-09-18 03:14 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000657408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-10-12 13:50 - 2017-09-18 03:13 - 000886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-10-12 13:50 - 2017-09-18 03:13 - 000164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2017-10-12 13:50 - 2017-09-18 03:12 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-10-12 13:50 - 2017-09-18 03:12 - 000532992 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-10-12 13:50 - 2017-09-18 03:12 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-10-12 13:50 - 2017-09-18 03:11 - 000783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-10-12 13:50 - 2017-09-18 03:11 - 000450048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-10-12 13:50 - 2017-09-15 00:05 - 001302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-10-12 13:50 - 2017-09-14 23:59 - 000096064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2017-10-12 13:50 - 2017-09-14 23:52 - 000136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-10-12 13:50 - 2017-09-14 23:49 - 001202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-10-12 13:50 - 2017-09-14 23:34 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2017-10-12 13:50 - 2017-09-14 23:32 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2017-10-12 13:50 - 2017-09-14 23:32 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnrollUI.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000194560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWB7.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2017-10-12 13:50 - 2017-09-14 23:28 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-10-12 13:50 - 2017-09-14 23:28 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll
2017-10-12 13:50 - 2017-09-14 23:27 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-10-12 13:50 - 2017-09-14 23:26 - 001167360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-10-12 13:50 - 2017-09-14 23:26 - 000636928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2017-10-12 13:50 - 2017-09-14 23:26 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certreq.exe
2017-10-12 13:50 - 2017-09-14 23:25 - 000529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-10-12 13:50 - 2017-09-14 23:22 - 000987648 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2017-10-12 13:50 - 2017-09-14 23:18 - 003299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-10-12 13:50 - 2017-09-14 23:18 - 000273920 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
2017-10-12 13:50 - 2017-09-14 23:16 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2017-10-12 13:50 - 2017-09-14 23:15 - 003106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-10-12 13:50 - 2017-09-14 03:04 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-12 13:50 - 2017-09-14 03:04 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-12 13:50 - 2017-09-14 03:04 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-12 13:50 - 2017-03-04 07:28 - 000224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-10-12 13:50 - 2017-03-04 07:25 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2017-10-12 13:50 - 2017-03-04 07:23 - 001184256 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-10-12 13:50 - 2017-03-04 07:18 - 000567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2017-10-12 13:50 - 2017-03-04 07:16 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-10-12 13:50 - 2016-08-27 06:12 - 000244816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-12 13:50 - 2016-08-02 09:13 - 001081856 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-10-12 13:49 - 2017-09-18 04:17 - 001564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-10-12 13:49 - 2017-09-18 04:17 - 000245600 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2017-10-12 13:49 - 2017-09-18 04:17 - 000136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-10-12 13:49 - 2017-09-18 04:09 - 007780192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-12 13:49 - 2017-09-18 04:09 - 000646688 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-10-12 13:49 - 2017-09-18 04:08 - 002253664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-12 13:49 - 2017-09-18 04:05 - 000168800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-12 13:49 - 2017-09-18 04:04 - 000404832 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-12 13:49 - 2017-09-18 04:01 - 002446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-10-12 13:49 - 2017-09-18 04:01 - 000624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-10-12 13:49 - 2017-09-18 03:59 - 000241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-10-12 13:49 - 2017-09-18 03:58 - 001600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-10-12 13:49 - 2017-09-18 03:58 - 000206688 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-10-12 13:49 - 2017-09-18 03:57 - 001566552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-10-12 13:49 - 2017-09-18 03:57 - 001460696 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-10-12 13:49 - 2017-09-18 03:57 - 001415712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-12 13:49 - 2017-09-18 03:36 - 022570496 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-10-12 13:49 - 2017-09-18 03:33 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\TransliterationRanker.dll
2017-10-12 13:49 - 2017-09-18 03:32 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-12 13:49 - 2017-09-18 03:32 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\jpninputrouter.dll
2017-10-12 13:49 - 2017-09-18 03:32 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\EmojiDS.dll
2017-10-12 13:49 - 2017-09-18 03:31 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\RuleBasedDS.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\jpnranker.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000257536 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000174592 _____ C:\Windows\system32\IHDS.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\VocabRoamingHandler.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\StaticDictDS.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\chxranker.dll
2017-10-12 13:49 - 2017-09-18 03:29 - 009129984 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-10-12 13:49 - 2017-09-18 03:29 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\ChsStrokeDS.dll
2017-10-12 13:49 - 2017-09-18 03:29 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\ChtHkStrokeDS.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000335872 _____ (Microsoft Corporation) C:\Windows\system32\ChsPinyinRanker.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\MtfDecoder.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000626176 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\ChxAPDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000480768 _____ (Microsoft Corporation) C:\Windows\system32\msimeChsPinyinMainDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\ChxHAPDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\ChtCangjieDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000410624 _____ (Microsoft Corporation) C:\Windows\system32\ChtQuickDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000336384 _____ (Microsoft Corporation) C:\Windows\system32\jpndecoder.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\chxinputrouter.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000326656 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\dsregcmd.exe
2017-10-12 13:49 - 2017-09-18 03:26 - 000562176 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-10-12 13:49 - 2017-09-18 03:25 - 001914368 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2017-10-12 13:49 - 2017-09-18 03:25 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-10-12 13:49 - 2017-09-18 03:25 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2017-10-12 13:49 - 2017-09-18 03:25 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2017-10-12 13:49 - 2017-09-18 03:24 - 002103808 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-10-12 13:49 - 2017-09-18 03:24 - 001589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-10-12 13:49 - 2017-09-18 03:24 - 001584640 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2017-10-12 13:49 - 2017-09-18 03:22 - 004749824 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-10-12 13:49 - 2017-09-18 03:22 - 003291648 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-10-12 13:49 - 2017-09-18 03:22 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-10-12 13:49 - 2017-09-18 03:22 - 000352256 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2017-10-12 13:49 - 2017-09-18 03:22 - 000198144 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-12 13:49 - 2017-09-18 03:20 - 000937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-10-12 13:49 - 2017-09-18 03:19 - 001060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-10-12 13:49 - 2017-09-18 03:19 - 000519168 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2017-10-12 13:49 - 2017-09-18 03:18 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-10-12 13:49 - 2017-09-18 03:18 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-10-12 13:49 - 2017-09-18 03:18 - 000932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-12 13:49 - 2017-09-18 03:17 - 002279424 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-10-12 13:49 - 2017-09-18 03:16 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 003202048 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 002919936 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 001692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 001282048 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 001231360 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 003615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-10-12 13:49 - 2017-09-18 03:14 - 002897408 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 002321408 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 001328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 001040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-10-12 13:49 - 2017-09-18 03:13 - 001726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-10-12 13:49 - 2017-09-18 03:13 - 001121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-10-12 13:49 - 2017-09-18 03:13 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-10-12 13:49 - 2017-09-18 03:13 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2017-10-12 13:49 - 2017-09-18 03:11 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\trie.dll
2017-10-12 13:49 - 2017-09-18 03:11 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\MTFFuzzyDS.dll
2017-10-12 13:49 - 2017-09-18 03:11 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\MTFSpellcheckDS.dll
2017-10-12 13:49 - 2017-09-15 00:14 - 000119328 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2017-10-12 13:49 - 2017-09-14 23:32 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\MSWB7.dll
2017-10-12 13:49 - 2017-09-14 23:32 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll
2017-10-12 13:49 - 2017-09-14 23:32 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\dinput.dll
2017-10-12 13:49 - 2017-09-14 23:31 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-10-12 13:49 - 2017-09-14 23:31 - 000280576 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2017-10-12 13:49 - 2017-09-14 23:29 - 000352256 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-10-12 13:49 - 2017-09-14 23:25 - 000821248 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2017-10-12 13:49 - 2017-09-14 23:24 - 000981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2017-10-12 13:49 - 2017-09-14 23:24 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2017-10-12 13:49 - 2017-09-14 23:23 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-10-12 13:49 - 2017-09-14 23:22 - 000820736 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-10-12 13:49 - 2017-09-14 23:22 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-10-12 13:49 - 2017-09-14 23:20 - 002852864 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-10-12 13:49 - 2017-09-14 23:19 - 001421824 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-10-12 13:49 - 2017-09-14 23:19 - 000928256 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2017-10-12 13:49 - 2017-03-04 08:10 - 000360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-10-12 13:49 - 2017-03-04 07:11 - 001643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-10-12 13:49 - 2017-03-04 07:07 - 001064448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-10-12 13:49 - 2016-08-06 05:16 - 000026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-10-11 12:50 - 2017-10-11 12:50 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-05 15:23 - 2017-10-05 15:23 - 000000000 ____D C:\Users\IdeaCentre\Downloads\Nová složka
2017-10-04 12:21 - 2017-10-04 12:21 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-31 13:30 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\AppReadiness
2017-10-31 13:22 - 2016-11-01 16:31 - 002760644 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-31 13:22 - 2016-07-16 23:25 - 001122760 _____ C:\Windows\system32\perfh005.dat
2017-10-31 13:22 - 2016-07-16 23:25 - 000295186 _____ C:\Windows\system32\perfc005.dat
2017-10-31 13:17 - 2016-11-01 16:39 - 000000000 __SHD C:\Users\IdeaCentre\IntelGraphicsProfiles
2017-10-31 13:17 - 2016-11-01 16:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-31 13:16 - 2016-11-01 23:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-31 13:16 - 2016-11-01 23:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-10-30 14:33 - 2016-07-16 12:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-30 13:31 - 2017-09-15 13:15 - 000000737 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-10-27 07:38 - 2016-07-16 12:45 - 000000000 ____D C:\Windows\INF
2017-10-27 07:28 - 2017-09-29 12:09 - 000000000 ____D C:\Program Files\rempl
2017-10-20 12:58 - 2016-11-01 16:31 - 000002402 _____ C:\Users\IdeaCentre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-20 12:58 - 2016-11-01 16:31 - 000000000 ___RD C:\Users\IdeaCentre\OneDrive
2017-10-18 15:28 - 2016-11-01 16:27 - 000000000 ____D C:\Users\IdeaCentre
2017-10-18 13:04 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\rescache
2017-10-18 12:06 - 2016-07-16 12:36 - 000000000 ____D C:\Windows\CbsTemp
2017-10-16 15:10 - 2016-11-01 23:16 - 000332304 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-12 23:27 - 2016-07-16 12:49 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-12 23:27 - 2016-07-16 12:49 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-12 16:49 - 2016-07-16 12:47 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-10-12 16:49 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\system32\oobe
2017-10-12 16:49 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\ShellExperiences
2017-10-11 12:53 - 2016-11-01 16:58 - 000000000 ____D C:\Windows\system32\MRT
2017-10-11 12:50 - 2016-11-01 16:58 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories =======
2016-11-01 16:35 - 2016-11-01 16:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD. The user is not administrator
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119405
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: vir na facebooku - private video xxx
Zdravím!
2 Zdeněk Dildo : Založte si, prosím, vlastní topic. Děkujeme.
2 Zdeněk Dildo : Založte si, prosím, vlastní topic. Děkujeme.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?