VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

vir na facebooku - private video xxx

https://forum.viry.cz:443/viewtopic.php?t=139400

Stránka 1 z 1

vir na facebooku - private video xxx

Napsal: 28 črc 2014 17:42
od Romrez
Zdravím, prosím o pomoc.. už se to t i řešilo ...
někdo mi na Facebook do zpráv zaslal link, ve kterém bylo napsáno: "(mé jméno) - private video" a k tomu byla přidána fotka mojí profilovky. Vím, že tohle otvírat je docela hloupost, ale bohužel, stalo se. Po otevření a následném stáhnutí Adobe Flash se ihned z mého účtu začly vysílat smajlíky: " :O " a k tomu link s nápisem: "(jméno dotyčného) - private video" ...

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Fujitsu (administrator) on FUJITSU-PC on 28-07-2014 18:17:20
Running from C:\Users\Fujitsu\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\PSUtility\TrayManager.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(Fujitsu Technology Solutions) C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNAutoCon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNetDm.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNTray.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTE.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Fujitsu\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13374568 2011-12-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277992 2011-11-15] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [589176 2011-12-20] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp

HKLM\...\Run: [LoadFUJ02E3] => C:\Program Files\Fujitsu\FUJ02E3\fuj02e3.exe [76104 2011-11-23] (FUJITSU LIMITED)
HKLM\...\Run: [PSUTility] => C:\Program Files\Fujitsu\PSUtility\TrayManager.exe [205168 2011-10-03] (FUJITSU LIMITED)
HKLM\...\Run: [LoadFujitsuQuickTouch] => C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [158024 2011-09-30] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] => C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [23368 2011-09-30] (FUJITSU LIMITED)
HKLM-x32\...\Run: [DeskUpdateNotifier] => C:\Program Files (x86)\Fujitsu\DeskUpdate\DeskUpdateNotifier.exe [102968 2013-02-26] (Fujitsu Technology Solutions)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-06] (Intel Corporation)
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [48752 2010-09-29] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-04-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-07-10] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1956760 2014-06-24] (APN)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3936689878-505427550-2512028315-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564992 2014-04-23] (Samsung)
HKU\S-1-5-21-3936689878-505427550-2512028315-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-04-23] (Samsung)
HKU\S-1-5-21-3936689878-505427550-2512028315-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-3936689878-505427550-2512028315-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3936689878-505427550-2512028315-1000\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2014-04-01] ()
Startup: C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.1.1

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: "hxxp://www.google.cz/"
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchURL: http://www.search.ask.com/web?q={searchTerms}
CHR Extension: (Disk Google) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-03]
CHR Extension: (SEO SERP Workbench) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2014-07-02]
CHR Extension: (Kalendář Google) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-07-02]
CHR Extension: (Morsee) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjkfieaegepneclelmddaapilmjecnii [2014-07-02]
CHR Extension: (Facebook for Chrome) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-07-02]
CHR Extension: (No Name) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\godimpbmfohihoaikgfknnnmlncabkkp [2014-07-02]
CHR Extension: (Skype Click to Call) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-03-21]
CHR Extension: (Morse Chrome™) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcgjcnemliplogmakfelldipnhbpnmob [2014-07-02]
CHR Extension: (Peněženka Google) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-07-02]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Fujitsu\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-07-03]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2014-06-26]
CHR HKLM-x32\...\Chrome\Extension: [godimpbmfohihoaikgfknnnmlncabkkp] - C:\Windows\KBD2341Update-godimpbmfohihoaikgfknnnmlncabkkp\coc.crx [2014-06-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-24] (APN LLC.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-07-10] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [225280 2011-08-05] (DTS, Inc)
R2 FUJ02E3Service; C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe [76104 2011-11-23] (FUJITSU LIMITED)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 ktupdaterservice; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [950272 2014-04-08] (Kerio Technologies Inc.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 PFNService; C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe [2213376 2011-12-22] (FUJITSU LIMITED) [File not signed]
R2 PowerSavingUtilityService; C:\Program Files\Fujitsu\PSUtility\PSUService.exe [63856 2011-10-03] (FUJITSU LIMITED)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 FBIOSDRV; C:\Windows\System32\Drivers\FBIOSDRV.sys [21104 2009-06-24] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [24496 2012-03-09] (Intel Corporation)
S3 iaStorS; C:\Windows\system32\drivers\iaStorS.sys [638896 2012-03-09] (Intel Corporation)
S3 megasas2; C:\Windows\system32\drivers\megasas2.sys [51280 2010-11-02] (LSI Corporation)
S3 megasr1; C:\Windows\system32\drivers\megasr1.sys [806696 2012-02-08] (LSI Corporation, Inc.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1812608 2011-12-27] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 18:17 - 2014-07-28 18:17 - 00020961 _____ () C:\Users\Fujitsu\Desktop\FRST.txt
2014-07-28 18:16 - 2014-07-28 18:17 - 00000000 ____D () C:\FRST
2014-07-28 18:15 - 2014-07-28 18:15 - 00112640 _____ (forum.viry.cz) C:\Users\Fujitsu\Desktop\FRSTLauncher.exe
2014-07-28 18:14 - 2014-07-28 18:14 - 02093568 _____ (Farbar) C:\Users\Fujitsu\Desktop\FRST64.exe
2014-07-27 20:44 - 2014-07-28 00:40 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\FileZilla
2014-07-27 20:44 - 2014-07-27 20:44 - 00002000 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-07-27 20:44 - 2014-07-27 20:44 - 00001919 _____ () C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\WeatherBug®.lnk
2014-07-27 20:44 - 2014-07-27 20:44 - 00001895 _____ () C:\Users\Fujitsu\Desktop\WeatherBug®.lnk
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Users\Fujitsu\AppData\Local\IsolatedStorage
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Program Files\Earth Networks
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-27 20:43 - 2014-07-27 20:43 - 05981830 _____ (Tim Kosse) C:\Users\Fujitsu\Downloads\FileZilla_3.9.0.1_win32-setup [1].exe
2014-07-22 18:27 - 2014-07-22 18:41 - 00000000 ____D () C:\temp
2014-07-22 18:26 - 2014-07-22 18:28 - 00000000 ____D () C:\Users\Fujitsu\.yawcam
2014-07-22 18:26 - 2014-07-22 18:26 - 00001863 _____ () C:\Users\Fujitsu\Desktop\Yawcam.lnk
2014-07-22 18:26 - 2014-07-22 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yawcam
2014-07-22 18:26 - 2014-07-22 18:26 - 00000000 ____D () C:\Program Files (x86)\Yawcam
2014-07-22 18:24 - 2014-07-22 18:24 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\Oracle
2014-07-22 18:23 - 2014-07-22 18:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-22 18:22 - 2014-07-22 18:22 - 00000000 ____D () C:\Users\Fujitsu\AppData\Local\AskPartnerNetwork
2014-07-22 18:22 - 2014-07-22 18:22 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-07-22 18:22 - 2014-07-22 18:22 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-07-22 18:20 - 2014-07-22 18:20 - 00000000 ____D () C:\ProgramData\Sun
2014-07-22 18:20 - 2014-07-22 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-22 18:20 - 2014-07-22 18:19 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-22 18:20 - 2014-07-22 18:19 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-22 18:20 - 2014-07-22 18:19 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-22 18:20 - 2014-07-22 18:19 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-22 18:19 - 2014-07-22 18:19 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-10 18:46 - 2014-07-10 18:46 - 00000025 _____ () C:\Users\Fujitsu\Desktop\Odkaz.txt
2014-07-10 13:06 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 13:06 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 13:06 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 13:06 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 13:06 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 13:06 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-10 13:06 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-10 13:06 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-10 13:06 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-10 13:06 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 13:05 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 13:05 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 13:05 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 13:05 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 13:05 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 13:05 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 13:05 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 13:05 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 13:05 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 13:05 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 13:05 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 13:05 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 13:05 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 13:05 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 13:05 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 13:05 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 13:05 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 13:05 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 13:05 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 13:05 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 13:05 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 13:05 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 13:05 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 13:05 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 13:05 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 13:05 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 13:05 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 13:05 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 13:05 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 13:05 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-10 13:05 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 13:05 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 13:05 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 13:05 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 13:05 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 13:05 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 13:05 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 13:05 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 13:05 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 13:05 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 13:05 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 13:05 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 13:05 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 13:05 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 13:05 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 13:05 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 13:05 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 13:05 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 13:05 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 13:05 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 13:05 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 13:05 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 13:05 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 13:05 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 13:05 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 13:05 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 13:04 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-10 13:04 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-10 13:04 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-08 00:37 - 2014-07-08 00:37 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\XMedia Recode
2014-07-07 20:05 - 2014-07-07 20:05 - 00001067 _____ () C:\Users\Public\Desktop\XMedia Recode.lnk
2014-07-07 20:05 - 2014-07-07 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-07-07 20:05 - 2014-07-07 20:05 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-07-02 21:17 - 2014-07-02 21:17 - 00000000 ___HD () C:\Windows\KBD2341Update-godimpbmfohihoaikgfknnnmlncabkkp
2014-07-02 21:16 - 2014-07-02 21:16 - 00168120 _____ () C:\Users\Fujitsu\Downloads\youtube-flash-player-update-v-8.exe
2014-06-30 12:43 - 2014-06-30 12:43 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 18:17 - 2014-07-28 18:17 - 00020961 _____ () C:\Users\Fujitsu\Desktop\FRST.txt
2014-07-28 18:17 - 2014-07-28 18:16 - 00000000 ____D () C:\FRST
2014-07-28 18:16 - 2014-03-31 19:10 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-28 18:15 - 2014-07-28 18:15 - 00112640 _____ (forum.viry.cz) C:\Users\Fujitsu\Desktop\FRSTLauncher.exe
2014-07-28 18:14 - 2014-07-28 18:14 - 02093568 _____ (Farbar) C:\Users\Fujitsu\Desktop\FRST64.exe
2014-07-28 18:12 - 2013-03-21 17:03 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\Skype
2014-07-28 18:12 - 2013-03-21 16:48 - 00000954 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-28 18:12 - 2013-03-21 12:44 - 01784358 _____ () C:\Windows\WindowsUpdate.log
2014-07-28 18:11 - 2013-03-21 16:48 - 00000950 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-28 13:13 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-28 13:13 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-28 13:07 - 2013-05-01 19:36 - 00000000 ___RD () C:\Users\Fujitsu\Disk Google
2014-07-28 13:05 - 2014-03-31 18:10 - 00011485 _____ () C:\Windows\setupact.log
2014-07-28 13:05 - 2014-03-31 18:09 - 00019708 _____ () C:\Windows\PFRO.log
2014-07-28 13:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-28 13:02 - 2013-12-29 20:43 - 00000000 ____D () C:\ProgramData\firebird
2014-07-28 13:02 - 2013-03-24 15:06 - 00000000 ____D () C:\Users\Fujitsu\Documents\Soubory aplikace Outlook
2014-07-28 13:01 - 2013-03-21 18:02 - 00000000 ____D () C:\ProgramData\Norton
2014-07-28 00:40 - 2014-07-27 20:44 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\FileZilla
2014-07-27 20:47 - 2013-03-21 21:38 - 00669132 _____ () C:\Windows\system32\perfh005.dat
2014-07-27 20:47 - 2013-03-21 21:38 - 00141760 _____ () C:\Windows\system32\perfc005.dat
2014-07-27 20:47 - 2009-07-14 07:13 - 01584626 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-27 20:44 - 2014-07-27 20:44 - 00002000 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-07-27 20:44 - 2014-07-27 20:44 - 00001919 _____ () C:\Users\Fujitsu\AppData\Roaming\Microsoft\Windows\Start Menu\WeatherBug®.lnk
2014-07-27 20:44 - 2014-07-27 20:44 - 00001895 _____ () C:\Users\Fujitsu\Desktop\WeatherBug®.lnk
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Users\Fujitsu\AppData\Local\IsolatedStorage
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WeatherBug®
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Program Files\Earth Networks
2014-07-27 20:44 - 2014-07-27 20:44 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-27 20:43 - 2014-07-27 20:43 - 05981830 _____ (Tim Kosse) C:\Users\Fujitsu\Downloads\FileZilla_3.9.0.1_win32-setup [1].exe
2014-07-22 18:41 - 2014-07-22 18:27 - 00000000 ____D () C:\temp
2014-07-22 18:28 - 2014-07-22 18:26 - 00000000 ____D () C:\Users\Fujitsu\.yawcam
2014-07-22 18:26 - 2014-07-22 18:26 - 00001863 _____ () C:\Users\Fujitsu\Desktop\Yawcam.lnk
2014-07-22 18:26 - 2014-07-22 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yawcam
2014-07-22 18:26 - 2014-07-22 18:26 - 00000000 ____D () C:\Program Files (x86)\Yawcam
2014-07-22 18:26 - 2013-03-21 12:48 - 00000000 ____D () C:\Users\Fujitsu
2014-07-22 18:25 - 2013-03-23 17:35 - 00000000 ____D () C:\Users\Fujitsu\AppData\Local\CrashDumps
2014-07-22 18:24 - 2014-07-22 18:24 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\Oracle
2014-07-22 18:23 - 2014-07-22 18:23 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-22 18:22 - 2014-07-22 18:22 - 00000000 ____D () C:\Users\Fujitsu\AppData\Local\AskPartnerNetwork
2014-07-22 18:22 - 2014-07-22 18:22 - 00000000 ____D () C:\ProgramData\AskPartnerNetwork
2014-07-22 18:22 - 2014-07-22 18:22 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2014-07-22 18:20 - 2014-07-22 18:20 - 00000000 ____D () C:\ProgramData\Sun
2014-07-22 18:20 - 2014-07-22 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-22 18:19 - 2014-07-22 18:20 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-22 18:19 - 2014-07-22 18:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-22 18:19 - 2014-07-22 18:20 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-22 18:19 - 2014-07-22 18:20 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-22 18:19 - 2014-07-22 18:19 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-19 18:44 - 2014-03-31 18:44 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-16 10:12 - 2014-03-31 19:13 - 00000977 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-16 10:12 - 2014-03-31 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-14 16:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 18:46 - 2014-07-10 18:46 - 00000025 _____ () C:\Users\Fujitsu\Desktop\Odkaz.txt
2014-07-10 15:11 - 2009-07-14 06:45 - 00343968 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 15:09 - 2014-05-08 00:05 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 15:09 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 15:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 15:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 13:16 - 2013-03-21 16:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 13:15 - 2013-07-30 00:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 13:14 - 2013-03-24 20:10 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 12:25 - 2013-03-21 12:56 - 00000000 ____D () C:\Windows\System32\Tasks\Fujitsu
2014-07-09 18:43 - 2013-04-30 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-08 00:37 - 2014-07-08 00:37 - 00000000 ____D () C:\Users\Fujitsu\AppData\Roaming\XMedia Recode
2014-07-07 20:05 - 2014-07-07 20:05 - 00001067 _____ () C:\Users\Public\Desktop\XMedia Recode.lnk
2014-07-07 20:05 - 2014-07-07 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XMedia Recode
2014-07-07 20:05 - 2014-07-07 20:05 - 00000000 ____D () C:\Program Files (x86)\XMedia Recode
2014-07-02 21:17 - 2014-07-02 21:17 - 00000000 ___HD () C:\Windows\KBD2341Update-godimpbmfohihoaikgfknnnmlncabkkp
2014-07-02 21:16 - 2014-07-02 21:16 - 00168120 _____ () C:\Users\Fujitsu\Downloads\youtube-flash-player-update-v-8.exe
2014-06-30 12:43 - 2014-06-30 12:43 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-06-30 04:09 - 2014-07-10 13:06 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-10 13:06 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\Fujitsu\AppData\Local\Temp\APNSetup.exe
C:\Users\Fujitsu\AppData\Local\Temp\KTOutlk.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-22 10:15




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:281 GB) (Free:222.55 GB) NTFS
Drive d: (Data) (Fixed) (Total:400.63 GB) (Free:206.46 GB) NTFS

Available physical RAM: 1190.95 MB
Total physical RAM: 3956.3 MB
Percentage of memory in use: 69%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: B875572B)
Partition 1: (Active) - (Size=2 GB) - (Type=27)
Partition 2: (Not Active) - (Size=697 GB) - (Type=OF Extended)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: AVG AntiVirus 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Fujitsu\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Re: vir na facebooku - private video xxx

Napsal: 28 črc 2014 18:01
od Rudy
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Start
C:\Program Files (x86)\AskPartnerNetwork
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1956760 2014-06-24] (APN)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
CHR HomePage: hxxp://www.search.ask.com/?gct=hp
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchURL: http://www.search.ask.com/web?q={searchTerms}
CHR Extension: (SEO SERP Workbench) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2014-07-02]
CHR Extension: (Facebook for Chrome) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-07-02]
CHR Extension: (No Name) - C:\Users\Fujitsu\AppData\Local\Google\Chrome\User Data\Default\Extensions\godimpbmfohihoaikgfknnnmlncabkkp [2014-07-02]
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2014-06-26]
CHR HKLM-x32\...\Chrome\Extension: [godimpbmfohihoaikgfknnnmlncabkkp] - C:\Windows\KBD2341Update-godimpbmfohihoaikgfknnnmlncabkkp\coc.crx [2014-06-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
C:\Users\Fujitsu\AppData\Local\AskPartnerNetwork
C:\ProgramData\AskPartnerNetwork
C:\Program Files (x86)\AskPartnerNetwork
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Users\Fujitsu\AppData\Local\Temp
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: vir na facebooku - private video xxx

Napsal: 28 črc 2014 18:14
od Romrez
výsledný log je moc dlouhý, tak je v příloze jako soubor...

pustil jsem FB a zatím ticho po pěšině. uvidíme, jestli se to třeba zase nerozjede.
zatím tedy děkuji moc

Re: vir na facebooku - private video xxx

Napsal: 28 črc 2014 19:20
od Rudy
Vše bylo smazáno. Doufám, že bude vše v pořádku. Zatím není zač! :)

Re: vir na facebooku - private video xxx

Napsal: 19 lis 2014 17:48
od michaelaa
Dobrý den, mám Windows 8.1 a nemám poznámkový blok ani microsoft office, nějaká rada jak se viru zbavit s tímto operačním systémem?

Re: vir na facebooku - private video xxx

Napsal: 19 lis 2014 17:52
od Rudy
2michaelaa: Založe si, prosím, vlastní topic. Děkuejeme.

Re: vir na facebooku - private video xxx

Napsal: 31 říj 2017 14:23
od Zdeněk Dildo
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
Ran by IdeaCentre (ATTENTION: The user is not administrator) on DESKTOP-QED2288 (31-10-2017 14:03:56)
Running from C:\Users\TEMP.DESKTOP-QED2288.000\Downloads
Loaded Profiles: IdeaCentre (Available Profiles: defaultuser0 & IdeaCentre & Administrator)
Platform: Windows 10 Home Version 1607 14393.1770 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> dwm.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> igfxCUIService.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> armsvc.exe
Failed to access process -> ekrn.exe
Failed to access process -> svchost.exe
Failed to access process -> TeamViewer_Service.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> dasHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki120841.inf_amd64_5761f79d1981e5da\igfxEM.exe
Failed to access process -> tv_w32.exe
Failed to access process -> tv_x64.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> svchost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
Failed to access process -> BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Failed to access process -> SearchProtocolHost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
Startup: C:\Users\IdeaCentre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-07-03]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Facebook\Games\FacebookGameroom.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0f871bc6-cffd-4172-8735-225ee4b6883f}: [DhcpNameServer] 192.168.3.3 89.203.139.130 89.203.139.131
Tcpip\..\Interfaces\{1d7e3ee1-3abb-420f-a7f4-e420c94f3508}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default [2017-10-31]
CHR Extension: (Prezentace) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Dokumenty) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
CHR Extension: (Disk Google) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-31]
CHR Extension: (YouTube) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-31]
CHR Extension: (Tabulky) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-31]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-31]
CHR Extension: (Gmail) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-31]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [51872 2016-05-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1648224 2016-05-24] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [193696 2016-05-24] (ESET)
R3 lmhosts; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R3 lmhosts; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-08-08] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [264864 2016-05-23] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [196768 2016-05-23] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [180384 2016-05-23] (ESET)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 pelmouse; C:\Windows\system32\DRIVERS\pelmouse.sys [23040 2015-12-17] (TPMX Electronics Ltd.)
S3 pelusblf; C:\Windows\system32\DRIVERS\pelusblf.sys [35328 2015-12-22] (TPMX Electronics Ltd.)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [338952 2016-07-20] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [607512 2015-07-09] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [5144064 2016-07-16] (Realtek Semiconductor Corporation )
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-31 14:03 - 2017-10-31 14:04 - 000012512 _____ C:\Users\TEMP.DESKTOP-QED2288.000\Downloads\FRST.txt
2017-10-31 14:00 - 2017-10-31 14:03 - 000000000 ____D C:\FRST
2017-10-31 13:58 - 2017-10-31 13:58 - 002403328 _____ (Farbar) C:\Users\TEMP.DESKTOP-QED2288.000\Downloads\FRST64.exe
2017-10-31 13:55 - 2017-10-31 13:55 - 000002762 _____ C:\Users\TEMP.DESKTOP-QED2288.000\Desktop\flixlist.txt
2017-10-31 13:40 - 2017-10-31 13:40 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\MicrosoftEdge
2017-10-31 13:19 - 2017-10-31 13:21 - 000002444 _____ C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-31 13:19 - 2017-10-31 13:21 - 000000000 ___RD C:\Users\TEMP.DESKTOP-QED2288.000\OneDrive
2017-10-31 13:19 - 2017-10-31 13:19 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\NetworkTiles
2017-10-31 13:18 - 2017-10-31 13:18 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\ControlCenter4
2017-10-31 13:17 - 2017-10-31 13:27 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Google
2017-10-31 13:17 - 2017-10-31 13:19 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Packages
2017-10-31 13:17 - 2017-10-31 13:19 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000
2017-10-31 13:17 - 2017-10-31 13:18 - 000002332 _____ C:\Users\TEMP.DESKTOP-QED2288.000\Desktop\Google Chrome.lnk
2017-10-31 13:17 - 2017-10-31 13:18 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\ConnectedDevicesPlatform
2017-10-31 13:17 - 2017-10-31 13:17 - 000001410 _____ C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aktualizace a nastavení ochrany osobních údajů.lnk
2017-10-31 13:17 - 2017-10-31 13:17 - 000000020 ___SH C:\Users\TEMP.DESKTOP-QED2288.000\ntuser.ini
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Šablony
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Soubory cookie
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Poslední
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Okolní tiskárny
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Okolní síť
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Nabídka Start
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Dokumenty
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Documents\Obrázky
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Documents\Hudba
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Documents\Filmy
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\Data aplikací
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 _SHDL C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\Data aplikací
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Roaming\Adobe
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\VirtualStore
2017-10-31 13:17 - 2017-10-31 13:17 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288.000\AppData\Local\TileDataLayer
2017-10-27 12:36 - 2017-10-27 13:18 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288\AppData\Local\Comms
2017-10-27 07:27 - 2017-10-27 13:18 - 000000000 ____D C:\Users\TEMP.DESKTOP-QED2288
2017-10-27 07:25 - 2017-10-27 07:27 - 000000000 ____D C:\Users\TEMP
2017-10-26 08:52 - 2017-10-26 08:52 - 000000000 __SHD C:\found.000
2017-10-18 14:57 - 2017-10-18 14:57 - 000137888 _____ (Spotify Ltd) C:\Users\IdeaCentre\Downloads\spotify.exe
2017-10-12 13:51 - 2017-09-18 03:59 - 000341344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-10-12 13:51 - 2017-09-18 03:52 - 001845512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2017-10-12 13:51 - 2017-09-18 03:52 - 001277856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2017-10-12 13:51 - 2017-09-18 03:29 - 000184320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserMgrProxy.dll
2017-10-12 13:51 - 2017-09-18 03:28 - 000237056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncSettings.dll
2017-10-12 13:51 - 2017-09-18 03:27 - 004615168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000431616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000298496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000284672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2017-10-12 13:51 - 2017-09-18 03:26 - 000125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2017-10-12 13:51 - 2017-09-18 03:24 - 000819200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2017-10-12 13:51 - 2017-09-18 03:23 - 000857600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EmailApis.dll
2017-10-12 13:51 - 2017-09-18 03:23 - 000297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-10-12 13:51 - 2017-09-18 03:23 - 000238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AboveLockAppHost.dll
2017-10-12 13:51 - 2017-09-18 03:20 - 002641920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-10-12 13:51 - 2017-09-18 03:17 - 000641024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 002740224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 001556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 001170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2017-10-12 13:51 - 2017-09-18 03:14 - 000675840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.dll
2017-10-12 13:51 - 2017-09-18 03:13 - 001013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2017-10-12 13:51 - 2017-09-18 03:13 - 000773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-10-12 13:51 - 2017-09-18 03:13 - 000751104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-10-12 13:51 - 2017-09-18 03:13 - 000598528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.dll
2017-10-12 13:51 - 2017-09-18 03:13 - 000589312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2017-10-12 13:51 - 2017-09-14 23:31 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2017-10-12 13:51 - 2017-09-14 23:30 - 000098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-12 13:51 - 2017-03-04 07:24 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-10-12 13:51 - 2017-03-04 07:23 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataAccountApis.dll
2017-10-12 13:51 - 2017-03-04 07:00 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2017-10-12 13:51 - 2017-03-04 07:00 - 000711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2017-10-12 13:50 - 2017-09-18 04:27 - 000218976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\offlinesam.dll
2017-10-12 13:50 - 2017-09-18 04:09 - 002213760 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-10-12 13:50 - 2017-09-18 04:09 - 000133984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-10-12 13:50 - 2017-09-18 04:08 - 000998920 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-10-12 13:50 - 2017-09-18 04:05 - 001177688 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-10-12 13:50 - 2017-09-18 04:05 - 000497424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2017-10-12 13:50 - 2017-09-18 04:05 - 000172536 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-10-12 13:50 - 2017-09-18 04:04 - 001706488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-10-12 13:50 - 2017-09-18 04:04 - 000918304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2017-10-12 13:50 - 2017-09-18 04:03 - 000791272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-10-12 13:50 - 2017-09-18 04:02 - 007213464 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2017-10-12 13:50 - 2017-09-18 04:02 - 001860288 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2017-10-12 13:50 - 2017-09-18 04:01 - 000431456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2017-10-12 13:50 - 2017-09-18 04:01 - 000223072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-10-12 13:50 - 2017-09-18 04:00 - 001072248 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 022220864 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 008173672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 004260072 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 001983408 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-10-12 13:50 - 2017-09-18 03:59 - 001702392 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-10-12 13:50 - 2017-09-18 03:56 - 000057408 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-10-12 13:50 - 2017-09-18 03:55 - 005722320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2017-10-12 13:50 - 2017-09-18 03:55 - 001431240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2017-10-12 13:50 - 2017-09-18 03:54 - 001980768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 020967840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 006672680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 004023560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 001360464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetsrc.dll
2017-10-12 13:50 - 2017-09-18 03:52 - 000981888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2017-10-12 13:50 - 2017-09-18 03:51 - 000178016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2017-10-12 13:50 - 2017-09-18 03:49 - 001435896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2017-10-12 13:50 - 2017-09-18 03:49 - 001412128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2017-10-12 13:50 - 2017-09-18 03:49 - 001260784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2017-10-12 13:50 - 2017-09-18 03:48 - 000117792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-10-12 13:50 - 2017-09-18 03:35 - 000372736 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2017-10-12 13:50 - 2017-09-18 03:34 - 000095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDataTimeUtil.dll
2017-10-12 13:50 - 2017-09-18 03:33 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2017-10-12 13:50 - 2017-09-18 03:33 - 000119808 _____ (Microsoft Corporation) C:\Windows\system32\UserDataTimeUtil.dll
2017-10-12 13:50 - 2017-09-18 03:32 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BasicRender.sys
2017-10-12 13:50 - 2017-09-18 03:32 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-10-12 13:50 - 2017-09-18 03:31 - 006288384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-10-12 13:50 - 2017-09-18 03:31 - 000519168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ngccredprov.dll
2017-10-12 13:50 - 2017-09-18 03:31 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2017-10-12 13:50 - 2017-09-18 03:31 - 000156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserDeviceRegistration.dll
2017-10-12 13:50 - 2017-09-18 03:31 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-10-12 13:50 - 2017-09-18 03:30 - 000232448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2017-10-12 13:50 - 2017-09-18 03:30 - 000147456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VCardParser.dll
2017-10-12 13:50 - 2017-09-18 03:29 - 000411136 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2017-10-12 13:50 - 2017-09-18 03:29 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\VCardParser.dll
2017-10-12 13:50 - 2017-09-18 03:28 - 000536064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2017-10-12 13:50 - 2017-09-18 03:28 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsreg.dll
2017-10-12 13:50 - 2017-09-18 03:28 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\AppointmentActivation.dll
2017-10-12 13:50 - 2017-09-18 03:28 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2017-10-12 13:50 - 2017-09-18 03:27 - 000719872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2017-10-12 13:50 - 2017-09-18 03:27 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2017-10-12 13:50 - 2017-09-18 03:27 - 000590336 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2017-10-12 13:50 - 2017-09-18 03:27 - 000463360 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2017-10-12 13:50 - 2017-09-18 03:27 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-10-12 13:50 - 2017-09-18 03:27 - 000295424 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-10-12 13:50 - 2017-09-18 03:26 - 000805888 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-10-12 13:50 - 2017-09-18 03:26 - 000384000 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2017-10-12 13:50 - 2017-09-18 03:26 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2017-10-12 13:50 - 2017-09-18 03:26 - 000283136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-10-12 13:50 - 2017-09-18 03:26 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2017-10-12 13:50 - 2017-09-18 03:25 - 002333184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2017-10-12 13:50 - 2017-09-18 03:25 - 000461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2017-10-12 13:50 - 2017-09-18 03:24 - 013107712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-10-12 13:50 - 2017-09-18 03:24 - 007626240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2017-10-12 13:50 - 2017-09-18 03:24 - 000755200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-10-12 13:50 - 2017-09-18 03:24 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-10-12 13:50 - 2017-09-18 03:24 - 000409600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-10-12 13:50 - 2017-09-18 03:23 - 000816640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NaturalLanguage6.dll
2017-10-12 13:50 - 2017-09-18 03:23 - 000636928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2017-10-12 13:50 - 2017-09-18 03:23 - 000442368 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll
2017-10-12 13:50 - 2017-09-18 03:23 - 000287744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2017-10-12 13:50 - 2017-09-18 03:22 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_fs.dll
2017-10-12 13:50 - 2017-09-18 03:22 - 001137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsp_health.dll
2017-10-12 13:50 - 2017-09-18 03:21 - 018364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2017-10-12 13:50 - 2017-09-18 03:20 - 023677952 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-10-12 13:50 - 2017-09-18 03:20 - 019414016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-10-12 13:50 - 2017-09-18 03:20 - 000343040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll
2017-10-12 13:50 - 2017-09-18 03:20 - 000284160 _____ (Microsoft Corporation) C:\Windows\system32\AboveLockAppHost.dll
2017-10-12 13:50 - 2017-09-18 03:19 - 002750976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2017-10-12 13:50 - 2017-09-18 03:19 - 000549376 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-10-12 13:50 - 2017-09-18 03:19 - 000303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2017-10-12 13:50 - 2017-09-18 03:19 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 012204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 008114688 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 008077312 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 007470592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 001145344 _____ (Microsoft Corporation) C:\Windows\system32\EmailApis.dll
2017-10-12 13:50 - 2017-09-18 03:18 - 000330752 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2017-10-12 13:50 - 2017-09-18 03:17 - 003401216 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-10-12 13:50 - 2017-09-18 03:17 - 001783296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-10-12 13:50 - 2017-09-18 03:16 - 004743168 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-10-12 13:50 - 2017-09-18 03:16 - 004596224 _____ (Microsoft Corporation) C:\Windows\system32\xpsrchvw.exe
2017-10-12 13:50 - 2017-09-18 03:16 - 003520512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsrchvw.exe
2017-10-12 13:50 - 2017-09-18 03:15 - 006065152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2017-10-12 13:50 - 2017-09-18 03:15 - 002800128 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2017-10-12 13:50 - 2017-09-18 03:15 - 002538496 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-10-12 13:50 - 2017-09-18 03:15 - 002370048 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2017-10-12 13:50 - 2017-09-18 03:15 - 000701952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Connectivity.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 006474752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspaint.exe
2017-10-12 13:50 - 2017-09-18 03:14 - 003663360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 002997760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2017-10-12 13:50 - 2017-09-18 03:14 - 002682880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netshell.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 002649600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 002483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 001599488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 001518080 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-10-12 13:50 - 2017-09-18 03:14 - 000983552 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000908800 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000903680 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-10-12 13:50 - 2017-09-18 03:14 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000657408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000542208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.Connectivity.dll
2017-10-12 13:50 - 2017-09-18 03:14 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-10-12 13:50 - 2017-09-18 03:13 - 000886272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aadtb.dll
2017-10-12 13:50 - 2017-09-18 03:13 - 000164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2017-10-12 13:50 - 2017-09-18 03:12 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2017-10-12 13:50 - 2017-09-18 03:12 - 000532992 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2017-10-12 13:50 - 2017-09-18 03:12 - 000439296 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2017-10-12 13:50 - 2017-09-18 03:11 - 000783360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2017-10-12 13:50 - 2017-09-18 03:11 - 000450048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2017-10-12 13:50 - 2017-09-15 00:05 - 001302136 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-10-12 13:50 - 2017-09-14 23:59 - 000096064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2017-10-12 13:50 - 2017-09-14 23:52 - 000136032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CloudExperienceHostUser.dll
2017-10-12 13:50 - 2017-09-14 23:49 - 001202936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2017-10-12 13:50 - 2017-09-14 23:34 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2017-10-12 13:50 - 2017-09-14 23:32 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\CertEnrollUI.dll
2017-10-12 13:50 - 2017-09-14 23:32 - 000127488 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnrollUI.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000194560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWB7.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2017-10-12 13:50 - 2017-09-14 23:30 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput8.dll
2017-10-12 13:50 - 2017-09-14 23:28 - 000311296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-10-12 13:50 - 2017-09-14 23:28 - 000136192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dinput.dll
2017-10-12 13:50 - 2017-09-14 23:27 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2017-10-12 13:50 - 2017-09-14 23:26 - 001167360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2017-10-12 13:50 - 2017-09-14 23:26 - 000636928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2017-10-12 13:50 - 2017-09-14 23:26 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certreq.exe
2017-10-12 13:50 - 2017-09-14 23:25 - 000529920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2017-10-12 13:50 - 2017-09-14 23:22 - 000987648 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2017-10-12 13:50 - 2017-09-14 23:18 - 003299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2017-10-12 13:50 - 2017-09-14 23:18 - 000273920 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
2017-10-12 13:50 - 2017-09-14 23:16 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2017-10-12 13:50 - 2017-09-14 23:15 - 003106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2017-10-12 13:50 - 2017-09-14 03:04 - 000640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswstr10.dll
2017-10-12 13:50 - 2017-09-14 03:04 - 000345088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2017-10-12 13:50 - 2017-09-14 03:04 - 000008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjint40.dll
2017-10-12 13:50 - 2017-03-04 07:28 - 000224256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExSMime.dll
2017-10-12 13:50 - 2017-03-04 07:25 - 000748544 _____ (Microsoft Corporation) C:\Windows\system32\ChatApis.dll
2017-10-12 13:50 - 2017-03-04 07:23 - 001184256 _____ (Microsoft Corporation) C:\Windows\system32\Unistore.dll
2017-10-12 13:50 - 2017-03-04 07:18 - 000567808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ChatApis.dll
2017-10-12 13:50 - 2017-03-04 07:16 - 000368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2017-10-12 13:50 - 2016-08-27 06:12 - 000244816 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2017-10-12 13:50 - 2016-08-02 09:13 - 001081856 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-10-12 13:49 - 2017-09-18 04:17 - 001564512 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-10-12 13:49 - 2017-09-18 04:17 - 000245600 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2017-10-12 13:49 - 2017-09-18 04:17 - 000136032 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-10-12 13:49 - 2017-09-18 04:09 - 007780192 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-10-12 13:49 - 2017-09-18 04:09 - 000646688 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2017-10-12 13:49 - 2017-09-18 04:08 - 002253664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-10-12 13:49 - 2017-09-18 04:05 - 000168800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-10-12 13:49 - 2017-09-18 04:04 - 000404832 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-10-12 13:49 - 2017-09-18 04:01 - 002446704 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2017-10-12 13:49 - 2017-09-18 04:01 - 000624048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-10-12 13:49 - 2017-09-18 03:59 - 000241504 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-10-12 13:49 - 2017-09-18 03:58 - 001600632 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-10-12 13:49 - 2017-09-18 03:58 - 000206688 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2017-10-12 13:49 - 2017-09-18 03:57 - 001566552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2017-10-12 13:49 - 2017-09-18 03:57 - 001460696 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2017-10-12 13:49 - 2017-09-18 03:57 - 001415712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2017-10-12 13:49 - 2017-09-18 03:36 - 022570496 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-10-12 13:49 - 2017-09-18 03:33 - 000057856 _____ (Microsoft Corporation) C:\Windows\system32\TransliterationRanker.dll
2017-10-12 13:49 - 2017-09-18 03:32 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-10-12 13:49 - 2017-09-18 03:32 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\jpninputrouter.dll
2017-10-12 13:49 - 2017-09-18 03:32 - 000054272 _____ (Microsoft Corporation) C:\Windows\system32\EmojiDS.dll
2017-10-12 13:49 - 2017-09-18 03:31 - 000069120 _____ (Microsoft Corporation) C:\Windows\system32\RuleBasedDS.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\jpnranker.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000257536 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000196096 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000174592 _____ C:\Windows\system32\IHDS.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000131584 _____ (Microsoft Corporation) C:\Windows\system32\VocabRoamingHandler.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000117760 _____ (Microsoft Corporation) C:\Windows\system32\StaticDictDS.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000101888 _____ (Microsoft Corporation) C:\Windows\system32\UserDeviceRegistration.Ngc.dll
2017-10-12 13:49 - 2017-09-18 03:30 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\chxranker.dll
2017-10-12 13:49 - 2017-09-18 03:29 - 009129984 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2017-10-12 13:49 - 2017-09-18 03:29 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\ChsStrokeDS.dll
2017-10-12 13:49 - 2017-09-18 03:29 - 000231424 _____ (Microsoft Corporation) C:\Windows\system32\shutdownux.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\ChtHkStrokeDS.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000335872 _____ (Microsoft Corporation) C:\Windows\system32\ChsPinyinRanker.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000290816 _____ (Microsoft Corporation) C:\Windows\system32\MtfDecoder.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-10-12 13:49 - 2017-09-18 03:28 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000626176 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000497152 _____ (Microsoft Corporation) C:\Windows\system32\ChxAPDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000480768 _____ (Microsoft Corporation) C:\Windows\system32\msimeChsPinyinMainDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\ChxHAPDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000422400 _____ (Microsoft Corporation) C:\Windows\system32\ChtCangjieDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000410624 _____ (Microsoft Corporation) C:\Windows\system32\ChtQuickDS.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000407552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000336384 _____ (Microsoft Corporation) C:\Windows\system32\jpndecoder.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000329728 _____ (Microsoft Corporation) C:\Windows\system32\chxinputrouter.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000326656 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000310784 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000268800 _____ (Microsoft Corporation) C:\Windows\system32\UserMgrProxy.dll
2017-10-12 13:49 - 2017-09-18 03:27 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 002716672 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 000686592 _____ (Microsoft Corporation) C:\Windows\system32\dsregcmd.exe
2017-10-12 13:49 - 2017-09-18 03:26 - 000562176 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 000481792 _____ (Microsoft Corporation) C:\Windows\system32\dsreg.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 000396800 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2017-10-12 13:49 - 2017-09-18 03:26 - 000176128 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2017-10-12 13:49 - 2017-09-18 03:25 - 001914368 _____ (Microsoft Corporation) C:\Windows\system32\wsp_fs.dll
2017-10-12 13:49 - 2017-09-18 03:25 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-10-12 13:49 - 2017-09-18 03:25 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2017-10-12 13:49 - 2017-09-18 03:25 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\RjvMDMConfig.dll
2017-10-12 13:49 - 2017-09-18 03:24 - 002103808 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2017-10-12 13:49 - 2017-09-18 03:24 - 001589760 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2017-10-12 13:49 - 2017-09-18 03:24 - 001584640 _____ (Microsoft Corporation) C:\Windows\system32\wsp_health.dll
2017-10-12 13:49 - 2017-09-18 03:22 - 004749824 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-10-12 13:49 - 2017-09-18 03:22 - 003291648 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2017-10-12 13:49 - 2017-09-18 03:22 - 000883712 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-10-12 13:49 - 2017-09-18 03:22 - 000352256 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2017-10-12 13:49 - 2017-09-18 03:22 - 000198144 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-10-12 13:49 - 2017-09-18 03:20 - 000937984 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-10-12 13:49 - 2017-09-18 03:19 - 001060352 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2017-10-12 13:49 - 2017-09-18 03:19 - 000519168 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2017-10-12 13:49 - 2017-09-18 03:18 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2017-10-12 13:49 - 2017-09-18 03:18 - 000956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2017-10-12 13:49 - 2017-09-18 03:18 - 000932864 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-10-12 13:49 - 2017-09-18 03:17 - 002279424 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2017-10-12 13:49 - 2017-09-18 03:16 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 003202048 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 002919936 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 001692160 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 001282048 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 001231360 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-10-12 13:49 - 2017-09-18 03:15 - 000893952 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 003615744 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-10-12 13:49 - 2017-09-18 03:14 - 002897408 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 002321408 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 001328640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 001040896 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000971264 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000913920 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000774656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.dll
2017-10-12 13:49 - 2017-09-18 03:14 - 000650752 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2017-10-12 13:49 - 2017-09-18 03:13 - 001726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2017-10-12 13:49 - 2017-09-18 03:13 - 001121280 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-10-12 13:49 - 2017-09-18 03:13 - 000924672 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2017-10-12 13:49 - 2017-09-18 03:13 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2017-10-12 13:49 - 2017-09-18 03:11 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\trie.dll
2017-10-12 13:49 - 2017-09-18 03:11 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\MTFFuzzyDS.dll
2017-10-12 13:49 - 2017-09-18 03:11 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\MTFSpellcheckDS.dll
2017-10-12 13:49 - 2017-09-15 00:14 - 000119328 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2017-10-12 13:49 - 2017-09-14 23:32 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\MSWB7.dll
2017-10-12 13:49 - 2017-09-14 23:32 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\dinput8.dll
2017-10-12 13:49 - 2017-09-14 23:32 - 000162304 _____ (Microsoft Corporation) C:\Windows\system32\dinput.dll
2017-10-12 13:49 - 2017-09-14 23:31 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2017-10-12 13:49 - 2017-09-14 23:31 - 000280576 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2017-10-12 13:49 - 2017-09-14 23:29 - 000352256 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-10-12 13:49 - 2017-09-14 23:25 - 000821248 _____ (Microsoft Corporation) C:\Windows\system32\comuid.dll
2017-10-12 13:49 - 2017-09-14 23:24 - 000981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2017-10-12 13:49 - 2017-09-14 23:24 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\certreq.exe
2017-10-12 13:49 - 2017-09-14 23:23 - 000560128 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2017-10-12 13:49 - 2017-09-14 23:22 - 000820736 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2017-10-12 13:49 - 2017-09-14 23:22 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2017-10-12 13:49 - 2017-09-14 23:20 - 002852864 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-10-12 13:49 - 2017-09-14 23:19 - 001421824 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2017-10-12 13:49 - 2017-09-14 23:19 - 000928256 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2017-10-12 13:49 - 2017-03-04 08:10 - 000360040 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2017-10-12 13:49 - 2017-03-04 07:11 - 001643008 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2017-10-12 13:49 - 2017-03-04 07:07 - 001064448 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-10-12 13:49 - 2016-08-06 05:16 - 000026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-10-11 12:50 - 2017-10-11 12:50 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-05 15:23 - 2017-10-05 15:23 - 000000000 ____D C:\Users\IdeaCentre\Downloads\Nová složka
2017-10-04 12:21 - 2017-10-04 12:21 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-10-31 13:30 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\AppReadiness
2017-10-31 13:22 - 2016-11-01 16:31 - 002760644 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-31 13:22 - 2016-07-16 23:25 - 001122760 _____ C:\Windows\system32\perfh005.dat
2017-10-31 13:22 - 2016-07-16 23:25 - 000295186 _____ C:\Windows\system32\perfc005.dat
2017-10-31 13:17 - 2016-11-01 16:39 - 000000000 __SHD C:\Users\IdeaCentre\IntelGraphicsProfiles
2017-10-31 13:17 - 2016-11-01 16:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-31 13:16 - 2016-11-01 23:17 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-31 13:16 - 2016-11-01 23:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2017-10-30 14:33 - 2016-07-16 12:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-30 13:31 - 2017-09-15 13:15 - 000000737 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2017-10-27 07:38 - 2016-07-16 12:45 - 000000000 ____D C:\Windows\INF
2017-10-27 07:28 - 2017-09-29 12:09 - 000000000 ____D C:\Program Files\rempl
2017-10-20 12:58 - 2016-11-01 16:31 - 000002402 _____ C:\Users\IdeaCentre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-10-20 12:58 - 2016-11-01 16:31 - 000000000 ___RD C:\Users\IdeaCentre\OneDrive
2017-10-18 15:28 - 2016-11-01 16:27 - 000000000 ____D C:\Users\IdeaCentre
2017-10-18 13:04 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\rescache
2017-10-18 12:06 - 2016-07-16 12:36 - 000000000 ____D C:\Windows\CbsTemp
2017-10-16 15:10 - 2016-11-01 23:16 - 000332304 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-12 23:27 - 2016-07-16 12:49 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-12 23:27 - 2016-07-16 12:49 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-12 16:49 - 2016-07-16 12:47 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2017-10-12 16:49 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\system32\oobe
2017-10-12 16:49 - 2016-07-16 12:47 - 000000000 ____D C:\Windows\ShellExperiences
2017-10-11 12:53 - 2016-11-01 16:58 - 000000000 ____D C:\Windows\system32\MRT
2017-10-11 12:50 - 2016-11-01 16:58 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2016-11-01 16:35 - 2016-11-01 16:35 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


ATTENTION: ==> Could not access BCD. The user is not administrator

==================== End of FRST.txt ============================

Re: vir na facebooku - private video xxx

Napsal: 31 říj 2017 19:52
od Rudy
Zdravím!
2 Zdeněk Dildo : Založte si, prosím, vlastní topic. Děkujeme.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz