adwcleaner nenašiel nič
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2017
Ran by saullerist (administrator) on DESKTOP-3SMP07F (26-11-2017 21:39:36)
Running from C:\Users\saullerist\Desktop
Loaded Profiles: saullerist (Available Profiles: saullerist)
Platform: Windows 10 Home Version 1709 16299.64 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40417680 2017-11-01] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0520d228-ccde-4c26-a96a-32568f7bf116}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4d2b95be-ee9d-4b3b-ba55-e94ab2dcb990}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7dda2a22-69b8-442b-b32c-848a9ce16964}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c350c31-a517-4621-881b-07041814f7fe}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1796023744-1759536030-3900380101-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-11-14] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-11-01] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1796023744-1759536030-3900380101-1002 -> hxxp://www.google.sk/
FireFox:
========
FF DefaultProfile: 7hpj6u6r.default-1494430344668
FF ProfilePath: C:\Users\saullerist\AppData\Roaming\Mozilla\Firefox\Profiles\7hpj6u6r.default-1494430344668 [2017-11-26]
FF Homepage: Mozilla\Firefox\Profiles\7hpj6u6r.default-1494430344668 -> hxxps://www.google.sk/?gws_rd=ssl
FF Extension: (Disable Media WMF NV12 format) - C:\Users\saullerist\AppData\Roaming\Mozilla\Firefox\Profiles\7hpj6u6r.default-1494430344668\features\{667532c7-74ba-4261-9897-df2ee2458f8b}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-23] [Lagacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-11-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-11-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-11-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-11-26]
CHR Extension: (Prezentácie) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Magio GO) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-06-22]
CHR Extension: (Dokumenty) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Disk Google) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-17]
CHR Extension: (YouTube) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-17]
CHR Extension: (Tabuľky) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-18]
CHR HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [anoiechkjklgabdfompidjolhpfdpjdd] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7737512 2017-10-26] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 a016bus; C:\WINDOWS\System32\drivers\a016bus.sys [109096 2008-01-18] (MCCI Corporation)
S3 a016mgmt; C:\WINDOWS\System32\drivers\a016mgmt.sys [130600 2008-01-18] (MCCI Corporation)
S3 a016obex; C:\WINDOWS\System32\drivers\a016obex.sys [125480 2008-01-18] (MCCI Corporation)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [223232 2015-05-07] (Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2015-05-07] (Huawei Technologies Co., Ltd.)
S3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [143904 2015-11-05] (Zemana Ltd.)
R1 MpKsl12ebda8d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F80497A6-3A38-43EF-A952-619B61DFBC30}\MpKsl12ebda8d.sys [58120 2017-11-26] (Microsoft Corporation)
S3 s0016bus; C:\WINDOWS\System32\drivers\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\WINDOWS\System32\drivers\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\WINDOWS\System32\drivers\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\WINDOWS\System32\drivers\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\WINDOWS\System32\drivers\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\WINDOWS\System32\drivers\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\WINDOWS\System32\drivers\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\WINDOWS\System32\drivers\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 s1018bus; C:\WINDOWS\System32\drivers\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\WINDOWS\System32\drivers\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\WINDOWS\System32\drivers\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\WINDOWS\System32\drivers\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 s1029bus; C:\WINDOWS\System32\drivers\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\WINDOWS\System32\drivers\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\WINDOWS\System32\drivers\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\WINDOWS\System32\drivers\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
S3 s1039mgmt; C:\WINDOWS\System32\drivers\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\WINDOWS\System32\drivers\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\WINDOWS\System32\drivers\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 s916bus; C:\WINDOWS\System32\drivers\s916bus.sys [108072 2007-11-02] (MCCI Corporation)
S3 s916mgmt; C:\WINDOWS\System32\drivers\s916mgmt.sys [130088 2007-11-02] (MCCI Corporation)
S3 s916obex; C:\WINDOWS\System32\drivers\s916obex.sys [124968 2007-11-02] (MCCI Corporation)
S3 se3ebus; C:\WINDOWS\System32\drivers\se3ebus.sys [107784 2007-04-10] (MCCI Corporation)
S3 se3emgmt; C:\WINDOWS\System32\drivers\se3emgmt.sys [126216 2007-04-10] (MCCI Corporation)
S3 se3eobex; C:\WINDOWS\System32\drivers\se3eobex.sys [123144 2007-04-10] (MCCI Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [42184 2015-06-12] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [51392 2016-11-23] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-10-07] (Toshiba Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-26 21:38 - 2017-11-26 21:39 - 000026591 _____ C:\Users\saullerist\Desktop\Addition.txt
2017-11-26 21:36 - 2017-11-26 21:39 - 000014645 _____ C:\Users\saullerist\Desktop\FRST.txt
2017-11-26 21:36 - 2017-11-26 21:39 - 000000000 ____D C:\FRST
2017-11-26 21:33 - 2017-11-26 21:33 - 002392576 _____ (Farbar) C:\Users\saullerist\Desktop\FRST64.exe
2017-11-26 18:58 - 2017-11-26 19:00 - 008261584 _____ (Malwarebytes) C:\Users\saullerist\Desktop\adwcleaner_7.0.4.0.exe
2017-11-15 16:22 - 2017-11-15 16:22 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-15 10:27 - 2017-11-15 10:27 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-15 10:27 - 2017-11-15 10:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-15 10:27 - 2017-11-15 10:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-14 21:13 - 2017-10-25 10:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-14 21:13 - 2017-10-25 10:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-14 21:13 - 2017-10-25 10:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-14 21:13 - 2017-10-25 09:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-14 21:13 - 2017-10-25 05:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-14 21:13 - 2017-10-25 05:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-14 21:13 - 2017-10-25 05:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-14 21:13 - 2017-10-25 05:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-14 21:13 - 2017-10-25 05:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-14 21:13 - 2017-10-25 05:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-14 21:13 - 2017-10-25 05:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-14 21:13 - 2017-10-25 05:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-14 21:13 - 2017-10-25 05:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-14 21:13 - 2017-10-25 05:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-14 21:13 - 2017-10-25 04:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-14 21:13 - 2017-10-25 04:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-14 21:13 - 2017-10-25 04:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-14 21:13 - 2017-10-25 04:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-14 21:13 - 2017-10-25 04:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-14 21:13 - 2017-10-25 04:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-14 21:13 - 2017-10-25 04:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-14 21:13 - 2017-10-25 04:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-14 21:13 - 2017-10-25 04:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-14 21:13 - 2017-10-25 04:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-14 21:13 - 2017-10-25 04:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-14 21:13 - 2017-10-25 04:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-14 21:13 - 2017-10-25 04:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-14 21:13 - 2017-10-25 04:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-14 21:13 - 2017-10-25 04:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-14 21:13 - 2017-10-25 04:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-14 21:13 - 2017-10-25 04:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-11-14 21:13 - 2017-10-25 04:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-14 21:13 - 2017-10-25 04:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-14 21:13 - 2017-10-25 04:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-14 21:13 - 2017-10-25 04:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-14 21:13 - 2017-10-25 04:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-14 21:13 - 2017-10-25 04:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-14 21:13 - 2017-10-25 04:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-14 21:13 - 2017-10-25 04:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-14 21:13 - 2017-10-25 04:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-14 21:13 - 2017-10-25 04:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-14 21:13 - 2017-10-25 04:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-14 21:13 - 2017-10-25 03:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-14 21:13 - 2017-10-25 03:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-14 21:13 - 2017-10-25 03:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-14 21:13 - 2017-10-21 13:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-14 21:13 - 2017-10-20 15:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-14 21:13 - 2017-10-20 06:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-14 21:12 - 2017-10-25 09:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-14 21:12 - 2017-10-25 09:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-14 21:12 - 2017-10-25 07:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-14 21:12 - 2017-10-25 05:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-14 21:12 - 2017-10-25 05:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-14 21:12 - 2017-10-25 05:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-14 21:12 - 2017-10-25 05:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-14 21:12 - 2017-10-25 05:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-14 21:12 - 2017-10-25 05:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-14 21:12 - 2017-10-25 05:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-14 21:12 - 2017-10-25 05:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-14 21:12 - 2017-10-25 05:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-14 21:12 - 2017-10-25 05:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-14 21:12 - 2017-10-25 05:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-14 21:12 - 2017-10-25 05:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-14 21:12 - 2017-10-25 05:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-14 21:12 - 2017-10-25 05:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-14 21:12 - 2017-10-25 05:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-14 21:12 - 2017-10-25 05:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-11-14 21:12 - 2017-10-25 05:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-14 21:12 - 2017-10-25 05:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-14 21:12 - 2017-10-25 05:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-14 21:12 - 2017-10-25 05:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-11-14 21:12 - 2017-10-25 05:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-14 21:12 - 2017-10-25 04:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-14 21:12 - 2017-10-25 04:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-14 21:12 - 2017-10-25 04:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-14 21:12 - 2017-10-25 04:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-14 21:12 - 2017-10-25 04:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-14 21:12 - 2017-10-25 04:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-14 21:12 - 2017-10-25 04:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-14 21:12 - 2017-10-25 04:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-14 21:12 - 2017-10-25 04:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-14 21:12 - 2017-10-25 04:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-14 21:12 - 2017-10-25 04:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-14 21:12 - 2017-10-25 04:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-14 21:12 - 2017-10-25 04:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-14 21:12 - 2017-10-25 04:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-14 21:12 - 2017-10-25 04:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-14 21:12 - 2017-10-25 04:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-14 21:12 - 2017-10-25 04:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-14 21:12 - 2017-10-25 04:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-14 21:12 - 2017-10-25 04:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-14 21:12 - 2017-10-25 04:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-14 21:12 - 2017-10-25 04:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-14 21:12 - 2017-10-25 04:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-14 21:12 - 2017-10-25 04:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-14 21:12 - 2017-10-25 04:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-14 21:12 - 2017-10-25 04:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-14 21:12 - 2017-10-25 04:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-14 21:12 - 2017-10-25 04:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-11-14 21:12 - 2017-10-25 04:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-14 21:12 - 2017-10-25 03:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-11-14 21:12 - 2017-10-25 03:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-14 21:12 - 2017-10-25 03:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-14 21:12 - 2017-10-25 03:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-14 21:12 - 2017-10-25 03:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-14 17:07 - 2017-11-14 17:07 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-11-14 16:43 - 2017-11-14 16:44 - 007146272 _____ (Microsoft Corporation) C:\Setup.X64.sk-sk_O365ProPlusRetail_0f49beac-bf3c-4a67-b295-65d7702f3c42_TX_DB_b_32_.exe
2017-11-10 20:07 - 2017-11-26 19:11 - 000000000 ____D C:\AdwCleaner
2017-11-05 15:29 - 2017-11-05 15:29 - 000042533 _____ C:\Users\saullerist\Desktop\Jeepers.Creepers.3.2017.HDrip.x264-DENiM.srt
2017-11-05 13:37 - 2017-11-05 13:41 - 448307632 _____ C:\Users\saullerist\Desktop\Jeepers.Creepers.3.2017.HDrip.x264-DENiM.mkv
2017-11-01 11:09 - 2017-11-01 11:09 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-26 21:36 - 2016-11-15 19:57 - 000000000 ____D C:\Users\saullerist\AppData\LocalLow\Mozilla
2017-11-26 21:28 - 2017-10-18 09:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-26 16:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-11-26 16:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-26 16:23 - 2017-10-18 09:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-26 16:22 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-11-25 14:05 - 2016-01-12 10:47 - 000000000 ___RD C:\Users\saullerist\Disk Google
2017-11-23 20:45 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-23 11:38 - 2017-10-18 09:41 - 000000000 ____D C:\Users\saullerist\AppData\Local\Packages
2017-11-23 11:38 - 2017-04-01 16:02 - 000000000 ____D C:\Users\saullerist\AppData\Local\PackageStaging
2017-11-21 20:01 - 2016-11-28 16:03 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-16 22:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-11-16 09:35 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-16 09:35 - 2017-06-19 16:37 - 000002291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 18:05 - 2017-10-18 09:35 - 000403728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-15 18:03 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-15 18:01 - 2017-10-18 09:55 - 000003388 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1796023744-1759536030-3900380101-1002
2017-11-15 18:01 - 2016-11-18 17:26 - 000002393 _____ C:\Users\saullerist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-15 18:01 - 2016-01-05 16:06 - 000000000 ___RD C:\Users\saullerist\OneDrive
2017-11-14 22:29 - 2017-10-18 09:55 - 000003454 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-14 22:29 - 2017-10-18 09:55 - 000003330 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-14 21:25 - 2016-11-18 18:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-14 21:16 - 2017-10-10 19:38 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-14 21:16 - 2016-11-28 16:54 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-14 21:15 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-14 17:07 - 2017-08-01 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office 2016
2017-11-14 17:07 - 2016-11-18 19:49 - 000000000 ____D C:\Program Files\Microsoft Office
2017-11-09 21:11 - 2017-10-18 09:54 - 007060704 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-09 21:11 - 2016-11-28 17:10 - 004484666 _____ C:\WINDOWS\system32\perfh01B.dat
2017-11-09 21:11 - 2016-11-28 17:10 - 001336520 _____ C:\WINDOWS\system32\perfc01B.dat
2017-11-08 13:05 - 2017-10-18 09:40 - 000000000 ____D C:\Users\saullerist
2017-11-04 13:42 - 2016-03-22 15:45 - 000000000 ____D C:\Users\saullerist\AppData\LocalLow\Temp
2017-11-04 12:35 - 2017-07-13 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-11-04 02:25 - 2017-09-29 14:49 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-04 02:25 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-01 11:10 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-01 11:09 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-10-29 20:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
==================== Files in the root of some directories =======
2017-07-31 10:22 - 2017-07-31 10:22 - 000029696 _____ () C:\Users\saullerist\AppData\Local\MSGBOX.EXE
2017-10-18 09:16 - 2017-10-23 11:59 - 000007598 _____ () C:\Users\saullerist\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-17 16:50
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
rýchla kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: rýchla kontrola
Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
S3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [143904 2015-11-05] (Zemana Ltd.)
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: rýchla kontrola
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-11-2017 01
Ran by saullerist (27-11-2017 16:13:52) Run:1
Running from C:\Users\saullerist\Desktop
Loaded Profiles: saullerist (Available Profiles: saullerist)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
S3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [143904 2015-11-05] (Zemana Ltd.)
EmptyTemp:
End
*****************
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\System\CurrentControlSet\Services\keycrypt => key removed successfully
keycrypt => service removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25845309 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 3856544 B
Edge => 11776 B
Chrome => 22274138 B
Firefox => 83628059 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 260902 B
saullerist => 198600885 B
RecycleBin => 0 B
EmptyTemp: => 326 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:14:59 ====
Ran by saullerist (27-11-2017 16:13:52) Run:1
Running from C:\Users\saullerist\Desktop
Loaded Profiles: saullerist (Available Profiles: saullerist)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
S3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [143904 2015-11-05] (Zemana Ltd.)
EmptyTemp:
End
*****************
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
HKLM\System\CurrentControlSet\Services\keycrypt => key removed successfully
keycrypt => service removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25845309 B
Java, Flash, Steam htmlcache => 291 B
Windows/system/drivers => 3856544 B
Edge => 11776 B
Chrome => 22274138 B
Firefox => 83628059 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 260902 B
saullerist => 198600885 B
RecycleBin => 0 B
EmptyTemp: => 326 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 16:14:59 ====
Re: rýchla kontrola
pre istotu aj Log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2017 01
Ran by saullerist (administrator) on DESKTOP-3SMP07F (27-11-2017 17:12:31)
Running from C:\Users\saullerist\Desktop
Loaded Profiles: saullerist (Available Profiles: saullerist)
Platform: Windows 10 Home Version 1709 16299.64 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40417680 2017-11-01] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0520d228-ccde-4c26-a96a-32568f7bf116}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4d2b95be-ee9d-4b3b-ba55-e94ab2dcb990}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7dda2a22-69b8-442b-b32c-848a9ce16964}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c350c31-a517-4621-881b-07041814f7fe}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1796023744-1759536030-3900380101-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-11-14] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-11-01] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1796023744-1759536030-3900380101-1002 -> hxxp://www.google.sk/
FireFox:
========
FF DefaultProfile: 7hpj6u6r.default-1494430344668
FF ProfilePath: C:\Users\saullerist\AppData\Roaming\Mozilla\Firefox\Profiles\7hpj6u6r.default-1494430344668 [2017-11-27]
FF Homepage: Mozilla\Firefox\Profiles\7hpj6u6r.default-1494430344668 -> hxxps://www.google.sk/?gws_rd=ssl
FF Extension: (Disable Media WMF NV12 format) - C:\Users\saullerist\AppData\Roaming\Mozilla\Firefox\Profiles\7hpj6u6r.default-1494430344668\features\{667532c7-74ba-4261-9897-df2ee2458f8b}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-23] [Lagacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-11-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-11-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-11-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-11-27]
CHR Extension: (Prezentácie) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Magio GO) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-06-22]
CHR Extension: (Dokumenty) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Disk Google) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-17]
CHR Extension: (YouTube) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-17]
CHR Extension: (Tabuľky) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-18]
CHR HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [anoiechkjklgabdfompidjolhpfdpjdd] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7737512 2017-10-26] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 a016bus; C:\WINDOWS\System32\drivers\a016bus.sys [109096 2008-01-18] (MCCI Corporation)
S3 a016mgmt; C:\WINDOWS\System32\drivers\a016mgmt.sys [130600 2008-01-18] (MCCI Corporation)
S3 a016obex; C:\WINDOWS\System32\drivers\a016obex.sys [125480 2008-01-18] (MCCI Corporation)
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [45696 2017-06-19] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [223232 2015-05-07] (Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2015-05-07] (Huawei Technologies Co., Ltd.)
S3 s0016bus; C:\WINDOWS\System32\drivers\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\WINDOWS\System32\drivers\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\WINDOWS\System32\drivers\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\WINDOWS\System32\drivers\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\WINDOWS\System32\drivers\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\WINDOWS\System32\drivers\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\WINDOWS\System32\drivers\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\WINDOWS\System32\drivers\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 s1018bus; C:\WINDOWS\System32\drivers\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\WINDOWS\System32\drivers\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\WINDOWS\System32\drivers\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\WINDOWS\System32\drivers\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 s1029bus; C:\WINDOWS\System32\drivers\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\WINDOWS\System32\drivers\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\WINDOWS\System32\drivers\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\WINDOWS\System32\drivers\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
S3 s1039mgmt; C:\WINDOWS\System32\drivers\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\WINDOWS\System32\drivers\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\WINDOWS\System32\drivers\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 s916bus; C:\WINDOWS\System32\drivers\s916bus.sys [108072 2007-11-02] (MCCI Corporation)
S3 s916mgmt; C:\WINDOWS\System32\drivers\s916mgmt.sys [130088 2007-11-02] (MCCI Corporation)
S3 s916obex; C:\WINDOWS\System32\drivers\s916obex.sys [124968 2007-11-02] (MCCI Corporation)
S3 se3ebus; C:\WINDOWS\System32\drivers\se3ebus.sys [107784 2007-04-10] (MCCI Corporation)
S3 se3emgmt; C:\WINDOWS\System32\drivers\se3emgmt.sys [126216 2007-04-10] (MCCI Corporation)
S3 se3eobex; C:\WINDOWS\System32\drivers\se3eobex.sys [123144 2007-04-10] (MCCI Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [42184 2015-06-12] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [51392 2016-11-23] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-10-07] (Toshiba Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-27 16:13 - 2017-11-27 16:14 - 000001557 _____ C:\Users\saullerist\Desktop\Fixlog.txt
2017-11-27 16:13 - 2017-11-27 16:13 - 000000000 ____D C:\Users\saullerist\Desktop\FRST-OlderVersion
2017-11-26 21:38 - 2017-11-27 16:22 - 000024959 _____ C:\Users\saullerist\Desktop\Addition.txt
2017-11-26 21:36 - 2017-11-27 17:13 - 000014443 _____ C:\Users\saullerist\Desktop\FRST.txt
2017-11-26 21:36 - 2017-11-27 17:12 - 000000000 ____D C:\FRST
2017-11-26 21:33 - 2017-11-27 16:13 - 002391552 _____ (Farbar) C:\Users\saullerist\Desktop\FRST64.exe
2017-11-26 18:58 - 2017-11-26 19:00 - 008261584 _____ (Malwarebytes) C:\Users\saullerist\Desktop\adwcleaner_7.0.4.0.exe
2017-11-15 16:22 - 2017-11-15 16:22 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-15 10:27 - 2017-11-15 10:27 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-15 10:27 - 2017-11-15 10:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-15 10:27 - 2017-11-15 10:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-14 21:13 - 2017-10-25 10:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-14 21:13 - 2017-10-25 10:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-14 21:13 - 2017-10-25 10:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-14 21:13 - 2017-10-25 09:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-14 21:13 - 2017-10-25 05:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-14 21:13 - 2017-10-25 05:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-14 21:13 - 2017-10-25 05:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-14 21:13 - 2017-10-25 05:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-14 21:13 - 2017-10-25 05:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-14 21:13 - 2017-10-25 05:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-14 21:13 - 2017-10-25 05:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-14 21:13 - 2017-10-25 05:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-14 21:13 - 2017-10-25 05:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-14 21:13 - 2017-10-25 05:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-14 21:13 - 2017-10-25 04:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-14 21:13 - 2017-10-25 04:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-14 21:13 - 2017-10-25 04:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-14 21:13 - 2017-10-25 04:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-14 21:13 - 2017-10-25 04:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-14 21:13 - 2017-10-25 04:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-14 21:13 - 2017-10-25 04:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-14 21:13 - 2017-10-25 04:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-14 21:13 - 2017-10-25 04:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-14 21:13 - 2017-10-25 04:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-14 21:13 - 2017-10-25 04:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-14 21:13 - 2017-10-25 04:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-14 21:13 - 2017-10-25 04:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-14 21:13 - 2017-10-25 04:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-14 21:13 - 2017-10-25 04:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-14 21:13 - 2017-10-25 04:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-14 21:13 - 2017-10-25 04:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-11-14 21:13 - 2017-10-25 04:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-14 21:13 - 2017-10-25 04:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-14 21:13 - 2017-10-25 04:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-14 21:13 - 2017-10-25 04:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-14 21:13 - 2017-10-25 04:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-14 21:13 - 2017-10-25 04:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-14 21:13 - 2017-10-25 04:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-14 21:13 - 2017-10-25 04:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-14 21:13 - 2017-10-25 04:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-14 21:13 - 2017-10-25 04:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-14 21:13 - 2017-10-25 04:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-14 21:13 - 2017-10-25 03:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-14 21:13 - 2017-10-25 03:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-14 21:13 - 2017-10-25 03:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-14 21:13 - 2017-10-21 13:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-14 21:13 - 2017-10-20 15:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-14 21:13 - 2017-10-20 06:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-14 21:12 - 2017-10-25 09:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-14 21:12 - 2017-10-25 09:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-14 21:12 - 2017-10-25 07:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-14 21:12 - 2017-10-25 05:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-14 21:12 - 2017-10-25 05:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-14 21:12 - 2017-10-25 05:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-14 21:12 - 2017-10-25 05:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-14 21:12 - 2017-10-25 05:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-14 21:12 - 2017-10-25 05:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-14 21:12 - 2017-10-25 05:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-14 21:12 - 2017-10-25 05:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-14 21:12 - 2017-10-25 05:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-14 21:12 - 2017-10-25 05:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-14 21:12 - 2017-10-25 05:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-14 21:12 - 2017-10-25 05:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-14 21:12 - 2017-10-25 05:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-14 21:12 - 2017-10-25 05:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-14 21:12 - 2017-10-25 05:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-14 21:12 - 2017-10-25 05:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-11-14 21:12 - 2017-10-25 05:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-14 21:12 - 2017-10-25 05:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-14 21:12 - 2017-10-25 05:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-14 21:12 - 2017-10-25 05:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-11-14 21:12 - 2017-10-25 05:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-14 21:12 - 2017-10-25 04:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-14 21:12 - 2017-10-25 04:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-14 21:12 - 2017-10-25 04:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-14 21:12 - 2017-10-25 04:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-14 21:12 - 2017-10-25 04:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-14 21:12 - 2017-10-25 04:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-14 21:12 - 2017-10-25 04:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-14 21:12 - 2017-10-25 04:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-14 21:12 - 2017-10-25 04:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-14 21:12 - 2017-10-25 04:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-14 21:12 - 2017-10-25 04:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-14 21:12 - 2017-10-25 04:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-14 21:12 - 2017-10-25 04:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-14 21:12 - 2017-10-25 04:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-14 21:12 - 2017-10-25 04:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-14 21:12 - 2017-10-25 04:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-14 21:12 - 2017-10-25 04:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-14 21:12 - 2017-10-25 04:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-14 21:12 - 2017-10-25 04:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-14 21:12 - 2017-10-25 04:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-14 21:12 - 2017-10-25 04:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-14 21:12 - 2017-10-25 04:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-14 21:12 - 2017-10-25 04:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-14 21:12 - 2017-10-25 04:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-14 21:12 - 2017-10-25 04:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-14 21:12 - 2017-10-25 04:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-14 21:12 - 2017-10-25 04:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-11-14 21:12 - 2017-10-25 04:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-14 21:12 - 2017-10-25 03:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-11-14 21:12 - 2017-10-25 03:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-14 21:12 - 2017-10-25 03:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-14 21:12 - 2017-10-25 03:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-14 21:12 - 2017-10-25 03:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-14 17:07 - 2017-11-14 17:07 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-11-14 16:43 - 2017-11-14 16:44 - 007146272 _____ (Microsoft Corporation) C:\Setup.X64.sk-sk_O365ProPlusRetail_0f49beac-bf3c-4a67-b295-65d7702f3c42_TX_DB_b_32_.exe
2017-11-10 20:07 - 2017-11-27 11:43 - 000000000 ____D C:\AdwCleaner
2017-11-05 15:29 - 2017-11-05 15:29 - 000042533 _____ C:\Users\saullerist\Desktop\Jeepers.Creepers.3.2017.HDrip.x264-DENiM.srt
2017-11-05 13:37 - 2017-11-05 13:41 - 448307632 _____ C:\Users\saullerist\Desktop\Jeepers.Creepers.3.2017.HDrip.x264-DENiM.mkv
2017-11-01 11:09 - 2017-11-01 11:09 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-27 17:13 - 2016-11-15 19:57 - 000000000 ____D C:\Users\saullerist\AppData\LocalLow\Mozilla
2017-11-27 16:16 - 2017-10-18 09:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-27 16:15 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-11-27 16:14 - 2016-03-22 15:45 - 000000000 ____D C:\Users\saullerist\AppData\LocalLow\Temp
2017-11-27 16:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-11-27 12:39 - 2017-10-18 09:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-26 16:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-25 14:05 - 2016-01-12 10:47 - 000000000 ___RD C:\Users\saullerist\Disk Google
2017-11-23 20:45 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-23 11:38 - 2017-10-18 09:41 - 000000000 ____D C:\Users\saullerist\AppData\Local\Packages
2017-11-23 11:38 - 2017-04-01 16:02 - 000000000 ____D C:\Users\saullerist\AppData\Local\PackageStaging
2017-11-21 20:01 - 2016-11-28 16:03 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-16 22:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-11-16 09:35 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-16 09:35 - 2017-06-19 16:37 - 000002291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 18:05 - 2017-10-18 09:35 - 000403728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-15 18:03 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-15 18:01 - 2017-10-18 09:55 - 000003388 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1796023744-1759536030-3900380101-1002
2017-11-15 18:01 - 2016-11-18 17:26 - 000002393 _____ C:\Users\saullerist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-15 18:01 - 2016-01-05 16:06 - 000000000 ___RD C:\Users\saullerist\OneDrive
2017-11-14 21:25 - 2016-11-18 18:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-14 21:16 - 2017-10-10 19:38 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-14 21:16 - 2016-11-28 16:54 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-14 21:15 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-14 17:07 - 2017-08-01 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office 2016
2017-11-14 17:07 - 2016-11-18 19:49 - 000000000 ____D C:\Program Files\Microsoft Office
2017-11-09 21:11 - 2017-10-18 09:54 - 007060704 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-09 21:11 - 2016-11-28 17:10 - 004484666 _____ C:\WINDOWS\system32\perfh01B.dat
2017-11-09 21:11 - 2016-11-28 17:10 - 001336520 _____ C:\WINDOWS\system32\perfc01B.dat
2017-11-08 13:05 - 2017-10-18 09:40 - 000000000 ____D C:\Users\saullerist
2017-11-04 12:35 - 2017-07-13 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-11-04 02:25 - 2017-09-29 14:49 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-04 02:25 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-01 11:10 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-01 11:09 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-10-29 20:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
==================== Files in the root of some directories =======
2017-07-31 10:22 - 2017-07-31 10:22 - 000029696 _____ () C:\Users\saullerist\AppData\Local\MSGBOX.EXE
2017-10-18 09:16 - 2017-10-23 11:59 - 000007598 _____ () C:\Users\saullerist\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-17 16:50
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-11-2017 01
Ran by saullerist (administrator) on DESKTOP-3SMP07F (27-11-2017 17:12:31)
Running from C:\Users\saullerist\Desktop
Loaded Profiles: saullerist (Available Profiles: saullerist)
Platform: Windows 10 Home Version 1709 16299.64 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17085.22311.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40417680 2017-11-01] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0520d228-ccde-4c26-a96a-32568f7bf116}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4d2b95be-ee9d-4b3b-ba55-e94ab2dcb990}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7dda2a22-69b8-442b-b32c-848a9ce16964}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c350c31-a517-4621-881b-07041814f7fe}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1796023744-1759536030-3900380101-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-11-14] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-11-01] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-11-01] (Microsoft Corporation)
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1796023744-1759536030-3900380101-1002 -> hxxp://www.google.sk/
FireFox:
========
FF DefaultProfile: 7hpj6u6r.default-1494430344668
FF ProfilePath: C:\Users\saullerist\AppData\Roaming\Mozilla\Firefox\Profiles\7hpj6u6r.default-1494430344668 [2017-11-27]
FF Homepage: Mozilla\Firefox\Profiles\7hpj6u6r.default-1494430344668 -> hxxps://www.google.sk/?gws_rd=ssl
FF Extension: (Disable Media WMF NV12 format) - C:\Users\saullerist\AppData\Roaming\Mozilla\Firefox\Profiles\7hpj6u6r.default-1494430344668\features\{667532c7-74ba-4261-9897-df2ee2458f8b}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-23] [Lagacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-11-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-11-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-11-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-11-27]
CHR Extension: (Prezentácie) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17]
CHR Extension: (Magio GO) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\anoiechkjklgabdfompidjolhpfdpjdd [2017-06-22]
CHR Extension: (Dokumenty) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Disk Google) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-17]
CHR Extension: (YouTube) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-17]
CHR Extension: (Tabuľky) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-04-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-24]
CHR Extension: (Gmail) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\saullerist\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-18]
CHR HKU\S-1-5-21-1796023744-1759536030-3900380101-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [anoiechkjklgabdfompidjolhpfdpjdd] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7737512 2017-10-26] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 a016bus; C:\WINDOWS\System32\drivers\a016bus.sys [109096 2008-01-18] (MCCI Corporation)
S3 a016mgmt; C:\WINDOWS\System32\drivers\a016mgmt.sys [130600 2008-01-18] (MCCI Corporation)
S3 a016obex; C:\WINDOWS\System32\drivers\a016obex.sys [125480 2008-01-18] (MCCI Corporation)
S3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 [45696 2017-06-19] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 HWHandSet; C:\WINDOWS\System32\drivers\hw_quusbmdm.sys [223232 2015-05-07] (Huawei Technologies Co., Ltd.)
S3 hw_usbdev; C:\WINDOWS\System32\drivers\hw_usbdev.sys [116864 2015-05-07] (Huawei Technologies Co., Ltd.)
S3 s0016bus; C:\WINDOWS\System32\drivers\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\WINDOWS\System32\drivers\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\WINDOWS\System32\drivers\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\WINDOWS\System32\drivers\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
S3 s0017bus; C:\WINDOWS\System32\drivers\s0017bus.sys [113704 2008-10-21] (MCCI Corporation)
S3 s0017mgmt; C:\WINDOWS\System32\drivers\s0017mgmt.sys [133160 2008-10-21] (MCCI Corporation)
S3 s0017obex; C:\WINDOWS\System32\drivers\s0017obex.sys [128552 2008-10-21] (MCCI Corporation)
S3 s0017unic; C:\WINDOWS\System32\drivers\s0017unic.sys [145960 2008-10-21] (MCCI Corporation)
S3 s1018bus; C:\WINDOWS\System32\drivers\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\WINDOWS\System32\drivers\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\WINDOWS\System32\drivers\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\WINDOWS\System32\drivers\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 s1029bus; C:\WINDOWS\System32\drivers\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\WINDOWS\System32\drivers\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\WINDOWS\System32\drivers\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\WINDOWS\System32\drivers\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
S3 s1039mgmt; C:\WINDOWS\System32\drivers\s1039mgmt.sys [141424 2010-03-15] (MCCI Corporation)
S3 s1039obex; C:\WINDOWS\System32\drivers\s1039obex.sys [137328 2010-03-15] (MCCI Corporation)
S3 s1039unic; C:\WINDOWS\System32\drivers\s1039unic.sys [158320 2010-03-15] (MCCI Corporation)
S3 s916bus; C:\WINDOWS\System32\drivers\s916bus.sys [108072 2007-11-02] (MCCI Corporation)
S3 s916mgmt; C:\WINDOWS\System32\drivers\s916mgmt.sys [130088 2007-11-02] (MCCI Corporation)
S3 s916obex; C:\WINDOWS\System32\drivers\s916obex.sys [124968 2007-11-02] (MCCI Corporation)
S3 se3ebus; C:\WINDOWS\System32\drivers\se3ebus.sys [107784 2007-04-10] (MCCI Corporation)
S3 se3emgmt; C:\WINDOWS\System32\drivers\se3emgmt.sys [126216 2007-04-10] (MCCI Corporation)
S3 se3eobex; C:\WINDOWS\System32\drivers\se3eobex.sys [123144 2007-04-10] (MCCI Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [42184 2015-06-12] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [51392 2016-11-23] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-10-07] (Toshiba Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-27 16:13 - 2017-11-27 16:14 - 000001557 _____ C:\Users\saullerist\Desktop\Fixlog.txt
2017-11-27 16:13 - 2017-11-27 16:13 - 000000000 ____D C:\Users\saullerist\Desktop\FRST-OlderVersion
2017-11-26 21:38 - 2017-11-27 16:22 - 000024959 _____ C:\Users\saullerist\Desktop\Addition.txt
2017-11-26 21:36 - 2017-11-27 17:13 - 000014443 _____ C:\Users\saullerist\Desktop\FRST.txt
2017-11-26 21:36 - 2017-11-27 17:12 - 000000000 ____D C:\FRST
2017-11-26 21:33 - 2017-11-27 16:13 - 002391552 _____ (Farbar) C:\Users\saullerist\Desktop\FRST64.exe
2017-11-26 18:58 - 2017-11-26 19:00 - 008261584 _____ (Malwarebytes) C:\Users\saullerist\Desktop\adwcleaner_7.0.4.0.exe
2017-11-15 16:22 - 2017-11-15 16:22 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-15 10:27 - 2017-11-15 10:27 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-15 10:27 - 2017-11-15 10:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-15 10:27 - 2017-11-15 10:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-11-14 21:13 - 2017-10-25 10:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-14 21:13 - 2017-10-25 10:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-14 21:13 - 2017-10-25 10:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-14 21:13 - 2017-10-25 09:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-14 21:13 - 2017-10-25 05:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-14 21:13 - 2017-10-25 05:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-14 21:13 - 2017-10-25 05:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-14 21:13 - 2017-10-25 05:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-14 21:13 - 2017-10-25 05:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-14 21:13 - 2017-10-25 05:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-14 21:13 - 2017-10-25 05:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-14 21:13 - 2017-10-25 05:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-14 21:13 - 2017-10-25 05:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-14 21:13 - 2017-10-25 05:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-14 21:13 - 2017-10-25 04:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-14 21:13 - 2017-10-25 04:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-14 21:13 - 2017-10-25 04:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-14 21:13 - 2017-10-25 04:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-14 21:13 - 2017-10-25 04:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-14 21:13 - 2017-10-25 04:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-14 21:13 - 2017-10-25 04:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-14 21:13 - 2017-10-25 04:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-14 21:13 - 2017-10-25 04:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-14 21:13 - 2017-10-25 04:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-14 21:13 - 2017-10-25 04:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-14 21:13 - 2017-10-25 04:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-14 21:13 - 2017-10-25 04:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-14 21:13 - 2017-10-25 04:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-14 21:13 - 2017-10-25 04:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-14 21:13 - 2017-10-25 04:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-14 21:13 - 2017-10-25 04:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-11-14 21:13 - 2017-10-25 04:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-14 21:13 - 2017-10-25 04:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-14 21:13 - 2017-10-25 04:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-14 21:13 - 2017-10-25 04:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-14 21:13 - 2017-10-25 04:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-14 21:13 - 2017-10-25 04:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-14 21:13 - 2017-10-25 04:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-14 21:13 - 2017-10-25 04:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-14 21:13 - 2017-10-25 04:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-14 21:13 - 2017-10-25 04:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-14 21:13 - 2017-10-25 04:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-14 21:13 - 2017-10-25 03:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-14 21:13 - 2017-10-25 03:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-14 21:13 - 2017-10-25 03:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-14 21:13 - 2017-10-21 13:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-14 21:13 - 2017-10-20 15:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-14 21:13 - 2017-10-20 06:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-14 21:12 - 2017-10-25 09:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-14 21:12 - 2017-10-25 09:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-14 21:12 - 2017-10-25 07:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-14 21:12 - 2017-10-25 05:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-14 21:12 - 2017-10-25 05:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-14 21:12 - 2017-10-25 05:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-14 21:12 - 2017-10-25 05:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-14 21:12 - 2017-10-25 05:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-14 21:12 - 2017-10-25 05:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-14 21:12 - 2017-10-25 05:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-14 21:12 - 2017-10-25 05:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-14 21:12 - 2017-10-25 05:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-14 21:12 - 2017-10-25 05:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-14 21:12 - 2017-10-25 05:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-14 21:12 - 2017-10-25 05:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-14 21:12 - 2017-10-25 05:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-14 21:12 - 2017-10-25 05:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-14 21:12 - 2017-10-25 05:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-14 21:12 - 2017-10-25 05:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-11-14 21:12 - 2017-10-25 05:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-14 21:12 - 2017-10-25 05:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-14 21:12 - 2017-10-25 05:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-14 21:12 - 2017-10-25 05:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-11-14 21:12 - 2017-10-25 05:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-14 21:12 - 2017-10-25 04:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-14 21:12 - 2017-10-25 04:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-14 21:12 - 2017-10-25 04:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-14 21:12 - 2017-10-25 04:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-14 21:12 - 2017-10-25 04:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-14 21:12 - 2017-10-25 04:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-14 21:12 - 2017-10-25 04:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-14 21:12 - 2017-10-25 04:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-14 21:12 - 2017-10-25 04:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-14 21:12 - 2017-10-25 04:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-14 21:12 - 2017-10-25 04:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-14 21:12 - 2017-10-25 04:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-14 21:12 - 2017-10-25 04:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-14 21:12 - 2017-10-25 04:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-14 21:12 - 2017-10-25 04:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-14 21:12 - 2017-10-25 04:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-14 21:12 - 2017-10-25 04:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-14 21:12 - 2017-10-25 04:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-14 21:12 - 2017-10-25 04:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-14 21:12 - 2017-10-25 04:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-14 21:12 - 2017-10-25 04:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-14 21:12 - 2017-10-25 04:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-14 21:12 - 2017-10-25 04:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-14 21:12 - 2017-10-25 04:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-14 21:12 - 2017-10-25 04:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-14 21:12 - 2017-10-25 04:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-14 21:12 - 2017-10-25 04:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-14 21:12 - 2017-10-25 04:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-14 21:12 - 2017-10-25 04:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-11-14 21:12 - 2017-10-25 04:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-14 21:12 - 2017-10-25 03:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-11-14 21:12 - 2017-10-25 03:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-14 21:12 - 2017-10-25 03:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-14 21:12 - 2017-10-25 03:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-14 21:12 - 2017-10-25 03:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-14 17:07 - 2017-11-14 17:07 - 000002489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2017-11-14 16:43 - 2017-11-14 16:44 - 007146272 _____ (Microsoft Corporation) C:\Setup.X64.sk-sk_O365ProPlusRetail_0f49beac-bf3c-4a67-b295-65d7702f3c42_TX_DB_b_32_.exe
2017-11-10 20:07 - 2017-11-27 11:43 - 000000000 ____D C:\AdwCleaner
2017-11-05 15:29 - 2017-11-05 15:29 - 000042533 _____ C:\Users\saullerist\Desktop\Jeepers.Creepers.3.2017.HDrip.x264-DENiM.srt
2017-11-05 13:37 - 2017-11-05 13:41 - 448307632 _____ C:\Users\saullerist\Desktop\Jeepers.Creepers.3.2017.HDrip.x264-DENiM.mkv
2017-11-01 11:09 - 2017-11-01 11:09 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-27 17:13 - 2016-11-15 19:57 - 000000000 ____D C:\Users\saullerist\AppData\LocalLow\Mozilla
2017-11-27 16:16 - 2017-10-18 09:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-27 16:15 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-11-27 16:14 - 2016-03-22 15:45 - 000000000 ____D C:\Users\saullerist\AppData\LocalLow\Temp
2017-11-27 16:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-11-27 12:39 - 2017-10-18 09:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-26 16:28 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-25 14:05 - 2016-01-12 10:47 - 000000000 ___RD C:\Users\saullerist\Disk Google
2017-11-23 20:45 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-23 11:38 - 2017-10-18 09:41 - 000000000 ____D C:\Users\saullerist\AppData\Local\Packages
2017-11-23 11:38 - 2017-04-01 16:02 - 000000000 ____D C:\Users\saullerist\AppData\Local\PackageStaging
2017-11-21 20:01 - 2016-11-28 16:03 - 000545440 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-11-16 22:17 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-11-16 09:35 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-16 09:35 - 2017-06-19 16:37 - 000002291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 18:05 - 2017-10-18 09:35 - 000403728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-15 18:03 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-15 18:03 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-15 18:01 - 2017-10-18 09:55 - 000003388 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1796023744-1759536030-3900380101-1002
2017-11-15 18:01 - 2016-11-18 17:26 - 000002393 _____ C:\Users\saullerist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-15 18:01 - 2016-01-05 16:06 - 000000000 ___RD C:\Users\saullerist\OneDrive
2017-11-14 21:25 - 2016-11-18 18:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-14 21:16 - 2017-10-10 19:38 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-14 21:16 - 2016-11-28 16:54 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-14 21:15 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-14 17:07 - 2017-08-01 14:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje balíka Microsoft Office 2016
2017-11-14 17:07 - 2016-11-18 19:49 - 000000000 ____D C:\Program Files\Microsoft Office
2017-11-09 21:11 - 2017-10-18 09:54 - 007060704 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-09 21:11 - 2016-11-28 17:10 - 004484666 _____ C:\WINDOWS\system32\perfh01B.dat
2017-11-09 21:11 - 2016-11-28 17:10 - 001336520 _____ C:\WINDOWS\system32\perfc01B.dat
2017-11-08 13:05 - 2017-10-18 09:40 - 000000000 ____D C:\Users\saullerist
2017-11-04 12:35 - 2017-07-13 11:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-11-04 02:25 - 2017-09-29 14:49 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-04 02:25 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-01 11:10 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-01 11:09 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-10-29 20:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
==================== Files in the root of some directories =======
2017-07-31 10:22 - 2017-07-31 10:22 - 000029696 _____ () C:\Users\saullerist\AppData\Local\MSGBOX.EXE
2017-10-18 09:16 - 2017-10-23 11:59 - 000007598 _____ () C:\Users\saullerist\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-17 16:50
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: rýchla kontrola
Log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: rýchla kontrola
ak je aj tento Log ok tak potom je to všetko 
Naposledy upravil(a) 5manager5 dne 27 lis 2017 19:42, celkem upraveno 1 x.
-
Rudy
- Site Admin
- Příspěvky: 118254
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: rýchla kontrola
Ano, je to vše.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?