PC nenačítava stránky, skype ide

[onlinetip]

Na PC mi nejde načítať žiadne weby, ide iba skype. Ďakujem za pomoc.

[Conder]

Ahoj

Toto vyzera na vypadok aktualne nastavenych DNS serverov. O aky operacny system sa jedna?

[onlinetip]

Ahoj

Toto vyzera na vypadok aktualne nastavenych DNS serverov. O aky operacny system sa jedna?

Ahoj

Windows 10

[Conder]

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

[onlinetip]

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-06-2019
Ran by Lucia (administrator) on DESKTOP-EUFOBHH (ASUSTeK COMPUTER INC. X540SA) (22-06-2019 20:53:42)
Running from C:\Users\Lucia\Downloads
Loaded Profiles: Lucia (Available Profiles: Lucia)
Platform: Windows 10 Home Version 1803 17134.648 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\caller64.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() [File not signed] C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Kantar Slovakia s.r.o. -> Kantar Slovakia) [File not signed] C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\odme..tion_ef252d0bf8e0ce83_0003.0000_3f9dbaab95fff523\Odmenovac.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Samsung Electronics Co., Ltd.) [File not signed] C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-06] () [File not signed]
HKLM-x32\...\Run: [CLX3180_Scan2Pc] => C:\WINDOWS\Twain_32\Samsung\CLX3180\Scan2pc.exe [1990144 2011-04-29] () [File not signed]
HKLM-x32\...\Run: [3180 Scan2PC] => C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe [1990144 2011-04-29] () [File not signed]
HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646696 2019-05-09] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\Users\Lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odmenovac.appref-ms [2019-03-21] () [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {24B10834-71D4-42E0-B008-1EEF1124A297} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {263C6227-7EBB-4553-803D-36AF804D74B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3672956A-93EB-4039-8323-E3DCEE60F46D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3FD64049-8314-46AA-82B9-9A2F19A4E81B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14680792 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A3C86B72-FA0E-4B47-9EBD-88389CFE8AEE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-03] (Google Inc -> Google Inc.)
Task: {AEC62366-14C5-4062-8485-839E8BD4F1A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B2101017-01DC-4F61-A2CD-75B2DF4C564C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-03] (Google Inc -> Google Inc.)
Task: {D6DC7DA3-DC6E-473C-BE05-D3CB96D7E820} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FD199665-337D-4B2D-8E23-048E75B15183} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{24155ea9-816f-466f-bbe2-3bb9a2c283cf}: [DhcpNameServer] 192.168.2.1 195.146.128.62
Tcpip\..\Interfaces\{3bf07e02-5c76-4cd9-89cc-17e8fb463c40}: [DhcpNameServer] 192.168.2.1 195.146.128.62
Tcpip\..\Interfaces\{ecce0655-9197-4f81-9823-ca59b52a0bec}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default [2019-03-05]
CHR Extension: (Prezentácie) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-03]
CHR Extension: (Dokumenty) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-03]
CHR Extension: (Disk Google) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-03]
CHR Extension: (YouTube) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-03]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-03]
CHR Extension: (Gmail) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-03]
CHR Extension: (Chrome Media Router) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-03]
CHR Profile: C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-03-03]
CHR Profile: C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-06-22]
CHR Extension: (Prezentácie) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-03]
CHR Extension: (Dokumenty) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-03]
CHR Extension: (Disk Google) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-03]
CHR Extension: (YouTube) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-03]
CHR Extension: (Tabuľky) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-03]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-03]
CHR Extension: (Gmail) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-22]
CHR Profile: C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-03]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel(R) Software -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353896 2015-10-26] (Intel Corporation - pGFX -> Intel Corporation)
R2 Samsung Network Fax Server; C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [601624 2015-07-29] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [53816 2009-07-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel(R) Software -> Intel Corporation)
S3 iagpioe; C:\WINDOWS\System32\drivers\iagpioe.sys [41984 2015-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
S3 iai2ce; C:\WINDOWS\System32\drivers\iai2ce.sys [89592 2015-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [5906320 2015-10-26] (Intel Corporation - pGFX -> Intel Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-05-09] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek Semiconductor Corp -> Realtek )
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-21] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-21] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-22 20:53 - 2019-06-22 20:57 - 000018085 _____ C:\Users\Lucia\Downloads\FRST.txt
2019-06-22 20:53 - 2019-06-22 20:53 - 000000000 ____D C:\FRST
2019-06-22 20:48 - 2019-06-22 20:49 - 002418688 _____ (Farbar) C:\Users\Lucia\Downloads\FRST64.exe
2019-06-21 11:18 - 2019-06-21 11:18 - 000000000 ____D C:\Program Files\UNP

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-22 20:20 - 2019-03-02 17:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-22 12:39 - 2019-03-02 16:45 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-22 12:23 - 2019-03-03 19:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-22 12:19 - 2019-03-03 19:30 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-22 12:11 - 2019-03-02 16:58 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-22 12:11 - 2019-03-02 16:58 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-22 11:53 - 2019-03-03 19:27 - 000000000 ____D C:\Program Files\rempl
2019-06-22 08:33 - 2019-03-02 17:55 - 000000000 ____D C:\Users\Lucia\AppData\Local\Deployment
2019-06-21 20:00 - 2019-03-02 17:42 - 000000000 ____D C:\Users\Lucia
2019-06-21 20:00 - 2019-03-02 17:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-06-21 20:00 - 2016-12-01 21:36 - 000000000 __SHD C:\Users\Lucia\IntelGraphicsProfiles
2019-06-21 11:23 - 2019-03-02 17:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-06-21 11:20 - 2019-03-02 17:51 - 000005596 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-21 11:20 - 2019-03-02 16:55 - 000000000 ____D C:\WINDOWS\INF
2019-06-21 11:17 - 2019-03-03 16:15 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-21 11:17 - 2019-03-03 14:23 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3668747667-419819588-178633127-1001
2019-06-21 11:16 - 2019-03-02 17:42 - 000002353 _____ C:\Users\Lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-21 11:16 - 2016-12-01 21:40 - 000000000 ___RD C:\Users\Lucia\OneDrive
2019-06-21 11:11 - 2019-03-03 16:29 - 000001381 _____ C:\Users\Public\Desktop\Skype.lnk
2019-06-21 11:11 - 2019-03-03 15:27 - 000000000 ____D C:\Users\Lucia\Desktop\Plocha
2019-05-31 03:57 - 2019-03-02 17:04 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-31 03:57 - 2019-03-02 17:04 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-28 17:20 - 2019-03-02 17:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT

==================== Files in the root of some directories ================

2019-03-13 21:09 - 2019-03-13 21:09 - 000011832 _____ () C:\Users\Lucia\AppData\Roaming\SmarThruOptions.xml
2019-03-03 14:41 - 2019-03-02 12:12 - 000000184 _____ () C:\Users\Lucia\AppData\Roaming\sp_data.sys

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================





Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2019
Ran by Lucia (22-06-2019 20:59:43)
Running from C:\Users\Lucia\Downloads
Windows 10 Home Version 1803 17134.648 (X64) (2019-03-02 15:49:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3668747667-419819588-178633127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3668747667-419819588-178633127-503 - Limited - Disabled)
Guest (S-1-5-21-3668747667-419819588-178633127-501 - Limited - Disabled)
Lucia (S-1-5-21-3668747667-419819588-178633127-1001 - Administrator - Enabled) => C:\Users\Lucia
WDAGUtilityAccount (S-1-5-21-3668747667-419819588-178633127-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
eDANE – aplikácia sekcie daňovej FR SR pre podávanie daňových dokumentov - 2 (HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\6471891987962ff1) (Version: 1.3.0.3 - Finančné riaditeľstvo SR - Sekcia daňová)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Maintenance Samsung CLX-3180 Series (HKLM-x32\...\Samsung CLX-3180 Series) (Version: - Samsung Electronics Co., Ltd.)
Microsoft OneDrive (HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Odmenovac (HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\769fa7d60192d35e) (Version: 3.0.0.47 - Kantar Slovakia)
OpenOffice 4.1.5 (HKLM-x32\...\{E177AC33-EC9C-4537-8996-37ED331D9227}) (Version: 4.15.9789 - Apache Software Foundation)
Readiris Pro 10 (HKLM-x32\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.05.22.00 - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.20.00 - Samsung Electronics Co., Ltd.)
Skype verzia 8.45 (HKLM-x32\...\Skype_is1) (Version: 8.45 - Skype Technologies S.A.)
SmarThru 4 (HKLM-x32\...\{90F1943D-EA4A-4460-B59F-30023F3BA69A}) (Version: - Samsung Electronics Co., Ltd.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.15.8.0_x86__kgqvnymyfvs32 [2019-06-22] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1530.2.0_x86__kgqvnymyfvs32 [2019-06-22] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_5.0.0.3_x86__m9bz608c1b9ra [2019-06-22] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.520.0_x64__rz1tebttyb220 [2019-03-10] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-10] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-03] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-05-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-22] (Microsoft Studios) [MS Ad]
Microsoft Telefón -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2019-03-03] (Microsoft Corporation)
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-03-03] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-03-10] (Thumbmunkeys Ltd) [MS Ad]
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-22] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [!NetFax0] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax1] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax2] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax3] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax4] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax5] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax6] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax7] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Lucia\Desktop\Lucia - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2019-03-13 20:59 - 2009-09-29 11:47 - 000306688 _____ () [File not signed] C:\Windows\Samsung\PanelMgr\caller64.exe
2019-03-13 20:59 - 2011-07-06 14:17 - 000688128 _____ () [File not signed] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2019-03-13 21:04 - 2010-11-11 11:46 - 000293888 _____ () [File not signed] C:\Windows\twain_32\Samsung\CLX3180\NetModule2.dll
2019-03-13 21:04 - 2011-04-29 09:58 - 001990144 _____ () [File not signed] C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
2019-03-13 21:04 - 2009-10-31 15:42 - 001384520 _____ () [File not signed] C:\Windows\twain_32\Samsung\CLX3180\ssole.dll
2019-03-21 15:36 - 2019-03-21 15:36 - 001142768 _____ (Kantar Slovakia s.r.o. -> Kantar Slovakia) [File not signed] C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\odme..tion_ef252d0bf8e0ce83_0003.0000_3f9dbaab95fff523\Odmenovac.exe
2019-03-13 21:09 - 2011-04-28 12:20 - 000240640 ____R (Samsung Electronics Co., Ltd.) [File not signed] C:\WINDOWS\System32\NetFaxPort64.dll
2019-03-13 21:09 - 2011-04-28 12:20 - 000229888 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe
2019-03-13 21:09 - 2011-04-28 12:20 - 000190976 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll
2019-03-13 21:09 - 2011-04-28 12:20 - 000195584 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxUser64.dll
2019-03-13 21:04 - 2009-10-31 15:42 - 000081920 _____ (Samsung Electronics) [File not signed] C:\Windows\twain_32\Samsung\CLX3180\scantopc.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-02 16:59 - 2019-03-02 16:54 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3668747667-419819588-178633127-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lucia\Desktop\pc-afirmacia-5.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\StartupApproved\StartupFolder: => "Odmenovac.appref-ms"
HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D2AAB9B6-7162-4D07-B7B8-D56275948829}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics) [File not signed]
FirewallRules: [{4B401E14-3C06-4459-BC40-2299217C5838}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics) [File not signed]
FirewallRules: [{8B069342-BA66-4614-B0E1-CADBD4AB5AA2}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe () [File not signed]
FirewallRules: [{CC175314-B024-4019-AA4B-A9F7F56DDB09}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe () [File not signed]
FirewallRules: [{170A464B-DA14-4E88-8FAD-30B3FA84AC7A}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Sscan2io.exe () [File not signed]
FirewallRules: [{B0208BF4-B44D-4164-8BA8-2F65B143A7C9}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Sscan2io.exe () [File not signed]
FirewallRules: [{D25379E5-7C3F-4CA0-A85D-736C421180AF}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{C37C8ECC-F07D-4B62-BD80-C5557E543368}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{FA8B8993-FCB3-422C-9E95-ADC98331CCF8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{AFB86EC3-D4C7-4F71-BB06-AB6D984B0087}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{057BF444-5917-4167-A019-728AD9B8A8B2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

28-05-2019 13:12:50 Scheduled Checkpoint
21-06-2019 12:15:13 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/22/2019 11:53:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: sedsvc.exe, verzia: 10.0.17134.10066, časová značka: 0xa4407904
Názov chybujúceho modulu: sedsvc.exe, verzia: 10.0.17134.10066, časová značka: 0xa4407904
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000105f1
Identifikácia chybujúceho procesu: 0x1d68
Čas spustenia chybujúcej aplikácie: 0x01d52811a27cf4a8
Cesta chybujúcej aplikácie: C:\Program Files\rempl\sedsvc.exe
Cesta chybujúceho modulu: C:\Program Files\rempl\sedsvc.exe
Identifikácia hlásenia: 67cec633-b0de-4a15-9707-5817e4e47d97
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/12/2019 08:34:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Odmenovac.exe, verzia: 3.0.0.47, časová značka: 0x5bcd1e3f
Názov chybujúceho modulu: RPCRT4.dll, verzia: 10.0.17134.648, časová značka: 0xe96fa1e9
Kód výnimky: 0xc00000fd
Odstup chyby: 0x0001cbda
Identifikácia chybujúceho procesu: 0x2304
Čas spustenia chybujúcej aplikácie: 0x01d4f0f15514fbac
Cesta chybujúcej aplikácie: C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\odme..tion_ef252d0bf8e0ce83_0003.0000_3f9dbaab95fff523\Odmenovac.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\RPCRT4.dll
Identifikácia hlásenia: 169c7cbc-20e2-42f9-a952-9fc0783b88ee
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/08/2019 05:57:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DRSR.Win.DP.DRKlient.exe, verzia: 1.3.0.1, časová značka: 0x5a094787
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17134.556, časová značka: 0xadca2670
Kód výnimky: 0xc000041d
Odstup chyby: 0x001118a2
Identifikácia chybujúceho procesu: 0x132c
Čas spustenia chybujúcej aplikácie: 0x01d4ee153e9326f6
Cesta chybujúcej aplikácie: C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\drsr..tion_77208991cc2c0e96_0001.0003_17318117fe44b2e4\DRSR.Win.DP.DRKlient.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: c00dee6d-4a02-467a-bc34-bcc6cedc7cd2
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/08/2019 05:56:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DRSR.Win.DP.DRKlient.exe, verzia: 1.3.0.1, časová značka: 0x5a094787
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17134.556, časová značka: 0xadca2670
Kód výnimky: 0xc0020001
Odstup chyby: 0x001118a2
Identifikácia chybujúceho procesu: 0x132c
Čas spustenia chybujúcej aplikácie: 0x01d4ee153e9326f6
Cesta chybujúcej aplikácie: C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\drsr..tion_77208991cc2c0e96_0001.0003_17318117fe44b2e4\DRSR.Win.DP.DRKlient.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 2164de9c-7eae-4483-9aba-fcdbd3af486d
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/03/2019 09:23:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Odmenovac.exe, verzia: 3.0.0.47, časová značka: 0x5bcd1e3f
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.17134.556, časová značka: 0x319e0a75
Kód výnimky: 0xc00000fd
Odstup chyby: 0x00045f68
Identifikácia chybujúceho procesu: 0x278c
Čas spustenia chybujúcej aplikácie: 0x01d4e9e05b599d75
Cesta chybujúcej aplikácie: C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\odme..tion_ef252d0bf8e0ce83_0003.0000_3f9dbaab95fff523\Odmenovac.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 0d1c5c39-3d4a-45f8-89be-a15c63b010b7
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/01/2019 10:18:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Odmenovac.exe, verzia: 3.0.0.47, časová značka: 0x5bcd1e3f
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.17134.556, časová značka: 0x319e0a75
Kód výnimky: 0xc00000fd
Odstup chyby: 0x00045f68
Identifikácia chybujúceho procesu: 0x2250
Čas spustenia chybujúcej aplikácie: 0x01d4e4e3341e753e
Cesta chybujúcej aplikácie: C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\odme..tion_ef252d0bf8e0ce83_0003.0000_3f9dbaab95fff523\Odmenovac.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: a48cb030-ae86-42ee-add4-4bd92ac84cfa
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (06/22/2019 11:53:13 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/22/2019 08:25:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EUFOBHH)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-EUFOBHH\Lucia SID (S-1-5-21-3668747667-419819588-178633127-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2019 08:00:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2019 08:00:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2019 08:00:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2019 11:20:26 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EUFOBHH)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-EUFOBHH\Lucia SID (S-1-5-21-3668747667-419819588-178633127-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2019 11:14:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscDataProtection
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/21/2019 11:14:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2019-06-21 11:33:44.979
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B58CACF3-B6CB-4D1F-A25B-45F5EB43C92B}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-05-15 10:21:40.422
Description:
C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\odme..tion_ef252d0bf8e0ce83_0003.0000_3f9dbaab95fff523\Odmenovac.exe has been blocked from modifying %userprofile%\Documents\TNS\Log\ by Controlled Folder Access.
Detection time: 2019-05-15T08:21:40.421Z
Path: %userprofile%\Documents\TNS\Log\
Process Name: C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\odme..tion_ef252d0bf8e0ce83_0003.0000_3f9dbaab95fff523\Odmenovac.exe
Signature Version: 1.293.1626.0
Engine Version: 1.1.15900.4
Product Version: 4.18.1904.1

Date: 2019-05-09 19:48:04.385
Description:
C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe has been blocked from modifying %desktopdirectory%\ by Controlled Folder Access.
Detection time: 2019-05-09T17:48:04.382Z
Path: %desktopdirectory%\
Process Name: C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
Signature Version: 1.293.1179.0
Engine Version: 1.1.15900.4
Product Version: 4.18.1904.1

Date: 2019-04-15 21:03:45.702
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {A2D63E38-3ADB-4417-96BB-3E937DA04787}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-04-09 18:55:01.107
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B53E72DF-C783-44ED-91C7-796C9035768D}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-21 11:34:00.947
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.1157.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x80240438
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

Date: 2019-06-21 11:20:29.747
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.293.2420.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80240438
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

Date: 2019-05-28 10:39:02.761
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.293.1626.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80240437
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

Date: 2019-05-16 11:28:07.562
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.293.1626.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80240438
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

Date: 2019-05-15 09:41:24.134
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.293.1432.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80240438
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X540SA.207 11/25/2015
Motherboard: ASUSTeK COMPUTER INC. X540SA
Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
Percentage of memory in use: 81%
Total physical RAM: 3999.94 MB
Available physical RAM: 758.82 MB
Total Virtual: 5599.94 MB
Available Virtual: 1045.57 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:371.51 GB) (Free:322.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:508.66 GB) NTFS

\\?\Volume{2242fdd4-15a6-4d48-9563-c92377230667}\ () (Fixed) (Total:0.83 GB) (Free:0.45 GB) NTFS
\\?\Volume{a30be102-b73a-4a69-baf4-e006093637bf}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 56D40A90)

Partition: GPT.

==================== End of Addition.txt ============================

[Conder]

Otvor Start -> Nastavenia -> Siete a internet -> Zmenit moznosti adaptera -> klikni pravym tlacitkom mysi na aktualne pouzivany sietovy adapter -> v zozname najdi a klikni na Protokol TCP/IPv4 -> klikni na tlacitko Vlastnosti -> dole vyber moznost Pouzit tieto adresy serverov DNS -> napis IP adresy 8.8.8.8 a 8.8.4.4 (jedna sa o Google DNS servery). Nasledne restartuj PC.

A mozme uz urobit aj precistenie PC od zbytocnosti a preventivnu kontrolu

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[onlinetip]

Otvor Start -> Nastavenia -> Siete a internet -> Zmenit moznosti adaptera -> klikni pravym tlacitkom mysi na aktualne pouzivany sietovy adapter -> v zozname najdi a klikni na Protokol TCP/IPv4 -> klikni na tlacitko Vlastnosti -> dole vyber moznost Pouzit tieto adresy serverov DNS -> napis IP adresy 8.8.8.8 a 8.8.4.4 (jedna sa o Google DNS servery). Nasledne restartuj PC.

A mozme uz urobit aj precistenie PC od zbytocnosti a preventivnu kontrolu

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

Tak už to funguje Po prečistení adw cleanerom nenašlo ale žiaden nález. Ešte sa chcem opýtať. Mám ešte jeden notebook a na ňom nejdú ani stránky ani skype, internet (wifi) ale ukazuje, že je pripojený. Skúšal som zmeniť dns podľa vyššie uvedených parametrov aj tam, ale nepomohlo to. Na ňom je ale Windows 7. Ďakujem za pomoc.

[Conder]

Poprosim o nove logy z FRST z toho prveho NTB a docistime este zbytocnosti.

Co sa tyka toho druheho NTB, je to pripojene k tej istej WiFi sieti?

[onlinetip]

Poprosim o nove logy z FRST z toho prveho NTB a docistime este zbytocnosti.

Co sa tyka toho druheho NTB, je to pripojene k tej istej WiFi sieti?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-06-2019
Ran by Lucia (administrator) on DESKTOP-EUFOBHH (ASUSTeK COMPUTER INC. X540SA) (24-06-2019 14:06:02)
Running from C:\Users\Lucia\Downloads
Loaded Profiles: Lucia (Available Profiles: Lucia)
Platform: Windows 10 Home Version 1803 17134.829 (X64) Language: Slovenčina (Slovensko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\caller64.exe
() [File not signed] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
() [File not signed] C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11905.1001.4.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Samsung Electronics Co., Ltd.) [File not signed] C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-06] () [File not signed]
HKLM-x32\...\Run: [CLX3180_Scan2Pc] => C:\WINDOWS\Twain_32\Samsung\CLX3180\Scan2pc.exe [1990144 2011-04-29] () [File not signed]
HKLM-x32\...\Run: [3180 Scan2PC] => C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe [1990144 2011-04-29] () [File not signed]
HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646912 2019-05-24] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-06-18] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\Users\Lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odmenovac.appref-ms [2019-03-21] () [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {24B10834-71D4-42E0-B008-1EEF1124A297} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {263C6227-7EBB-4553-803D-36AF804D74B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3672956A-93EB-4039-8323-E3DCEE60F46D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3FD64049-8314-46AA-82B9-9A2F19A4E81B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14680792 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A3C86B72-FA0E-4B47-9EBD-88389CFE8AEE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-03] (Google Inc -> Google Inc.)
Task: {AEC62366-14C5-4062-8485-839E8BD4F1A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B2101017-01DC-4F61-A2CD-75B2DF4C564C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2019-03-03] (Google Inc -> Google Inc.)
Task: {D6DC7DA3-DC6E-473C-BE05-D3CB96D7E820} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FD199665-337D-4B2D-8E23-048E75B15183} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{3bf07e02-5c76-4cd9-89cc-17e8fb463c40}: [DhcpNameServer] 192.168.2.1 195.146.128.62
Tcpip\..\Interfaces\{ecce0655-9197-4f81-9823-ca59b52a0bec}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{ecce0655-9197-4f81-9823-ca59b52a0bec}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default [2019-03-05]
CHR Extension: (Prezentácie) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-03]
CHR Extension: (Dokumenty) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-03]
CHR Extension: (Disk Google) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-03]
CHR Extension: (YouTube) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-03]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-03]
CHR Extension: (Gmail) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-03]
CHR Extension: (Chrome Media Router) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-03]
CHR Profile: C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-03-03]
CHR Profile: C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-06-24]
CHR Extension: (Prezentácie) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-03]
CHR Extension: (Dokumenty) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-03]
CHR Extension: (Disk Google) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-03]
CHR Extension: (YouTube) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-03]
CHR Extension: (Tabuľky) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-03]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-03]
CHR Extension: (Gmail) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-23]
CHR Profile: C:\Users\Lucia\AppData\Local\Google\Chrome\User Data\System Profile [2019-03-03]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\WINDOWS\system32\DRIVERS\AdminService.exe [415992 2019-01-30] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel(R) Software -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [353896 2015-10-26] (Intel Corporation - pGFX -> Intel Corporation)
R2 Samsung Network Fax Server; C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe [229888 2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-21] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S2 DgiVecp; C:\WINDOWS\system32\Drivers\DgiVecp.sys [53816 2009-07-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel(R) Software -> Intel Corporation)
S3 iagpioe; C:\WINDOWS\System32\drivers\iagpioe.sys [41984 2015-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
S3 iai2ce; C:\WINDOWS\System32\drivers\iai2ce.sys [89592 2015-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [5906320 2015-10-26] (Intel Corporation - pGFX -> Intel Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-05-09] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek Semiconductor Corp -> Realtek )
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-21] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-21] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-24 12:51 - 2019-06-24 12:51 - 000000000 ____D C:\WINDOWS\LastGood
2019-06-24 12:22 - 2019-06-24 14:09 - 000017513 _____ C:\Users\Lucia\Downloads\FRST.txt
2019-06-24 12:22 - 2019-06-24 12:22 - 000001090 _____ C:\Users\Lucia\Downloads\Addition.txt
2019-06-23 12:56 - 2019-06-23 12:58 - 000000000 ____D C:\AdwCleaner
2019-06-23 12:55 - 2019-06-23 12:55 - 007025360 _____ (Malwarebytes) C:\Users\Lucia\Downloads\adwcleaner_7.3.exe
2019-06-22 20:53 - 2019-06-24 14:06 - 000000000 ____D C:\FRST
2019-06-22 20:48 - 2019-06-22 20:49 - 002418688 _____ (Farbar) C:\Users\Lucia\Downloads\FRST64.exe
2019-06-22 12:27 - 2019-06-07 07:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-22 12:27 - 2019-06-07 07:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-22 12:26 - 2019-06-07 13:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-22 12:26 - 2019-06-07 12:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-22 12:26 - 2019-06-07 12:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-22 12:26 - 2019-06-07 12:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-22 12:26 - 2019-06-07 12:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-22 12:26 - 2019-06-07 12:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-22 12:26 - 2019-06-07 08:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-22 12:26 - 2019-06-07 07:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-22 12:26 - 2019-06-07 07:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-22 12:26 - 2019-06-07 07:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-22 12:26 - 2019-06-07 07:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-22 12:26 - 2019-06-07 07:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-22 12:26 - 2019-06-07 07:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-22 12:26 - 2019-06-07 07:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-22 12:26 - 2019-06-07 07:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-22 12:26 - 2019-06-07 07:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-22 12:26 - 2019-06-07 07:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-22 12:26 - 2019-06-07 07:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-22 12:26 - 2019-06-07 07:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-22 12:26 - 2019-06-07 07:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-22 12:26 - 2019-06-07 07:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-22 12:26 - 2019-06-07 07:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-22 12:26 - 2019-06-07 07:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-22 12:26 - 2019-06-07 07:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-22 12:26 - 2019-06-07 07:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-22 12:26 - 2019-05-17 14:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-22 12:26 - 2019-05-17 14:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-06-22 12:26 - 2019-05-17 14:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-06-22 12:26 - 2019-05-17 14:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-06-22 12:26 - 2019-05-17 14:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-22 12:26 - 2019-05-17 08:42 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-06-22 12:26 - 2019-05-17 08:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-06-22 12:26 - 2019-05-17 08:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-22 12:26 - 2019-05-17 08:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-06-22 12:26 - 2019-05-17 08:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-06-22 12:26 - 2019-05-17 08:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-06-22 12:26 - 2019-05-17 08:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-22 12:26 - 2019-05-17 08:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-22 12:26 - 2019-05-17 08:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-22 12:26 - 2019-05-17 08:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-22 12:26 - 2019-05-17 08:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-06-22 12:26 - 2019-05-17 08:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-22 12:26 - 2019-05-17 08:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-06-22 12:26 - 2019-05-17 08:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-06-22 12:26 - 2019-05-17 08:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-06-22 12:26 - 2019-05-17 07:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-22 12:26 - 2019-05-17 07:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-22 12:26 - 2019-05-17 07:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-22 12:26 - 2019-05-17 07:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-22 12:26 - 2019-05-17 07:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-06-22 12:26 - 2019-05-17 07:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-22 12:26 - 2019-05-17 07:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-22 12:26 - 2019-05-17 07:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-22 12:26 - 2019-05-17 07:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-22 12:26 - 2019-05-17 07:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-22 12:26 - 2019-05-17 07:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-06-22 12:26 - 2019-05-17 07:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-22 12:26 - 2019-05-17 07:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-22 12:26 - 2019-05-03 08:01 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-22 12:26 - 2019-05-03 08:00 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-22 12:26 - 2019-04-19 06:35 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-06-22 12:26 - 2019-04-19 06:35 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-06-22 12:25 - 2019-06-07 13:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-22 12:25 - 2019-06-07 12:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-06-22 12:25 - 2019-06-07 12:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-22 12:25 - 2019-06-07 12:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-22 12:25 - 2019-06-07 12:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-22 12:25 - 2019-06-07 12:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-22 12:25 - 2019-06-07 12:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-22 12:25 - 2019-06-07 12:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-22 12:25 - 2019-06-07 12:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-22 12:25 - 2019-06-07 12:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-22 12:25 - 2019-06-07 08:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-22 12:25 - 2019-06-07 07:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-22 12:25 - 2019-06-07 07:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-22 12:25 - 2019-06-07 07:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-22 12:25 - 2019-06-07 07:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-22 12:25 - 2019-06-07 07:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-22 12:25 - 2019-06-07 07:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-22 12:25 - 2019-06-07 07:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-22 12:25 - 2019-06-07 07:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-22 12:25 - 2019-06-07 07:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-22 12:25 - 2019-06-07 07:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-22 12:25 - 2019-06-07 07:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-22 12:25 - 2019-06-07 07:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-22 12:25 - 2019-06-07 07:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-06-22 12:25 - 2019-06-07 07:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-06-22 12:25 - 2019-06-07 07:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-22 12:25 - 2019-06-07 07:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-06-22 12:25 - 2019-06-07 07:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-22 12:25 - 2019-06-07 07:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-06-22 12:25 - 2019-06-07 07:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-06-22 12:25 - 2019-06-07 07:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-22 12:25 - 2019-06-07 07:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-06-22 12:25 - 2019-06-07 07:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-22 12:25 - 2019-06-07 07:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-22 12:25 - 2019-06-07 07:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-06-22 12:25 - 2019-06-07 07:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-22 12:25 - 2019-06-07 07:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-22 12:25 - 2019-06-07 07:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-06-22 12:25 - 2019-06-07 07:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-22 12:25 - 2019-06-07 07:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-06-22 12:25 - 2019-06-07 07:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-06-22 12:25 - 2019-06-07 07:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-06-22 12:25 - 2019-06-07 07:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-22 12:25 - 2019-06-07 07:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-22 12:25 - 2019-06-07 07:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-22 12:25 - 2019-06-07 07:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-22 12:25 - 2019-06-07 07:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-22 12:25 - 2019-06-07 07:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-22 12:25 - 2019-06-07 07:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-22 12:25 - 2019-06-07 07:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-06-22 12:25 - 2019-06-07 07:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-22 12:25 - 2019-06-07 07:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-06-22 12:25 - 2019-06-07 07:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-22 12:25 - 2019-06-07 07:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-22 12:25 - 2019-06-07 07:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-22 12:25 - 2019-06-07 07:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-22 12:25 - 2019-06-07 07:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-22 12:25 - 2019-06-07 07:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-22 12:25 - 2019-06-07 07:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-22 12:25 - 2019-06-07 07:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-22 12:25 - 2019-06-07 07:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-22 12:25 - 2019-06-07 07:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-22 12:25 - 2019-06-07 07:16 - 001102336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-22 12:25 - 2019-06-07 07:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-22 12:25 - 2019-06-07 07:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-22 12:25 - 2019-06-07 07:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-22 12:25 - 2019-06-07 06:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2019-06-22 12:25 - 2019-05-19 00:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-22 12:25 - 2019-05-19 00:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-22 12:25 - 2019-05-19 00:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-22 12:25 - 2019-05-19 00:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-22 12:25 - 2019-05-17 14:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-22 12:25 - 2019-05-17 14:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-06-22 12:25 - 2019-05-17 14:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-22 12:25 - 2019-05-17 14:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-06-22 12:25 - 2019-05-17 14:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-06-22 12:25 - 2019-05-17 14:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-22 12:25 - 2019-05-17 14:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-22 12:25 - 2019-05-17 14:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-22 12:25 - 2019-05-17 14:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-06-22 12:25 - 2019-05-17 14:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-06-22 12:25 - 2019-05-17 14:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-06-22 12:25 - 2019-05-17 14:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-06-22 12:25 - 2019-05-17 14:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-22 12:25 - 2019-05-17 14:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-22 12:25 - 2019-05-17 14:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-22 12:25 - 2019-05-17 14:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-06-22 12:25 - 2019-05-17 13:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-06-22 12:25 - 2019-05-17 13:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-22 12:25 - 2019-05-17 13:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-06-22 12:25 - 2019-05-17 13:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-06-22 12:25 - 2019-05-17 13:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-22 12:25 - 2019-05-17 13:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-06-22 12:25 - 2019-05-17 13:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-22 12:25 - 2019-05-17 13:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-06-22 12:25 - 2019-05-17 11:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-06-22 12:25 - 2019-05-17 10:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-06-22 12:25 - 2019-05-17 09:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-06-22 12:25 - 2019-05-17 08:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-06-22 12:25 - 2019-05-17 08:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-06-22 12:25 - 2019-05-17 08:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-06-22 12:25 - 2019-05-17 08:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-06-22 12:25 - 2019-05-17 08:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-06-22 12:25 - 2019-05-17 08:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-06-22 12:25 - 2019-05-17 08:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-22 12:25 - 2019-05-17 08:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-06-22 12:25 - 2019-05-17 08:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-22 12:25 - 2019-05-17 08:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-22 12:25 - 2019-05-17 08:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-06-22 12:25 - 2019-05-17 08:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-22 12:25 - 2019-05-17 08:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-06-22 12:25 - 2019-05-17 08:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-22 12:25 - 2019-05-17 08:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-22 12:25 - 2019-05-17 08:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-22 12:25 - 2019-05-17 08:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-06-22 12:25 - 2019-05-17 08:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-06-22 12:25 - 2019-05-17 08:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-22 12:25 - 2019-05-17 08:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-06-22 12:25 - 2019-05-17 08:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-22 12:25 - 2019-05-17 08:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-22 12:25 - 2019-05-17 08:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-22 12:25 - 2019-05-17 08:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-06-22 12:25 - 2019-05-17 08:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-22 12:25 - 2019-05-17 08:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-22 12:25 - 2019-05-17 08:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-22 12:25 - 2019-05-17 08:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-06-22 12:25 - 2019-05-17 08:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-22 12:25 - 2019-05-17 08:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-06-22 12:25 - 2019-05-17 08:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-22 12:25 - 2019-05-17 08:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-06-22 12:25 - 2019-05-17 08:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-22 12:25 - 2019-05-17 08:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-06-22 12:25 - 2019-05-17 08:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-06-22 12:25 - 2019-05-17 08:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-06-22 12:25 - 2019-05-17 08:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-06-22 12:25 - 2019-05-17 08:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-22 12:25 - 2019-05-17 08:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-06-22 12:25 - 2019-05-17 08:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-22 12:25 - 2019-05-17 08:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-22 12:25 - 2019-05-17 08:00 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-06-22 12:25 - 2019-05-17 07:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-06-22 12:25 - 2019-05-17 07:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-06-22 12:25 - 2019-05-17 07:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-22 12:25 - 2019-05-17 07:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-06-22 12:25 - 2019-05-17 07:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-22 12:25 - 2019-05-17 07:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-22 12:25 - 2019-05-17 07:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-22 12:25 - 2019-05-17 07:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-22 12:25 - 2019-05-17 07:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-22 12:25 - 2019-05-17 07:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-06-22 12:25 - 2019-05-17 07:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-22 12:25 - 2019-05-17 07:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-06-22 12:25 - 2019-05-17 07:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-22 12:25 - 2019-05-17 07:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-22 12:25 - 2019-05-17 07:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-22 12:25 - 2019-05-17 07:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-22 12:25 - 2019-05-17 07:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-06-22 12:25 - 2019-05-17 07:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-06-22 12:25 - 2019-05-17 07:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-06-22 12:25 - 2019-05-17 07:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-06-22 12:25 - 2019-05-17 07:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-22 12:25 - 2019-05-17 07:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-06-22 12:25 - 2019-05-17 07:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-22 12:25 - 2019-05-17 07:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-06-22 12:25 - 2019-05-17 07:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-22 12:25 - 2019-05-17 07:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-22 12:25 - 2019-05-17 07:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-22 12:25 - 2019-05-17 07:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-22 12:25 - 2019-05-17 07:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-22 12:25 - 2019-05-17 07:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-22 12:25 - 2019-05-17 07:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-22 12:25 - 2019-05-17 07:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-06-22 12:25 - 2019-05-17 07:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-22 12:25 - 2019-05-03 14:14 - 000790208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-06-22 12:25 - 2019-05-03 14:13 - 001376472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-06-22 12:25 - 2019-05-03 14:13 - 000396088 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2019-06-22 12:25 - 2019-05-03 13:55 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-06-22 12:25 - 2019-05-03 13:54 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-06-22 12:25 - 2019-05-03 13:52 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-06-22 12:25 - 2019-05-03 13:49 - 001288704 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-06-22 12:25 - 2019-05-03 13:49 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-06-22 12:25 - 2019-05-03 13:49 - 000210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-06-22 12:25 - 2019-05-03 13:43 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-06-22 12:25 - 2019-05-03 13:43 - 000662328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-06-22 12:25 - 2019-05-03 13:30 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-06-22 12:25 - 2019-05-03 13:30 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-06-22 12:25 - 2019-05-03 13:28 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-06-22 12:25 - 2019-05-03 13:27 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-06-22 12:25 - 2019-05-03 13:26 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-06-22 12:25 - 2019-05-03 08:43 - 000177128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-06-22 12:25 - 2019-05-03 08:34 - 000159864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-06-22 12:25 - 2019-05-03 08:33 - 000063072 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-06-22 12:25 - 2019-05-03 08:32 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-06-22 12:25 - 2019-05-03 08:32 - 000493880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-06-22 12:25 - 2019-05-03 08:32 - 000438984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-06-22 12:25 - 2019-05-03 08:32 - 000209208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-06-22 12:25 - 2019-05-03 08:32 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-06-22 12:25 - 2019-05-03 08:31 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-22 12:25 - 2019-05-03 08:31 - 000115728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-06-22 12:25 - 2019-05-03 08:20 - 000434704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-06-22 12:25 - 2019-05-03 08:20 - 000384976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-06-22 12:25 - 2019-05-03 08:20 - 000192016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-06-22 12:25 - 2019-05-03 08:20 - 000146920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-06-22 12:25 - 2019-05-03 08:19 - 000665224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-06-22 12:25 - 2019-05-03 08:19 - 000056288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-06-22 12:25 - 2019-05-03 08:00 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-06-22 12:25 - 2019-05-03 08:00 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2019-06-22 12:25 - 2019-05-03 07:59 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-06-22 12:25 - 2019-05-03 07:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-06-22 12:25 - 2019-05-03 07:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-06-22 12:25 - 2019-05-03 07:56 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-06-22 12:25 - 2019-05-03 07:55 - 000659968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-06-22 12:25 - 2019-05-03 07:54 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-22 12:25 - 2019-05-03 07:54 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-06-22 12:25 - 2019-05-03 07:54 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-06-22 12:25 - 2019-05-03 07:54 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-06-22 12:25 - 2019-05-03 07:54 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-22 12:25 - 2019-05-03 07:53 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-06-22 12:25 - 2019-05-03 07:53 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-06-22 12:25 - 2019-05-03 07:53 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-06-22 12:25 - 2019-05-03 07:53 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-06-22 12:25 - 2019-04-19 12:54 - 000720200 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-06-22 12:25 - 2019-04-19 12:38 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-06-22 12:25 - 2019-04-19 12:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-06-22 12:25 - 2019-04-19 12:36 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-06-22 12:25 - 2019-04-19 12:34 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-06-22 12:25 - 2019-04-19 11:37 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-06-22 12:25 - 2019-04-19 11:30 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-06-22 12:25 - 2019-04-19 11:26 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-06-22 12:25 - 2019-04-19 11:25 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-06-22 12:25 - 2019-04-19 07:07 - 000985400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-06-22 12:25 - 2019-04-19 07:06 - 000798520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-06-22 12:25 - 2019-04-19 07:02 - 000831800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-06-22 12:25 - 2019-04-19 07:01 - 000576016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-06-22 12:25 - 2019-04-19 06:43 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-06-22 12:25 - 2019-04-19 06:41 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-06-22 12:25 - 2019-04-19 06:41 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-06-22 12:25 - 2019-04-19 06:40 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2019-06-22 12:25 - 2019-04-19 06:40 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-06-22 12:25 - 2019-04-19 06:40 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-06-22 12:25 - 2019-04-19 06:40 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-06-22 12:25 - 2019-04-19 06:40 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetDriverInstall.dll
2019-06-22 12:25 - 2019-04-19 06:39 - 000567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-06-22 12:25 - 2019-04-19 06:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-06-22 12:25 - 2019-04-19 06:39 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-06-22 12:25 - 2019-04-19 06:39 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-06-22 12:25 - 2019-04-19 06:39 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-06-22 12:25 - 2019-04-19 06:38 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-06-22 12:25 - 2019-04-19 06:38 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-06-22 12:25 - 2019-04-19 06:38 - 000304128 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-06-22 12:25 - 2019-04-19 06:38 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-06-22 12:25 - 2019-04-19 06:37 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-06-22 12:25 - 2019-04-19 06:37 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-06-22 12:25 - 2019-04-19 06:37 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-06-22 12:25 - 2019-04-19 06:37 - 000381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-06-22 12:25 - 2019-04-19 06:37 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-06-22 12:25 - 2019-04-19 06:36 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-06-22 12:25 - 2019-04-19 06:36 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-06-22 12:25 - 2019-04-19 06:36 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-06-22 12:25 - 2019-04-19 06:36 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-22 12:25 - 2019-04-19 06:36 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-06-22 12:25 - 2019-04-19 06:35 - 001938944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-06-22 12:25 - 2019-04-19 06:35 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-06-22 12:25 - 2019-04-19 06:35 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-06-22 12:25 - 2019-04-19 06:35 - 000535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-06-22 12:25 - 2019-04-19 06:35 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-06-22 12:25 - 2019-04-19 06:35 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-22 12:25 - 2019-04-19 06:34 - 000935936 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-06-22 12:25 - 2019-04-19 06:34 - 000885760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-06-22 12:25 - 2019-04-19 06:34 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-06-22 12:25 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-06-22 12:25 - 2019-04-19 05:18 - 000806360 _____ C:\WINDOWS\system32\locale.nls
2019-06-22 12:25 - 2019-04-09 03:48 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-06-22 08:54 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-06-22 08:54 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-06-22 08:54 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-06-22 08:54 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-06-22 08:54 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-06-22 08:54 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-06-22 08:54 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-22 08:54 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-06-22 08:54 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-06-22 08:54 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-06-22 08:54 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-06-22 08:54 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-06-22 08:54 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-06-22 08:54 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-06-22 08:54 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-06-22 08:54 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-06-22 08:54 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-06-22 08:54 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-06-22 08:53 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-06-22 08:53 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-06-22 08:53 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-06-22 08:53 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-06-22 08:53 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-06-22 08:53 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-06-22 08:53 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-06-22 08:53 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-06-22 08:53 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-06-22 08:53 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-06-22 08:53 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-06-22 08:53 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-06-22 08:53 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-06-22 08:53 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-06-22 08:53 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-06-22 08:53 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-06-22 08:53 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-06-22 08:53 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-06-22 08:53 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-06-22 08:53 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-06-22 08:53 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-06-22 08:53 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-06-22 08:53 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-06-22 08:53 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-06-22 08:53 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-06-22 08:53 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-06-22 08:53 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-06-22 08:53 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-06-22 08:53 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-06-22 08:53 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-06-22 08:53 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-06-22 08:53 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-06-22 08:53 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-06-22 08:53 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-06-22 08:53 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-06-22 08:53 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-06-22 08:53 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-06-22 08:53 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-06-22 08:53 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-06-22 08:53 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-06-22 08:53 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-06-22 08:53 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-06-22 08:53 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-06-22 08:53 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-06-22 08:53 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-06-22 08:53 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-06-22 08:53 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-06-22 08:53 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-06-22 08:53 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-06-22 08:53 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-06-22 08:53 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-06-22 08:53 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-06-22 08:53 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-06-22 08:53 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-06-22 08:53 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-06-22 08:53 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-06-22 08:53 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-06-22 08:53 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-06-22 08:53 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-06-22 08:53 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-22 08:53 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-06-22 08:53 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-06-22 08:53 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-06-22 08:53 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-06-22 08:53 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-06-22 08:53 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-06-22 08:53 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-06-22 08:53 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-06-22 08:53 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-06-22 08:53 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-06-22 08:53 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-06-22 08:53 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-06-22 08:53 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-06-22 08:53 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-06-22 08:53 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-06-22 08:53 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-06-22 08:53 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-06-22 08:53 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-06-22 08:53 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-06-22 08:53 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-06-22 08:53 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-06-22 08:53 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-06-22 08:53 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-06-22 08:53 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-06-22 08:53 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-06-22 08:53 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-06-22 08:53 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-06-22 08:53 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-06-22 08:53 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-06-22 08:53 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-06-21 11:18 - 2019-06-21 11:18 - 000000000 ____D C:\Program Files\UNP

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-24 14:04 - 2019-03-02 17:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-24 13:09 - 2019-03-02 16:55 - 000000000 ____D C:\WINDOWS\INF
2019-06-23 21:14 - 2019-03-02 17:30 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-06-23 21:14 - 2016-12-01 21:36 - 000000000 __SHD C:\Users\Lucia\IntelGraphicsProfiles
2019-06-23 13:17 - 2019-03-02 17:51 - 000005596 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-23 12:51 - 2019-03-03 16:29 - 000001381 _____ C:\Users\Public\Desktop\Skype.lnk
2019-06-23 12:48 - 2019-03-02 17:48 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-23 12:48 - 2019-03-02 16:35 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-23 06:28 - 2019-03-02 16:58 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-23 06:28 - 2017-11-15 18:52 - 000000000 ___RD C:\Users\Lucia\3D Objects
2019-06-23 06:28 - 2016-03-23 22:11 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-22 21:40 - 2019-03-02 17:25 - 000269624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-22 21:36 - 2019-03-02 16:59 - 000000000 ____D C:\WINDOWS\TextInput
2019-06-22 21:36 - 2019-03-02 16:58 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-06-22 21:36 - 2019-03-02 16:58 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-22 21:36 - 2019-03-02 16:58 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-06-22 21:36 - 2019-03-02 16:58 - 000000000 ____D C:\WINDOWS\Provisioning
2019-06-22 21:36 - 2019-03-02 16:58 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-22 12:39 - 2019-03-02 16:45 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-22 12:23 - 2019-03-03 19:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-22 12:19 - 2019-03-03 19:30 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-22 12:11 - 2019-03-02 16:58 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-22 11:53 - 2019-03-03 19:27 - 000000000 ____D C:\Program Files\rempl
2019-06-22 08:33 - 2019-03-02 17:55 - 000000000 ____D C:\Users\Lucia\AppData\Local\Deployment
2019-06-21 20:00 - 2019-03-02 17:42 - 000000000 ____D C:\Users\Lucia
2019-06-21 11:23 - 2019-03-02 17:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-06-21 11:17 - 2019-03-03 16:15 - 000002274 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-21 11:17 - 2019-03-03 14:23 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3668747667-419819588-178633127-1001
2019-06-21 11:16 - 2019-03-02 17:42 - 000002353 _____ C:\Users\Lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-06-21 11:16 - 2016-12-01 21:40 - 000000000 ___RD C:\Users\Lucia\OneDrive
2019-06-21 11:11 - 2019-03-03 15:27 - 000000000 ____D C:\Users\Lucia\Desktop\Plocha
2019-05-31 03:57 - 2019-03-02 17:04 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-31 03:57 - 2019-03-02 17:04 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories ================

2019-03-13 21:09 - 2019-03-13 21:09 - 000011832 _____ () C:\Users\Lucia\AppData\Roaming\SmarThruOptions.xml
2019-03-03 14:41 - 2019-03-02 12:12 - 000000184 _____ () C:\Users\Lucia\AppData\Roaming\sp_data.sys

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2019
Ran by Lucia (24-06-2019 14:12:40)
Running from C:\Users\Lucia\Downloads
Windows 10 Home Version 1803 17134.829 (X64) (2019-03-02 15:49:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3668747667-419819588-178633127-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3668747667-419819588-178633127-503 - Limited - Disabled)
Guest (S-1-5-21-3668747667-419819588-178633127-501 - Limited - Disabled)
Lucia (S-1-5-21-3668747667-419819588-178633127-1001 - Administrator - Enabled) => C:\Users\Lucia
WDAGUtilityAccount (S-1-5-21-3668747667-419819588-178633127-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
eDANE – aplikácia sekcie daňovej FR SR pre podávanie daňových dokumentov - 2 (HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\6471891987962ff1) (Version: 1.3.0.3 - Finančné riaditeľstvo SR - Sekcia daňová)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Maintenance Samsung CLX-3180 Series (HKLM-x32\...\Samsung CLX-3180 Series) (Version: - Samsung Electronics Co., Ltd.)
Microsoft OneDrive (HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Odmenovac (HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\769fa7d60192d35e) (Version: 3.0.0.47 - Kantar Slovakia)
OpenOffice 4.1.5 (HKLM-x32\...\{E177AC33-EC9C-4537-8996-37ED331D9227}) (Version: 4.15.9789 - Apache Software Foundation)
Readiris Pro 10 (HKLM-x32\...\{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}) (Version: - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7687 - Realtek Semiconductor Corp.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.05.22.00 - Samsung Electronics Co., Ltd.)
Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.20.00 - Samsung Electronics Co., Ltd.)
Skype verzia 8.46 (HKLM-x32\...\Skype_is1) (Version: 8.46 - Skype Technologies S.A.)
SmarThru 4 (HKLM-x32\...\{90F1943D-EA4A-4460-B59F-30023F3BA69A}) (Version: - Samsung Electronics Co., Ltd.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)

Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.15.8.0_x86__kgqvnymyfvs32 [2019-06-22] (king.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1530.2.0_x86__kgqvnymyfvs32 [2019-06-22] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_5.0.0.3_x86__m9bz608c1b9ra [2019-06-22] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_2.4.520.0_x64__rz1tebttyb220 [2019-03-10] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-10] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-03] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-05-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-22] (Microsoft Studios) [MS Ad]
Microsoft Telefón -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2019-03-03] (Microsoft Corporation)
MSN Počasie -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-03-03] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-03-10] (Thumbmunkeys Ltd) [MS Ad]
Pošta a kalendár -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-06-22] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [!NetFax0] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax1] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax2] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax3] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax4] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax5] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax6] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers1: [!NetFax7] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll [2011-04-28] (Samsung Electronics Co., Ltd.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Lucia\Desktop\Lucia - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2019-03-03 16:28 - 2019-05-24 15:55 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-03-03 16:28 - 2019-05-24 15:55 - 002901504 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2019-03-13 20:59 - 2009-09-29 11:47 - 000306688 _____ () [File not signed] C:\Windows\Samsung\PanelMgr\caller64.exe
2019-03-13 20:59 - 2011-07-06 14:17 - 000688128 _____ () [File not signed] C:\Windows\Samsung\PanelMgr\SSMMgr.exe
2019-03-13 21:04 - 2010-11-11 11:46 - 000293888 _____ () [File not signed] C:\Windows\twain_32\Samsung\CLX3180\NetModule2.dll
2019-03-13 21:04 - 2011-04-29 09:58 - 001990144 _____ () [File not signed] C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe
2019-03-13 21:04 - 2009-10-31 15:42 - 001384520 _____ () [File not signed] C:\Windows\twain_32\Samsung\CLX3180\ssole.dll
2019-03-03 16:28 - 2019-05-24 15:55 - 015257088 _____ (Node.js) [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\node.dll
2019-03-13 21:09 - 2011-04-28 12:20 - 000240640 ____R (Samsung Electronics Co., Ltd.) [File not signed] C:\WINDOWS\System32\NetFaxPort64.dll
2019-03-13 21:09 - 2011-04-28 12:20 - 000229888 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe
2019-03-13 21:09 - 2011-04-28 12:20 - 000190976 _____ (Samsung Electronics Co., Ltd.) [File not signed] C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxShell64.dll
2019-03-13 21:04 - 2009-10-31 15:42 - 000081920 _____ (Samsung Electronics) [File not signed] C:\Windows\twain_32\Samsung\CLX3180\scantopc.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-02 16:59 - 2019-03-02 16:54 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3668747667-419819588-178633127-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Lucia\Desktop\pc-afirmacia-5.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\StartupApproved\StartupFolder: => "Odmenovac.appref-ms"
HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-3668747667-419819588-178633127-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D2AAB9B6-7162-4D07-B7B8-D56275948829}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics) [File not signed]
FirewallRules: [{4B401E14-3C06-4459-BC40-2299217C5838}] => (Allow) C:\Windows\twain_32\Samsung\ScanMgr.exe (Samsung Electronics) [File not signed]
FirewallRules: [{8B069342-BA66-4614-B0E1-CADBD4AB5AA2}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe () [File not signed]
FirewallRules: [{CC175314-B024-4019-AA4B-A9F7F56DDB09}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Scan2Pc.exe () [File not signed]
FirewallRules: [{170A464B-DA14-4E88-8FAD-30B3FA84AC7A}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Sscan2io.exe () [File not signed]
FirewallRules: [{B0208BF4-B44D-4164-8BA8-2F65B143A7C9}] => (Allow) C:\Windows\twain_32\Samsung\CLX3180\Sscan2io.exe () [File not signed]
FirewallRules: [{D25379E5-7C3F-4CA0-A85D-736C421180AF}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{C37C8ECC-F07D-4B62-BD80-C5557E543368}] => (Allow) C:\Program Files (x86)\Scan Assistant\USDAgent.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{057BF444-5917-4167-A019-728AD9B8A8B2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{E6680D0B-3455-45E3-BB40-5D9EE5F5A12B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CE4540F6-0530-4048-84B6-CDD97E3A7D67}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

28-05-2019 13:12:50 Scheduled Checkpoint
21-06-2019 12:15:13 Scheduled Checkpoint
24-06-2019 12:49:21 Windows Update

==================== Faulty Device Manager Devices =============

Name: Qualcomm Atheros Bluetooth 4.0
Description: Qualcomm Atheros Bluetooth 4.0
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : Windows is removing this device. (Code 21)
Resolution: Wait several seconds, and then press the F5 key to update the Device Manager view.
If that does not resolve the problem, restart your computer.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/22/2019 11:53:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: sedsvc.exe, verzia: 10.0.17134.10066, časová značka: 0xa4407904
Názov chybujúceho modulu: sedsvc.exe, verzia: 10.0.17134.10066, časová značka: 0xa4407904
Kód výnimky: 0xc0000005
Odstup chyby: 0x00000000000105f1
Identifikácia chybujúceho procesu: 0x1d68
Čas spustenia chybujúcej aplikácie: 0x01d52811a27cf4a8
Cesta chybujúcej aplikácie: C:\Program Files\rempl\sedsvc.exe
Cesta chybujúceho modulu: C:\Program Files\rempl\sedsvc.exe
Identifikácia hlásenia: 67cec633-b0de-4a15-9707-5817e4e47d97
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/12/2019 08:34:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Odmenovac.exe, verzia: 3.0.0.47, časová značka: 0x5bcd1e3f
Názov chybujúceho modulu: RPCRT4.dll, verzia: 10.0.17134.648, časová značka: 0xe96fa1e9
Kód výnimky: 0xc00000fd
Odstup chyby: 0x0001cbda
Identifikácia chybujúceho procesu: 0x2304
Čas spustenia chybujúcej aplikácie: 0x01d4f0f15514fbac
Cesta chybujúcej aplikácie: C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\odme..tion_ef252d0bf8e0ce83_0003.0000_3f9dbaab95fff523\Odmenovac.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\RPCRT4.dll
Identifikácia hlásenia: 169c7cbc-20e2-42f9-a952-9fc0783b88ee
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/08/2019 05:57:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DRSR.Win.DP.DRKlient.exe, verzia: 1.3.0.1, časová značka: 0x5a094787
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17134.556, časová značka: 0xadca2670
Kód výnimky: 0xc000041d
Odstup chyby: 0x001118a2
Identifikácia chybujúceho procesu: 0x132c
Čas spustenia chybujúcej aplikácie: 0x01d4ee153e9326f6
Cesta chybujúcej aplikácie: C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\drsr..tion_77208991cc2c0e96_0001.0003_17318117fe44b2e4\DRSR.Win.DP.DRKlient.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: c00dee6d-4a02-467a-bc34-bcc6cedc7cd2
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/08/2019 05:56:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: DRSR.Win.DP.DRKlient.exe, verzia: 1.3.0.1, časová značka: 0x5a094787
Názov chybujúceho modulu: KERNELBASE.dll, verzia: 10.0.17134.556, časová značka: 0xadca2670
Kód výnimky: 0xc0020001
Odstup chyby: 0x001118a2
Identifikácia chybujúceho procesu: 0x132c
Čas spustenia chybujúcej aplikácie: 0x01d4ee153e9326f6
Cesta chybujúcej aplikácie: C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\drsr..tion_77208991cc2c0e96_0001.0003_17318117fe44b2e4\DRSR.Win.DP.DRKlient.exe
Cesta chybujúceho modulu: C:\WINDOWS\System32\KERNELBASE.dll
Identifikácia hlásenia: 2164de9c-7eae-4483-9aba-fcdbd3af486d
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/03/2019 09:23:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Odmenovac.exe, verzia: 3.0.0.47, časová značka: 0x5bcd1e3f
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.17134.556, časová značka: 0x319e0a75
Kód výnimky: 0xc00000fd
Odstup chyby: 0x00045f68
Identifikácia chybujúceho procesu: 0x278c
Čas spustenia chybujúcej aplikácie: 0x01d4e9e05b599d75
Cesta chybujúcej aplikácie: C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\odme..tion_ef252d0bf8e0ce83_0003.0000_3f9dbaab95fff523\Odmenovac.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 0d1c5c39-3d4a-45f8-89be-a15c63b010b7
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (04/01/2019 10:18:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: Odmenovac.exe, verzia: 3.0.0.47, časová značka: 0x5bcd1e3f
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.17134.556, časová značka: 0x319e0a75
Kód výnimky: 0xc00000fd
Odstup chyby: 0x00045f68
Identifikácia chybujúceho procesu: 0x2250
Čas spustenia chybujúcej aplikácie: 0x01d4e4e3341e753e
Cesta chybujúcej aplikácie: C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\odme..tion_ef252d0bf8e0ce83_0003.0000_3f9dbaab95fff523\Odmenovac.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: a48cb030-ae86-42ee-add4-4bd92ac84cfa
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:


System errors:
=============
Error: (06/24/2019 01:09:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba 0x800701e1: Qualcomm Atheros Communications - Bluetooth - 1/24/2019 12:00:00 AM - 10.0.3.19.

Error: (06/24/2019 06:21:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/23/2019 09:16:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EUFOBHH)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user DESKTOP-EUFOBHH\Lucia SID (S-1-5-21-3668747667-419819588-178633127-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/23/2019 09:16:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/23/2019 09:14:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/23/2019 09:14:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/23/2019 09:14:57 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (06/23/2019 07:45:10 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-EUFOBHH)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
and APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
to the user DESKTOP-EUFOBHH\Lucia SID (S-1-5-21-3668747667-419819588-178633127-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.


Windows Defender:
===================================
Date: 2019-06-23 15:48:18.759
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8FE98D05-0996-46F7-8D05-9530C3A18F58}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-23 15:28:49.467
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {56C41D50-AA1C-48C8-A3E8-FB1D3AA4D011}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-23 15:23:56.230
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {5959F8E3-1145-4360-A1D8-01ADFC69600C}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-23 10:58:26.197
Description:
Controlled Folder Access blocked C:\Windows\System32\taskhostw.exe from making changes to memory.
Detection time: 2019-06-23T08:58:26.184Z
Path: \Device\CdRom0
Process Name: C:\Windows\System32\taskhostw.exe
Signature Version: 1.295.1239.0
Engine Version: 1.1.16000.6
Product Version: 4.18.1905.4

Date: 2019-06-21 11:33:44.979
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B58CACF3-B6CB-4D1F-A25B-45F5EB43C92B}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2019-06-23 06:31:49.626
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.1239.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x8024402c
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

Date: 2019-06-21 11:34:00.947
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.295.1157.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.16000.6
Error code: 0x80240438
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

Date: 2019-06-21 11:20:29.747
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.293.2420.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80240438
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

Date: 2019-05-28 10:39:02.761
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.293.1626.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80240437
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

Date: 2019-05-16 11:28:07.562
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.293.1626.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80240438
Error description: Počas vyhľadávania aktualizácií sa vyskytol neočakávaný problém. Informácie o inštalácii aktualizácií a riešení problémov s aktualizáciami nájdete v Pomoci a technickej podpore.

==================== Memory info ===========================

BIOS: American Megatrends Inc. X540SA.207 11/25/2015
Motherboard: ASUSTeK COMPUTER INC. X540SA
Processor: Intel(R) Pentium(R) CPU N3700 @ 1.60GHz
Percentage of memory in use: 84%
Total physical RAM: 3999.94 MB
Available physical RAM: 622.1 MB
Total Virtual: 6051.19 MB
Available Virtual: 1042.75 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:371.51 GB) (Free:321.51 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:508.66 GB) NTFS

\\?\Volume{2242fdd4-15a6-4d48-9563-c92377230667}\ () (Fixed) (Total:0.83 GB) (Free:0.45 GB) NTFS
\\?\Volume{a30be102-b73a-4a69-baf4-e006093637bf}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 56D40A90)

Partition: GPT.

==================== End of Addition.txt ============================



Áno, na tom druhom notebooku je tá istá wifi.

[Conder]

Doriesime najprv ten prvy NTB, nech je to prehladnejsie.

Poznas/pouzivas nejaku aplikaciu/program "Odmenovac"?

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  CMD: type "C:\Users\Lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odmenovac.appref-ms"
  ExportKey: HKEY_USERS\S-1-5-21-3668747667-419819588-178633127-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\769fa7d60192d35e
  
  Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[onlinetip]

Doriesime najprv ten prvy NTB, nech je to prehladnejsie.

Poznas/pouzivas nejaku aplikaciu/program "Odmenovac"?

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  CMD: type "C:\Users\Lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odmenovac.appref-ms"
  ExportKey: HKEY_USERS\S-1-5-21-3668747667-419819588-178633127-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\769fa7d60192d35e
  
  Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
CMD: type "C:\Users\Lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odmenovac.appref-ms"
ExportKey: HKEY_USERS\S-1-5-21-3668747667-419819588-178633127-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\769fa7d60192d35e

Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 7123
Average :
Sum : 7138655469
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========= type "C:\Users\Lucia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odmenovac.appref-ms" =========

http://localhost/Odmenovac.application# ... pplication, Culture=neutral, PublicKeyToken=null, processorArchitecture=x86
========= End of CMD: =========

================== ExportKey: ===================

[HKEY_USERS\S-1-5-21-3668747667-419819588-178633127-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\769fa7d60192d35e]
"ShortcutAppId"="https://vyskumy.sk/Odmenovac.applicatio ... pplication, Culture=sk-SK, PublicKeyToken=ef252d0bf8e0ce83, processorArchitecture=x86"
"SupportShortcutFileName"="Odmenovac online support"
"ShortcutSuiteName"="Odmenovac"
"ShortcutFileName"="Odmenovac"
"ShortcutFolderName"="Kantar Slovakia"
"UrlUpdateInfo"="https://vyskumy.sk/Odmenovac.application"
"HelpLink"="https://vyskumy.sk/"
"UninstallString"="rundll32.exe dfshim.dll,ShArpMaintain Odmenovac.application, Culture=sk-SK, PublicKeyToken=ef252d0bf8e0ce83, processorArchitecture=x86"
"Publisher"="Kantar Slovakia"
"DisplayVersion"="3.0.0.47"
"DisplayIcon"="C:\Users\Lucia\AppData\Local\Apps\2.0\VQKXTYPJ.A1A\0OCGZP0V.9ZR\odme..tion_ef252d0bf8e0ce83_0003.0000_3f9dbaab95fff523\Uninstaller.exe"
"DisplayName"="Odmenovac"

=== End of ExportKey ===
HKLM\System\CurrentControlSet\Control\Lsa\\Notification Packages => value restored successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39084310 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 3510993 B
Edge => 606162 B
Chrome => 806634875 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 17099440 B
NetworkService => 0 B
Lucia => 94166403 B

RecycleBin => 0 B
EmptyTemp: => 924.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:51:31 ====

[Conder]

Poznas/pouzivas nejaku aplikaciu/program "Odmenovac"?

Plocha ma cca 7 GB. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Ako to vyzera s tymto PC? Su este nejake problemy?

[onlinetip]

Poznas/pouzivas nejaku aplikaciu/program "Odmenovac"?

Plocha ma cca 7 GB. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Ako to vyzera s tymto PC? Su este nejake problemy?

Áno, vyzerá to tak že tento problém vznikol po nainštalovaní tejto aplikácie. Vyzerá, že teraz už to ide celkom fajn, dík.

Čo sa týka teraz toho druhého notebooku, tak tam vlastne je ten istý problém ako pri tom prvom a je tam tiež nainštalovaný tento "odmeňovač".

[Conder]

Tak ideme k tomu druhemu NTB. Precisti ho AdwCleanerom (postup taky isty) nasledne poprosim obidva logy z FRST.

[onlinetip]

Tak ideme k tomu druhemu NTB. Precisti ho AdwCleanerom (postup taky isty) nasledne poprosim obidva logy z FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2019
Ran by Pato (administrator) on PATO-PC (TOSHIBA SATELLITE L750) (26-06-2019 10:02:53)
Running from C:\Users\Pato\Desktop
Loaded Profiles: Pato (Available Profiles: Pato)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Renesas Electronics Corporation -> Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(The Chromium Authors) [File not signed] C:\Users\Pato\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Pato\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Pato\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Pato\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Pato\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) [File not signed] C:\Users\Pato\AppData\Local\chromium\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation -> Renesas Electronics Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-05-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2930219675-3888109823-3098542891-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646912 2019-05-24] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2930219675-3888109823-3098542891-1000\...\Run: [Chromium] => c:\users\pato\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors) [File not signed]
HKU\S-1-5-21-2930219675-3888109823-3098542891-1000\...\Run: [GoogleChromeAutoLaunch_F0DD59DBD7478B8074DF168BE47F7A72] => C:\Users\Pato\AppData\Local\chromium\Application\chrome.exe [829440 2017-02-15] (The Chromium Authors) [File not signed]
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-21] (Google LLC -> Google LLC)
Startup: C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odmenovac.appref-ms [2019-06-21] () [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {50A5191B-DDA6-49DF-8E5B-6EC1BFDC5DDF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5A8C6961-2B4C-473D-A2D6-F188A161266C} - System32\Tasks\Chromium lidel => "wscript.exe" "C:\ProgramData\{08D3CDB0-8291-4776-0457-D9349E1552FA}\dito.txt" "68747470733a2f2f64326234366537617832617466692e636c6f756466726f6e742e6e6574" "//B" "//E:jscript" "--IsErIk" <==== ATTENTION
Task: {80F25C8F-2162-4F57-B2F1-1E20C68C9A8D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9447AEB0-122A-4032-912F-C796BE434E87} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-19] (Google Inc -> Google Inc.)
Task: {BF0BD7E5-6A26-4367-B5FF-750D46BC5253} - System32\Tasks\Besocufa\{1B7E8DE7-F3C7-2C28-6813-6B1B1FB58322} => C:\Users\Pato\AppData\Roaming\crowminio\Besocufa.exe [110592 2013-04-22] () [File not signed]
Task: {CB3803C5-C7CC-4244-8988-552A0B6DF5B9} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {DFA681BA-7A1B-4A64-93E6-37B913AF3995} - System32\Tasks\{01F11EFA-5B0D-ECDC-FD3A-05C1BF188832} => C:\Users\Pato\AppData\Roaming\01f11efa5b0decdcfd3a05c1bf188832\kagadak.exe [633344 2013-04-19] () [File not signed]
Task: {EECC7E4A-4615-4172-8E3F-EFEF407976AC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-19] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\{01F11EFA-5B0D-ECDC-FD3A-05C1BF188832}.job => C:\Users\Pato\AppData\Roaming\01F11E~1\kagadak.exe <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-2930219675-3888109823-3098542891-1000] => Proxy is enabled.
ProxyServer: [S-1-5-21-2930219675-3888109823-3098542891-1000] => http=127.0.0.1:8877;https=127.0.0.1:8877
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{3881C4AA-5F77-4CF7-9E47-8FD142ECB2A1}: [NameServer] 208.67.220.222,208.67.220.220
Tcpip\..\Interfaces\{3881C4AA-5F77-4CF7-9E47-8FD142ECB2A1}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{9F6FD062-DC24-4964-84D1-AA1C8D1FC4A0}: [DhcpNameServer] 192.168.1.1 0.0.0.0
ManualProxies: 1http=127.0.0.1:8877;https=127.0.0.1:8877

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://no.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c110239179a66eb7f2a407b5ef1&param1=IE&param2=1&param3=campaignID%3D846%26UserID%3D1780151840&param4=XPbueSzfBeG6K2MlxBpfELmmgzh8mOsLvk1mNxKnkuCZ7uSrHVxw8ZR3tlDoCpJnlbDft8Hg7/39vwSvryrcy/9kfvvYo6J+KlAv9reUIp2PXPiu+ArLT3gsn9lAj+9Y6G4kijIP6ZRNqVoQZJ9Dws9DVQvlQ3c6cbFmGt4GvdgWeVEr+VEcBji/l9f4RddBwA0gSmGdYES52fNzQBSJvHGgMG1bjFvy+hFVzNn4amZ9fKbuyZv3FJLw4UB29+lcRiegzbTS10e2MKLMOekG39mPYop+WcSuWy9J9mwY9uid+fgyLem9s5Qq3x3kORn+tUPhJKnveUhb74SNkLutZnkdY9+FzpF6zvBIB2875xg6BUjPgGxdN9xcdFKPrOIS6QrqguWCGy2Yn+zfqnJG6TzJyB00wut7LWAH2mKa0kC9980ewe0YL/3ufplOxx3FtP+Q/oWCyuz0lOpmHPkRIadzRhF/qI9NJVn0uP5J92F7kO0V3/h/RHu5HxqWKVUyJm7yiyIwPM4ibY/TWXb8KOGZOlJ9nnPTddY18JGwLMCRfYezfspYl47IcDO+IyjMj6ygUXla9htkyrvmo+CnD+h9fx3hjft1rMVv+fypOqHiDgeB/YB4imRv0mNueWBObqIEmNn/5PVOCpLYOvThg/Wwg9iaCTQcK+w1UOyuWjqebQemqj6M0iH4KEtZqlKq
HKU\S-1-5-21-2930219675-3888109823-3098542891-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://no.search.yahoo.com/yhs/web?hspart=shnl&hsimp=yhs-001&type=c110239179a66eb7f2a407b5ef1&param1=IE&param2=1&param3=campaignID%3D846%26UserID%3D1780151840&param4=XPbueSzfBeG6K2MlxBpfELmmgzh8mOsLvk1mNxKnkuCZ7uSrHVxw8ZR3tlDoCpJnlbDft8Hg7/39vwSvryrcy/9kfvvYo6J+KlAv9reUIp2PXPiu+ArLT3gsn9lAj+9Y6G4kijIP6ZRNqVoQZJ9Dws9DVQvlQ3c6cbFmGt4GvdgWeVEr+VEcBji/l9f4RddBwA0gSmGdYES52fNzQBSJvHGgMG1bjFvy+hFVzNn4amZ9fKbuyZv3FJLw4UB29+lcRiegzbTS10e2MKLMOekG39mPYop+WcSuWy9J9mwY9uid+fgyLem9s5Qq3x3kORn+tUPhJKnveUhb74SNkLutZnkdY9+FzpF6zvBIB2875xg6BUjPgGxdN9xcdFKPrOIS6QrqguWCGy2Yn+zfqnJG6TzJyB00wut7LWAH2mKa0kC9980ewe0YL/3ufplOxx3FtP+Q/oWCyuz0lOpmHPkRIadzRhF/qI9NJVn0uP5J92F7kO0V3/h/RHu5HxqWKVUyJm7yiyIwPM4ibY/TWXb8KOGZOlJ9nnPTddY18JGwLMCRfYezfspYl47IcDO+IyjMj6ygUXla9htkyrvmo+CnD+h9fx3hjft1rMVv+fypOqHiDgeB/YB4imRv0mNueWBObqIEmNn/5PVOCpLYOvThg/Wwg9iaCTQcK+w1UOyuWjqebQemqj6M0iH4KEtZqlKq
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2930219675-3888109823-3098542891-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-06-04] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-06-04] (McAfee, LLC -> McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-06-04]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-12-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-12-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://selected-search.com/search?q={searchTerms}&
CHR DefaultSearchKeyword: Default -> ss
CHR Profile: C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default [2019-06-26]
CHR Extension: (Prezentácie) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-19]
CHR Extension: (Selected Search) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\afgeoapebnkefelmpoepnmjiflidjjce [2019-05-23]
CHR Extension: (Dokumenty) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-10-19]
CHR Extension: (YouTube) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-19]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-21]
CHR Extension: (Tabuľky) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-19]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-04-18]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-27]
CHR Extension: (Gmail) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30]
CHR Extension: (Chrome Media Router) - C:\Users\Pato\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-23]
CHR HKLM\...\Chrome\Extension: [afgeoapebnkefelmpoepnmjiflidjjce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2930219675-3888109823-3098542891-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [afgeoapebnkefelmpoepnmjiflidjjce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [afgeoapebnkefelmpoepnmjiflidjjce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [452352 2018-05-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899264 2019-06-04] (McAfee, LLC -> McAfee, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [2675712 2010-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [80384 2010-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [181248 2010-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-26 10:02 - 2019-06-26 10:05 - 000016569 _____ C:\Users\Pato\Desktop\FRST.txt
2019-06-26 10:02 - 2019-06-25 09:41 - 002418688 _____ (Farbar) C:\Users\Pato\Desktop\FRST64.exe
2019-06-26 09:59 - 2019-06-26 09:59 - 000001803 _____ C:\Users\Pato\Desktop\AdwCleaner[C00].txt
2019-06-21 08:21 - 2019-06-21 08:21 - 000000000 ____D C:\Users\Pato\Documents\TNS
2019-06-21 08:20 - 2019-06-22 07:49 - 000000000 ____D C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kantar Slovakia
2019-06-20 18:02 - 2019-06-20 18:03 - 023178479 _____ C:\Users\Pato\Desktop\MUDr. Monika Sičová (1).pdf
2019-06-20 14:15 - 2019-05-27 09:19 - 000396896 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-06-20 14:15 - 2019-05-27 08:29 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-06-20 14:15 - 2019-05-25 03:33 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-06-20 14:15 - 2019-05-25 03:22 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-06-20 14:15 - 2019-05-25 03:21 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-06-20 14:15 - 2019-05-25 03:20 - 000579584 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-06-20 14:15 - 2019-05-25 03:20 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-06-20 14:15 - 2019-05-25 03:13 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-06-20 14:15 - 2019-05-25 03:10 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-06-20 14:15 - 2019-05-25 03:10 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-06-20 14:15 - 2019-05-25 03:07 - 020275712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-06-20 14:15 - 2019-05-25 03:04 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-06-20 14:15 - 2019-05-25 02:56 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-06-20 14:15 - 2019-05-25 02:55 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-06-20 14:15 - 2019-05-25 02:50 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-06-20 14:15 - 2019-05-25 02:45 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-06-20 14:15 - 2019-05-25 02:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-06-20 14:15 - 2019-05-25 02:43 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-06-20 14:15 - 2019-05-25 02:42 - 002297344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-06-20 14:15 - 2019-05-25 02:40 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-06-20 14:15 - 2019-05-25 02:39 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-06-20 14:15 - 2019-05-25 02:38 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-06-20 14:15 - 2019-05-25 02:38 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-06-20 14:15 - 2019-05-25 02:38 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-06-20 14:15 - 2019-05-25 02:37 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-06-20 14:15 - 2019-05-25 02:37 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-06-20 14:15 - 2019-05-25 02:36 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-06-20 14:15 - 2019-05-25 02:36 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-06-20 14:15 - 2019-05-25 02:30 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-06-20 14:15 - 2019-05-25 02:27 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-06-20 14:15 - 2019-05-25 02:26 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-06-20 14:15 - 2019-05-25 02:26 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-06-20 14:15 - 2019-05-25 02:23 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-06-20 14:15 - 2019-05-25 02:23 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-06-20 14:15 - 2019-05-25 02:22 - 004492800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-06-20 14:15 - 2019-05-25 02:17 - 013706240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-06-20 14:15 - 2019-05-25 02:17 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-06-20 14:15 - 2019-05-25 02:17 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-06-20 14:15 - 2019-05-25 02:15 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-06-20 14:15 - 2019-05-25 02:15 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-06-20 14:15 - 2019-05-25 02:15 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-06-20 14:15 - 2019-05-25 02:05 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-06-20 14:15 - 2019-05-25 02:02 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-06-20 14:15 - 2019-05-25 01:59 - 001323008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-06-20 14:15 - 2019-05-25 01:56 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-06-20 14:14 - 2019-06-04 01:11 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-06-20 14:14 - 2019-05-25 03:42 - 025733632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-06-20 14:14 - 2019-05-25 03:33 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-06-20 14:14 - 2019-05-25 03:20 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-06-20 14:14 - 2019-05-25 03:20 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-06-20 14:14 - 2019-05-25 03:14 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-06-20 14:14 - 2019-05-25 03:11 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-06-20 14:14 - 2019-05-25 03:10 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-06-20 14:14 - 2019-05-25 03:10 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-06-20 14:14 - 2019-05-25 03:09 - 005776384 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-06-20 14:14 - 2019-05-25 03:02 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-06-20 14:14 - 2019-05-25 02:55 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-06-20 14:14 - 2019-05-25 02:55 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-06-20 14:14 - 2019-05-25 02:52 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-06-20 14:14 - 2019-05-25 02:52 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-06-20 14:14 - 2019-05-25 02:48 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-06-20 14:14 - 2019-05-25 02:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-06-20 14:14 - 2019-05-25 02:40 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-06-20 14:14 - 2019-05-25 02:36 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-06-20 14:14 - 2019-05-25 02:34 - 015311872 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-06-20 14:14 - 2019-05-25 02:30 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-06-20 14:14 - 2019-05-25 02:24 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-06-20 14:14 - 2019-05-25 02:22 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-06-20 14:14 - 2019-05-25 02:04 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-06-20 14:14 - 2019-05-25 01:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-06-20 14:14 - 2019-05-23 02:31 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-06-20 14:14 - 2019-05-23 02:05 - 001650176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-06-20 14:14 - 2019-05-23 02:05 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-06-20 14:14 - 2019-05-16 17:07 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-06-20 14:14 - 2019-05-16 17:06 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-06-20 14:14 - 2019-05-16 16:39 - 003229696 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-06-20 14:14 - 2019-05-09 17:18 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-06-20 14:14 - 2019-05-09 17:07 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-06-20 14:14 - 2019-04-25 17:18 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-06-20 14:14 - 2019-04-25 17:06 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-06-20 14:14 - 2019-04-24 17:11 - 001893096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-06-20 14:14 - 2019-04-12 15:05 - 000994384 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-06-20 14:14 - 2019-04-12 15:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-06-20 14:14 - 2019-04-09 16:53 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-06-20 14:13 - 2019-06-04 01:11 - 000474112 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-06-20 14:13 - 2019-05-16 17:07 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-06-20 14:13 - 2019-05-13 16:44 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-06-20 14:12 - 2019-06-04 01:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-06-20 14:12 - 2019-05-25 02:44 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-06-20 14:12 - 2019-05-23 04:06 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-06-20 14:12 - 2019-05-17 20:21 - 000372456 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-06-20 14:12 - 2019-05-16 17:18 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-06-20 14:12 - 2019-05-16 17:07 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-06-20 14:12 - 2019-05-16 17:07 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-06-20 14:12 - 2019-05-13 16:44 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-06-20 14:12 - 2019-04-30 04:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-06-20 14:12 - 2019-04-30 03:56 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-06-20 14:11 - 2019-05-25 02:03 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-06-20 14:11 - 2019-05-25 01:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-06-20 14:11 - 2019-05-23 04:06 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-06-20 14:11 - 2019-05-23 04:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-06-20 14:11 - 2019-05-23 04:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-06-20 14:11 - 2019-05-23 03:58 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-06-20 14:11 - 2019-05-23 03:58 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-06-20 14:11 - 2019-05-23 03:58 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-06-20 14:11 - 2019-05-23 03:58 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-06-20 14:11 - 2019-05-16 17:22 - 004057312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-06-20 14:11 - 2019-05-16 17:22 - 003963624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-06-20 14:11 - 2019-05-16 17:21 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-06-20 14:11 - 2019-05-16 17:19 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-06-20 14:11 - 2019-05-16 17:19 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-06-20 14:11 - 2019-05-16 17:19 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-06-20 14:11 - 2019-05-16 17:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-06-20 14:11 - 2019-05-16 17:19 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-06-20 14:11 - 2019-05-16 17:19 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-06-20 14:11 - 2019-05-16 17:19 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-06-20 14:11 - 2019-05-16 17:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-06-20 14:11 - 2019-05-16 17:19 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-06-20 14:11 - 2019-05-16 17:18 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-06-20 14:11 - 2019-05-16 17:18 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-06-20 14:11 - 2019-05-16 17:18 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-06-20 14:11 - 2019-05-16 17:18 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-06-20 14:11 - 2019-05-16 17:18 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-06-20 14:11 - 2019-05-16 17:18 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-06-20 14:11 - 2019-05-16 17:18 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:17 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:10 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-06-20 14:11 - 2019-05-16 17:10 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-06-20 14:11 - 2019-05-16 17:09 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-06-20 14:11 - 2019-05-16 17:09 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-06-20 14:11 - 2019-05-16 17:09 - 000153832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-06-20 14:11 - 2019-05-16 17:09 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-06-20 14:11 - 2019-05-16 17:08 - 001664352 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-06-20 14:11 - 2019-05-16 17:07 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 17:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 16:53 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-06-20 14:11 - 2019-05-16 16:53 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-06-20 14:11 - 2019-05-16 16:48 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-06-20 14:11 - 2019-05-16 16:47 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-06-20 14:11 - 2019-05-16 16:47 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-06-20 14:11 - 2019-05-16 16:47 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-06-20 14:11 - 2019-05-16 16:47 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-06-20 14:11 - 2019-05-16 16:45 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-06-20 14:11 - 2019-05-16 16:45 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 16:45 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 16:45 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 16:45 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-06-20 14:11 - 2019-05-16 16:41 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-06-20 14:11 - 2019-05-16 16:41 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-06-20 14:11 - 2019-05-16 16:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-06-20 14:11 - 2019-05-16 16:41 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-06-20 14:11 - 2019-05-16 16:38 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-06-20 14:11 - 2019-05-16 16:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-06-20 14:11 - 2019-05-16 16:38 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-06-20 14:11 - 2019-05-16 16:35 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-06-20 14:11 - 2019-05-16 16:35 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-06-20 14:11 - 2019-05-16 16:35 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-06-20 14:11 - 2019-05-16 16:35 - 000169472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-06-20 14:11 - 2019-05-16 16:35 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-06-20 14:11 - 2019-05-16 16:35 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-06-20 14:11 - 2019-05-16 16:34 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-06-20 14:11 - 2019-05-16 16:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-06-20 14:11 - 2019-05-16 16:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-06-20 14:11 - 2019-05-16 16:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-06-20 14:11 - 2019-05-16 16:34 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-06-20 14:11 - 2019-05-16 16:34 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-06-20 14:11 - 2019-05-16 16:34 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-06-20 14:11 - 2019-05-13 16:44 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-06-20 14:11 - 2019-05-13 16:44 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-06-20 14:11 - 2019-05-09 17:18 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-06-20 14:11 - 2019-05-09 17:18 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-06-20 14:11 - 2019-05-09 17:18 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-06-20 14:11 - 2019-05-09 17:18 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-06-20 14:11 - 2019-05-09 17:18 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-06-20 14:11 - 2019-05-09 17:18 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-06-20 14:11 - 2019-05-09 17:18 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-06-20 14:11 - 2019-05-09 17:18 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-06-20 14:11 - 2019-05-09 17:18 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-06-20 14:11 - 2019-05-09 17:18 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-06-20 14:11 - 2019-05-09 17:17 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-06-20 14:11 - 2019-05-09 17:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-06-20 14:11 - 2019-05-09 17:09 - 000114400 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-06-20 14:11 - 2019-05-09 17:07 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-06-20 14:11 - 2019-05-09 17:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-06-20 14:11 - 2019-05-09 17:07 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-06-20 14:11 - 2019-05-09 17:06 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-06-20 14:11 - 2019-05-09 17:06 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-06-20 14:11 - 2019-05-09 17:06 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-06-20 14:11 - 2019-05-09 17:06 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-06-20 14:11 - 2019-05-09 17:06 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-06-20 14:11 - 2019-05-09 17:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-06-20 14:11 - 2019-05-09 17:06 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-06-20 14:11 - 2019-05-09 17:06 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-06-20 14:11 - 2019-05-09 17:06 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-06-20 14:11 - 2019-05-09 17:06 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-06-20 14:11 - 2019-05-09 17:06 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-06-20 14:11 - 2019-05-09 17:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-06-20 14:11 - 2019-05-09 17:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-06-20 14:11 - 2019-05-09 17:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-06-20 14:11 - 2019-05-09 17:02 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-06-20 14:11 - 2019-05-09 17:02 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-06-20 14:11 - 2019-05-09 17:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-06-20 14:11 - 2019-05-09 16:51 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-06-20 14:11 - 2019-05-09 16:49 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-06-20 14:11 - 2019-05-09 16:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-06-20 14:11 - 2019-05-09 16:40 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-06-20 14:11 - 2019-05-09 16:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-06-20 14:11 - 2019-05-09 16:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-06-20 14:11 - 2019-04-24 17:09 - 000377064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-06-20 14:11 - 2019-04-24 17:09 - 000287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-06-20 14:11 - 2019-04-12 15:05 - 000064248 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000016120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000014288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000014072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000012536 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:05 - 000011504 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-06-20 14:11 - 2019-04-12 15:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-06-20 14:11 - 2019-04-09 17:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2019-06-20 14:11 - 2019-04-09 17:05 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-06-20 14:11 - 2019-04-09 17:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-06-20 14:11 - 2019-04-09 17:05 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-06-20 14:11 - 2019-04-09 17:05 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-06-20 14:11 - 2019-04-09 17:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2019-06-20 14:11 - 2019-04-09 17:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2019-06-20 14:11 - 2019-04-09 17:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-06-20 14:11 - 2019-04-09 17:03 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2019-06-20 14:11 - 2019-04-09 16:52 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-06-20 14:11 - 2019-04-09 16:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-06-20 14:11 - 2019-04-09 16:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-06-20 14:11 - 2019-04-09 16:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-06-20 14:11 - 2019-04-09 16:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-06-20 14:11 - 2019-04-09 16:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2019-06-20 14:10 - 2019-05-16 17:18 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-06-20 14:10 - 2019-05-16 17:18 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-06-20 14:10 - 2019-05-16 17:07 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-06-20 14:10 - 2019-05-16 17:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-06-20 14:10 - 2019-05-09 17:18 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-06-20 14:10 - 2019-05-09 17:17 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-06-20 14:10 - 2019-05-09 17:07 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-06-20 14:10 - 2019-05-09 17:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-06-20 14:10 - 2019-05-09 17:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-06-14 18:32 - 2019-06-20 19:43 - 000263796 _____ C:\Users\Pato\Desktop\Orange_doklad_FR_20190613_CN0222594285_22471248501.pdf
2019-06-05 07:55 - 2019-06-05 07:55 - 000009952 _____ C:\Users\Pato\Downloads\mKonto Biznis_c_5724_za_2019-05.htm
2019-05-30 20:17 - 2019-05-30 20:18 - 000009512 _____ C:\Users\Pato\Desktop\Svetlo Lucia.odt

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-26 10:02 - 2016-01-05 23:00 - 000000000 ____D C:\FRST
2019-06-26 10:02 - 2009-07-14 06:45 - 000015600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-06-26 10:02 - 2009-07-14 06:45 - 000015600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-26 09:53 - 2017-10-19 18:49 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-26 09:53 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-06-26 09:51 - 2016-01-07 00:42 - 000000000 ____D C:\AdwCleaner
2019-06-23 20:14 - 2019-04-17 07:13 - 000000266 _____ C:\Windows\Tasks\{01F11EFA-5B0D-ECDC-FD3A-05C1BF188832}.job
2019-06-23 17:09 - 2018-05-27 14:09 - 000000000 ____D C:\ProgramData\{08D3CDB0-8291-4776-0457-D9349E1552FA}
2019-06-23 16:35 - 2017-10-19 19:24 - 000000000 ____D C:\Users\Pato\AppData\Local\Deployment
2019-06-21 21:37 - 2017-10-19 18:54 - 000000000 ____D C:\Windows\system32\MRT
2019-06-21 21:32 - 2017-10-19 18:54 - 135349160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-06-21 17:54 - 2017-10-19 19:27 - 000002236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-21 17:54 - 2017-10-19 19:27 - 000002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-21 08:13 - 2018-05-28 08:09 - 000000361 _____ C:\Users\Pato\AppData\Roaming\WB.CFG
2019-06-21 06:37 - 2009-07-14 07:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2019-06-21 06:37 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-06-21 06:31 - 2009-07-14 06:45 - 000294208 _____ C:\Windows\system32\FNTCACHE.DAT
2019-06-21 06:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-06-21 06:23 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-06-20 13:32 - 2018-05-31 15:17 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-06-09 06:22 - 2019-02-28 19:57 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-06-08 08:40 - 2019-04-01 09:39 - 000000000 ____D C:\Users\Pato\Desktop\Ja fotky
2019-05-30 06:17 - 2018-05-27 13:11 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk
2019-05-30 06:17 - 2018-05-27 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

==================== Files in the root of some directories ================

2019-04-17 07:09 - 2019-04-17 07:09 - 000232000 _____ () C:\Users\Pato\AppData\Roaming\Kidenenaraka
2019-05-03 08:09 - 2019-05-03 08:09 - 000269272 _____ () C:\Users\Pato\AppData\Roaming\Mitehereg
2019-04-25 07:09 - 2019-04-25 07:09 - 000147593 _____ () C:\Users\Pato\AppData\Roaming\Refaboreru
2018-05-28 08:09 - 2019-06-21 08:13 - 000000361 _____ () C:\Users\Pato\AppData\Roaming\WB.CFG

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2017-10-18 22:08
==================== End of FRST.txt ============================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-06-2019
Ran by Pato (26-06-2019 10:06:07)
Running from C:\Users\Pato\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-10-18 19:32:45)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2930219675-3888109823-3098542891-500 - Administrator - Disabled)
Guest (S-1-5-21-2930219675-3888109823-3098542891-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2930219675-3888109823-3098542891-1002 - Limited - Enabled)
Pato (S-1-5-21-2930219675-3888109823-3098542891-1000 - Administrator - Enabled) => C:\Users\Pato

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Avira (HKLM-x32\...\{606c7b25-e58d-4e72-82dd-4a0e4e163086}) (Version: 1.2.114.16977 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{C7FA948A-FC14-4316-92DC-23AF70C55A10}) (Version: 1.2.114.16977 - Avira Operations GmbH & Co. KG) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Chromium (HKLM-x32\...\{80916851-D011-B9D1-6191-C951B1111AD1}) (Version: - )
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.43 - McAfee, Inc.)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
NVIDIA Grafický ovládač 388.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.68 - NVIDIA Corporation)
NVIDIA Ovládač 3D Vision 388.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.68 - NVIDIA Corporation)
OpenOffice 4.1.5 (HKLM-x32\...\{ABCAD346-4F4B-49E9-9AA1-28EF8C26059D}) (Version: 4.15.9789 - Apache Software Foundation)
Ovládací panel NVIDIA 388.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.68 - NVIDIA Corporation) Hidden
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Skype verzia 8.46 (HKLM-x32\...\Skype_is1) (Version: 8.46 - Skype Technologies S.A.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Web Search (Yahoo! Provided) (HKLM-x32\...\{5C13B4D3-0C93-6553-BD13-15D36D93C653}) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-12-14] (NVIDIA Corporation -> NVIDIA Corporation)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-05-27 13:11 - 2019-05-24 15:55 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2018-05-27 13:11 - 2019-05-24 15:55 - 002901504 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-05-27 14:15 - 2017-02-15 08:30 - 000079360 _____ () [File not signed] C:\Users\Pato\AppData\Local\chromium\Application\58.0.3014.0\libegl.dll
2018-05-27 14:15 - 2017-02-15 08:30 - 002854400 _____ () [File not signed] C:\Users\Pato\AppData\Local\chromium\Application\58.0.3014.0\libglesv2.dll
2017-10-19 21:40 - 2010-12-20 19:20 - 000443040 _____ (Atheros Communications Inc. -> Atheros) [File not signed] C:\Windows\system32\athihvs.dll
2018-05-27 13:11 - 2019-05-24 15:55 - 015257088 _____ (Node.js) [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\node.dll
2018-05-27 22:17 - 2017-12-14 05:59 - 000339072 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\NvStereo\_nvstapisvr64.dll
2018-05-27 14:15 - 2017-02-15 08:30 - 034397696 _____ (The Chromium Authors) [File not signed] C:\Users\Pato\AppData\Local\chromium\Application\58.0.3014.0\chrome.dll
2018-05-27 14:15 - 2017-02-15 08:30 - 000431104 _____ (The Chromium Authors) [File not signed] C:\Users\Pato\AppData\Local\chromium\Application\58.0.3014.0\chrome_elf.dll
2018-05-27 14:15 - 2017-02-15 08:30 - 046602240 _____ (The Chromium Authors) [File not signed] C:\Users\Pato\AppData\Local\chromium\Application\58.0.3014.0\chrome_child.dll
2018-05-27 14:15 - 2017-02-15 08:30 - 000829440 _____ (The Chromium Authors) [File not signed] C:\Users\Pato\AppData\Local\chromium\Application\chrome.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2930219675-3888109823-3098542891-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pato\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.67.220.222 - 208.67.220.220
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1A91D18F-EF97-4859-BD63-B60EA84CA526}] => (Allow) C:\Users\Pato\AppData\Local\Chromium\Application\chrome.exe (The Chromium Authors) [File not signed]
FirewallRules: [{1B7BC2CE-4FB3-411B-9D26-62B3BF531DCF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BE278017-7489-4166-BE0F-F29B3A62B5E5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{36FFF514-E30B-4685-90B4-B9D36BB5CE18}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{507B6AFE-E0C2-42BB-826D-3E1534661202}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D916D3E-FD95-40B5-9B22-C4B0A925BD9D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1C8314F8-BCCD-427F-85F8-1551DC85FF7F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{684A93E9-273F-4BE1-9F04-81D63F284978}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

22-05-2019 06:35:00 Windows Update
25-05-2019 18:30:36 Windows Update
31-05-2019 06:37:51 Windows Update
04-06-2019 06:26:21 Windows Update
07-06-2019 06:45:05 Windows Update
20-06-2019 14:01:17 Windows Update
20-06-2019 21:48:10 Windows Update
21-06-2019 21:30:03 Windows Update
26-06-2019 09:44:53 Windows Update

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/21/2019 06:37:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (06/21/2019 06:37:49 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/16/2019 07:50:45 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/16/2019 07:50:44 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/16/2019 06:32:37 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/16/2019 06:32:27 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/16/2019 06:32:21 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (05/16/2019 06:32:12 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (06/26/2019 09:53:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Avira Service Host bol dosiahnutý časový limit (30000 ms).

Error: (06/26/2019 09:52:15 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\system32\athihvs.dll

Error: (06/26/2019 09:52:15 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\system32\athihvs.dll

Error: (06/26/2019 09:52:13 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.

Cesta k modulu: C:\Windows\system32\athihvs.dll

Error: (06/26/2019 09:51:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Software Protection sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (06/26/2019 09:51:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WMI Performance Adapter sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (06/26/2019 09:51:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba McAfee WebAdvisor sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 1 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (06/26/2019 09:51:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Media Player - služba zdieľania v sieti sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.


Windows Defender:
===================================
Date: 2019-03-03 07:43:37.673
Description:
%1 engine has been terminated due to an unexpected error.
Failure Type:%5
Exception code:%6
Resource:%3

==================== Memory info ===========================

BIOS: INSYDE 3.60 06/26/2012
Motherboard: Intel Corp. Base Board Product Name
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 73%
Total physical RAM: 4077.86 MB
Available physical RAM: 1089.48 MB
Total Virtual: 8153.86 MB
Available Virtual: 5073.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.45 GB) (Free:218.43 GB) NTFS
Drive d: () (Fixed) (Total:298.33 GB) (Free:297.97 GB) NTFS
Drive g: (KINGSTON) (Removable) (Total:14.41 GB) (Free:3.7 GB) FAT32

\\?\Volume{796fa4a5-b429-11e7-ad79-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=399 MB) - (Type=27)
Partition 2: (Not Active) - (Size=297.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=298.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.4 GB) (Disk ID: 97398959)
Partition 1: (Not Active) - (Size=14.4 GB) - (Type=0C)

==================== End of Addition.txt ============================