Svévolné vypínání programů a nedostatek paměti Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40566
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Svévolné vypínání programů a nedostatek paměti

Příspěvekod jaro3 » 27 bře 2020 18:24

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox
O4 - HKCU\..\RunOnce: [Application Restart #0] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox


Co problémy?


Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
Kolner
Level 1
Level 1
Příspěvky: 85
Registrován: červen 12
Pohlaví: Muž

Re: Svévolné vypínání programů a nedostatek paměti

Příspěvekod Kolner » 28 bře 2020 09:27

Řádky opraveny až na O4 - HKCU\..\RunOnce: [Application Restart #0], ten tam nebyl k nalezení. Bohužel přetrvává problém s ručním spouštěním win exploreru. Avšak svévolné vypínání programů se zdá být vyřešeno.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40566
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Svévolné vypínání programů a nedostatek paměti

Příspěvekod jaro3 » 28 bře 2020 18:48

Stáhni si Memtest:

Políčko , ve kterém je napsáno:
All unused RAM , změň na 2048.
-dej Start , nech nejméně 2h běžet , pokud bude po 2h stále 0 errors , jsou v pořádku.
V případě vyšších kapacit RAM je třeba Memtest spustit několikrát , pro 2GB ( jednotlivá největší kapacita RAM) 2x , pro 4GB 3x , pro 8Gb 4x ap.
poklepej na Memtest , pak znovu a znovu , do políček všech Memtestů napiš 2048 , pak dej u všech Memtestů "Start".

Ještě zkontrolovat HDD na chyby ,popř. zkusit jeho defragmentaci ..

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Kolner
Level 1
Level 1
Příspěvky: 85
Registrován: červen 12
Pohlaví: Muž

Re: Svévolné vypínání programů a nedostatek paměti

Příspěvekod Kolner » 28 bře 2020 19:37

Předpokládám, že ten memtest se musí dát na flashdisk, že?

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40566
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Svévolné vypínání programů a nedostatek paměti

Příspěvekod jaro3 » 28 bře 2020 20:20

Nemusí , na to je Memtest86+
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Kolner
Level 1
Level 1
Příspěvky: 85
Registrován: červen 12
Pohlaví: Muž

Re: Svévolné vypínání programů a nedostatek paměti

Příspěvekod Kolner » 29 bře 2020 12:13

Memtest běžel celou noc, nula chyb.

____________________________________________

----------------------------------------------------------------------------
CrystalDiskInfo 8.4.2 (C) 2008-2020 hiyohiyo
Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 18363] (x64)
Date : 2020/03/29 12:12:22

-- Controller Map ----------------------------------------------------------
- Standardní řadič SATA AHCI [ATA]
+ Standardní řadič SATA AHCI [ATA]
- ST1000DM003-1SB102
- KINGSTON SUV400S37120G
- Standardní řadič SATA AHCI [ATA]
+ Standardní řadič SATA AHCI [ATA]
- WDC WDS500G2B0A-00SM50
- Řadič prostorů úložišť [SCSI]
- Řadič zpětné smyčky disku VHD společnosti Microsoft [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WDS500G2B0A-00SM50 : 500,1 GB [0/0/0, pd1]
(2) ST1000DM003-1SB102 : 1000,2 GB [1/1/0, pd1] - st
(3) KINGSTON SUV400S37120G : 120,0 GB [2/1/0, pd1]

----------------------------------------------------------------------------
(1) WDC WDS500G2B0A-00SM50
----------------------------------------------------------------------------
Model : WDC WDS500G2B0A-00SM50
Firmware : X61190WD
Serial Number : 182868800795
Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 976773168
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-4
Minor Version : ACS-4 Revision 5
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 7865 hod.
Power On Count : 583 krát
Temperature : 24 C (75 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM, DevSleep
APM Level : 0080h [ON]
AAM Level : ----
Drive Letter : E:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
05 100 100 __0 000000000000 Počet přemapovaných sektorů
09 100 100 __0 000000001EB9 Hodin v činnosti
0C 100 100 __0 000000000247 Počet cyklů zapnutí zařízení
A5 100 100 __0 0005046103CE Specifický pro výrobce
A6 100 100 __0 000000000003 Specifický pro výrobce
A7 100 100 __0 000000000024 Specifický pro výrobce
A8 100 100 __0 00000000001F Specifický pro výrobce
A9 100 100 __0 00000000015E Specifický pro výrobce
AA 100 100 __0 000000000000 Specifický pro výrobce
AB 100 100 __0 000000000000 Specifický pro výrobce
AC 100 100 __0 000000000000 Specifický pro výrobce
AD 100 100 __0 000000000014 Specifický pro výrobce
AE 100 100 __0 000000000002 Specifický pro výrobce
B8 100 100 __0 000000000000 Specifický pro výrobce
BB 100 100 __0 000000000000 Specifický pro výrobce
BC 100 100 __0 000000000000 Specifický pro výrobce
C2 _76 _45 __0 002D00100018 Teplota
C7 100 100 __0 000000000000 Specifický pro výrobce
E6 100 100 __0 015E02000200 Specifický pro výrobce
E8 100 100 __4 000000000064 Specifický pro výrobce
E9 100 100 __0 0000000028E6 Specifický pro výrobce
EA 100 100 __0 000000002E36 Specifický pro výrobce
F1 253 253 __0 000000002360 Total Host Writes
F2 253 253 __0 0000000056BC Total Host Reads
F4 __0 100 __0 000000000000 Specifický pro výrobce

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3138 3238 3638 3830 3037 3935 2020 2020 2020 2020
020: 0000 0000 0000 5836 3131 3930 5744 5744 4320 5744
030: 5335 3030 4732 4230 412D 3030 534D 3530 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8001 4000 2F00
050: 4000 0200 0000 0006 3FFF 0010 003F FC10 00FB 9101
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 4D20
070: 0000 0000 0000 0000 0000 001F 850E 0006 016C 0040
080: 0FF0 005E 306B 7409 4123 3069 B409 4123 407F 0001
090: 0001 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0008 4000 0000 5001 B448
110: B6FA 89D7 0000 0000 0000 0000 0000 0000 0000 411C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 4130
130: 3130 3958 5750 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0001
170: 0000 0000 0000 0000 0000 0000 2020 2020 2020 2020
180: 2020 2020 2020 2020 2020 2020 2020 2020 2020 2020
190: 2020 2020 2020 2020 2020 2020 2020 2020 2020 2020
200: 2020 2020 2020 2020 2020 2020 0000 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 11FF 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 0080 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 BEA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 00 05 32 00 64 64 00 00 00 00 00 00 00 09 32
010: 00 64 64 B9 1E 00 00 00 00 00 0C 32 00 64 64 47
020: 02 00 00 00 00 00 A5 32 00 64 64 CE 03 61 04 05
030: 00 00 A6 32 00 64 64 03 00 00 00 00 00 00 A7 32
040: 00 64 64 24 00 00 00 00 00 00 A8 32 00 64 64 1F
050: 00 00 00 00 00 00 A9 32 00 64 64 5E 01 00 00 00
060: 00 00 AA 32 00 64 64 00 00 00 00 00 00 00 AB 32
070: 00 64 64 00 00 00 00 00 00 00 AC 32 00 64 64 00
080: 00 00 00 00 00 00 AD 32 00 64 64 14 00 00 00 00
090: 00 00 AE 32 00 64 64 02 00 00 00 00 00 00 B8 32
0A0: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
0B0: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
0C0: 00 00 C2 22 00 4C 2D 18 00 10 00 2D 00 00 C7 32
0D0: 00 64 64 00 00 00 00 00 00 00 E6 32 00 64 64 00
0E0: 02 00 02 5E 01 00 E8 33 00 64 64 64 00 00 00 00
0F0: 00 00 E9 32 00 64 64 E6 28 00 00 00 00 00 EA 32
100: 00 64 64 36 2E 00 00 00 00 00 F1 30 00 FD FD 60
110: 23 00 00 00 00 00 F2 30 00 FD FD BC 56 00 00 00
120: 00 00 F4 32 00 00 64 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 11
170: 03 00 01 00 02 0A 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 B1

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
090: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 E8 04 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10

----------------------------------------------------------------------------
(2) ST1000DM003-1SB102
----------------------------------------------------------------------------
Model : ST1000DM003-1SB102
Firmware : CC43
Serial Number : Z9A5YYSM
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 7200 RPM
Interface : Serial ATA
Major Version : ATA8-ACS
Minor Version : ATA8-ACS version 4
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 17326 hod.
Power On Count : 1354 krát
Temperature : 24 C (75 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 8080h [ON]
AAM Level : ----
Drive Letter : D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 _82 _63 __6 00000BA71293 Počet chyb čtení
03 _97 _97 __0 000000000000 Čas na roztočení ploten
04 _95 _95 _20 0000000015C1 Počet spuštění/zastavení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
07 _81 _60 _45 000008BC7335 Počet chybných hledání
09 _81 _81 __0 0000000043AE Hodin v činnosti
0A 100 100 _97 000000000000 Počet opakovaných pokusů o roztočení ploten
0C _99 _99 _20 00000000054A Počet cyklů zapnutí zařízení
B7 100 100 __0 000000000000 Specifický pro výrobce
B8 100 100 _99 000000000000 Ukončovacích chyb
BB 100 100 __0 000000000000 Ohlášeno neopravitelných chyb
BC 100 100 __0 000000000000 Časový limit příkazu
BD 100 100 __0 000000000000 Vysoká rychlost zápisu
BE _76 _57 _40 00001C110018 Teplota toku vzduchu
C1 _98 _98 __0 0000000015D2 Počet cyklů načítání/vymazání
C2 _24 _12 __0 000C00000018 Teplota
C3 __5 __1 __0 00000BA71293 Počet oprav chybného čtení
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C6 100 100 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
F0 100 253 __0 36F700003E20 Čas nastavování hlaviček - v hodinách
F1 100 253 __0 000A0C4EEF84 Total Host Writes
F2 100 253 __0 000D315FE451 Total Host Reads

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 5A39 4135 5959 534D
020: 0000 0000 0000 4343 3433 2020 2020 5354 3130 3030
030: 444D 3030 332D 3153 4231 3032 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 850E 0006 00CC 0040
080: 01F0 0029 346B 7D69 4163 3469 BC49 4163 407F 0037
090: 0037 8080 FFFE 0000 D0D0 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5000 C500
110: 926D 297C 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6DB0
130: 7470 6DB0 7470 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 FDFF 0280 0000 0000
150: 0008 0000 0000 0000 0000 8000 0000 0184 9400 8000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0002 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 1085 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1020 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 CFA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 52 3F 93 12 A7 0B 00 00 00 03 03
010: 00 61 61 00 00 00 00 00 00 00 04 32 00 5F 5F C1
020: 15 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 51 3C 35 73 BC 08 00 00 00 09 32
040: 00 51 51 AE 43 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 63 63 4A 05 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 64 00 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 4C 39 18 00 11 1C 00 00 00 C1 32 00 62 62 D2
0B0: 15 00 00 00 00 00 C2 22 00 18 0C 18 00 00 00 0C
0C0: 00 00 C3 1A 00 05 01 93 12 A7 0B 00 00 00 C5 12
0D0: 00 64 64 00 00 00 00 00 00 00 C6 10 00 64 64 00
0E0: 00 00 00 00 00 00 C7 3E 00 C8 C8 00 00 00 00 00
0F0: 00 00 F0 00 00 64 FD 20 3E 00 00 F7 36 09 F1 00
100: 00 64 FD 84 EF 4E 0C 0A 00 00 F2 00 00 64 FD 51
110: E4 5F 31 0D 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 73
170: 03 00 01 00 01 6C 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 E0 12 00 00 06 03 03 03 03 03 03 03
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 AE 32 9D C7 BA 38 00 00
1B0: 00 00 00 00 01 00 44 06 84 EF 4E 0C 0A 00 00 00
1C0: 51 E4 5F 31 0D 00 00 00 00 00 00 00 2F E7 1A 03
1D0: 00 00 00 00 00 00 00 00 C5 0A 00 00 06 00 00 00
1E0: 00 00 00 00 F0 03 00 00 00 00 00 00 00 00 00 06
1F0: 00 00 00 00 00 00 00 00 00 00 14 17 00 00 00 CA

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 0A 00 00 00 00 00 00 00 00
030: 00 00 07 2D 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 28
0A0: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
0B0: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
0C0: 00 00 C3 00 00 00 00 00 00 00 00 00 00 00 C5 00
0D0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0E0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0F0: 00 00 F0 00 00 00 00 00 00 00 00 00 00 00 F1 00
100: 00 00 00 00 00 00 00 00 00 00 F2 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 AF

----------------------------------------------------------------------------
(3) KINGSTON SUV400S37120G
----------------------------------------------------------------------------
Model : KINGSTON SUV400S37120G
Firmware : 0C3J96R9
Serial Number : 50026B766901CB22
Disk Size : 120,0 GB (8,4/120,0/120,0/120,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 234441648
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-4
Minor Version : ATA8-ACS version 6
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 17313 hod.
Power On Count : 1342 krát
Temperature : 24 C (75 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ, TRIM
APM Level : 0000h [OFF]
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 __0 000000000F12 Počet chyb čtení
05 100 100 _10 000000000000 Počet přemapovaných sektorů
09 100 100 __0 0000000043A1 Hodin v činnosti
0C 100 100 __0 00000000053E Počet cyklů zapnutí zařízení
64 100 100 __0 0000010E6280 Specifický pro výrobce
65 100 100 __0 000000314060 Specifický pro výrobce
AA 100 100 __0 000000000000 Specifický pro výrobce
AB 100 100 __0 000000000000 Specifický pro výrobce
AC 100 100 __0 000000000000 Specifický pro výrobce
AE 100 100 __0 00000000000B Specifický pro výrobce
AF 100 100 __0 000000000000 Specifický pro výrobce
B0 100 100 __0 000000000000 Specifický pro výrobce
B1 _68 _68 __0 0000000028D0 Specifický pro výrobce
B2 100 100 __0 000000000000 Specifický pro výrobce
B4 100 100 __0 000000000297 Specifický pro výrobce
B7 _76 _76 __0 000000000096 Specifický pro výrobce
BB 100 100 __0 000000000000 Specifický pro výrobce
C2 _24 100 __0 0029000F0018 Teplota
C3 100 100 __0 000000000F12 Specifický pro výrobce
C4 100 100 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 100 100 __0 000000000000 Počet podezřelých sektorů
C7 100 100 __0 000000000000 Specifický pro výrobce
C9 100 100 __0 000000000000 Specifický pro výrobce
CC 100 100 __0 000000000F12 Specifický pro výrobce
E7 _68 _68 __0 000000000020 Specifický pro výrobce
E9 100 100 __0 000000008035 Specifický pro výrobce
EA 100 100 __0 000000004932 Specifický pro výrobce
F1 100 100 __0 00000000649E Total Host Writes
F2 100 100 __0 0000000047AC Total Host Reads
FA 100 100 __0 0000000014C7 Specifický pro výrobce

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 3530 3032 3642 3736 3639 3031 4342 3232 2020 2020
020: 0000 0000 0000 3043 334A 3936 5239 4B49 4E47 5354
030: 4F4E 2053 5556 3430 3053 3337 3132 3047 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB B910
060: 4BB0 0DF9 0000 0007 0003 0078 0078 0078 0078 4D18
070: 0000 0000 0000 0000 0000 001F E70E 0006 00CC 0040
080: 0FFE 0028 746B 7409 4163 7069 B401 4167 407F 0002
090: 0002 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 4BB0 0DF9 0000 0000 0000 0008 6003 0000 0550 3804
110: 4001 0000 0000 0000 0000 0000 0000 0000 0000 4358
120: 4018 0000 0000 0000 0000 0000 0000 0000 0029 4D52
130: 564C 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 3933 3539 2020 2020 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0007 0001
170: 2020 2020 2020 2020 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0051 0000 0000 0000 0000 0000 0000
230: 4BB0 0DF9 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 6AA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 30 00 01 2F 00 64 64 12 0F 00 00 00 00 00 05 33
010: 00 64 64 00 00 00 00 00 00 0A 09 32 00 64 64 A1
020: 43 00 00 00 00 00 0C 32 00 64 64 3E 05 00 00 00
030: 00 00 64 32 00 64 64 80 62 0E 01 00 00 00 65 32
040: 00 64 64 60 40 31 00 00 00 00 AA 32 00 64 64 00
050: 00 00 00 00 00 00 AB 32 00 64 64 00 00 00 00 00
060: 00 00 AC 32 00 64 64 00 00 00 00 00 00 00 AE 32
070: 00 64 64 0B 00 00 00 00 00 00 AF 32 00 64 64 00
080: 00 00 00 00 00 00 B0 32 00 64 64 00 00 00 00 00
090: 00 00 B1 32 00 44 44 D0 28 00 00 00 00 00 B2 02
0A0: 00 64 64 00 00 00 00 00 00 00 B4 02 00 64 64 97
0B0: 02 00 00 00 00 00 B7 32 00 4C 4C 96 00 00 00 00
0C0: 00 00 BB 33 00 64 64 00 00 00 00 00 00 00 C2 22
0D0: 00 18 64 18 00 0F 00 29 00 00 C3 32 00 64 64 12
0E0: 0F 00 00 00 00 00 C4 32 00 64 64 00 00 00 00 00
0F0: 00 00 C5 32 00 64 64 00 00 00 00 00 00 00 C7 12
100: 00 64 64 00 00 00 00 00 00 00 C9 32 00 64 64 00
110: 00 00 00 00 00 00 CC 32 00 64 64 12 0F 00 00 00
120: 00 00 E7 32 00 44 44 20 00 00 00 00 00 00 E9 32
130: 00 64 64 35 80 00 00 00 00 00 EA 32 00 64 64 32
140: 49 00 00 00 00 00 F1 32 00 64 64 9E 64 00 00 00
150: 00 00 F2 32 00 64 64 AC 47 00 00 00 00 00 FA 32
160: 00 64 64 C7 14 00 00 00 00 00 00 00 05 00 01 71
170: 03 00 01 00 02 05 00 00 00 00 00 00 00 00 00 00
180: 00 00 4C 00 00 00 00 00 00 00 00 00 89 00 00 00
190: 00 00 00 00 00 00 00 00 D3 0B 00 00 00 00 00 00
1A0: 33 CF C3 93 0C 00 00 00 00 E0 C9 24 01 00 00 00
1B0: 00 00 00 00 00 00 00 00 1E A6 8F F5 08 00 00 00
1C0: 24 44 00 64 02 00 00 00 97 02 00 00 02 00 00 00
1D0: 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 28 FE 01 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 04 08 00 00 00 00 00 41

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 04 00 01 00 00 00 00 00 00 00 00 00 00 00 05 0A
010: 00 00 00 00 00 00 00 00 00 00 09 00 00 00 00 00
020: 00 00 00 00 00 00 0C 00 00 00 00 00 00 00 00 00
030: 00 00 64 00 00 00 00 00 00 00 00 00 00 00 65 00
040: 00 00 00 00 00 00 00 00 00 00 AA 00 00 00 00 00
050: 00 00 00 00 00 00 AB 00 00 00 00 00 00 00 00 00
060: 00 00 AC 00 00 00 00 00 00 00 00 00 00 00 AE 00
070: 00 00 00 00 00 00 00 00 00 00 AF 00 00 00 00 00
080: 00 00 00 00 00 00 B0 00 00 00 00 00 00 00 00 00
090: 00 00 B1 00 00 00 00 00 00 00 00 00 00 00 B2 00
0A0: 00 00 00 00 00 00 00 00 00 00 B4 00 00 00 00 00
0B0: 00 00 00 00 00 00 B7 00 00 00 00 00 00 00 00 00
0C0: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0E0: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
0F0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C9 00 00 00 00 00
110: 00 00 00 00 00 00 CC 00 00 00 00 00 00 00 00 00
120: 00 00 E7 00 00 00 00 00 00 00 00 00 00 00 E9 00
130: 00 00 00 00 00 00 00 00 00 00 EA 00 00 00 00 00
140: 00 00 00 00 00 00 F1 00 00 00 00 00 00 00 00 00
150: 00 00 F2 00 00 00 00 00 00 00 00 00 00 00 FA 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 76

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40566
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Svévolné vypínání programů a nedostatek paměti

Příspěvekod jaro3 » 29 bře 2020 19:41

Vypni antivir i firewall.
Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
další odkaz:
http://www.bleepingcomputer.com/downloa ... scan-tool/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Kolner
Level 1
Level 1
Příspěvky: 85
Registrován: červen 12
Pohlaví: Muž

Re: Svévolné vypínání programů a nedostatek paměti

Příspěvekod Kolner » 31 bře 2020 15:59

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-03-2020
Ran by Boris (administrator) on DESKTOP-KF6DJQO (31-03-2020 15:55:37)
Running from C:\Users\Boris\Desktop
Loaded Profiles: Boris (Available Profiles: Boris)
Platform: Windows 10 Pro Version 1909 18363.720 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Electronic Arts, Inc. -> Electronic Arts) E:\Hry\Origin\OriginWebHelperService.exe
(Malwarebytes Inc -> Malwarebytes) D:\Programy\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) D:\Programy\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2020.19081.28230.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_3.38.25003.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20022.82.0_x64__8wekyb3d8bbwe\YourPhoneServer\YourPhoneServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd) C:\Windows\SysWOW64\Creative.UWPRPCService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.8-0\MsMpEng.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\Display.NvContainer\NVDisplay.Container.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) D:\Programy\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) D:\Programy\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) D:\Programy\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd. -> Safer-Networking Ltd.) D:\Programy\Spybot - Search & Destroy 2\SDWSCSvc.exe
(YENKEE) [File not signed] C:\Program Files\Gaming\YMS 3017\YMS 3017.EXE

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [SDTray] => D:\Programy\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\Run: [CCleaner Smart Cleaning] => D:\Programy\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\Run: [Discord] => C:\Users\Boris\AppData\Local\Discord\app-0.0.306\Discord.exe [90950968 2020-02-24] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\Run: [Spotify] => C:\Users\Boris\AppData\Roaming\Spotify\Spotify.exe [22240160 2020-02-09] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\Run: [Steam] => E:\Hry\Steam\steam.exe [3370272 2020-03-27] (Valve -> Valve Corporation)
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\MountPoints2: {27c9df5c-5dcb-11ea-ab74-a8a1590654a8} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\Winlogon: [Shell] %comspec% <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-19] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07164820-8621-4C4B-8F60-F6B79CD7BC0D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {0D464F4D-ADF2-4068-9112-D2DEB4B03387} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D69236D-2FCF-407E-9370-62857D8013A2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {247CAD36-FAA7-4897-AC4B-9FAC8AFE2D6F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {34D7013C-2D49-4FEE-A2D2-AF987039E96F} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45E82754-3603-4EB5-975B-795A5F61640B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-09] (Google LLC -> Google LLC)
Task: {66883EFC-DF35-4641-A203-67534910AAF9} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {73FD15A5-22A1-4177-954A-FC258E14F885} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8FFDAF7F-805C-4AFA-ABBB-DF4B53F85E77} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {91E2DE64-362C-4180-BA78-D4A48E301567} - System32\Tasks\CCleaner Update => D:\Programy\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9C1B15DA-FAF5-4A30-978B-A0DC3CE956FB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9CBDDBEC-3150-4721-8DCA-77B0D89FCB78} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {ADBB392B-D143-4515-B21E-4021967CB204} - System32\Tasks\HyperXRamApp => C:\Users\Boris\AppData\Local\Packages\33C30B79.HyperXNGenuity_0a78dr3hq0pvt\LocalState\\HyperXMemoryPlug-in.exe [72760 2020-02-09] (Kingston Technology Company, Inc. -> )
Task: {B13F3874-690E-4DD8-932F-066B9FB753E1} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C0F41391-BE3A-4CE8-8CFF-4A4F26F1245F} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D0B2BEDD-4417-41FD-A1D7-09F1BAD6B699} - System32\Tasks\CCleanerSkipUAC => D:\Programy\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {D2C2C092-3DA2-45E9-8273-1BA268EA09A7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D47345C9-B00A-49E1-99C1-CF0CF62E6557} - System32\Tasks\Sstt2-TaskPlan => C:\Program Files\Gaming\YMS 3017\YMS 3017.EXE [3366912 2019-01-06] (YENKEE) [File not signed]
Task: {E0187C3B-B6D4-44C2-A9F8-8F940B0B8CCE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-09] (Google LLC -> Google LLC)
Task: {E11DC613-A318-465E-94B1-9D8745588272} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E43E8132-04EC-4A32-868B-5B3225B7F9C2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F1927CDB-C7F1-45F7-80C3-719A3C4ED713} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [659520 2019-11-04] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {F411D3D8-7559-40C1-9B31-DABFE54A72DF} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F591DCB4-D66F-462E-98AD-4902D91BEE11} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {F80CE3F8-31C2-4EE1-94F9-02017513E489} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MpCmdRun.exe [480272 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a212ff27-22e2-4754-97b8-de97ef873de8}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{e4e95539-2792-4e4d-bd2a-918dce171de7}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-958476313-3190207545-3997889132-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-958476313-3190207545-3997889132-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.8 -> D:\Programy\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default [2020-03-31]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-27]
CHR Profile: C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-03-28]
CHR Session Restore: Profile 1 -> is enabled.
CHR Extension: (Prezentace) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-27]
CHR Extension: (Dokumenty) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-27]
CHR Extension: (Disk Google) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-27]
CHR Extension: (YouTube) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-27]
CHR Extension: (Tabulky) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-27]
CHR Extension: (Dokumenty Google offline) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-27]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-27]
CHR Extension: (Gmail) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-27]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8567960 2020-03-12] (BattlEye Innovations e.K. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [803440 2020-02-18] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
S3 GalaxyClientService; E:\Hry\GOG Galaxy\GalaxyClientService.exe [1218632 2020-01-23] (GOG Sp. z o.o. -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6617160 2020-01-23] (GOG Sp. z o.o. -> GOG.com)
R2 MBAMService; D:\Programy\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-25] (Malwarebytes Inc -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation)
S3 Origin Client Service; E:\Hry\Origin\OriginClientService.exe [2505008 2020-02-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; E:\Hry\Origin\OriginWebHelperService.exe [3427640 2020-02-09] (Electronic Arts, Inc. -> Electronic Arts)
S2 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [16752184 2020-03-23] (Adlice -> )
R2 SDScannerService; D:\Programy\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDUpdateService; D:\Programy\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
R2 SDWSCService; D:\Programy\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5929920 2020-03-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 UWPService; C:\Windows\SysWOW64\Creative.UWPRPCService.exe [363968 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\NisSrv.exe [3294680 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.8-0\MsMpEng.exe [103168 2020-03-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AdobeARMservice; "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" [X]
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdgpio2; C:\Windows\System32\drivers\amdgpio2.sys [45832 2019-10-01] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [24424 2016-08-12] (AMD PMP-PE CB Code Signer v20160415 -> Advanced Micro Devices, Inc)
R3 AMDPCIDev; C:\Windows\System32\drivers\AMDPCIDev.sys [32520 2020-02-09] (Advanced Micro Devices INC. -> Advanced Micro Devices)
R0 amdpsp; C:\Windows\System32\drivers\amdpsp.sys [138064 2020-02-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R1 amsdk; C:\Windows\system32\drivers\amsdk.sys [232792 2020-03-27] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-03-27] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-03-28] (Malwarebytes Inc -> Malwarebytes)
R3 MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [43456 2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvlddmkm.sys [23439288 2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [75600 2019-08-22] (NVIDIA Corporation -> NVIDIA Corporation)
R3 PHYMEM; C:\Users\Boris\AppData\Local\Packages\33C30B79.HyperXNGenuity_0a78dr3hq0pvt\LocalState\otipcibus64.sys [17488 2020-02-09] (Ours Technology Inc. -> OTi)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [662528 2019-03-19] (Microsoft Windows -> Realtek )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24576 2020-01-09] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [45960 2020-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [391392 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [59104 2020-03-25] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-31 15:55 - 2020-03-31 15:55 - 000021520 _____ C:\Users\Boris\Desktop\FRST.txt
2020-03-31 15:55 - 2020-03-31 15:55 - 000000000 ____D C:\FRST
2020-03-31 10:34 - 2020-03-31 10:34 - 002280448 _____ (Farbar) C:\Users\Boris\Desktop\FRST64.exe
2020-03-29 00:53 - 2020-03-29 00:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPUB File Reader
2020-03-29 00:53 - 2020-03-29 00:53 - 000000000 ____D C:\Program Files (x86)\EPUB File Reader
2020-03-28 22:32 - 2019-12-07 02:49 - 000040960 _____ () C:\Users\Boris\Desktop\memtest.exe
2020-03-28 20:07 - 2020-03-28 20:07 - 000000000 ____D C:\Users\Boris\Documents\Rockstar Games
2020-03-28 20:07 - 2020-03-28 20:07 - 000000000 ____D C:\Program Files\Rockstar Games
2020-03-28 20:07 - 2020-03-28 20:07 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2020-03-28 10:35 - 2020-03-28 10:35 - 000000000 ____D C:\Users\Boris\AppData\Local\PeerDistRepub
2020-03-28 10:25 - 2020-03-28 10:25 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2020-03-28 10:23 - 2020-03-28 10:23 - 000009414 _____ C:\Users\Boris\Desktop\hijackthis3.txt
2020-03-28 10:23 - 2020-03-28 10:23 - 000009414 _____ C:\Users\Boris\Desktop\hijackthis3
2020-03-28 10:22 - 2020-03-28 10:22 - 000000000 ____D C:\Users\Boris\Desktop\backups
2020-03-27 21:18 - 2020-03-27 21:18 - 000000000 ____D C:\Users\Boris\AppData\Local\Saber
2020-03-27 17:56 - 2020-03-27 17:56 - 000010187 _____ C:\Users\Boris\Desktop\hijackthis2.txt
2020-03-27 17:55 - 2020-03-27 17:55 - 000001872 _____ C:\Users\Boris\Desktop\Zemana.txt
2020-03-27 17:52 - 2020-03-31 15:56 - 000694491 _____ C:\Windows\ZAM.krnl.trace
2020-03-27 17:52 - 2020-03-31 10:40 - 000000000 ____D C:\Users\Boris\AppData\Local\AMSDK
2020-03-27 17:52 - 2020-03-27 17:52 - 000232792 _____ (Copyright 2018.) C:\Windows\system32\Drivers\amsdk.sys
2020-03-27 17:52 - 2020-03-27 17:52 - 000003558 _____ C:\Windows\system32\Tasks\AMHelper
2020-03-27 17:52 - 2020-03-27 17:52 - 000001329 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2020-03-27 17:52 - 2020-03-27 17:52 - 000000000 ____D C:\Users\Boris\AppData\Local\Zemana
2020-03-27 17:52 - 2020-03-27 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2020-03-27 17:52 - 2020-03-27 17:52 - 000000000 ____D C:\Program Files (x86)\Zemana
2020-03-27 17:49 - 2020-03-27 17:49 - 000048871 _____ C:\Users\Boris\Desktop\zoek.txt
2020-03-27 17:47 - 2020-03-31 15:54 - 000000000 ____D C:\Users\Boris\AppData\Roaming\discord
2020-03-27 17:24 - 2020-03-27 17:56 - 000000000 ____D C:\Users\Boris\AppData\Local\VirtualStore
2020-03-27 17:24 - 2020-03-27 17:24 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2020-03-27 17:23 - 2014-02-14 00:59 - 000024064 _____ C:\Windows\zoek-delete.exe
2020-03-27 17:11 - 2020-03-27 17:21 - 000000000 ____D C:\zoek_backup
2020-03-27 17:11 - 2020-03-27 17:10 - 002038755 _____ C:\Users\Boris\Desktop\zoek.exe
2020-03-27 17:08 - 2020-03-27 17:08 - 000001640 _____ C:\Users\Boris\Desktop\RK2.txt
2020-03-25 22:31 - 2020-03-25 22:31 - 000003820 _____ C:\Users\Boris\Desktop\Adlice.txt
2020-03-25 22:24 - 2020-03-25 22:35 - 000000000 ____D C:\ProgramData\RogueKiller
2020-03-25 22:24 - 2020-03-25 22:24 - 000000899 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2020-03-25 22:24 - 2020-03-25 22:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2020-03-25 22:24 - 2020-03-25 22:24 - 000000000 ____D C:\Program Files\RogueKiller
2020-03-25 21:55 - 2020-03-25 21:55 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2020-03-25 21:55 - 2020-03-25 21:55 - 000000000 ____D C:\ProgramData\Sophos
2020-03-25 21:55 - 2020-03-25 21:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2020-03-25 21:55 - 2020-03-25 21:55 - 000000000 ____D C:\Program Files (x86)\Sophos
2020-03-25 21:55 - 2020-03-25 21:54 - 206758184 _____ (Sophos Limited) C:\Users\Boris\Desktop\Sophos Virus Removal Tool.exe
2020-03-25 20:49 - 2020-03-25 20:49 - 001790024 _____ (Malwarebytes) C:\Users\Boris\Desktop\JRT.exe
2020-03-25 20:10 - 2020-03-25 20:10 - 000001828 _____ C:\Users\Boris\Desktop\CrystalDiskInfo.lnk
2020-03-25 20:10 - 2020-03-25 20:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2020-03-25 20:10 - 2020-03-25 20:10 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2020-03-25 20:07 - 2020-03-25 20:07 - 000001673 _____ C:\Users\Boris\Desktop\Malwerbytes.txt
2020-03-25 20:06 - 2020-03-25 20:06 - 000001952 _____ C:\Users\Boris\Desktop\AdwCleaner[C00].txt
2020-03-25 20:03 - 2020-03-25 20:04 - 000000000 ____D C:\AdwCleaner
2020-03-25 20:03 - 2020-03-25 20:00 - 008199856 _____ (Malwarebytes) C:\Users\Boris\Desktop\AdwCleaner.exe
2020-03-25 20:03 - 2020-03-25 20:00 - 000050688 _____ (Atribune.org) C:\Users\Boris\Desktop\ATF-Cleaner.exe
2020-03-25 19:37 - 2020-03-25 19:37 - 000388608 _____ (Trend Micro Inc.) C:\Users\Boris\Desktop\HijackThis.exe
2020-03-23 17:45 - 2020-03-18 11:39 - 000039824 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhdap64.dll
2020-03-23 17:43 - 2020-03-19 04:22 - 004196160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2020-03-23 17:43 - 2020-03-19 01:26 - 001729232 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2020-03-23 17:43 - 2020-03-19 01:26 - 001729232 _____ C:\Windows\system32\vulkaninfo.exe
2020-03-23 17:43 - 2020-03-19 01:26 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2020-03-23 17:43 - 2020-03-19 01:26 - 001329360 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2020-03-23 17:43 - 2020-03-19 01:26 - 001078992 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2020-03-23 17:43 - 2020-03-19 01:26 - 001078992 _____ C:\Windows\system32\vulkan-1.dll
2020-03-23 17:43 - 2020-03-19 01:26 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2020-03-23 17:43 - 2020-03-19 01:26 - 000937680 _____ C:\Windows\SysWOW64\vulkan-1.dll
2020-03-23 17:43 - 2020-03-19 01:26 - 000450464 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2020-03-23 17:43 - 2020-03-19 01:26 - 000348048 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2020-03-23 17:43 - 2020-03-19 01:25 - 011944864 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2020-03-23 17:43 - 2020-03-19 01:25 - 010285472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2020-03-23 17:43 - 2020-03-19 01:24 - 002073200 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2020-03-23 17:43 - 2020-03-19 01:24 - 001565136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2020-03-23 17:43 - 2020-03-19 01:24 - 001481144 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2020-03-23 17:43 - 2020-03-19 01:24 - 001351776 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2020-03-23 17:43 - 2020-03-19 01:24 - 001142384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2020-03-23 17:43 - 2020-03-19 01:24 - 001022560 _____ (NVIDIA Corporation) C:\Windows\system32\nvml.dll
2020-03-23 17:43 - 2020-03-19 01:24 - 000817264 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2020-03-23 17:43 - 2020-03-19 01:24 - 000680048 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2020-03-23 17:43 - 2020-03-19 01:24 - 000676240 _____ C:\Windows\system32\nvofapi64.dll
2020-03-23 17:43 - 2020-03-19 01:24 - 000573024 _____ (NVIDIA Corporation) C:\Windows\system32\nvidia-smi.exe
2020-03-23 17:43 - 2020-03-19 01:24 - 000546928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2020-03-23 17:43 - 2020-03-19 01:24 - 000544144 _____ C:\Windows\SysWOW64\nvofapi.dll
2020-03-23 17:43 - 2020-03-19 01:23 - 017601120 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2020-03-23 17:43 - 2020-03-19 01:23 - 015157664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2020-03-23 17:43 - 2020-03-19 01:23 - 005856864 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2020-03-23 17:43 - 2020-03-19 01:23 - 005158512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2020-03-23 17:43 - 2020-03-19 01:23 - 001049696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2020-03-23 17:43 - 2020-03-19 01:23 - 000849848 _____ (NVIDIA Corporation) C:\Windows\system32\MCU.exe
2020-03-23 17:43 - 2020-03-19 01:23 - 000811632 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2020-03-23 17:43 - 2020-03-19 01:23 - 000655472 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2020-03-23 17:43 - 2020-03-19 01:23 - 000445024 _____ (NVIDIA Corporation) C:\Windows\system32\nvdebugdump.exe
2020-03-23 17:43 - 2020-03-18 11:39 - 000111058 _____ C:\Windows\system32\nvidia-smi.1.pdf
2020-03-23 17:43 - 2020-03-18 11:39 - 000077314 _____ C:\Windows\system32\nvinfo.pb
2020-03-19 17:07 - 2020-03-19 17:07 - 000000000 ____D C:\Users\Boris\Games
2020-03-18 18:47 - 2020-03-18 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stellaris [GOG.com]
2020-03-18 13:05 - 2020-03-18 13:05 - 000000000 ____D C:\Users\Boris\AppData\LocalLow\PortaPlay
2020-03-14 01:09 - 2020-03-14 01:09 - 025444352 _____ (Microsoft Corporation) C:\Windows\system32\Hydrogen.dll
2020-03-14 01:09 - 2020-03-14 01:09 - 009930552 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2020-03-14 01:09 - 2020-03-14 01:09 - 007604584 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2020-03-14 01:09 - 2020-03-14 01:09 - 006520776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-03-14 01:09 - 2020-03-14 01:09 - 004563416 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2020-03-14 01:09 - 2020-03-14 01:09 - 001610240 _____ (Microsoft Corporation) C:\Windows\system32\HologramCompositor.dll
2020-03-14 01:09 - 2020-03-14 01:09 - 001398584 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2020-03-14 01:09 - 2020-03-14 01:09 - 001077048 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2020-03-14 01:09 - 2020-03-14 01:09 - 000772096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2020-03-14 01:09 - 2020-03-14 01:09 - 000689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2020-03-14 01:09 - 2020-03-14 01:09 - 000561464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2020-03-13 10:22 - 2020-03-13 10:22 - 000000000 ____D C:\Users\Boris\Documents\CPY_SAVES
2020-03-11 15:25 - 2020-03-11 15:25 - 025900544 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 022635008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 019850240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 019812352 _____ (Microsoft Corporation) C:\Windows\system32\HologramWorld.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 018027008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 011607552 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 009711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 007755776 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 007259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 006285312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 005911040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 004855808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 004580352 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 004348408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 004129648 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 003819520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 003488768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 003243296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 002956688 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2020-03-11 15:25 - 2020-03-11 15:25 - 002755584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2020-03-11 15:25 - 2020-03-11 15:25 - 002494744 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 002315680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 002224952 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 002180408 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 002072664 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 002031104 _____ C:\Windows\system32\rdpnano.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001867816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001835128 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001770552 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001555904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001540096 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001490640 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001417976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001319936 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001284096 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001282944 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001273856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001218632 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2020-03-11 15:25 - 2020-03-11 15:25 - 001214976 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001108040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001098720 _____ (Microsoft Corporation) C:\Windows\system32\DolbyDecMFT.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001088000 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001012792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 001000960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Mirage.Internal.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000952416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DolbyDecMFT.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000923136 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MCRecvSrc.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000843776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000835584 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000757632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000739328 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000705536 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Mirage.Internal.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000669496 _____ (Microsoft Corporation) C:\Windows\system32\computecore.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000668672 _____ (Microsoft Corporation) C:\Windows\system32\wsecedit.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000667136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2020-03-11 15:25 - 2020-03-11 15:25 - 000562176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000525312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsecedit.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000510768 _____ (Microsoft Corporation) C:\Windows\system32\systemreset.exe
2020-03-11 15:25 - 2020-03-11 15:25 - 000444416 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacDecoder.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000380416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacDecoder.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000328192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000287744 _____ (Microsoft Corporation) C:\Windows\system32\MSFlacEncoder.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSFlacEncoder.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\ddpchunk.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000227840 _____ (Microsoft Corporation) C:\Windows\system32\IndexedDbLegacy.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000225792 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000183808 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngOnline.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000175616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IndexedDbLegacy.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2020-03-11 15:25 - 2020-03-11 15:25 - 000145208 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000139776 _____ (Microsoft Corporation) C:\Windows\system32\Chakrathunk.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000105472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakrathunk.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000105472 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2020-03-11 15:25 - 2020-03-11 15:25 - 000097080 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000078848 _____ (Microsoft Corporation) C:\Windows\system32\ProvSysprep.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\iemigplugin.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iemigplugin.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000058368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000042296 _____ (Microsoft Corporation) C:\Windows\system32\SysResetErr.exe
2020-03-11 15:25 - 2020-03-11 15:25 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2020-03-11 15:25 - 2020-03-11 15:25 - 000032056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2020-03-11 15:25 - 2020-03-11 15:25 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2020-03-11 15:25 - 2020-03-11 15:25 - 000019768 _____ (Microsoft Corporation) C:\Windows\system32\ResetEngine.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 007905784 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 007263992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 006436352 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 006168064 _____ (Microsoft Corporation) C:\Windows\system32\twinui.pcshell.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 006084344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 005764664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 005112832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 005040640 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 004898144 _____ (Microsoft Corporation) C:\Windows\system32\rtmpltfm.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 004622280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 004538880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 004471296 _____ (Microsoft Corporation) C:\Windows\system32\InputService.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 004140544 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 004048896 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 003977216 _____ (Microsoft Corporation) C:\Windows\system32\tellib.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 003971808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 003860832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpltfm.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 003799552 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 003728896 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 003708928 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 003587896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 003552768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 003371720 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 003263488 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 003260928 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 003143168 _____ (Microsoft Corporation) C:\Windows\system32\directml.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002986808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 002875904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002870272 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002808832 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002800640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 002773568 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002768440 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002740736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directml.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002715648 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 002698040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 002584008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002561536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002522112 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002474496 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002453504 _____ (Microsoft Corporation) C:\Windows\system32\InstallService.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002307584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002305536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002289152 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002259872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002157056 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002087376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 002021888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001999952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001985104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001972536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 001885184 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001854976 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001835008 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001823232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001764336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001762304 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001757304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2020-03-11 15:24 - 2020-03-11 15:24 - 001751040 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001743888 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001729024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallService.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001697792 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001688064 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001684992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001665416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001657120 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001647072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001609216 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001581056 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001513040 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 001484600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001482040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 001481216 _____ (Microsoft Corporation) C:\Windows\system32\rdpsharercom.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001480192 _____ (Microsoft Corporation) C:\Windows\system32\usocoreworker.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 001458688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001428992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 001413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001412096 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001396152 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001394168 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001366128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2020-03-11 15:24 - 2020-03-11 15:24 - 001354080 _____ (Microsoft Corporation) C:\Windows\system32\rtmpal.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001283600 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2020-03-11 15:24 - 2020-03-11 15:24 - 001264128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Speech.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001260544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpsharercom.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001260480 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001190912 _____ (Microsoft Corporation) C:\Windows\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001182448 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 001180160 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001153024 _____ (Microsoft Corporation) C:\Windows\system32\windowsperformancerecordercontrol.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001149712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 001097728 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001092096 _____ (Microsoft Corporation) C:\Windows\system32\TpmCoreProvisioning.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001091936 _____ (Microsoft Corporation) C:\Windows\system32\rtmcodecs.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001083904 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001071184 _____ (Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 001057792 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001054376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001032544 _____ (Microsoft Corporation) C:\Windows\system32\ortcengine.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001031680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001027000 _____ (Microsoft Corporation) C:\Windows\system32\ClipSVC.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 001007672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000988160 _____ (Microsoft Corporation) C:\Windows\system32\refsutil.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000983896 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000980320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmpal.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000974848 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000945384 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000935040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Taskmgr.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000929144 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthService.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000921088 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000916480 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Core.TextInput.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000915296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmcodecs.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000914944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000908504 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000898048 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000895488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000892696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Service.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000877232 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000874296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000868864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windowsperformancerecordercontrol.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000863232 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000851968 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000845312 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000838144 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Language.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCoreProvisioning.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000833616 _____ (Microsoft Corporation) C:\Windows\system32\pkeyhelper.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll

Kolner
Level 1
Level 1
Příspěvky: 85
Registrován: červen 12
Pohlaví: Muž

Re: Svévolné vypínání programů a nedostatek paměti

Příspěvekod Kolner » 31 bře 2020 15:59

2020-03-11 15:24 - 2020-03-11 15:24 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000796904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000783480 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000776488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000769552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000765440 _____ (Microsoft Corporation) C:\Windows\system32\uReFS.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000748032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000741392 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000734720 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000732000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ortcengine.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000691712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000678912 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000670720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000668296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000661816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000654336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uReFS.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000649728 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000646656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000642216 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000638464 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000637240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000636848 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000627216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LicensingWinRT.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000613888 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000605896 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000599552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActivationManager.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000595968 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\SppExtComObj.Exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\wpnprv.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000568832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Speech.UXRes.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000562688 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000551824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxs.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000550400 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000540672 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2020-03-11 15:24 - 2020-03-11 15:24 - 000535552 _____ (Microsoft Corporation) C:\Windows\system32\usosvc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000531768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2020-03-11 15:24 - 2020-03-11 15:24 - 000526848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000522384 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000518656 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000516096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000500224 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000478792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000477496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2020-03-11 15:24 - 2020-03-11 15:24 - 000469504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000460800 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000459688 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000457216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cldflt.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000457016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000455168 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000448000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsEnvironment.Desktop.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\edgeIso.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000441144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountExtension.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000429880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2020-03-11 15:24 - 2020-03-11 15:24 - 000403456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000401408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000392192 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000382976 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000379904 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000368128 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000355840 _____ (Microsoft Corporation) C:\Windows\system32\XpsDocumentTargetPrint.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000355000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000353960 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000337920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Acx01000.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000336384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000330240 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000327680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgeIso.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000320312 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthAgent.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000309248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000308736 _____ (Microsoft Corporation) C:\Windows\system32\msIso.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000307712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000307712 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000299520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\provops.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\DeviceDirectoryClient.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000287232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppcomapi.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000283136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000282112 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000273408 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountCloudAP.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000271872 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000268288 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000265216 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000263168 _____ (Microsoft Corporation) C:\Windows\system32\wpnservice.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\netman.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000260920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000258048 _____ (Microsoft Corporation) C:\Windows\system32\VPNv2CSP.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000254776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssecflt.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000251904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msIso.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsDocumentTargetPrint.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000250896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000250880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000248064 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000240640 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000239104 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000234984 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000233472 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000232960 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000231936 _____ (Microsoft Corporation) C:\Windows\system32\InstallServiceTasks.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000228864 _____ (Microsoft Corporation) C:\Windows\system32\MicrosoftAccountTokenProvider.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000226816 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000224056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000222520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000221200 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scecli.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000213984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeManagerObj.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000211968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000210744 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000208696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000206336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000204800 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000201744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wcifs.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000201728 _____ (Microsoft Corporation) C:\Windows\system32\AppXApplicabilityBlob.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000201528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000199992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000199480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000193592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000183608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000182272 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000181248 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000181248 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000180232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallServiceTasks.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\rtm.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000177152 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeHelper.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000174592 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000174392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EditionUpgradeHelper.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000166400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MicrosoftAccountTokenProvider.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000165504 _____ (Microsoft Corporation) C:\Windows\system32\dmcmnutils.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000164776 _____ (Microsoft Corporation) C:\Windows\system32\omadmapi.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtm.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000151568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000146712 _____ (Microsoft Corporation) C:\Windows\system32\profext.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\DeviceUpdateAgent.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\GraphicsCapture.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000141840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\provpackageapidll.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\InputLocaleManager.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000138752 _____ (Microsoft Corporation) C:\Windows\system32\DeviceMetadataRetrievalClient.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000138240 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUser.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000137216 _____ (Microsoft Corporation) C:\Windows\system32\pnpclean.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000136328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\omadmapi.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000135168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NdisImPlatform.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000133944 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000133256 _____ (Microsoft Corporation) C:\Windows\system32\profapi.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000131896 _____ (Microsoft Corporation) C:\Windows\system32\DTUHandler.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000130112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmcmnutils.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000128312 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000127064 _____ (Microsoft Corporation) C:\Windows\system32\win32u.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000120560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profext.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000120320 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000120048 _____ (Microsoft Corporation) C:\Windows\system32\OpenWith.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Taskbar.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000114176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000113152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000112128 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000108032 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000107832 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthProxyStub.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GraphicsCapture.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000105984 _____ (Microsoft Corporation) C:\Windows\system32\utcutil.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000105832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpenWith.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000103936 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000102760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\profapi.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\mssecuser.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2020-03-11 15:24 - 2020-03-11 15:24 - 000098104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\provdatastore.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000093184 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000089616 _____ (Microsoft Corporation) C:\Windows\system32\DeviceReactivation.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000089568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32u.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\BarcodeProvisioningPlugin.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3api.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dot3msm.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000087040 _____ (Microsoft Corporation) C:\Windows\system32\EditBufferTestHook.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\provtool.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\enterpriseresourcemanager.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\CustomInstallExec.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\autopilot.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000068408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceReactivation.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000068096 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000067112 _____ (Microsoft Corporation) C:\Windows\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000066336 _____ (Microsoft Corporation) C:\Windows\system32\wlrmdr.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\enterpriseresourcemanager.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000063288 _____ (Microsoft Corporation) C:\Windows\system32\SecurityHealthHost.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000056672 _____ (Microsoft Corporation) C:\Windows\system32\rtmmvrortc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000056632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciidex.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000055376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rtmmvrortc.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\MSAProfileNotificationHandler.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000052736 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\dusmapi.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000048256 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000045568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cellulardatacapabilityhandler.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000045056 _____ (Microsoft Corporation) C:\Windows\system32\npmproxy.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\WiredNetworkCSP.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000042336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\WordBreakers.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afunix.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\dusmtask.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthMini.SYS
2020-03-11 15:24 - 2020-03-11 15:24 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\sxstrace.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000032256 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000031232 _____ (Microsoft Corporation) C:\Windows\system32\FaxPrinterInstaller.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000030008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\atapi.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000029712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tbs.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sxstrace.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Drivers\afunix.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\nlmproxy.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000028936 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\autopilotdiag.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\wci.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\msauserext.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000019984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelide.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000019456 _____ (Microsoft Corporation) C:\Windows\system32\mpnotify.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msauserext.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\nlmsprep.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000016912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pciide.sys
2020-03-11 15:24 - 2020-03-11 15:24 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\MUILanguageCleanup.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\LangCleanupSysprepAction.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\pacjsworker.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\LaunchTM.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000011776 _____ (Microsoft Corporation) C:\Windows\system32\iprtprio.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000010752 _____ (Microsoft Corporation) C:\Windows\system32\DMAlertListener.ProxyStub.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchTM.exe
2020-03-11 15:24 - 2020-03-11 15:24 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\lpksetupproxyserv.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000009216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtprio.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DMAlertListener.ProxyStub.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000003584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TpmCertResources.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000003584 _____ (Microsoft Corporation) C:\Windows\system32\TpmCertResources.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\tier2punctuations.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000002560 _____ (Microsoft Corporation) C:\Windows\system32\TelephonyInteractiveUserRes.dll
2020-03-11 15:24 - 2020-03-11 15:24 - 000000315 _____ C:\Windows\system32\DrtmAuth9.bin
2020-03-11 15:24 - 2020-03-11 15:24 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2020-03-11 15:24 - 2020-03-11 15:24 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2020-03-11 15:24 - 2020-03-11 15:24 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2020-03-11 15:24 - 2020-03-11 15:24 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2020-03-11 15:24 - 2020-03-11 15:24 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2020-03-11 15:24 - 2020-03-11 15:24 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2020-03-11 15:24 - 2020-03-11 15:24 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2020-03-11 15:24 - 2020-03-11 15:24 - 000000315 _____ C:\Windows\system32\DrtmAuth12.bin
2020-03-11 15:24 - 2020-03-11 15:24 - 000000315 _____ C:\Windows\system32\DrtmAuth11.bin
2020-03-11 15:24 - 2020-03-11 15:24 - 000000315 _____ C:\Windows\system32\DrtmAuth10.bin
2020-03-11 15:24 - 2020-03-11 15:24 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2020-03-11 15:20 - 2020-02-11 06:48 - 000390656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2020-03-11 15:20 - 2020-02-11 06:37 - 000492544 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2020-03-10 16:31 - 2020-03-10 16:31 - 000000000 ____D C:\Users\Boris\AppData\Roaming\GameSparks
2020-03-06 16:36 - 2020-03-06 16:36 - 001057055 _____ C:\Users\Boris\Desktop\pvzp_smlouva__final_2020-02-27_1619133263_275322.pdf
2020-03-06 16:36 - 2020-03-06 16:36 - 000663316 _____ C:\Users\Boris\Desktop\pvzp_attachment___policy_2020-02-27_1619133263_594533.pdf
2020-03-03 03:41 - 2020-03-04 00:15 - 000013757 _____ C:\ProgramData\DisplaySessionContainer20.log_backup1
2020-03-02 03:22 - 2020-03-03 03:41 - 000013447 _____ C:\ProgramData\DisplaySessionContainer19.log_backup1
2020-03-01 04:43 - 2020-03-02 03:22 - 000012699 _____ C:\ProgramData\DisplaySessionContainer18.log_backup1

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-03-31 15:54 - 2020-02-09 21:42 - 000000000 ____D C:\Users\Boris\AppData\Local\CrashDumps
2020-03-31 15:43 - 2020-02-10 22:05 - 000000000 ____D C:\Windows\system32\SleepStudy
2020-03-31 15:43 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-31 12:25 - 2020-02-09 19:18 - 000000000 ____D C:\ProgramData\NVIDIA
2020-03-31 10:27 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
2020-03-31 10:22 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-31 10:22 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\AppReadiness
2020-03-31 10:17 - 2020-02-09 23:47 - 000003458 _____ C:\Windows\system32\Tasks\HyperXRamApp
2020-03-30 01:59 - 2020-02-20 07:49 - 000000000 ____D C:\Users\Boris\AppData\Roaming\vlc
2020-03-29 00:55 - 2020-02-09 21:14 - 000000000 ____D C:\Users\Boris\Desktop\Hry
2020-03-28 15:46 - 2020-02-09 20:42 - 000000000 ____D C:\Users\Boris\AppData\Local\Battle.net
2020-03-28 14:48 - 2020-02-09 20:03 - 000000000 ____D C:\Users\Boris\AppData\Local\D3DSCache
2020-03-28 10:30 - 2020-02-09 19:10 - 001694640 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-28 10:30 - 2019-03-19 13:57 - 000717182 _____ C:\Windows\system32\perfh005.dat
2020-03-28 10:30 - 2019-03-19 13:57 - 000145262 _____ C:\Windows\system32\perfc005.dat
2020-03-28 10:24 - 2020-02-10 22:05 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-28 10:24 - 2020-02-09 19:11 - 000053316 _____ C:\ProgramData\NVDisplayContainerWatchdog.log_backup1
2020-03-28 10:24 - 2020-02-09 19:11 - 000020595 _____ C:\ProgramData\NVDisplay.ContainerLocalSystem.log_backup1
2020-03-28 10:24 - 2020-02-09 19:11 - 000013529 _____ C:\ProgramData\DisplaySessionContainer2.log_backup1
2020-03-28 10:24 - 2019-03-19 06:37 - 000524288 _____ C:\Windows\system32\config\BBI
2020-03-28 02:38 - 2020-02-10 22:08 - 000000000 ____D C:\Users\Boris
2020-03-28 02:38 - 2020-02-09 19:46 - 000006561 _____ C:\ProgramData\DisplaySessionContainer1.log_backup1
2020-03-27 17:31 - 2020-02-09 19:18 - 000001206 _____ C:\ProgramData\NvcDispCorePlugin.log_backup1
2020-03-25 20:35 - 2020-02-10 22:11 - 000000000 ____D C:\Users\Boris\AppData\Local\PlaceholderTileLogoFolder
2020-03-25 20:32 - 2020-02-09 21:09 - 000000000 ____D C:\Users\Boris\AppData\Local\Ubisoft Game Launcher
2020-03-25 20:09 - 2020-02-10 22:09 - 000000000 ____D C:\Users\Boris\AppData\Local\Packages
2020-03-25 20:09 - 2020-02-09 19:22 - 000000000 ____D C:\ProgramData\Packages
2020-03-25 19:48 - 2020-02-09 20:57 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2020-03-25 19:48 - 2020-02-09 20:57 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2020-03-25 19:35 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\LiveKernelReports
2020-03-25 06:54 - 2020-02-10 22:05 - 000000000 ____D C:\Windows\system32\Drivers\wd
2020-03-23 17:49 - 2020-02-09 19:19 - 000000000 ____D C:\Users\Boris\AppData\Local\NVIDIA
2020-03-23 17:46 - 2020-02-21 00:59 - 000019524 _____ C:\ProgramData\DisplaySessionContainer8.log_backup1
2020-03-22 11:05 - 2020-02-10 22:10 - 000003378 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-958476313-3190207545-3997889132-1001
2020-03-22 11:05 - 2020-02-10 22:10 - 000000000 ___RD C:\Users\Boris\OneDrive
2020-03-22 11:05 - 2020-02-10 22:08 - 000002361 _____ C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-21 10:06 - 2020-02-19 03:11 - 000018818 _____ C:\ProgramData\DisplaySessionContainer6.log_backup1
2020-03-21 10:05 - 2020-02-09 19:11 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2020-03-21 08:19 - 2020-02-09 20:37 - 000003474 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 08:19 - 2020-02-09 20:37 - 000003350 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 01:58 - 2020-02-10 12:51 - 000010198 _____ C:\ProgramData\DisplaySessionContainer4.log_backup1
2020-03-19 23:48 - 2020-02-09 20:37 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-19 04:22 - 2020-02-09 19:11 - 004927048 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2020-03-18 23:35 - 2020-02-09 19:28 - 000013437 _____ C:\ProgramData\DisplaySessionContainer3.log_backup1
2020-03-18 11:39 - 2020-02-09 19:11 - 000222112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2020-03-17 22:07 - 2020-02-28 10:04 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-17 22:07 - 2020-02-28 10:04 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-14 03:56 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\ShellExperiences
2020-03-14 03:56 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\bcastdvr
2020-03-14 01:10 - 2019-03-19 06:37 - 000000000 ____D C:\Windows\CbsTemp
2020-03-12 08:28 - 2020-02-10 22:09 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-03-12 08:28 - 2020-02-10 22:09 - 000000000 ___RD C:\Users\Boris\3D Objects
2020-03-12 08:27 - 2020-02-10 22:05 - 000267752 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-11 22:37 - 2019-03-19 13:59 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2020-03-11 22:37 - 2019-03-19 06:52 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2020-03-11 22:37 - 2019-03-19 06:52 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2020-03-11 22:37 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SysWOW64\setup
2020-03-11 22:37 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SysWOW64\Dism
2020-03-11 22:37 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\SystemResources
2020-03-11 22:37 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2020-03-11 22:37 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\setup
2020-03-11 22:37 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\oobe
2020-03-11 22:37 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\system32\Dism
2020-03-11 22:37 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Windows Defender
2020-03-11 22:37 - 2019-03-19 06:37 - 000000000 ____D C:\Windows\servicing
2020-03-11 15:28 - 2020-02-09 19:12 - 000000000 ____D C:\Windows\system32\MRT
2020-03-11 15:27 - 2020-02-09 19:12 - 121542864 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-03-10 16:31 - 2020-02-25 17:33 - 000000000 ____D C:\Users\Boris\Documents\Paradox Interactive
2020-03-09 03:42 - 2020-02-19 23:54 - 000013493 _____ C:\ProgramData\DisplaySessionContainer7.log_backup1
2020-03-07 02:07 - 2020-02-11 01:28 - 000013497 _____ C:\ProgramData\DisplaySessionContainer5.log_backup1
2020-03-06 20:47 - 2020-02-13 23:48 - 000000000 ____D C:\Users\Boris\Documents\StarCraft II

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Kolner
Level 1
Level 1
Příspěvky: 85
Registrován: červen 12
Pohlaví: Muž

Re: Svévolné vypínání programů a nedostatek paměti

Příspěvekod Kolner » 31 bře 2020 16:00

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by Boris (31-03-2020 15:56:12)
Running from C:\Users\Boris\Desktop
Windows 10 Pro Version 1909 18363.720 (X64) (2020-02-10 20:07:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-958476313-3190207545-3997889132-500 - Administrator - Disabled)
Boris (S-1-5-21-958476313-3190207545-3997889132-1001 - Administrator - Enabled) => C:\Users\Boris
DefaultAccount (S-1-5-21-958476313-3190207545-3997889132-503 - Limited - Disabled)
Guest (S-1-5-21-958476313-3190207545-3997889132-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-958476313-3190207545-3997889132-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated)
Aktualizace NVIDIA 38.0.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 38.0.4.0 - NVIDIA Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlestate Games Launcher 0.9.3.1057 (HKLM-x32\...\{B0FDA062-7581-4D67-B085-C4E7C358037F}_is1) (Version: 0.9.3.1057 - Battlestate Games)
CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform)
CPUID HWMonitor 1.41 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.41 - CPUID, Inc.)
CrystalDiskInfo 8.4.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.4.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\Discord) (Version: 0.0.306 - Discord Inc.)
Driver Easy 5.6.13 (HKLM\...\DriverEasy_is1) (Version: 5.6.13 - Easeware)
Epic Games Launcher (HKLM-x32\...\{DCE27B29-200D-491A-BBC5-98ECEFEC0843}) (Version: 1.1.257.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version: - epubfilereader.com)
Escape from Tarkov (HKLM-x32\...\EscapeFromTarkov) (Version: 0.12.4.6269 - Battlestate Games)
FastStone Image Viewer 7.4 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.4 - FastStone Soft)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
MediaHuman YouTube to MP3 Converter 3.9.9.33 (HKLM-x32\...\MediaHuman YouTube to MP3 Converter_is1) (Version: 3.9.9.33 - MediaHuman)
Microsoft OneDrive (HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.20.2.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.2.34 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.26 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 445.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 445.75 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.61.37414 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Paradox Launcher v2 (HKLM\...\{F0072197-FCF6-41BF-9D38-832B145922DC}) (Version: 2.0.0.0 - Paradox Interactive)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8881.1 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.5.2 - Rockstar Games)
RogueKiller version 14.3.0.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 14.3.0.0 - Adlice Software)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
Spotify (HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\Spotify) (Version: 1.1.25.559.g85cf5e4c - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellaris (HKLM-x32\...\1508702879_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Ancient Relics (HKLM-x32\...\2106739867_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Anniversary Portraits (HKLM-x32\...\1619776270_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Apocalypse (HKLM-x32\...\1988097366_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Arachnoid Portrait Pack (HKLM-x32\...\1897107160_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Complete Soundtrack (HKLM-x32\...\1892453534_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Distant Stars Story Pack (HKLM-x32\...\1209094315_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Federations (HKLM-x32\...\1790030450_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Horizon Signal (HKLM-x32\...\1490429179_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Humanoids Species Pack (HKLM-x32\...\2062279897_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Leviathans Story Pack (HKLM-x32\...\1122806862_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Megacorp (HKLM-x32\...\1316465607_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Plantoids Species Pack (HKLM-x32\...\1999794856_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Synthetic Dawn Story Pack (HKLM-x32\...\1292954230_is1) (Version: 2.6.0.4 - GOG.com)
Stellaris: Utopia (HKLM-x32\...\1978231244_is1) (Version: 2.6.0.4 - GOG.com)
Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft Montreal)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.50 - Ghisler Software GmbH)
TreeSize Free V4.4.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.4.1 - JAM Software)
Uplay (HKLM-x32\...\Uplay) (Version: 102.0 - Ubisoft)
Virtual Russian Keyboard version 3.0 (HKLM-x32\...\{B5824F09-8D38-4B82-BF53-73057D922CA7}_is1) (Version: 3.0 - DasmSoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)
WinRAR 5.80 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.80.0 - win.rar GmbH)
YMS 3017 AMBUSH Gaming mouse (HKLM-x32\...\{A53D8141-1FAB-4EA5-8630-52BFC0170AB3}}_is1) (Version: 1.0 - )
Zemana AntiMalware verze 3.1.495 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.495 - Zemana)

Packages:
=========
CrystalDiskMark -> C:\Program Files\WindowsApps\45313CrystalDewWorld.CrystalDiskMark5_7.0.2.0_x64__kfjz01bcdaj9c [2020-03-25] (Crystal Dew World)
HyperX NGENUITY -> C:\Program Files\WindowsApps\33C30B79.HyperXNGenuity_5.1.24.0_x64__0a78dr3hq0pvt [2020-03-16] (HyperX Gaming) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-02-10] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.956.0_x64__56jybvy8sckqj [2020-02-09] (NVIDIA Corp.)
Sound Blaster Connect -> C:\Program Files\WindowsApps\CreativeTechnologyLtd.SoundBlasterConnect_2.2.10.0_x86__13fcda18mhdz2 [2020-02-09] (Creative Technology Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0 [2020-03-31] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programy\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_8c5e3f480513d171\nvshext.dll [2020-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-11-04] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => D:\Programy\Malwarebytes\Anti-Malware\mbshlext.dll [2020-02-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Programy\WinRAR\rarext.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Programy\WinRAR\rarext32.dll [2019-12-05] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Boris\Desktop\Lia - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Boris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Lia - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2020-02-09 21:00 - 2020-02-09 20:59 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\Hry\Origin\LIBEAY32.dll
2020-02-09 21:00 - 2020-02-09 20:59 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] E:\Hry\Origin\ssleay32.dll
2020-02-09 21:00 - 2020-02-09 20:59 - 001611264 _____ (The Qt Company Ltd) [File not signed] E:\Hry\Origin\platforms\qwindows.dll
2020-02-09 21:00 - 2020-02-09 20:59 - 005487104 _____ (The Qt Company Ltd) [File not signed] E:\Hry\Origin\Qt5Core.dll
2020-02-09 21:00 - 2020-02-09 20:59 - 005841920 _____ (The Qt Company Ltd) [File not signed] E:\Hry\Origin\Qt5Gui.dll
2020-02-09 21:00 - 2020-02-09 20:59 - 001179136 _____ (The Qt Company Ltd) [File not signed] E:\Hry\Origin\Qt5Network.dll
2020-02-09 21:00 - 2020-02-09 20:59 - 005089792 _____ (The Qt Company Ltd) [File not signed] E:\Hry\Origin\Qt5Widgets.dll
2020-02-09 21:00 - 2020-02-09 20:59 - 000184832 _____ (The Qt Company Ltd) [File not signed] E:\Hry\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2020-03-28 10:22 - 000000813 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-958476313-3190207545-3997889132-1001\Control Panel\Desktop\\Wallpaper -> c:\users\boris\appdata\roaming\faststone\fsiv\fsviewerwallpaper.bmp
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\StartupApproved\Run: => "launchOnStartup"
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\StartupApproved\Run: => "Spotify"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D821AF20-1577-4C7C-B993-E88026FA1AF6}E:\hry\steam\steam.exe] => (Allow) E:\hry\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{92A57ECF-C074-4898-8623-2E43721FB72C}E:\hry\steam\steam.exe] => (Allow) E:\hry\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9FBCEBC0-ED3C-4A8C-BD86-E2407F9F0E74}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{74FDD75C-6044-4B81-80E8-4DED7A6EE17E}] => (Allow) E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{07D3AF49-02A5-4CDA-B94C-264834B9BCE0}] => (Allow) E:\Hry\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{F7603A0B-6024-4CFE-8850-7929FFA11D5F}] => (Allow) E:\Hry\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe (Take-Two Interactive Software, Inc. -> Rockstar Games)
FirewallRules: [{F2AD7D40-A4E8-4E89-947A-12C9B368234C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{07344F45-D056-4343-8564-9CA06F94E699}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D4BF0491-9A9E-444F-93A3-BC83696DF2D5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BF8639B0-89B7-4252-BEDF-BDEE5E86DE52}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{231BEAFD-9B8E-4C2E-90A6-A071B20E5F12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{3D4D697F-EE80-4E33-9E13-6D6C456FD65D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{387FA4BE-2859-4C56-AEFC-90D367137134}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{853A43D4-A9FC-4E19-8B8B-1E38C6EF1A4A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.129.592.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
StandardProfile\AuthorizedApplications: [D:\Programy\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [D:\Programy\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [D:\Programy\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [D:\Programy\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

27-03-2020 17:12:18 zoek.exe restore point
28-03-2020 20:06:24 Nainstalováno rozhraní DirectX

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (03/31/2020 03:55:38 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 28760; požadovaná velikost: 29360.

Error: (03/31/2020 03:54:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.18362.1, časové razítko: 0x527faf7f
Kód výjimky: 0xc000041d
Posun chyby: 0x00004647
ID chybujícího procesu: 0xcc4
Čas spuštění chybující aplikace: 0x01d6073715176a87
Cesta k chybující aplikaci: D:\Programy\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: f9bd10bf-3111-4447-a37e-9732eca4b465
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/29/2020 11:28:06 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 27808; požadovaná velikost: 32856.

Error: (03/29/2020 12:54:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: utorrent.exe, verze: 3.1.3.26837, časové razítko: 0x4f5934c0
Název chybujícího modulu: GDI32.dll, verze: 10.0.18362.1, časové razítko: 0x527faf7f
Kód výjimky: 0xc000041d
Posun chyby: 0x00004647
ID chybujícího procesu: 0xb10
Čas spuštění chybující aplikace: 0x01d605529e66c3cd
Cesta k chybující aplikaci: D:\Programy\uTorrent\utorrent.exe
Cesta k chybujícímu modulu: C:\Windows\System32\GDI32.dll
ID zprávy: 67b3a83e-b023-4bd3-83e5-7af4cdfa4780
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/28/2020 10:28:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MaxPayne3.exe, verze: 1.0.0.216, časové razítko: 0x580102d8
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0xdddddddd
ID chybujícího procesu: 0xf40
Čas spuštění chybující aplikace: 0x01d6052bb869587a
Cesta k chybující aplikaci: E:\Hry\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 1175a02a-ffba-4ac0-baf5-a25bee81b728
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/28/2020 02:38:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: steamwebhelper.exe, verze: 5.78.0.89, časové razítko: 0x5e7d3103
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000000007689a1a0
ID chybujícího procesu: 0x2e98
Čas spuštění chybující aplikace: 0x01d604992e9a8af6
Cesta k chybující aplikaci: E:\Hry\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 42fb4ec4-5e14-425f-973f-787522778abc
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2020 05:11:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.18362.719, časové razítko: 0x4061c730
Kód výjimky: 0xc0000409
Posun chyby: 0x00114192
ID chybujícího procesu: 0x2090
Čas spuštění chybující aplikace: 0x01d60449ffc1a80b
Cesta k chybující aplikaci: C:\Users\Boris\Desktop\zoek.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 926c21cf-06ea-4b87-a8e4-3e18f994075a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (03/27/2020 08:08:42 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1020) (User: NT AUTHORITY)
Description: Velikost požadované vyrovnávací paměti je větší než velikost vyrovnávací paměti předané do funkce Collect knihovny DLL rozšiřitelných čítačů C:\Windows\System32\perfts.dll pro službu LSM. Velikost dané vyrovnávací paměti: 29152; požadovaná velikost: 30648.


System errors:
=============
Error: (03/31/2020 10:40:50 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-KF6DJQO)
Description: Nelze spustit server DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147943140
při provádění příkazu:
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Error: (03/31/2020 10:40:48 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-KF6DJQO)
Description: Nelze spustit server DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147943140
při provádění příkazu:
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Error: (03/31/2020 10:40:44 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-KF6DJQO)
Description: Nelze spustit server DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147943140
při provádění příkazu:
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Error: (03/31/2020 10:40:44 AM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-KF6DJQO)
Description: Nelze spustit server DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147943140
při provádění příkazu:
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Error: (03/29/2020 08:16:59 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-KF6DJQO)
Description: Nelze spustit server DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147943140
při provádění příkazu:
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Error: (03/29/2020 08:16:53 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-KF6DJQO)
Description: Nelze spustit server DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147943140
při provádění příkazu:
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Error: (03/29/2020 08:16:31 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-KF6DJQO)
Description: Nelze spustit server DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147943140
při provádění příkazu:
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Error: (03/29/2020 08:16:28 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-KF6DJQO)
Description: Nelze spustit server DCOM: {9AA46009-3CE0-458A-A354-715610A075E6} jako Není k dispozici/Není k dispozici. Došlo k chybě:
2147943140
při provádění příkazu:
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding


Windows Defender:
===================================
Date: 2020-03-17 14:44:08.718
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C8B6DCF4-801C-404D-A021-4B0BE9C4D9D7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-03-13 17:46:08.248
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_F:\setup.exe
Původ detekce: Místní počítač
Typ detekce: FastPath
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-KF6DJQO\Boris
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.311.1095.0, AS: 1.311.1095.0, NIS: 1.311.1095.0
Verze modulu: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-13 17:46:08.036
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!plock
ID: 2147723626
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_G:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-KF6DJQO\Boris
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.311.1095.0, AS: 1.311.1095.0, NIS: 1.311.1095.0
Verze modulu: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-13 12:52:36.889
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!plock
ID: 2147723626
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_G:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-KF6DJQO\Boris
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.311.1095.0, AS: 1.311.1095.0, NIS: 1.311.1095.0
Verze modulu: AM: 1.1.16800.2, NIS: 1.1.16800.2

Date: 2020-03-13 12:51:21.656
Description:
Antivirová ochrana v programu Windows Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!plock
ID: 2147723626
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_G:\setup.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: DESKTOP-KF6DJQO\Boris
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.311.1095.0, AS: 1.311.1095.0, NIS: 1.311.1095.0
Verze modulu: AM: 1.1.16800.2, NIS: 1.1.16800.2

CodeIntegrity:
===================================

Date: 2020-03-24 13:51:30.731
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-24 13:51:30.726
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-24 13:51:30.654
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-24 13:51:30.646
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-24 13:51:30.638
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-24 13:51:30.630
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-24 13:51:30.584
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2020-03-24 13:51:30.570
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. P3.90 12/12/2019
Motherboard: ASRock B450 Gaming K4
Processor: AMD Ryzen 5 3600 6-Core Processor
Percentage of memory in use: 21%
Total physical RAM: 16315.44 MB
Available physical RAM: 12870.68 MB
Total Virtual: 25531.44 MB
Available Virtual: 20742.18 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.16 GB) (Free:51.5 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:232.14 GB) NTFS
Drive e: (Programy) (Fixed) (Total:465.76 GB) (Free:153.58 GB) NTFS

\\?\Volume{b9e604b8-2bb9-4894-9d1f-74bc22989485}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.09 GB) NTFS
\\?\Volume{f4e7558e-eb44-4b78-b751-e61fab85cf8d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 49997628)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 2C4D2524)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==========================================================
Disk: 2 (Size: 111.8 GB) (Disk ID: 065E4DAE)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 40566
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Svévolné vypínání programů a nedostatek paměti

Příspěvekod jaro3 » 31 bře 2020 19:33

Odinstaloval bych Spybot - Search & Destroy .

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\MountPoints2: {27c9df5c-5dcb-11ea-ab74-a8a1590654a8} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\Winlogon: [Shell] %comspec% <==== ATTENTION
Task: {45E82754-3603-4EB5-975B-795A5F61640B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-09] (Google LLC -> Google LLC)
Task: {E0187C3B-B6D4-44C2-A9F8-8F940B0B8CCE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-09] (Google LLC -> Google LLC)
SearchScopes: HKU\S-1-5-21-958476313-3190207545-3997889132-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-958476313-3190207545-3997889132-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
_F:\setup.exe
_G:\setup.exe

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Pak napiš , co problémy ( případně popiš).
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Kolner
Level 1
Level 1
Příspěvky: 85
Registrován: červen 12
Pohlaví: Muž

Re: Svévolné vypínání programů a nedostatek paměti

Příspěvekod Kolner » 01 dub 2020 02:03

Windows s restartem po fixnutí konečně naběhl jak měl. Programy drží jak mají. Žádné hlášky o nedostatku paměti.

Fix result of Farbar Recovery Scan Tool (x64) Version: 29-03-2020
Ran by Boris (01-04-2020 01:56:28) Run:1
Running from C:\Users\Boris\Desktop
Loaded Profiles: Boris (Available Profiles: Boris)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\MountPoints2: {27c9df5c-5dcb-11ea-ab74-a8a1590654a8} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\...\Winlogon: [Shell] %comspec% <==== ATTENTION
Task: {45E82754-3603-4EB5-975B-795A5F61640B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-09] (Google LLC -> Google LLC)
Task: {E0187C3B-B6D4-44C2-A9F8-8F940B0B8CCE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-02-09] (Google LLC -> Google LLC)
SearchScopes: HKU\S-1-5-21-958476313-3190207545-3997889132-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-958476313-3190207545-3997889132-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
_F:\setup.exe
_G:\setup.exe

EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{27c9df5c-5dcb-11ea-ab74-a8a1590654a8} => removed successfully
"HKU\S-1-5-21-958476313-3190207545-3997889132-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45E82754-3603-4EB5-975B-795A5F61640B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45E82754-3603-4EB5-975B-795A5F61640B}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0187C3B-B6D4-44C2-A9F8-8F940B0B8CCE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0187C3B-B6D4-44C2-A9F8-8F940B0B8CCE}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKU\S-1-5-21-958476313-3190207545-3997889132-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-958476313-3190207545-3997889132-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} => removed successfully
HKLM\System\CurrentControlSet\Services\cpuz148 => removed successfully
cpuz148 => service removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
_F:\setup.exe => Error: No automatic fix found for this entry.
_G:\setup.exe => Error: No automatic fix found for this entry.

=========== EmptyTemp: ==========

BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 225766979 B
Java, Flash, Steam htmlcache => 489104630 B
Windows/system/drivers => 82862 B
Edge => 2790542 B
Chrome => 754467465 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 15314 B
Boris => 5058739 B

RecycleBin => 1078511086 B
EmptyTemp: => 2.4 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 01:56:56 ====


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 0 hostů