Dobrý den,
Mám nově naistalovaný windows 11 - instalováné v únoru, ale minulý týden jsem si všíml že PC žral nějak moc memory - 40GB a to nebyly spuštěné žádné aplikace a povypínal jsem skoro všechy aplikace co šlo. Ve správci úloh ani nebyl vidět proces co by konzumoval takové množství memory co jsem napočítal, tak tam bylo max 2GB.
Po promazání přes CCleaner a restartu se memory usage vrátil na minimální hodnotu 8% ale nyní opět memory usage roste - 19% - 16GB memory je využito.
Nejsem si jistý jestli to normální funkce windows 11 nebo jeslti jsem nechytil nějaký malware, proto se obracím na vás s prosbou o pomoc.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.04.2024
Ran by jirik (administrator) on JIRKA (Micro-Star International Co., Ltd. MS-7D75) (04-04-2024 08:13:10)
Running from C:\Users\jirik\Desktop\FRST64.exe
Loaded Profiles: jirik
Platform: Microsoft Windows 11 Home Version 23H2 22631.3296 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\CoolerMaster\MasterPlus\adb\adb.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10013.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10013.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(A225F3B5-240D-4EE9-BCF4-697A07F5E93E -> Micro-Star INT'L CO., LTD.) C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.MSICenter_2.0.34.0_x64__kzh8wxbdkxb8p\DCv2\DCv2.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Engine\CC_Engine_x64.exe
(C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.CentralServer.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10013.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10013.0_x64__0a9344xs7nr4m\radeonsoftware\amdow.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10013.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10013.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10013.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.24.10013.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Riot Games\Riot Client\RiotClientServices.exe ->) () [File not signed] C:\Riot Games\Riot Client\RiotClientCrashHandler.exe
(DriverStore\FileRepository\u0399879.inf_amd64_85af875c6f6cd815\B399690\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0399879.inf_amd64_85af875c6f6cd815\B399690\atieclxx.exe
(explorer.exe ->) (Riot Games, Inc. -> Riot Games, Inc.) C:\Riot Games\Riot Client\RiotClientServices.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [File not signed] C:\Program Files (x86)\CoolerMaster\MasterPlus\MPService.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0399879.inf_amd64_85af875c6f6cd815\B399690\atiesrxx.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_d70af0bfe61df9f0\logi_lamparray_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc) C:\Windows\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_0b3c99dc64473f00\amd3dvcacheSvc.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe
(services.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe
(services.exe ->) (NortonLifeLock Inc. -> NortonLifelock Inc.) C:\Program Files\Norton Security\Engine\22.24.2.6\NortonSecurity.exe <2>
(services.exe ->) (NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.24.2.6\nsWscSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_493585427225c794\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\MSI.TerminalServer.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Center\True Color\New\MSI.True Color.exe
(svchost.exe ->) (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Engine.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3377239759-541154609-1500097594-1001\...\Run: [MicrosoftEdgeAutoLaunch_B499006ED1855948ECBDB0DDFACE697F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063800 2024-03-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3377239759-541154609-1500097594-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe [70926368 2024-04-02] (Riot Games, Inc. -> Riot Games, Inc.)
HKU\S-1-5-21-3377239759-541154609-1500097594-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3377239759-541154609-1500097594-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45285792 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3377239759-541154609-1500097594-1001\...\Run: [Discord] => C:\Users\jirik\AppData\Local\Discord\Update.exe [1525024 2024-02-12] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3377239759-541154609-1500097594-1001\...\Run: [MasterPlus] => C:\Program Files (x86)\CoolerMaster\MasterPlus\MasterPlusApp.exe [22618624 2023-12-19] (Cooler Master) [File not signed]
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {4BA60D67-02CA-4721-AD67-553417E43C44} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-01-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {C6BA47AA-0700-4121-A82C-F4000E77E8F5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {3936C38D-B2EB-447E-BAFC-A2F9557EF321} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "105d195d-8a25-4227-913e-c9ffeb64450f" --version "6.22.10977" --silent
Task: {11FC50BA-6B9D-46D3-BF73-C811DD1A10FE} - System32\Tasks\CCleanerSkipUAC - jirik => C:\Program Files\CCleaner\CCleaner.exe [39024544 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {2F787C5A-E7A0-4A8D-A4CE-ED82CEC95078} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe [255040 2024-02-20] (Microsoft Corporation -> Microsoft)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {0EC8C527-E53F-4FC2-A3E2-C09BA569585A} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-01-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {0276CE21-DE88-44B8-95EF-A363BA6FF3F0} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3377239759-541154609-1500097594-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-04-03] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {C0EC4C21-DD28-4A17-B392-E7C51E698BFA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-04-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {AAB23C28-FFB4-4F2A-904A-80B9B3A16642} - System32\Tasks\MSI Task Host - LEDKeeper2_Host => C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LEDKeeper2.exe [2722920 2024-01-31] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
Task: {CA600459-A774-4354-ACAA-C3F84419284C} - System32\Tasks\Norton 360\Norton Security Autofix => C:\Program Files\Norton Security\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {088ED88E-E9BC-43F0-9A0E-8E56FD02F3D1} - System32\Tasks\Norton 360\Norton Security Error Analyzer => C:\Program Files\Norton Security\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {BC9B7B7F-3D24-434A-BB32-B6F9C41A7998} - System32\Tasks\Norton 360\Norton Security Error Processor => C:\Program Files\Norton Security\Engine\22.24.2.6\symerr.exe [379024 2024-03-04] (NortonLifeLock Inc. -> Gen Digital Inc.)
Task: {826AEB3D-518A-4C30-90CD-44A20FE9F702} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.24.2.6\WSCStub.exe [646520 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {18B94270-DA6C-48BD-9445-5E19851A8E6D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {215F9BE9-C497-46E4-8EC8-1A5C8248268C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {13BDEF13-BE5C-4126-A626-8672320D5488} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {B2064C5C-196E-4F47-ABE1-D6A400975197} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {076D3F07-316F-488C-BEEC-2348D8B7913D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A014B485-5198-4AC8-AFEC-727E9C2CB611} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CBE67A9E-0996-43F3-8817-D6B552982454} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C8E3911-F075-4E56-9425-BAE91C028F3C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4C9F3280-F6A6-4744-8EE1-FDDF38EA95E8} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {76A52ABD-B02F-469E-8110-62C5F2849FB1} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360 for Gamers\Upgrade.exe [2353000 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f7a48609-975a-4ade-9443-26d02de8b7e6}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{f7a48609-975a-4ade-9443-26d02de8b7e6}: [DhcpDomain] home
Edge:
=======
Edge Profile: C:\Users\jirik\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-04]
Edge Extension: (Dokumenty Google offline) - C:\Users\jirik\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-29]
Edge Extension: (Edge relevant text changes) - C:\Users\jirik\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-16]
FireFox:
========
FF DefaultProfile: l7oxojh6.default
FF ProfilePath: C:\Users\jirik\AppData\Roaming\Mozilla\Firefox\Profiles\l7oxojh6.default [2024-02-20]
FF ProfilePath: C:\Users\jirik\AppData\Roaming\Mozilla\Firefox\Profiles\ymie9ye0.default-release [2024-04-04]
FF DownloadDir: C:\Users\jirik\Desktop
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 amd3dvcacheSvc; C:\Windows\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_0b3c99dc64473f00\amd3dvcacheSvc.exe [154552 2022-12-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1081248 2024-03-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10994432 2024-03-08] (Logitech Inc -> Logitech, Inc.)
R2 LightKeeperService; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\LightKeeperService.exe [92768 2023-05-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 logi_lamparray_service; C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_d70af0bfe61df9f0\logi_lamparray_service.exe [9887832 2024-03-15] (Logitech Inc -> Logitech, Inc.)
R2 MPService; C:\Program Files (x86)\CoolerMaster\MasterPlus\MPService.exe [206848 2023-10-19] () [File not signed]
R2 MSI_Case_Service; C:\Program Files (x86)\MSI\MSI Center\Case\MSI_Case_Service.exe [73744 2023-10-30] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Center_Service; C:\Program Files (x86)\MSI\MSI Center\MSI_Central_Service.exe [149608 2024-01-05] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_Companion_Service; C:\Program Files (x86)\MSI\MSI Center\Game Highlights\MSI_Companion_Service.exe [140528 2022-05-09] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_Super_Charger_Service; C:\Program Files (x86)\MSI\MSI Center\Super Charger\MSI_Super_Charger_Service.exe [37104 2022-05-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_VoiceControl_Service; C:\Program Files (x86)\MSI\MSI Center\Voice Control\VoiceControl_Service.exe [36880 2023-04-27] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
S3 MsMpiLaunchSvc; C:\Program Files\Microsoft MPI\Bin\msmpilaunchsvc.exe [159512 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
R2 Mystic_Light_Service; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Mystic_Light_Service.exe [37616 2022-04-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.24.2.6\NortonSecurity.exe [344888 2024-03-04] (NortonLifeLock Inc. -> NortonLifelock Inc.)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.24.2.6\nsWscSvc.exe [1059176 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_493585427225c794\Display.NvContainer\NVDisplay.Container.exe [1275528 2024-02-08] (NVIDIA Corporation -> NVIDIA Corporation)
S3 VSInstallerElevationService; C:\Program Files (x86)\Microsoft Visual Studio\Installer\VSInstallerElevationService.exe [42456 2024-02-20] (Microsoft Corporation -> Microsoft)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [142304 2022-06-01] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [2909208 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [128376 2022-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amd3dvcache; C:\Windows\System32\DriverStore\FileRepository\amd3dvcache.inf_amd64_0b3c99dc64473f00\amd3dvcache.sys [40536 2022-12-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [36800 2023-09-28] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [36928 2022-09-15] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 amduw23g; C:\Windows\System32\DriverStore\FileRepository\u0399879.inf_amd64_85af875c6f6cd815\B399690\amdkmdag.sys [100084752 2024-01-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.23.6.5\Definitions\BASHDefs\20240403.001\BHDrvx64.sys [1706496 2024-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1618020.006\ccSetx64.sys [198288 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44576 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [527832 2024-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [159720 2024-02-20] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.23.6.5\Definitions\IPSDefs\20240403.064\IDSvia64.sys [1554432 2024-04-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 logi_joy_bus_enum; C:\Windows\system32\drivers\logi_joy_bus_enum.sys [44880 2024-02-21] (Logitech Inc -> Logitech)
S3 logi_joy_vir_hid; C:\Windows\system32\drivers\logi_joy_vir_hid.sys [32080 2024-02-21] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\Windows\system32\drivers\logi_joy_xlcore.sys [73040 2024-02-21] (Logitech Inc -> Logitech)
R3 logi_lamparray; C:\Windows\System32\DriverStore\FileRepository\logi_lamparray_usb.inf_amd64_d70af0bfe61df9f0\logi_lamparray.sys [89176 2024-03-15] (Logitech Inc -> Logitech, Inc.)
R1 MSIO; C:\Windows\system32\drivers\MsIo64.sys [19672 2023-12-11] (Microsoft Windows Hardware Compatibility Publisher -> MICSYS Technology Co., LTd)
R3 MTKBTFilterx64; C:\Windows\System32\drivers\mtkbtfilterx.sys [500336 2023-11-30] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\Windows\System32\drivers\mtkwl6ex.sys [1697504 2023-12-01] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\1618020.006\nsvst.sys [57120 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 NTIOLib_CC_Clock; C:\Program Files (x86)\MSI\MSI Center\Lib\NTIOLib_X64.sys [32488 2023-11-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_COMM; C:\Program Files (x86)\MSI\MSI Center\Lib\SYS\NTIOLib_X64.sys [32488 2023-11-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_CC_CPU; C:\Program Files (x86)\MSI\MSI Center\Super Charger\NTIOLib_X64.sys [32472 2023-11-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\MSI Center\Mystic Light\Lib\NTIOLib_X64.sys [32488 2023-11-20] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NvModuleTracker; C:\Windows\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 rtcx21; C:\Windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
R3 SRTSP; C:\Windows\System32\drivers\NGCx64\1618020.006\SRTSP64.SYS [960640 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1618020.006\SRTSPX64.SYS [52864 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1618020.006\SYMEFASI64.SYS [2180248 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1618020.006\SymELAM.sys [36016 2024-03-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100344 2024-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.23.6.5\SymPlatform\SymEvnt.sys [934912 2024-02-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1618020.006\Ironx64.SYS [306872 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1618020.006\symnets.sys [492720 2024-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [48536 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [438544 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [90384 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\CoolerMaster\MasterPlus\WinRing0x64.sys [14544 2023-08-14] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R1 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1618020.006\wpCtrlDrv.sys [1016792 2024-03-04] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S4 AmdTools64; \SystemRoot\System32\drivers\AmdTools64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-04-04 08:13 - 2024-04-04 08:13 - 000028412 _____ C:\Users\jirik\Desktop\FRST.txt
2024-04-04 08:12 - 2024-04-04 08:13 - 000000000 ____D C:\FRST
2024-04-04 08:05 - 2024-04-04 08:05 - 002393088 _____ (Farbar) C:\Users\jirik\Desktop\FRST64.exe
2024-04-04 07:08 - 2024-04-04 07:08 - 000000000 ____D C:\Windows\system32\Tasks\Remediation
2024-04-04 06:35 - 2024-04-04 06:35 - 000000000 ___HD C:\OneDriveTemp
2024-04-03 20:53 - 2024-04-03 21:49 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-04-03 06:53 - 2024-04-03 20:53 - 000000000 ____D C:\Windows\system32\Tasks\Norton 360
2024-04-03 06:53 - 2024-04-03 06:53 - 000003374 _____ C:\Windows\system32\Tasks\Norton WSC Integration
2024-04-03 06:53 - 2024-04-03 06:53 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2024-04-01 12:34 - 2024-04-01 12:34 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Microsoft\Word
2024-04-01 12:34 - 2024-04-01 12:34 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Microsoft\UProof
2024-04-01 12:34 - 2024-04-01 12:34 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Microsoft\Šablony
2024-04-01 12:34 - 2024-04-01 12:34 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Microsoft\Proof
2024-04-01 12:34 - 2024-04-01 12:34 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Microsoft\Document Building Blocks
2024-04-01 09:13 - 2024-04-01 09:13 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-04-01 09:13 - 2024-04-01 09:13 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-04-01 08:38 - 2024-04-01 08:47 - 000007604 _____ C:\Users\jirik\AppData\Local\resmon.resmoncfg
2024-03-28 20:41 - 2024-04-01 12:34 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Microsoft\Office
2024-03-28 20:41 - 2024-03-28 20:41 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Microsoft\Excel
2024-03-28 20:41 - 2024-03-28 20:41 - 000000000 ____D C:\Users\jirik\AppData\Roaming\Microsoft\Doplňky
2024-03-15 09:58 - 2024-03-15 09:58 - 000000856 _____ C:\Users\Public\Desktop\Logitech G HUB.lnk
2024-03-15 09:58 - 2024-03-15 09:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logi
2024-03-15 09:58 - 2024-03-15 09:58 - 000000000 ____D C:\Program Files\LGHUB
2024-03-14 09:05 - 2024-03-14 09:05 - 000000000 ____D C:\ProgramData\Piriform
2024-03-13 17:23 - 2024-03-13 17:23 - 000020023 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 17:23 - 2024-03-13 17:23 - 000020023 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 17:21 - 2024-03-13 17:22 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2024-04-04 08:06 - 2024-02-21 08:14 - 000000000 ____D C:\Users\jirik\AppData\Local\Norton
2024-04-04 08:05 - 2024-02-20 17:14 - 000000000 ____D C:\Program Files (x86)\Steam
2024-04-04 08:01 - 2024-02-20 16:38 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-04-04 08:00 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-04 06:56 - 2022-05-07 06:38 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-04-04 06:55 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-04 06:55 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\AppReadiness
2024-04-04 06:36 - 2024-02-16 13:59 - 000003090 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2024-04-04 06:36 - 2022-05-07 06:38 - 000003640 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-04 06:36 - 2022-05-07 06:38 - 000003516 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-04 06:35 - 2024-02-20 17:26 - 000000000 ____D C:\Program Files\CCleaner
2024-04-04 06:35 - 2024-02-20 16:34 - 000000000 ____D C:\ProgramData\NVIDIA
2024-04-04 06:35 - 2024-02-16 13:53 - 000000000 ___RD C:\Users\jirik\OneDrive
2024-04-04 06:35 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemTemp
2024-04-03 22:55 - 2024-02-20 19:33 - 000000000 ____D C:\Users\jirik\AppData\Roaming\discord
2024-04-03 22:55 - 2024-02-20 19:33 - 000000000 ____D C:\Users\jirik\AppData\Local\Discord
2024-04-03 21:50 - 2024-02-23 22:12 - 000000000 ____D C:\Users\jirik\AppData\Roaming\riot-client-ux
2024-04-03 21:50 - 2024-02-20 16:58 - 000000000 ____D C:\ProgramData\Riot Games
2024-04-03 21:49 - 2024-02-20 16:38 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-04-03 21:49 - 2024-02-20 16:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-04-03 18:37 - 2024-02-16 13:55 - 000000000 ____D C:\Users\jirik\AppData\Local\D3DSCache
2024-04-03 08:59 - 2024-02-20 16:53 - 000000000 ____D C:\Program Files\Common Files\AV
2024-04-03 08:47 - 2024-02-16 13:53 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3377239759-541154609-1500097594-1001
2024-04-03 08:47 - 2024-02-16 13:53 - 000003358 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3377239759-541154609-1500097594-1001
2024-04-03 08:47 - 2024-02-16 13:53 - 000002377 _____ C:\Users\jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-03 06:56 - 2024-02-16 13:52 - 000000000 ____D C:\Users\jirik\AppData\Local\Packages
2024-04-03 06:56 - 2022-05-07 06:40 - 000000000 ____D C:\ProgramData\Packages
2024-04-03 06:53 - 2024-02-16 14:01 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2024-04-02 22:48 - 2024-02-20 19:33 - 000002227 _____ C:\Users\jirik\Desktop\Discord.lnk
2024-04-02 06:30 - 2024-02-16 14:01 - 000008192 _____ C:\Windows\system32\Drivers\mtkRunTimeDataWdi.bin
2024-04-01 09:13 - 2024-02-16 13:30 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-04-01 09:13 - 2022-05-07 07:22 - 000000000 ____D C:\Windows\INF
2024-04-01 09:04 - 2024-02-20 17:26 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-04-01 09:04 - 2022-05-07 07:17 - 000032768 _____ C:\Windows\system32\config\ELAM
2024-04-01 09:04 - 2022-05-07 06:39 - 000001623 _____ C:\Windows\system32\config\VSMIDK
2024-04-01 09:04 - 2022-05-07 06:38 - 000012288 ___SH C:\DumpStack.log.tmp
2024-04-01 09:04 - 2022-05-07 06:38 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-04-01 09:03 - 2022-05-07 07:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-04-01 08:48 - 2024-02-22 17:08 - 000000000 ____D C:\Users\jirik\AppData\Roaming\TS3Client
2024-04-01 08:47 - 2024-02-20 16:27 - 000000000 ____D C:\Users\jirik\AppData\Local\CrashDumps
2024-04-01 08:47 - 2022-05-07 07:37 - 000000000 ____D C:\Windows\Panther
2024-03-29 17:53 - 2022-05-07 06:38 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-28 08:12 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\SecurityHealth
2024-03-23 22:34 - 2024-02-20 17:22 - 000000000 ____D C:\Users\jirik\AppData\Local\.IdentityService
2024-03-21 22:30 - 2024-02-21 17:04 - 000001231 _____ C:\Users\Public\Desktop\PotPlayer.lnk
2024-03-15 23:24 - 2024-02-21 16:44 - 000000000 ____D C:\Users\jirik\AppData\Local\LGHUB
2024-03-15 09:58 - 2024-02-21 16:45 - 000000000 ____D C:\Users\jirik\AppData\Roaming\G HUB
2024-03-14 09:05 - 2024-02-20 17:26 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-03-14 09:05 - 2024-02-20 17:26 - 000003380 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-03-13 23:17 - 2022-05-07 06:38 - 000491624 _____ C:\Windows\system32\FNTCACHE.DAT
2024-03-13 23:16 - 2023-10-01 09:01 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-03-13 23:16 - 2022-05-07 07:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-03-13 23:16 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-03-13 23:16 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\SystemResources
2024-03-13 23:16 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\oobe
2024-03-13 23:16 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-03-13 23:16 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-03-13 23:16 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\ShellComponents
2024-03-13 23:16 - 2022-05-07 07:24 - 000000000 ____D C:\Windows\bcastdvr
2024-03-13 23:16 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\servicing
2024-03-13 17:25 - 2024-02-20 18:15 - 190470136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-03-13 17:25 - 2024-02-20 18:15 - 000000000 ____D C:\Windows\system32\MRT
2024-03-13 17:25 - 2022-05-07 07:17 - 000000000 ____D C:\Windows\CbsTemp
2024-03-13 17:23 - 2022-05-07 06:41 - 003213824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-03-11 13:10 - 2024-02-21 17:04 - 000000000 ____D C:\Users\jirik\AppData\Roaming\PotPlayerMini
2024-03-10 20:08 - 2024-02-20 17:23 - 000000000 ____D C:\Users\jirik\Documents\Visual Studio 2022
==================== Files in the root of some directories ========
2024-04-01 08:38 - 2024-04-01 08:47 - 000007604 _____ () C:\Users\jirik\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Zvyšená konsumace paměti - memory usage
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zvyšená konsumace paměti - memory usage
- Přílohy
-
- Addition.zip
- (15.77 KiB) Staženo 8 x
-
Rudy
- Site Admin
- Příspěvky: 118289
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zvyšená konsumace paměti - memory usage
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zvyšená konsumace paměti - memory usage
Zde zasílám log z AdwCleaner:
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-04-2024
# Duration: 00:00:00
# OS: Windows 11 (Build 22631.3296)
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1420 octets] - [04/04/2024 10:28:36]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-04-2024
# Duration: 00:00:00
# OS: Windows 11 (Build 22631.3296)
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1420 octets] - [04/04/2024 10:28:36]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118289
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zvyšená konsumace paměti - memory usage
Toto je OK.
Otevřte poznámkový blok a zkopírujte do něj:
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
R3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44576 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
C:\DumpStack.log.tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zvyšená konsumace paměti - memory usage
Mockrát děkuji.
Zde je výsledný log
Fix result of Farbar Recovery Scan Tool (x64) Version: 05.04.2024
Ran by jirik (05-04-2024 20:19:36) Run:1
Running from C:\Users\jirik\Desktop
Loaded Profiles: jirik
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
R3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44576 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
C:\DumpStack.log.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
cpuz158 => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\cpuz158 => removed successfully
cpuz158 => service removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61098083 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 531545143 B
Windows/system/drivers => 83465 B
Edge => 0 B
Firefox => 765809076 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 14406 B
NetworkService => 14406 B
jirik => 1575169722 B
MSSQLLaunchpad$TESTINSTANCE1 => 1575169722 B
MSSQLFDLauncher$TESTINSTANCE1 => 1575169722 B
MSSQL$TESTINSTANCE1 => 1575169722 B
SQLTELEMETRY$TESTINSTANCE1 => 1575169722 B
RecycleBin => 0 B
EmptyTemp: => 8.6 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-04-2024 20:21:01)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 20:21:01 ====
Zde je výsledný log
Fix result of Farbar Recovery Scan Tool (x64) Version: 05.04.2024
Ran by jirik (05-04-2024 20:19:36) Run:1
Running from C:\Users\jirik\Desktop
Loaded Profiles: jirik
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
R3 cpuz158; C:\Windows\temp\cpuz158\cpuz158_x64.sys [44576 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> CPUID) <==== ATTENTION
C:\DumpStack.log.tmp
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiSpyware"="0" => value restored successfully
HKLM\SOFTWARE\Microsoft\Windows Defender\\"DisableAntiVirus"="0" => value restored successfully
cpuz158 => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\cpuz158 => removed successfully
cpuz158 => service removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 1310720 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 61098083 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 531545143 B
Windows/system/drivers => 83465 B
Edge => 0 B
Firefox => 765809076 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 14406 B
NetworkService => 14406 B
jirik => 1575169722 B
MSSQLLaunchpad$TESTINSTANCE1 => 1575169722 B
MSSQLFDLauncher$TESTINSTANCE1 => 1575169722 B
MSSQL$TESTINSTANCE1 => 1575169722 B
SQLTELEMETRY$TESTINSTANCE1 => 1575169722 B
RecycleBin => 0 B
EmptyTemp: => 8.6 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 05-04-2024 20:21:01)
C:\DumpStack.log.tmp => Could not move
==== End of Fixlog 20:21:01 ====
-
Rudy
- Site Admin
- Příspěvky: 118289
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zvyšená konsumace paměti - memory usage
Bylo smazáno. Snížil se nárok systému na paměť?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zvyšená konsumace paměti - memory usage
Zdravím,
ano, konzumace memory je snížená, ale ono to právě vždy rostlo v průběhu času i když denním vypínání PC. Tak doufám, že to už bude dobré. Mockrát děkuji za váš čas a pomoc
ano, konzumace memory je snížená, ale ono to právě vždy rostlo v průběhu času i když denním vypínání PC. Tak doufám, že to už bude dobré. Mockrát děkuji za váš čas a pomoc
-
Rudy
- Site Admin
- Příspěvky: 118289
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Zvyšená konsumace paměti - memory usage
Nemáte zač! V případě potřeby se ozvěte a já vám tento topic otevřu.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Zvyšená konsumace paměti - memory usage
Ahoj,
na tohle pozor. Od Win8/10 restart != vypnuti a zapnuti. Muze za to fce Fast Startup
https://learn.microsoft.com/en-us/answe ... windows-10
Shutdown: In older versions of Windows, Restart and Shut Down did the same thing, closing down programs and powering off the machine. But this is changed since windows 8 and 10,with the new feature named Fast Startup, which is designed to eliminate what used to be that irritatingly long process of getting your PC up and running.
By default, Windows 10 enables the Fast Startup option when a user clicks Shut Down, and it allows Windows 10 to start up faster the next time a user starts Windows.
Restart: it will shut down all of the computer's processes, including the kernel and as a result, users could get a totally clean start when the computer boots up again, though it takes longer to get everything running.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?