Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomalý počítač, zřejmě zavirovaný

Moderátor: Moderátoři

Pravidla fóra
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní: http://forum.viry.cz/viewtopic.php?f=12&t=123975 . Děkujeme za pochopení.
Zpráva
Autor
danek
Návštěvník
Návštěvník
Příspěvky: 242
Registrován: 29 zář 2014 22:07

Pomalý počítač, zřejmě zavirovaný

#1 Příspěvek od danek »

Dobrý den,

zřejmě zavirovaný počítač. Hrozně pomalu běží, občas modrá smrt. Prosím o kontrolu logu a jestli by šlo nějak odvirovat. Děkuji.

Vkládám log z FRST a Addition:

FRST:


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\BridgeCommunication.exe
(DriverStore\FileRepository\u0356148.inf_amd64_49a476cb3d4116cb\B355990\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0356148.inf_amd64_49a476cb3d4116cb\B355990\atieclxx.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <3>
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe <3>
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe <4>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <27>
(explorer.exe ->) (rocksdanister) C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.106.0_x86__97hta09mmv6hy\Build\Lively.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0356148.inf_amd64_49a476cb3d4116cb\B355990\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_847b260ab5f9550b\x64\OmenCap\OmenCap.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_6150805b5347553f\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\danma\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [971256 2019-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [3894552 2022-01-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [4336920 2022-01-21] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-94710539-3080292790-338919356-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-15] (HP Inc.) [File not signed]
HKU\S-1-5-21-94710539-3080292790-338919356-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33618400 2021-12-21] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-94710539-3080292790-338919356-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software) [File not signed]
HKU\S-1-5-21-94710539-3080292790-338919356-1001\...\Run: [Discord] => C:\Users\danma\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-94710539-3080292790-338919356-1003\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-15] (HP Inc.) [File not signed]
HKU\S-1-5-21-94710539-3080292790-338919356-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Filip\AppData\Local\Microsoft\Teams\Update.exe [2339472 2020-05-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-94710539-3080292790-338919356-1003\...\Run: [AvastBrowserAutoLaunch_A8AA2AE63066897F290B137CDE2B196A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2740968 2022-02-23] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-94710539-3080292790-338919356-1004\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-15] (HP Inc.) [File not signed]
HKU\S-1-5-21-94710539-3080292790-338919356-1004\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Iva\AppData\Local\Microsoft\Teams\Update.exe [2342544 2020-05-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.74\Installer\chrmstp.exe [2022-03-17] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\98.1.14514.103\Installer\chrmstp.exe [2022-03-13] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2022-03-02]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {127ED442-FCDD-48BC-AA0B-CE08B52BCE2B} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {17636BA2-D6EF-493C-81F4-5195485D3483} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1B80B2A3-EB67-4B0C-B792-F5B2F2BCB105} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6475544 2022-01-18] (Avast Software s.r.o. -> Avast Software)
Task: {1CBAAB18-A9CE-4999-B769-125D0601D2CF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23ED4BAF-B1F3-4C3C-9CE8-073BD8AE8C98} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4688664 2022-03-01] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid c50845c9-e411-460d-9e73-21324fa09043
Task: {27084BF7-3932-4BED-94C3-00A66E0E279D} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {3AF5AFA1-F230-4807-8ABA-64B6E8058086} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {3E67824E-8265-4CFE-A53B-F2EE33994E8B} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6592792 2022-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {3EA423D3-183C-4763-8995-B4D7BD636692} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-04] (Google LLC -> Google LLC)
Task: {411878F7-D93F-4AA0-BA6B-DCF2A7C3BE03} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4909BDAF-621B-4A5F-9EE2-01F177F53EB3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {520A771D-5D52-4766-AEAE-311F97E4A40C} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\danma\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\esetonlinescanner (1).exe SCHED (No File)
Task: {553959D8-1CA3-4E4B-9966-B5C9441CD429} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3787304 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {59A5BEE2-6910-40B0-B9E8-DCC50F079772} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {5B996D61-55FC-4942-AAF7-C9054E3FFF5A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {61A07A8C-BB6E-4ADB-B09B-527B84C3E8A0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {64AD67D3-B697-4CB4-86F4-1D437F2D5FD1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2740968 2022-02-23] (Avast Software s.r.o. -> AVAST Software)
Task: {68DE41CD-B1BE-4188-A7C3-1FAAEF712335} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4760344 2022-01-24] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid df30ce54-4e12-46b1-95de-1ce0664c00b0
Task: {70AD4F03-DF23-4AEF-97B8-15E12F3390D9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7D0245A9-7333-4F88-8301-14DB5818084A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DB3D4D6-97BB-4E81-9576-9D01CD520060} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2740968 2022-02-23] (Avast Software s.r.o. -> AVAST Software)
Task: {80C5825C-3EDA-4AB4-90EC-C89134901B59} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83DF4A89-58E5-45AB-88AF-5703BC20B81B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {881402C5-011B-4BAE-9BDC-764F84223F98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d71f73fb3a559a" /ENABLE
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\OneDrive Reporting Task-S-1-5-21-94710539-3080292790-338919356-1001" /ENABLE
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-94710539-3080292790-338919356-1001" /ENABLE
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {96B0081D-B5A5-4685-A7FE-B034D132EBA1} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1227032 2022-03-01] (Avast Software s.r.o. -> AVAST Software)
Task: {96C96B87-EF9C-47B2-AF75-A79EE72B30A1} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4992792 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
Task: {98E7BDF0-02AF-46FD-8CD6-3C67A287E8B4} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [6475544 2022-01-18] (Avast Software s.r.o. -> Avast Software)
Task: {9B390EB2-47DB-44AE-A366-B77037B7FEB8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A018913F-DFE4-4713-943A-EF441F310875} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB3CEC82-53DC-4A38-8B81-D941EF4A1F11} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-04] (Google LLC -> Google LLC)
Task: {B2DE8F1B-C60C-4CDB-85E0-0F3B0CA7E77B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9C01866-478F-430A-852F-18172319674A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA1F8C14-C7D0-4734-A5CD-880435945D72} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4760344 2022-01-21] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 0f2d6998-6189-4b1d-864b-202bce3a488f
Task: {C63DF98C-A5DB-40E3-9327-CDB9C81DB966} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\danma\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\esetonlinescanner (1).exe LOGON (No File)
Task: {D6314D78-F71B-4532-87F7-7AFE44865F12} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D82C2509-CF7F-4D7E-8846-158547824C05} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2296088 2022-03-13] (Avast Software s.r.o. -> Avast Software)
Task: {E87E48BB-0C72-4D62-BA00-1E2068FCB03A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60096 2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {EE517D8F-D765-4562-A2DE-EEEBD1F88EFB} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68288 2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b02a34a8-8c43-47bc-b336-3b3905abdbf3}: [DhcpNameServer] 192.168.11.254 79.98.72.27 79.98.72.2
Tcpip\..\Interfaces\{f6252536-8c17-4988-88bc-86dd42be4d53}: [NameServer] 100.120.122.1
Tcpip\..\Interfaces\{f9e65c66-bf8a-4f6a-8001-d331cd5f4410}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fb134840-c17b-4777-9936-65a85467dd2e}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\danma\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-15]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Users\danma\Downloads\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Users\danma\Downloads\VLC\npvlc.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default [2022-03-20]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (Slides) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-04]
CHR Extension: (Docs) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-04]
CHR Extension: (Google Drive) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-04]
CHR Extension: (Sheets) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-04]
CHR Extension: (Google Docs Offline) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2022-03-17]
CHR Extension: (Gmail) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\danma\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-20]
CHR Profile: C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-03-02]
CHR Extension: (Slides) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-21]
CHR Extension: (Docs) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-21]
CHR Extension: (Google Drive) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-21]
CHR Extension: (YouTube) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-21]
CHR Extension: (Sheets) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-21]
CHR Extension: (Google Docs Offline) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-21]
CHR Extension: (Gmail) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-21]
CHR Profile: C:\Users\danma\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8482384 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [563992 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1874200 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [563992 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\98.1.14514.103\elevation_service.exe [1893872 2022-02-23] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-19] (BattlEye Innovations e.K. -> )
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [13738776 2022-01-24] (Avast Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [7207192 2022-01-21] (Avast Software s.r.o. -> AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811120 2020-06-15] (EasyAntiCheat Oy -> Epic Games, Inc)
S4 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\AppHelperCap.exe [762920 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\DiagsCap.exe [759800 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\NetworkCap.exe [756736 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_847b260ab5f9550b\x64\OmenCap\OmenCap.exe [690168 2021-10-21] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-13] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\SysInfoCap.exe [760304 2022-01-19] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-21] (HP Inc. -> HP Inc.)
S3 mracsvc; C:\windows\System32\mracsvc.exe [20034712 2020-04-22] (Mail.Ru LLC -> LLC Mail.Ru)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9608984 2022-03-01] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_6150805b5347553f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_6150805b5347553f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2019-05-22] (Alcorlink Corp. -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [226328 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [368664 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [251928 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267904 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [545784 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108888 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [854272 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [550376 2022-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2020-10-22] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317696 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59008 2022-01-31] (Avast Software s.r.o. -> Avast Software)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
S0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2019-05-03] (HP Inc. -> HP Inc.)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [19266680 2020-04-22] (Mail.Ru LLC -> LLC Mail.Ru)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2018-09-04] (Realtek Semiconductor Corp. -> Realtek)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_e84845c70c38fbe7\x64\ViGEmBus.sys [74648 2018-08-01] (HP Inc. -> Benjamin Höglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-25] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-20 12:00 - 2022-03-20 12:00 - 000035796 _____ C:\Users\danma\Desktop\FRST.txt
2022-03-20 12:00 - 2022-03-20 12:00 - 000000000 ____D C:\FRST
2022-03-20 11:59 - 2022-03-20 11:59 - 002364928 _____ (Farbar) C:\Users\danma\Desktop\FRST64.exe
2022-03-20 11:54 - 2022-02-19 14:43 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-03-19 08:32 - 2022-03-19 08:32 - 001861660 _____ C:\WINDOWS\Minidump\031922-26921-01.dmp
2022-03-18 18:48 - 2022-03-18 18:48 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-18 18:48 - 2022-03-18 18:48 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-18 18:48 - 2022-03-18 18:48 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-18 18:48 - 2022-03-18 18:48 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-18 18:47 - 2022-03-18 18:47 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-18 18:38 - 2022-03-18 18:38 - 000000000 ___HD C:\$WinREAgent
2022-03-17 22:36 - 2022-03-17 22:36 - 000000000 ____D C:\Users\danma\Desktop\ddd
2022-03-15 17:35 - 2022-03-19 08:32 - 1238242114 _____ C:\WINDOWS\MEMORY.DMP
2022-03-15 17:35 - 2022-03-15 17:36 - 001334748 _____ C:\WINDOWS\Minidump\031522-12593-01.dmp
2022-03-14 21:40 - 2022-03-19 08:34 - 000540944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-04 11:20 - 2022-03-04 11:20 - 000000000 ____D C:\Users\Filip\AppData\Local\NVIDIA
2022-03-01 21:53 - 2022-03-01 21:53 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-03-01 21:52 - 2021-11-04 22:00 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-03-01 21:52 - 2021-11-04 22:00 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-03-01 21:52 - 2021-11-04 22:00 - 001474688 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-03-01 21:52 - 2021-11-04 22:00 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-03-01 21:52 - 2021-11-04 22:00 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-03-01 21:52 - 2021-11-04 22:00 - 001212544 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-03-01 21:52 - 2021-11-04 22:00 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-03-01 21:52 - 2021-11-04 22:00 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-03-01 21:52 - 2021-11-04 22:00 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-03-01 21:52 - 2021-11-04 22:00 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 037519480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2022-03-01 21:52 - 2021-11-04 21:56 - 001520760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 001171056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 000716920 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 000706192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-03-01 21:52 - 2021-11-04 21:56 - 000676472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 000645248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 000577144 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 000564344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 000046280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-03-01 21:52 - 2021-11-04 21:55 - 002112144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-03-01 21:52 - 2021-11-04 21:55 - 001595512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-03-01 21:52 - 2021-11-04 21:55 - 000919152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-03-01 21:52 - 2021-11-04 21:55 - 000750200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-03-01 21:52 - 2021-11-04 21:55 - 000447096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-03-01 21:52 - 2021-11-04 21:54 - 008854128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-03-01 21:52 - 2021-11-04 21:54 - 007920760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-03-01 21:52 - 2021-11-04 21:54 - 005681264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-03-01 21:52 - 2021-11-04 21:54 - 004987520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-03-01 21:52 - 2021-11-04 21:54 - 002925680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-03-01 21:52 - 2021-11-04 21:53 - 000849024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-03-01 21:52 - 2021-11-04 21:52 - 006216320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-03-01 21:52 - 2021-11-04 21:05 - 000083197 _____ C:\WINDOWS\system32\nvinfo.pb
2022-02-22 18:23 - 2022-02-22 18:23 - 000000000 ____D C:\Users\Filip\AppData\LocalLow\AMD
2022-02-21 18:11 - 2022-02-21 18:11 - 000002435 _____ C:\Users\danma\Desktop\Filip - Chrome.lnk
2022-02-19 14:43 - 2022-02-19 14:43 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-20 12:00 - 2021-03-23 00:30 - 000000000 ____D C:\Users\Filip
2022-03-20 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-20 11:58 - 2021-03-23 00:38 - 002724114 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-20 11:58 - 2021-03-22 23:52 - 000732586 _____ C:\WINDOWS\system32\perfh007.dat
2022-03-20 11:58 - 2021-03-22 23:52 - 000149986 _____ C:\WINDOWS\system32\perfc007.dat
2022-03-20 11:58 - 2019-12-07 15:41 - 000752106 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-20 11:58 - 2019-12-07 15:41 - 000162644 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-20 11:58 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-20 11:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-03-20 11:55 - 2020-05-04 09:57 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-20 11:54 - 2021-03-23 00:38 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-03-20 11:54 - 2021-03-23 00:30 - 000000000 ____D C:\Users\danma
2022-03-20 11:54 - 2020-10-22 15:37 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2022-03-20 11:54 - 2020-10-22 15:37 - 000002083 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2022-03-20 11:54 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-03-20 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-20 11:53 - 2021-03-23 00:38 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2022-03-20 11:53 - 2021-03-23 00:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-20 11:53 - 2021-03-23 00:29 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-20 11:53 - 2021-03-23 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-20 11:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-20 11:53 - 2019-11-13 20:45 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-20 11:36 - 2020-06-18 10:42 - 000000000 ____D C:\Users\danma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-20 11:36 - 2020-06-18 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-20 11:36 - 2020-06-18 10:42 - 000000000 ____D C:\Program Files\WinRAR
2022-03-20 00:21 - 2021-01-10 10:22 - 000000000 ____D C:\Users\danma\.junique
2022-03-20 00:19 - 2021-01-10 10:23 - 000000000 ____D C:\Users\danma\AppData\Local\JxBrowser
2022-03-20 00:19 - 2020-04-01 11:40 - 000000000 ____D C:\Users\danma\AppData\Local\D3DSCache
2022-03-19 08:33 - 2021-03-27 08:21 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-19 08:33 - 2019-12-07 10:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2022-03-19 08:33 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-19 08:30 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-19 08:29 - 2020-08-24 10:12 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-18 18:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-18 18:47 - 2021-03-23 00:30 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-18 18:39 - 2020-04-01 11:40 - 000000000 ____D C:\Users\danma\AppData\Local\Packages
2022-03-17 21:18 - 2020-04-22 11:20 - 000000000 ____D C:\Users\danma\Desktop\zkratky
2022-03-17 21:13 - 2020-09-30 19:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-17 21:13 - 2020-04-02 23:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-17 21:02 - 2020-05-04 09:57 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-17 21:02 - 2020-05-04 09:57 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-17 21:02 - 2020-04-02 23:04 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-15 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-15 16:59 - 2021-03-23 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-03-13 08:33 - 2021-12-26 23:01 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-94710539-3080292790-338919356-1001
2022-03-13 08:33 - 2021-12-26 23:01 - 000002380 _____ C:\Users\danma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-13 08:33 - 2021-03-23 00:38 - 000003352 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-94710539-3080292790-338919356-1001
2022-03-13 08:31 - 2020-07-25 16:30 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-03-13 08:31 - 2020-07-25 16:30 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2022-03-13 08:30 - 2021-04-13 07:59 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71f73fb3a559a
2022-03-13 08:30 - 2021-03-23 00:38 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-04 11:24 - 2020-05-14 07:13 - 000000000 ____D C:\Users\Filip\AppData\Local\SquirrelTemp
2022-03-04 11:20 - 2020-04-01 18:51 - 000000000 ____D C:\Users\Filip\AppData\Local\D3DSCache
2022-03-03 23:21 - 2020-07-25 16:24 - 000000000 ____D C:\ProgramData\Avast Software
2022-03-03 15:51 - 2020-07-25 16:25 - 000550376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-03-02 18:35 - 2020-05-04 12:34 - 000000000 ____D C:\Users\danma\AppData\Local\NVIDIA
2022-03-01 21:53 - 2019-11-13 20:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-03-01 21:53 - 2019-11-13 20:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-03-01 21:40 - 2020-07-25 16:39 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2022-02-24 17:48 - 2020-04-04 17:50 - 000000000 ____D C:\Users\danma\AppData\Local\CrashDumps
2022-02-22 22:26 - 2021-05-15 17:42 - 000000000 ____D C:\Users\Filip\AppData\Local\AVAST Software
2022-02-22 21:37 - 2020-04-01 18:55 - 000000000 ____D C:\Users\Filip\AppData\Local\Publishers
2022-02-22 21:36 - 2021-03-23 00:38 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-22 21:36 - 2021-03-23 00:38 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-22 21:36 - 2021-03-22 23:54 - 000000000 ____D C:\WINDOWS\HoloShell
2022-02-22 21:36 - 2020-04-01 18:51 - 000000000 ____D C:\Users\Filip\AppData\Local\Packages
2022-02-22 21:36 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-02-22 18:23 - 2021-05-15 17:42 - 000002349 _____ C:\Users\Filip\Desktop\Microsoft Edge.lnk
2022-02-21 18:55 - 2021-03-23 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-02-19 14:43 - 2020-10-22 07:55 - 000267904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000854272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000545784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000368664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000317696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000251928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000226328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Addition:


==================== Memory info ===========================

BIOS: AMI F.10 08/25/2020
Motherboard: HP 86D4
Processor: AMD Ryzen 5 3550H with Radeon Vega Mobile Gfx
Percentage of memory in use: 71%
Total physical RAM: 6021.12 MB
Available physical RAM: 1693.98 MB
Total Virtual: 10373.12 MB
Available Virtual: 4506.18 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:476.18 GB) (Free:153.08 GB) NTFS

\\?\Volume{2c61ec34-ecd4-405d-a859-e268d7e6829c}\ () (Fixed) (Total:0.48 GB) (Free:0.05 GB) NTFS
\\?\Volume{9423534e-590c-411c-8082-771b3ffc6d65}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 0B9FA620)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalý počítač, zřejmě zavirovaný

#2 Příspěvek od Rudy »

Zdravím!
Odvirovat můžeme, ale ta BSOD může znamenat i hw problém. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

danek
Návštěvník
Návštěvník
Příspěvky: 242
Registrován: 29 zář 2014 22:07

Re: Pomalý počítač, zřejmě zavirovaný

#3 Příspěvek od danek »

Dobrý den,

díky. Ptalo se to na nějaký předinstalovaný software, jestli ho dát do karantény, tak jsem dal ano, ale možná je to jenom předinstalovaný software od HP...

Log je zde:

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 03-20-2022
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 22
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\dotomi.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\dotomi.com

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPAudioSwitch Folder C:\Program Files (x86)\HP\HPAUDIOSWITCH
Deleted Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{27084BF7-3932-4BED-94C3-00A66E0E279D}
Deleted Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch
Deleted Preinstalled.HPAudioSwitch Task C:\Windows\System32\Tasks\HPAUDIOSWITCH
Deleted Preinstalled.HPCleanFLC Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|HPSEU_Host_Launcher
Deleted Preinstalled.HPCleanFLC Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Run|HPSEU_Host_Launcher
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\Iva\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\danma\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Deleted Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4146 octets] - [20/03/2022 17:15:25]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalý počítač, zřejmě zavirovaný

#4 Příspěvek od Rudy »

OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

danek
Návštěvník
Návštěvník
Příspěvky: 242
Registrován: 29 zář 2014 22:07

Re: Pomalý počítač, zřejmě zavirovaný

#5 Příspěvek od danek »

Tady jsou:
FRST:
==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\BridgeCommunication.exe
(DriverStore\FileRepository\u0356148.inf_amd64_49a476cb3d4116cb\B355990\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0356148.inf_amd64_49a476cb3d4116cb\B355990\atieclxx.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <3>
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe <3>
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe <4>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <27>
(explorer.exe ->) (rocksdanister) C:\Program Files\WindowsApps\12030rocksdanister.LivelyWallpaper_1.0.106.0_x86__97hta09mmv6hy\Build\Lively.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0356148.inf_amd64_49a476cb3d4116cb\B355990\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_847b260ab5f9550b\x64\OmenCap\OmenCap.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_6150805b5347553f\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\danma\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [971256 2019-09-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [157464 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [3894552 2022-01-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [DriverUpdUI.exe] => C:\Program Files\Avast Software\Driver Updater\DriverUpdUI.exe [4336920 2022-01-21] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-94710539-3080292790-338919356-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-15] (HP Inc.) [File not signed]
HKU\S-1-5-21-94710539-3080292790-338919356-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33618400 2021-12-21] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-94710539-3080292790-338919356-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software) [File not signed]
HKU\S-1-5-21-94710539-3080292790-338919356-1001\...\Run: [Discord] => C:\Users\danma\AppData\Local\Discord\Update.exe [1512104 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-94710539-3080292790-338919356-1003\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-15] (HP Inc.) [File not signed]
HKU\S-1-5-21-94710539-3080292790-338919356-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Filip\AppData\Local\Microsoft\Teams\Update.exe [2339472 2020-05-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-94710539-3080292790-338919356-1003\...\Run: [AvastBrowserAutoLaunch_A8AA2AE63066897F290B137CDE2B196A] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2740968 2022-02-23] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-94710539-3080292790-338919356-1004\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-15] (HP Inc.) [File not signed]
HKU\S-1-5-21-94710539-3080292790-338919356-1004\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Iva\AppData\Local\Microsoft\Teams\Update.exe [2342544 2020-05-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.74\Installer\chrmstp.exe [2022-03-17] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\98.1.14514.103\Installer\chrmstp.exe [2022-03-13] (Avast Software s.r.o. -> AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2022-03-02]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\Avast Software\SecureLine VPN\Vpn.exe (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {127ED442-FCDD-48BC-AA0B-CE08B52BCE2B} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {17636BA2-D6EF-493C-81F4-5195485D3483} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1B80B2A3-EB67-4B0C-B792-F5B2F2BCB105} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [6475544 2022-01-18] (Avast Software s.r.o. -> Avast Software)
Task: {1CBAAB18-A9CE-4999-B769-125D0601D2CF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {23ED4BAF-B1F3-4C3C-9CE8-073BD8AE8C98} - System32\Tasks\Avast Software\Avast SecureLine VPN Bug Report => C:\Program Files\Avast Software\SecureLine VPN\AvBugReport.exe [4688664 2022-03-01] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 11 --programpath "C:\Program Files\Avast Software\SecureLine VPN" --configpath "C:\ProgramData\Avast Software\SecureLine VPN" --path "C:\ProgramData\Avast Software\SecureLine VPN\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --logpath "C:\ProgramData\Avast Software\SecureLine VPN\log" --guid c50845c9-e411-460d-9e73-21324fa09043
Task: {27084BF7-3932-4BED-94C3-00A66E0E279D} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {3AF5AFA1-F230-4807-8ABA-64B6E8058086} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {3E67824E-8265-4CFE-A53B-F2EE33994E8B} - System32\Tasks\Avast Software\Avast SecureLine VPN Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-vpn\icarus.exe [6592792 2022-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {3EA423D3-183C-4763-8995-B4D7BD636692} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-04] (Google LLC -> Google LLC)
Task: {411878F7-D93F-4AA0-BA6B-DCF2A7C3BE03} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4909BDAF-621B-4A5F-9EE2-01F177F53EB3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {520A771D-5D52-4766-AEAE-311F97E4A40C} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\danma\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\esetonlinescanner (1).exe SCHED (No File)
Task: {553959D8-1CA3-4E4B-9966-B5C9441CD429} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3787304 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {59A5BEE2-6910-40B0-B9E8-DCC50F079772} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {5B996D61-55FC-4942-AAF7-C9054E3FFF5A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {61A07A8C-BB6E-4ADB-B09B-527B84C3E8A0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22844272 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {64AD67D3-B697-4CB4-86F4-1D437F2D5FD1} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2740968 2022-02-23] (Avast Software s.r.o. -> AVAST Software)
Task: {68DE41CD-B1BE-4188-A7C3-1FAAEF712335} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4760344 2022-01-24] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid df30ce54-4e12-46b1-95de-1ce0664c00b0
Task: {70AD4F03-DF23-4AEF-97B8-15E12F3390D9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782136 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {7D0245A9-7333-4F88-8301-14DB5818084A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [899056 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7DB3D4D6-97BB-4E81-9576-9D01CD520060} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2740968 2022-02-23] (Avast Software s.r.o. -> AVAST Software)
Task: {80C5825C-3EDA-4AB4-90EC-C89134901B59} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {83DF4A89-58E5-45AB-88AF-5703BC20B81B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {881402C5-011B-4BAE-9BDC-764F84223F98} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore1d71f73fb3a559a" /ENABLE
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\OneDrive Reporting Task-S-1-5-21-94710539-3080292790-338919356-1001" /ENABLE
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-94710539-3080292790-338919356-1001" /ENABLE
Task: {8BBDBAE9-A786-47E4-8550-A9D862C2D2B2} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {96B0081D-B5A5-4685-A7FE-B034D132EBA1} - System32\Tasks\Avast SecureLine VPN Update => C:\Program Files\Avast Software\SecureLine VPN\VpnUpdate.exe [1227032 2022-03-01] (Avast Software s.r.o. -> AVAST Software)
Task: {96C96B87-EF9C-47B2-AF75-A79EE72B30A1} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4992792 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
Task: {98E7BDF0-02AF-46FD-8CD6-3C67A287E8B4} - System32\Tasks\Avast Software\Avast Driver Updater Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-du\icarus.exe [6475544 2022-01-18] (Avast Software s.r.o. -> Avast Software)
Task: {9B390EB2-47DB-44AE-A366-B77037B7FEB8} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1130296 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {A018913F-DFE4-4713-943A-EF441F310875} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {AB3CEC82-53DC-4A38-8B81-D941EF4A1F11} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-04] (Google LLC -> Google LLC)
Task: {B2DE8F1B-C60C-4CDB-85E0-0F3B0CA7E77B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8413176 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9C01866-478F-430A-852F-18172319674A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [138592 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA1F8C14-C7D0-4734-A5CD-880435945D72} - System32\Tasks\Avast Software\Avast Driver Updater BugReport => C:\Program Files\Avast Software\Driver Updater\AvBugReport.exe [4760344 2022-01-21] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 148 --programpath "C:\Program Files\Avast Software\Driver Updater\Setup\.." --configpath "C:\Program Files\Avast Software\Driver Updater\Setup" --path "C:\ProgramData\Avast Software\Driver Updater\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid 0f2d6998-6189-4b1d-864b-202bce3a488f
Task: {C63DF98C-A5DB-40E3-9327-CDB9C81DB966} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\danma\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\esetonlinescanner (1).exe LOGON (No File)
Task: {D6314D78-F71B-4532-87F7-7AFE44865F12} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648504 2019-08-07] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D82C2509-CF7F-4D7E-8846-158547824C05} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2296088 2022-03-13] (Avast Software s.r.o. -> Avast Software)
Task: {E87E48BB-0C72-4D62-BA00-1E2068FCB03A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60096 2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {EE517D8F-D765-4562-A2DE-EEEBD1F88EFB} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [68288 2019-06-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{b02a34a8-8c43-47bc-b336-3b3905abdbf3}: [DhcpNameServer] 192.168.11.254 79.98.72.27 79.98.72.2
Tcpip\..\Interfaces\{f6252536-8c17-4988-88bc-86dd42be4d53}: [NameServer] 100.120.122.1
Tcpip\..\Interfaces\{f9e65c66-bf8a-4f6a-8001-d331cd5f4410}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{fb134840-c17b-4777-9936-65a85467dd2e}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\danma\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-15]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Users\danma\Downloads\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Users\danma\Downloads\VLC\npvlc.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-11-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-01-26] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default [2022-03-20]
CHR Notifications: Default -> hxxps://meet.google.com
CHR Extension: (Slides) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-04]
CHR Extension: (Docs) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-04]
CHR Extension: (Google Drive) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (YouTube) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-04]
CHR Extension: (Sheets) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-04]
CHR Extension: (Google Docs Offline) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-17]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Netflix Party is now Teleparty) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\oocalimimngaihdkbihfgmpkcpnmlaoa [2022-03-17]
CHR Extension: (Gmail) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\danma\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-03-20]
CHR Profile: C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-03-02]
CHR Extension: (Slides) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-02-21]
CHR Extension: (Docs) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2022-02-21]
CHR Extension: (Google Drive) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-02-21]
CHR Extension: (YouTube) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-21]
CHR Extension: (Sheets) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-02-21]
CHR Extension: (Google Docs Offline) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-21]
CHR Extension: (Gmail) - C:\Users\danma\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-02-21]
CHR Profile: C:\Users\danma\AppData\Local\Google\Chrome\User Data\System Profile [2022-03-20]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [8482384 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
S2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [563992 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1874200 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [563992 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-01-26] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\98.1.14514.103\elevation_service.exe [1893872 2022-02-23] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8736880 2020-11-19] (BattlEye Innovations e.K. -> )
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [13738776 2022-01-24] (Avast Software s.r.o. -> AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12119432 2022-01-20] (Microsoft Corporation -> Microsoft Corporation)
R2 DriverUpdSvc; C:\Program Files\Avast Software\Driver Updater\DriverUpdSvc.exe [7207192 2022-01-21] (Avast Software s.r.o. -> AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [811120 2020-06-15] (EasyAntiCheat Oy -> Epic Games, Inc)
S4 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [38328 2018-08-31] (GoPro Media, Inc. -> )
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\AppHelperCap.exe [762920 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\DiagsCap.exe [759800 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\NetworkCap.exe [756736 2022-01-19] (HP Inc. -> HP Inc.)
R2 HPOmenCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapcomp.inf_amd64_847b260ab5f9550b\x64\OmenCap\OmenCap.exe [690168 2021-10-21] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [288360 2021-05-13] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_28a78a8b4b54e457\x64\SysInfoCap.exe [760304 2022-01-19] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_54a828a51f6769c8\x64\TouchpointAnalyticsClientService.exe [494672 2021-11-21] (HP Inc. -> HP Inc.)
S3 mracsvc; C:\windows\System32\mracsvc.exe [20034712 2020-04-22] (Mail.Ru LLC -> LLC Mail.Ru)
R2 SecureLine; C:\Program Files\Avast Software\SecureLine VPN\VpnSvc.exe [9608984 2022-03-01] (Avast Software s.r.o. -> AVAST Software)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\NisSrv.exe [2496144 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MsMpEng.exe [104192 2020-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_6150805b5347553f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_6150805b5347553f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [50616 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2019-05-22] (Alcorlink Corp. -> )
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [226328 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [368664 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [251928 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99352 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41352 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [267904 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [545784 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [108888 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [854272 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [550376 2022-03-03] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2020-10-22] (AVAST Software s.r.o. -> The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [317696 2022-02-19] (Avast Software s.r.o. -> AVAST Software)
S3 aswVpnRdr; C:\WINDOWS\System32\drivers\aswVpnRdr.sys [59008 2022-01-31] (Avast Software s.r.o. -> Avast Software)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
S0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [60448 2021-11-24] (WDKTestCert VssAdministrator,132811656475919983 -> HP)
R3 HPOmenCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpomencustomcapdriver.inf_amd64_326f2e1d16385daf\x64\hpomencustomcapdriver.sys [23888 2019-05-03] (HP Inc. -> HP Inc.)
S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [19266680 2020-04-22] (Mail.Ru LLC -> LLC Mail.Ru)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [70560 2018-09-04] (Realtek Semiconductor Corp. -> Realtek)
R3 SnapCameraVirtualDevice; C:\WINDOWS\System32\drivers\SnapCameraVirtualDevice.sys [2800232 2020-10-12] (Snap Inc. -> Windows (R) Win 7 DDK provider)
R3 ViGEmBus; C:\WINDOWS\System32\DriverStore\FileRepository\vigembus.inf_amd64_e84845c70c38fbe7\x64\ViGEmBus.sys [74648 2018-08-01] (HP Inc. -> Benjamin Höglinger-Stelzer)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45976 2020-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [408816 2020-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64224 2020-07-25] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-20 12:00 - 2022-03-20 12:00 - 000035796 _____ C:\Users\danma\Desktop\FRST.txt
2022-03-20 12:00 - 2022-03-20 12:00 - 000000000 ____D C:\FRST
2022-03-20 11:59 - 2022-03-20 11:59 - 002364928 _____ (Farbar) C:\Users\danma\Desktop\FRST64.exe
2022-03-20 11:54 - 2022-02-19 14:43 - 000340760 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2022-03-19 08:32 - 2022-03-19 08:32 - 001861660 _____ C:\WINDOWS\Minidump\031922-26921-01.dmp
2022-03-18 18:48 - 2022-03-18 18:48 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-18 18:48 - 2022-03-18 18:48 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-18 18:48 - 2022-03-18 18:48 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-18 18:48 - 2022-03-18 18:48 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-18 18:47 - 2022-03-18 18:47 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-18 18:38 - 2022-03-18 18:38 - 000000000 ___HD C:\$WinREAgent
2022-03-17 22:36 - 2022-03-17 22:36 - 000000000 ____D C:\Users\danma\Desktop\ddd
2022-03-15 17:35 - 2022-03-19 08:32 - 1238242114 _____ C:\WINDOWS\MEMORY.DMP
2022-03-15 17:35 - 2022-03-15 17:36 - 001334748 _____ C:\WINDOWS\Minidump\031522-12593-01.dmp
2022-03-14 21:40 - 2022-03-19 08:34 - 000540944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-04 11:20 - 2022-03-04 11:20 - 000000000 ____D C:\Users\Filip\AppData\Local\NVIDIA
2022-03-01 21:53 - 2022-03-01 21:53 - 000000000 ____D C:\WINDOWS\system32\lxss
2022-03-01 21:52 - 2021-11-04 22:00 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2022-03-01 21:52 - 2021-11-04 22:00 - 001858680 _____ C:\WINDOWS\system32\vulkaninfo.exe
2022-03-01 21:52 - 2021-11-04 22:00 - 001474688 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2022-03-01 21:52 - 2021-11-04 22:00 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2022-03-01 21:52 - 2021-11-04 22:00 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2022-03-01 21:52 - 2021-11-04 22:00 - 001212544 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2022-03-01 21:52 - 2021-11-04 22:00 - 001097832 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2022-03-01 21:52 - 2021-11-04 22:00 - 001097832 _____ C:\WINDOWS\system32\vulkan-1.dll
2022-03-01 21:52 - 2021-11-04 22:00 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2022-03-01 21:52 - 2021-11-04 22:00 - 000951912 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 037519480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2022-03-01 21:52 - 2021-11-04 21:56 - 001520760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 001171056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 000716920 _____ C:\WINDOWS\system32\nvofapi64.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 000706192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2022-03-01 21:52 - 2021-11-04 21:56 - 000676472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 000645248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 000577144 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 000564344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2022-03-01 21:52 - 2021-11-04 21:56 - 000046280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhdap64.dll
2022-03-01 21:52 - 2021-11-04 21:55 - 002112144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2022-03-01 21:52 - 2021-11-04 21:55 - 001595512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2022-03-01 21:52 - 2021-11-04 21:55 - 000919152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2022-03-01 21:52 - 2021-11-04 21:55 - 000750200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2022-03-01 21:52 - 2021-11-04 21:55 - 000447096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2022-03-01 21:52 - 2021-11-04 21:54 - 008854128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2022-03-01 21:52 - 2021-11-04 21:54 - 007920760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2022-03-01 21:52 - 2021-11-04 21:54 - 005681264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2022-03-01 21:52 - 2021-11-04 21:54 - 004987520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2022-03-01 21:52 - 2021-11-04 21:54 - 002925680 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2022-03-01 21:52 - 2021-11-04 21:53 - 000849024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2022-03-01 21:52 - 2021-11-04 21:52 - 006216320 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2022-03-01 21:52 - 2021-11-04 21:05 - 000083197 _____ C:\WINDOWS\system32\nvinfo.pb
2022-02-22 18:23 - 2022-02-22 18:23 - 000000000 ____D C:\Users\Filip\AppData\LocalLow\AMD
2022-02-21 18:11 - 2022-02-21 18:11 - 000002435 _____ C:\Users\danma\Desktop\Filip - Chrome.lnk
2022-02-19 14:43 - 2022-02-19 14:43 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-03-20 12:00 - 2021-03-23 00:30 - 000000000 ____D C:\Users\Filip
2022-03-20 12:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-20 11:58 - 2021-03-23 00:38 - 002724114 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-20 11:58 - 2021-03-22 23:52 - 000732586 _____ C:\WINDOWS\system32\perfh007.dat
2022-03-20 11:58 - 2021-03-22 23:52 - 000149986 _____ C:\WINDOWS\system32\perfc007.dat
2022-03-20 11:58 - 2019-12-07 15:41 - 000752106 _____ C:\WINDOWS\system32\perfh005.dat
2022-03-20 11:58 - 2019-12-07 15:41 - 000162644 _____ C:\WINDOWS\system32\perfc005.dat
2022-03-20 11:58 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-20 11:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-03-20 11:55 - 2020-05-04 09:57 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-20 11:54 - 2021-03-23 00:38 - 000003990 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2022-03-20 11:54 - 2021-03-23 00:30 - 000000000 ____D C:\Users\danma
2022-03-20 11:54 - 2020-10-22 15:37 - 000002095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premium Security.lnk
2022-03-20 11:54 - 2020-10-22 15:37 - 000002083 _____ C:\Users\Public\Desktop\Avast Premium Security.lnk
2022-03-20 11:54 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-03-20 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-20 11:53 - 2021-03-23 00:38 - 000004028 _____ C:\WINDOWS\system32\Tasks\Avast SecureLine VPN Update
2022-03-20 11:53 - 2021-03-23 00:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-20 11:53 - 2021-03-23 00:29 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-20 11:53 - 2021-03-23 00:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-20 11:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-20 11:53 - 2019-11-13 20:45 - 000000000 ____D C:\ProgramData\NVIDIA
2022-03-20 11:36 - 2020-06-18 10:42 - 000000000 ____D C:\Users\danma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-20 11:36 - 2020-06-18 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-03-20 11:36 - 2020-06-18 10:42 - 000000000 ____D C:\Program Files\WinRAR
2022-03-20 00:21 - 2021-01-10 10:22 - 000000000 ____D C:\Users\danma\.junique
2022-03-20 00:19 - 2021-01-10 10:23 - 000000000 ____D C:\Users\danma\AppData\Local\JxBrowser
2022-03-20 00:19 - 2020-04-01 11:40 - 000000000 ____D C:\Users\danma\AppData\Local\D3DSCache
2022-03-19 08:33 - 2021-03-27 08:21 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-19 08:33 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-19 08:33 - 2019-12-07 10:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2022-03-19 08:33 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-19 08:30 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-19 08:29 - 2020-08-24 10:12 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-18 18:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-18 18:47 - 2021-03-23 00:30 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-18 18:39 - 2020-04-01 11:40 - 000000000 ____D C:\Users\danma\AppData\Local\Packages
2022-03-17 21:18 - 2020-04-22 11:20 - 000000000 ____D C:\Users\danma\Desktop\zkratky
2022-03-17 21:13 - 2020-09-30 19:23 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-17 21:13 - 2020-04-02 23:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-17 21:02 - 2020-05-04 09:57 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-03-17 21:02 - 2020-05-04 09:57 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-17 21:02 - 2020-04-02 23:04 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-15 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-15 16:59 - 2021-03-23 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-03-13 08:33 - 2021-12-26 23:01 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-94710539-3080292790-338919356-1001
2022-03-13 08:33 - 2021-12-26 23:01 - 000002380 _____ C:\Users\danma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-13 08:33 - 2021-03-23 00:38 - 000003352 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-94710539-3080292790-338919356-1001
2022-03-13 08:31 - 2020-07-25 16:30 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2022-03-13 08:31 - 2020-07-25 16:30 - 000002470 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2022-03-13 08:30 - 2021-04-13 07:59 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d71f73fb3a559a
2022-03-13 08:30 - 2021-03-23 00:38 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-04 11:24 - 2020-05-14 07:13 - 000000000 ____D C:\Users\Filip\AppData\Local\SquirrelTemp
2022-03-04 11:20 - 2020-04-01 18:51 - 000000000 ____D C:\Users\Filip\AppData\Local\D3DSCache
2022-03-03 23:21 - 2020-07-25 16:24 - 000000000 ____D C:\ProgramData\Avast Software
2022-03-03 15:51 - 2020-07-25 16:25 - 000550376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2022-03-02 18:35 - 2020-05-04 12:34 - 000000000 ____D C:\Users\danma\AppData\Local\NVIDIA
2022-03-01 21:53 - 2019-11-13 20:45 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2022-03-01 21:53 - 2019-11-13 20:44 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2022-03-01 21:40 - 2020-07-25 16:39 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2022-02-24 17:48 - 2020-04-04 17:50 - 000000000 ____D C:\Users\danma\AppData\Local\CrashDumps
2022-02-22 22:26 - 2021-05-15 17:42 - 000000000 ____D C:\Users\Filip\AppData\Local\AVAST Software
2022-02-22 21:37 - 2020-04-01 18:55 - 000000000 ____D C:\Users\Filip\AppData\Local\Publishers
2022-02-22 21:36 - 2021-03-23 00:38 - 000003402 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-02-22 21:36 - 2021-03-23 00:38 - 000003178 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-02-22 21:36 - 2021-03-22 23:54 - 000000000 ____D C:\WINDOWS\HoloShell
2022-02-22 21:36 - 2020-04-01 18:51 - 000000000 ____D C:\Users\Filip\AppData\Local\Packages
2022-02-22 21:36 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2022-02-22 18:23 - 2021-05-15 17:42 - 000002349 _____ C:\Users\Filip\Desktop\Microsoft Edge.lnk
2022-02-21 18:55 - 2021-03-23 00:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2022-02-19 14:43 - 2020-10-22 07:55 - 000267904 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000854272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000545784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000368664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000317696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000251928 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000226328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000108888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000099352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2022-02-19 14:43 - 2020-07-25 16:25 - 000041352 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================










A Addition:

==================== Memory info ===========================

BIOS: AMI F.10 08/25/2020
Motherboard: HP 86D4
Processor: AMD Ryzen 5 3550H with Radeon Vega Mobile Gfx
Percentage of memory in use: 71%
Total physical RAM: 6021.12 MB
Available physical RAM: 1693.98 MB
Total Virtual: 10373.12 MB
Available Virtual: 4506.18 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:476.18 GB) (Free:153.08 GB) NTFS

\\?\Volume{2c61ec34-ecd4-405d-a859-e268d7e6829c}\ () (Fixed) (Total:0.48 GB) (Free:0.05 GB) NTFS
\\?\Volume{9423534e-590c-411c-8082-771b3ffc6d65}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 0B9FA620)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalý počítač, zřejmě zavirovaný

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3EA423D3-183C-4763-8995-B4D7BD636692} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-04] (Google LLC -> Google LLC)
Task: {AB3CEC82-53DC-4A38-8B81-D941EF4A1F11} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-04] (Google LLC -> Google LLC)
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Users\danma\Downloads\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Users\danma\Downloads\VLC\npvlc.dll [No File]
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
Uložte do stejného adresáře, ve kterém máte FRST, jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

danek
Návštěvník
Návštěvník
Příspěvky: 242
Registrován: 29 zář 2014 22:07

Re: Pomalý počítač, zřejmě zavirovaný

#7 Příspěvek od danek »

Tak jsem to zkusil, ale bohužel fixlog.txt se po restartu neobjevil.
Naposledy upravil(a) danek dne 20 bře 2022 21:05, celkem upraveno 1 x.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalý počítač, zřejmě zavirovaný

#8 Příspěvek od Rudy »

Podívejte se do toho adresáře, jestli tam není. Pokud ano, jeho obsah sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

danek
Návštěvník
Návštěvník
Příspěvky: 242
Registrován: 29 zář 2014 22:07

Re: Pomalý počítač, zřejmě zavirovaný

#9 Příspěvek od danek »

No právě že tam nikde není. FRST jsem spustil z plochy, ale na ploše je jenom fixlist.txt a frst.txt, ale ne fixlog.txt. Když spustim FRST a dám Fix, tak to napíše, že se něco smazalo a hláška, že fixlog.txt je uložený ve stejném adresáři jako FRST a že je potřeba restartovat. Po restartu ale nikde nic není. Zkoušel jsem to i přes vyhledávání souborů, a pak jsem dal FRST do jiného adresáře a zase spustil a stejný výsledek.

Taky se mi objevuje po přihlášení do viry.cz hláška, že Chrome detekoval že přihlašovací údaje způsobily "data breach" a jestli chci uložit údaje do prohlížeče, tak jsem dal, že ne.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalý počítač, zřejmě zavirovaný

#10 Příspěvek od Rudy »

OK. Udělejte ještě sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po ukončení akce smažte vše, co najde. Popis v odkazu je pro starší verzi.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

danek
Návštěvník
Návštěvník
Příspěvky: 242
Registrován: 29 zář 2014 22:07

Re: Pomalý počítač, zřejmě zavirovaný

#11 Příspěvek od danek »

Tak jsem to udělal, ale nic to nenašlo... Může být potíž v tom, že se fixlog.txt neobjevil v tom, že jsem nově zařadil počítač pod dětský účet Microfost v rámci Family? Taky mi dvakrát přišel hovor z čísla s francouzskou volbou +33602307563, že můj počítač napadli online hackeři, ale pokaždé jsem to po chvilce radši zavěsil.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalý počítač, zřejmě zavirovaný

#12 Příspěvek od Rudy »

OK. To, že se vám fixlog neobjevil, pravděpodobné nesouvisí se zřízením nového účtu. Zrychlil se PC?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

altrok
Moderátor
Moderátor
Příspěvky: 7256
Registrován: 15 lis 2012 22:26
Bydliště: Znojmo

Re: Pomalý počítač, zřejmě zavirovaný

#13 Příspěvek od altrok »

danek píše: 20 bře 2022 22:39 Tak jsem to udělal, ale nic to nenašlo... Může být potíž v tom, že se fixlog.txt neobjevil v tom, že jsem nově zařadil počítač pod dětský účet Microfost v rámci Family? Taky mi dvakrát přišel hovor z čísla s francouzskou volbou +33602307563, že můj počítač napadli online hackeři, ale pokaždé jsem to po chvilce radši zavěsil.
Ahoj,
jen malá vsuvka - to je správně, že jsi zavěsil. Velice pravděpodobně se jedná o tzv. vishing (voice phishing) - útočník ti vysvětluje, že máš zavirovaný PC, představuje se jako bankovní identita apod. Čeština/slovenština jsou těžké jazyky, proto se u nás vishing nevyskytuje tak moc jako v anglicky mluvících zemích a neví o něm zrovna velké procento naší populace. Je vhodné si toho být vědom. Jsou jedinci, kteří se těmito scammery zabývají https://www.youtube.com/watch?v=le71yVPh4uk
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.

danek
Návštěvník
Návštěvník
Příspěvky: 242
Registrován: 29 zář 2014 22:07

Re: Pomalý počítač, zřejmě zavirovaný

#14 Příspěvek od danek »

OK, dík. Radši to příště nebudu ani brát. No já nevim, jestli můžu považovat počítač za vyčištěný. Já původně myslel, když je to teď pod dětským účtem, tak jestli se tam dají dělat změny nastavení. Ale asi to nesouvisí. Můžu to chvíli pozorovat. Nebo to třeba ještě oskenovat znovu tím FRST, jestli ta změna skutečně proběhla.

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118152
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomalý počítač, zřejmě zavirovaný

#15 Příspěvek od Rudy »

Rudy píše: 21 bře 2022 10:15 OK. To, že se vám fixlog neobjevil, pravděpodobné nesouvisí se zřízením nového účtu. Zrychlil se PC?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět