Prosím o kontrolu logu

Zpráva

Paulie0001 · #1 Příspěvek od **Paulie0001** » 03 říj 2023 14:16

Dobrý den,
brácha často sleduje různé streamy na internetu, a má obavy, že mohl stáhnout nějaký škodlivý malware. Počítač se mu výrazně zpomalil, občas se resetuje. Mohli byste se podívat, zda byste tu něco nenašli? Děkuji, posílám log z RSIT:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Petrovo at 2023-10-03 15:09:42
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 57 GB (37%) free of 154 GB
Total RAM: 2006 MB (12% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:09:54, on 3.10.2023
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
C:\Program Files\trend micro\Petrovo.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IEToEdge BHO - {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} - C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.140\BHO\ie_to_edge_bho.dll
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O4 - HKCU\..\Run: [AvastBrowserAutoLaunch_9AA707D55A2810EC51156F1047C78FD7] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --onboarding-at-startup
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: GIGABYTE OC_GURU.lnk = C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Tools (avast! Tools) - AVAST Software - C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) (AvastSecureBrowserElevationService) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Application\109.0.19987.120\elevation_service.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\elevation_service.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Wifi AutoInstall Service (WifiAutoInstallSrv) - Realtek - C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7598 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc /rpcserver
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe" /runassvc
atieclxx
"C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe" /runassvc
C:\Windows\System32\spoolsv.exe
"taskhost.exe"
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe"
"C:\Program Files\AVAST Software\Avast\aswEngSrv.exe" /pipename="59BADFA0-6654-5D5E-5F0B-8310F5161851" /binpath="C:\Program Files\AVAST Software\Avast" /logpath="C:\ProgramData\AVAST Software\Avast\log"
"C:\Program Files\AVAST Software\Avast\aswidsagent.exe"
taskeng.exe {93672A83-0F06-414E-8314-B28BEDC54DA1}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe"
schtasks /change /TN "AMDLinkUpdate" /TR "\"C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe\" -AMDLinkUpdate"
\??\C:\Windows\system32\conhost.exe "-1387713581233733720193019801937299463926530800896495435614775296-731684679
"C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --onboarding-at-startup --restore-last-session
AvastUI.exe /nogui
"C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Petrovo\AppData\Local\AVAST Software\Browser\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Petrovo\AppData\Local\AVAST Software\Browser\User Data\Crashpad" "--metrics-dir=C:\Users\Petrovo\AppData\Local\AVAST Software\Browser\User Data" --url=fake_url --annotation=plat=Win64 --annotation=prod=Avast --annotation=ver=109.0.19987.120 --initial-client-data=0xb4,0xb8,0xbc,0x88,0xc0,0x7feed726b78,0x7feed726b88,0x7feed726b98
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --type=gpu-process --start-stack-profiler --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1212 --field-trial-handle=1228,i,2198475985554349029,8438309734879280924,131072 /prefetch:2
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --type=renderer --origin-trial-disabled-features=WebGPU --start-stack-profiler --first-renderer-process --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --time-ticks-at-unix-epoch=-1696328810964451 --launch-time-ticks=98777571 --mojo-platform-channel-handle=2460 --field-trial-handle=1228,i,2198475985554349029,8438309734879280924,131072 /prefetch:1
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --time-ticks-at-unix-epoch=-1696328810964451 --launch-time-ticks=98923529 --mojo-platform-channel-handle=2480 --field-trial-handle=1228,i,2198475985554349029,8438309734879280924,131072 /prefetch:1
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --time-ticks-at-unix-epoch=-1696328810964451 --launch-time-ticks=103695665 --mojo-platform-channel-handle=3236 --field-trial-handle=1228,i,2198475985554349029,8438309734879280924,131072 /prefetch:1
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --start-stack-profiler --mojo-platform-channel-handle=3688 --field-trial-handle=1228,i,2198475985554349029,8438309734879280924,131072 /prefetch:8
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --mojo-platform-channel-handle=3732 --field-trial-handle=1228,i,2198475985554349029,8438309734879280924,131072 /prefetch:8
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --time-ticks-at-unix-epoch=-1696328810964451 --launch-time-ticks=109929022 --mojo-platform-channel-handle=3836 --field-trial-handle=1228,i,2198475985554349029,8438309734879280924,131072 /prefetch:1
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --time-ticks-at-unix-epoch=-1696328810964451 --launch-time-ticks=111489062 --mojo-platform-channel-handle=3532 --field-trial-handle=1228,i,2198475985554349029,8438309734879280924,131072 /prefetch:1
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --time-ticks-at-unix-epoch=-1696328810964451 --launch-time-ticks=113260261 --mojo-platform-channel-handle=4164 --field-trial-handle=1228,i,2198475985554349029,8438309734879280924,131072 /prefetch:1
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --time-ticks-at-unix-epoch=-1696328810964451 --launch-time-ticks=115471252 --mojo-platform-channel-handle=4976 --field-trial-handle=1228,i,2198475985554349029,8438309734879280924,131072 /prefetch:1
"C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --time-ticks-at-unix-epoch=-1696328810964451 --launch-time-ticks=119716507 --mojo-platform-channel-handle=5280 --field-trial-handle=1228,i,2198475985554349029,8438309734879280924,131072 /prefetch:1
"C:\Program Files\AMD\CNext\CNext\amdow.exe" 4812
C:\Windows\system32\cmd.exe /d /c "C:\Program Files\AVAST Software\Avast\AvastNM.exe" chrome-extension://lhnnoklckomcfdlknmjaenoodlpfdclc/ --parent-window=0 < \\.\pipe\chrome.nativeMessaging.in.afa40bf13df9c889 > \\.\pipe\chrome.nativeMessaging.out.afa40bf13df9c889
\??\C:\Windows\system32\conhost.exe "-1935949378217978980-388076882-1249643132-655504081-2026886326-2001576961020524282
"C:\Program Files\AVAST Software\Avast\AvastNM.exe" chrome-extension://lhnnoklckomcfdlknmjaenoodlpfdclc/ --parent-window=0
"taskhost.exe"
"C:\Windows\system32\wuauclt.exe"
taskeng.exe {B198079F-5FF8-4045-B4D9-8BFD5CFB7DA4}
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Petrovo\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Petrovo\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Petrovo\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=109.0.5414.120 --initial-client-data=0xb8,0xbc,0xc0,0x8c,0xc4,0x7febe9a6b58,0x7febe9a6b68,0x7febe9a6b78
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1224 --field-trial-handle=1280,i,8898716657328682364,14879127567242309458,131072 /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=cs --service-sandbox-type=none --mojo-platform-channel-handle=1568 --field-trial-handle=1280,i,8898716657328682364,14879127567242309458,131072 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=cs --service-sandbox-type=service --mojo-platform-channel-handle=1292 --field-trial-handle=1280,i,8898716657328682364,14879127567242309458,131072 /prefetch:8
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --time-ticks-at-unix-epoch=-1696328811139992 --launch-time-ticks=9295581120 --mojo-platform-channel-handle=2408 --field-trial-handle=1280,i,8898716657328682364,14879127567242309458,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=cs --service-sandbox-type=service --mojo-platform-channel-handle=4932 --field-trial-handle=1280,i,8898716657328682364,14879127567242309458,131072 /prefetch:8
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=38 --time-ticks-at-unix-epoch=-1696328811139992 --launch-time-ticks=9494738064 --mojo-platform-channel-handle=6608 --field-trial-handle=1280,i,8898716657328682364,14879127567242309458,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=41 --time-ticks-at-unix-epoch=-1696328811139992 --launch-time-ticks=9530420271 --mojo-platform-channel-handle=5068 --field-trial-handle=1280,i,8898716657328682364,14879127567242309458,131072 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --origin-trial-disabled-features=WebGPU --lang=cs --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=42 --time-ticks-at-unix-epoch=-1696328811139992 --launch-time-ticks=9553137510 --mojo-platform-channel-handle=1680 --field-trial-handle=1280,i,8898716657328682364,14879127567242309458,131072 /prefetch:1
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=gpu-process --field-trial-handle=2088,9002832569810253676,12510520213228306306,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --no-sandbox --disable-gpu-driver-bug-workarounds --log-file="C:\Users\Petrovo\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (0.0.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --gpu-preferences=SAAAAAAAAADgAABwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --use-gl=swiftshader-webgl --log-file="C:\Users\Petrovo\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=8664 /prefetch:2
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2088,9002832569810253676,12510520213228306306,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=utility --no-sandbox --force-wave-audio --log-file="C:\Users\Petrovo\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (0.0.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\Petrovo\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=9392 /prefetch:8
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2088,9002832569810253676,12510520213228306306,131072 --disable-features=CookiesWithoutSameSiteMustBeSecure,ForcedColors,SameSiteByDefaultCookies,SameSiteDefaultChecksMethodRigorously --lang=cs --service-sandbox-type=none --no-sandbox --force-wave-audio --log-file="C:\Users\Petrovo\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --log-severity=error --user-agent="Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.3.3626.1895 Safari/537.36 Avastium (0.0.0)" --lang=cs-CZ --proxy-auto-detect --disable-webaudio --force-wave-audio --disable-software-rasterizer --no-sandbox --blacklist-accelerated-compositing --disable-accelerated-2d-canvas --disable-accelerated-compositing --disable-accelerated-layers --disable-accelerated-video-decode --blacklist-webgl --disable-bundled-ppapi-flash --disable-flash-3d --enable-aggressive-domstorage-flushing --enable-media-stream --disable-gpu --disable-webgl --disable-gpu-compositing --allow-file-access-from-files=1 --pack_loading_disabled=1 --log-file="C:\Users\Petrovo\AppData\Roaming\Avast Software\Avast\log\cef_log.txt" --mojo-platform-channel-handle=2320 /prefetch:8
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
"C:\Users\Petrovo\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.140\BHO\ie_to_edge_bho_64.dll [2023-09-14 594880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}]
IEToEdge BHO - C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.140\BHO\ie_to_edge_bho.dll [2023-09-14 454096]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"VIAxHCUtl"=C:\Program Files\VIA XHCI UASP Utility\usb3Monitor []
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2023-10-02 255896]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AvastBrowserAutoLaunch_9AA707D55A2810EC51156F1047C78FD7"=C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2023-01-26 3257832]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2023-09-29 4375912]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
GIGABYTE OC_GURU.lnk - C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
"C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aswSP.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux4"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"aux6"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"aux5"=wdmaud.drv
"wave7"=wdmaud.drv
"midi7"=wdmaud.drv
"mixer7"=wdmaud.drv
"aux7"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2023-10-03 15:09:44 ----D---- C:\Program Files\trend micro
2023-10-03 15:09:42 ----D---- C:\rsit
2023-10-03 15:04:21 ----D---- C:\AdwCleaner
2023-10-02 18:47:53 ----A---- C:\Windows\system32\aswBoot.exe
2023-10-02 18:47:26 ----A---- C:\Windows\system32\drivers\aswStm.sys
2023-09-04 18:24:48 ----N---- C:\Windows\system32\drivers\aswd4772d409e0f18b9.tmp
2023-09-04 18:24:46 ----N---- C:\Windows\system32\drivers\aswd56bf01d8c69ad26.tmp

======List of files/folders modified in the last 1 month======

2023-10-03 15:09:44 ----RD---- C:\Program Files
2023-10-03 15:07:32 ----D---- C:\Windows\Temp
2023-10-03 15:03:05 ----D---- C:\Program Files (x86)\Google
2023-10-03 15:01:35 ----D---- C:\Windows\system32\config
2023-10-03 13:31:59 ----D---- C:\Windows\system32\drivers
2023-10-03 13:10:56 ----D---- C:\Windows\system32\LogFiles
2023-10-03 13:08:20 ----D---- C:\Program Files (x86)\Steam
2023-10-03 12:27:32 ----D---- C:\Windows\system32\Tasks
2023-10-03 12:27:20 ----D---- C:\ProgramData\AVAST Software
2023-10-03 12:08:57 ----D---- C:\Windows\Minidump
2023-10-03 12:08:55 ----D---- C:\Windows
2023-10-03 05:47:11 ----D---- C:\Users\Petrovo\AppData\Roaming\vlc
2023-10-02 18:59:37 ----D---- C:\Windows\Prefetch
2023-10-02 18:47:53 ----D---- C:\Windows\System32
2023-09-28 07:47:48 ----SHD---- C:\System Volume Information

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2015-03-30 85704]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2015-03-30 43720]
R0 amdkmpfd;AMD PCI Root Bus Lower Filter; C:\Windows\system32\DRIVERS\amdkmpfd.sys [2019-01-25 94000]
R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys [2023-10-02 31528]
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys [2023-10-02 297992]
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys [2023-10-02 96064]
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2023-10-02 80416]
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2023-10-02 319560]
R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2015-07-13 251632]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys [2023-10-02 240176]
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys [2023-10-02 392984]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2023-10-02 39760]
R1 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2023-10-02 275168]
R1 aswNetHub;aswNetHub; C:\Windows\system32\drivers\aswNetHub.sys [2023-10-02 559696]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2023-10-02 105248]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2023-10-02 950696]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2023-10-02 708048]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2016-05-25 137280]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 AODDriver4.2;AODDriver4.2; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-11-20 57512]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2023-10-02 213192]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2019-02-20 52872072]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2019-02-21 581512]
R3 aswNetNd6;Avast Firewall NDIS6 Helper; C:\Windows\system32\DRIVERS\aswNetNd6.sys [2023-04-12 23472]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2018-09-26 104840]
R3 GPCIDrv;GPCIDrv; \??\C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [2014-08-28 14376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2015-07-07 4514008]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2015-01-15 977624]
R3 VUSB3HUB;VIA USB 3 Root Hub Service; C:\Windows\system32\DRIVERS\ViaHub3.sys [2014-10-31 225792]
R3 xhcdrv;VIA USB eXtensible Host Controller Service; C:\Windows\system32\DRIVERS\xhcdrv.sys [2014-10-31 305664]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2016-10-22 26192]
S3 NAVENG;NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.1.7\Definitions\SDSDefs\20161027.008\ENG64.SYS []
S3 NAVEX15;NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.1.7\Definitions\SDSDefs\20161027.008\EX64.SYS []
S3 RtlWlanu;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter; C:\Windows\system32\DRIVERS\rtwlanu.sys [2017-12-28 7706960]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64.sys [2015-04-30 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2019-02-21 499592]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-08-30 344064]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2023-10-02 776088]
R2 avast! Tools;Avast Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [2023-10-02 796568]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2021-06-01 56912]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 WifiAutoInstallSrv;Wifi AutoInstall Service; C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe [2018-10-26 118720]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2023-10-02 9090968]
S2 avast;Služba %1!s! Update (avast); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2022-12-13 191120]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2019-03-28 158912]
S2 edgeupdate;Služba Microsoft Edge Update (edgeupdate); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-30 224152]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-22 153752]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2020-12-08 335416]
S3 avastm;Služba %1!s! Update (avastm); C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2022-12-13 191120]
S3 AvastSecureBrowserElevationService;Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService); C:\Program Files (x86)\AVAST Software\Browser\Application\109.0.19987.120\elevation_service.exe [2023-01-26 1802816]
S3 edgeupdatem;Služba Microsoft Edge Update (edgeupdatem); C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [2020-06-30 224152]
S3 GoogleChromeElevationService;Google Chrome Elevation Service (GoogleChromeElevationService); C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\elevation_service.exe [2023-01-24 1725720]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-22 153752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 116224]
S3 MicrosoftEdgeElevationService;Microsoft Edge Elevation Service (MicrosoftEdgeElevationService); C:\Program Files (x86)\Microsoft\Edge\Application\109.0.1518.140\elevation_service.exe [2023-09-14 1747392]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2023-09-29 2661736]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2016-10-28 1255736]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2019-03-28 54912]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 04 říj 2023 13:51

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . RSIT není plně kompatibilní se 64b systémy. Děkuji.

Paulie0001 · #3 Příspěvek od **Paulie0001** » 04 říj 2023 23:00

No je to síla ten bráchův PC, hrozně pomalu se vše načítá. A ten scan z FRST, který normálně trvá do minuty, tady trval cca 10 minut. Kdybyste měl nějaký tip na vyčištění, sem s tím

zatím používám tady jen ccleaner a adwcleaner.
posílám log z FRST (addition je v zipu) a předem děkuji:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2023
Ran by Petrovo (administrator) on PETROVO-PC (04-10-2023 23:40:55)
Running from C:\Users\Petrovo\Desktop\FRST64.exe
Loaded Profiles: Petrovo
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\schtasks.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AVAST Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(cmd.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastNM.exe
(explorer.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe <13>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <26>
(explorer.exe ->) (VIA Technologies, Inc.) [File not signed] C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe
(taskeng.exe ->) (GIGABYTE Technology Co.,Ltd.) [File not signed] C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.) [File not signed]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [255896 2023-10-02] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\Run: [AvastBrowserAutoLaunch_9AA707D55A2810EC51156F1047C78FD7] => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3257832 2023-01-26] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4375912 2023-09-29] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: H - H:\autorun.exe
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: {120e2374-b9dc-11e8-a0ee-408d5c8c9bb7} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: {3e579665-9817-11e6-b5f4-806e6f6e6963} - F:\Run.exe
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: {b33923b7-1caa-11eb-b043-408d5c8c9bb7} - G:\Setup.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\92.2.11577.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe [2023-01-27] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\109.0.19987.120\Installer\chrmstp.exe [2023-02-06] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\87.0.7478.88\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-10-22]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {BF265178-9807-41FD-8067-962B4065AA20} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {B766E03C-AF23-4354-9CC6-C055060A4125} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {A297E8C9-ED26-4343-8C3A-5F1783C419BA} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [468992 2019-02-20] (Advanced Micro Devices, Inc.) [File not signed]
Task: {67171CB1-3F1B-45A2-9384-B67A93F4646C} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [5135256 2023-10-02] (Avast Software s.r.o. -> AVAST Software)
Task: {6D0B5474-D58D-45E4-AC26-6F0E17A0AB76} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3257832 2023-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {12BEA997-EED0-4A42-8BF8-443E71D3E860} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [3257832 2023-01-26] (Avast Software s.r.o. -> AVAST Software)
Task: {5250C9ED-00CD-4975-A729-E5D7C47CC7BE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {A39BEA20-6D70-4DED-BFDE-39A44E984AEA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {5CBF131C-77E1-40D5-81B5-69B09B748262} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {3C0EFC17-C591-4268-A340-F8CED8D6C087} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
Task: {17687609-13E0-4611-A5A6-BECC5CFE650E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-22] (Google Inc -> Google Inc.)
Task: {D2BF2C90-F21E-4A29-A3C0-9559CBC0D7DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-22] (Google Inc -> Google Inc.)
Task: {BEAACE60-249B-47A7-AC43-4ED8B83F7B0D} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [468992 2019-02-20] (Advanced Micro Devices, Inc.) [File not signed]
Task: {9F92756B-4A6A-4C50-B308-AB20D4984629} - System32\Tasks\OC GURU II Auto Run => C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe [24465408 2015-11-11] (GIGABYTE Technology Co.,Ltd.) [File not signed]
Task: {22FF17F8-9F3F-4C29-8CAF-D9AB7ABEC527} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [58760 2019-02-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {404EA2BB-673D-4DE0-AD37-218CFB1531BD} - System32\Tasks\StartDVR => "C:\Program Files\AMD\CNext\CNext\dvrcmd.exe" (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{123416F5-6416-4E98-8DE3-DECFE90E50BB}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{A7E55188-1D20-475D-8D36-08C212BDCC84}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Petrovo\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-08]
Edge HomePage: Default -> hxxps://www.seznam.cz/
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Petrovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-02-27]

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1579.3\npAvastBrowserUpdate3.dll [2022-12-13] (Avast Software s.r.o. -> AVAST Software)

Chrome:
=======
CHR Profile: C:\Users\Petrovo\AppData\Local\Google\Chrome\User Data\Default [2023-10-04]
CHR Notifications: Default -> hxxps://aukro.cz; hxxps://cs.celebs-networth.com; hxxps://cs.soringpcrepair.com; hxxps://en.softonic.com; hxxps://www.sundaymore.com; hxxps://www.t-shock.eu
CHR HomePage: Default -> hxxps://pravednes.cz/
CHR DefaultSearchURL: Default -> hxxps://s.yimg.com/cv/apiv2/09062018/manifest/yahoo_install_48.png
CHR Session Restore: Default -> is enabled.
CHR Extension: (Yahoo) - C:\Users\Petrovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnpnjbjealcpabcenanokcflffolchnm [2020-03-16]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Petrovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2023-08-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Petrovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-10-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petrovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petrovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [9090968 2023-10-02] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [776088 2023-10-02] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [796568 2023-10-02] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [191120 2022-12-13] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\109.0.19987.120\elevation_service.exe [1802816 2023-01-26] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-01] (Avast Software s.r.o. -> AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 WifiAutoInstallSrv; C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe [118720 2018-10-26] (Realtek Semiconductor Corp. -> Realtek)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [31528 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [240176 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [392984 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [297992 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [96064 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39760 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [275168 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [559696 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [23472 2023-04-12] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [105248 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [80416 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [950696 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [708048 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [213192 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [319560 2023-10-02] (Microsoft Windows Hardware Compatibility Publisher -> AVAST Software)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [251632 2015-07-13] (ESET, spol. s r.o. -> ESET)
S3 gdrv; C:\Windows\gdrv.sys [26192 2016-10-22] (Giga-Byte Technology -> Windows (R) Server 2003 DDK provider)
R3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2014-08-28] (Giga-Byte Technology -> )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [7706960 2017-12-28] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [23200 2015-04-30] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.1.7\Definitions\SDSDefs\20161027.008\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Security\NortonData\22.5.1.7\Definitions\SDSDefs\20161027.008\EX64.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

Error Reading file: "C:\Users\Petrovo\Downloads\JavaUpdate_2800436104786345196.exe"
2023-10-04 23:40 - 2023-10-04 23:43 - 000018515 _____ C:\Users\Petrovo\Desktop\FRST.txt
2023-10-04 23:40 - 2023-10-04 23:41 - 000000000 ____D C:\FRST
2023-10-04 23:36 - 2023-10-04 23:38 - 002382848 _____ (Farbar) C:\Users\Petrovo\Downloads\FRST64.exe
2023-10-04 23:35 - 2023-10-04 23:38 - 002382848 _____ (Farbar) C:\Users\Petrovo\Desktop\FRST64.exe
2023-10-04 21:54 - 2023-10-04 21:54 - 002382848 _____ (Farbar) C:\Users\Petrovo\Downloads\Nepotvrzeno 728176.crdownload
2023-10-03 15:09 - 2023-10-03 15:10 - 000000000 ____D C:\rsit
2023-10-03 15:09 - 2023-10-03 15:09 - 001222144 _____ C:\Users\Petrovo\Desktop\RSITx64.exe
2023-10-03 15:09 - 2023-10-03 15:09 - 000000000 ____D C:\Program Files\trend micro
2023-10-03 15:04 - 2023-10-03 15:05 - 000000000 ____D C:\AdwCleaner
2023-10-03 15:04 - 2023-10-03 15:04 - 008791352 _____ (Malwarebytes) C:\Users\Petrovo\Downloads\adwcleaner_8.4.0 (1).exe
2023-10-03 15:03 - 2023-10-03 15:03 - 008791352 _____ (Malwarebytes) C:\Users\Petrovo\Downloads\adwcleaner_8.4.0.exe
2023-10-03 12:30 - 2023-10-03 12:30 - 000000617 _____ C:\Users\Petrovo\Desktop\HD Tune.lnk
2023-10-03 12:30 - 2023-10-03 12:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2023-10-03 12:23 - 2023-10-03 12:24 - 000642632 _____ (EFD Software ) C:\Users\Petrovo\Downloads\hdtune_255.exe
2023-10-03 12:08 - 2023-10-03 12:08 - 000280256 _____ C:\Windows\Minidump\100323-18033-01.dmp
2023-10-02 18:47 - 2023-10-02 18:43 - 000313240 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2023-09-06 03:11 - 2023-09-06 03:11 - 000280256 _____ C:\Windows\Minidump\090623-16380-01.dmp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-10-04 23:32 - 2020-05-31 15:32 - 000000000 ____D C:\Program Files (x86)\Steam
2023-10-04 23:31 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2023-10-04 23:31 - 2009-07-14 06:45 - 000032064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2023-10-04 23:25 - 2016-10-22 07:32 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-04 23:22 - 2023-08-03 02:46 - 000003110 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2023-10-04 23:22 - 2017-05-09 15:40 - 000000000 ____D C:\ProgramData\AVAST Software
2023-10-04 23:22 - 2016-10-22 10:46 - 000000000 ____D C:\Users\Petrovo\Documents\temp
2023-10-04 23:22 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-10-04 23:21 - 2019-02-28 14:30 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-10-04 23:00 - 2020-06-30 05:46 - 000003540 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-04 23:00 - 2020-06-30 05:46 - 000003412 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-04 23:00 - 2019-02-28 14:28 - 000003146 _____ C:\Windows\system32\Tasks\StartCN
2023-10-04 23:00 - 2019-02-28 14:28 - 000003116 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2023-10-04 23:00 - 2019-02-28 14:28 - 000003060 _____ C:\Windows\system32\Tasks\StartDVR
2023-10-04 23:00 - 2017-08-09 15:42 - 000004548 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2023-10-04 23:00 - 2017-08-09 15:42 - 000004408 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2023-10-04 23:00 - 2017-05-09 15:42 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2023-10-04 23:00 - 2016-10-22 10:40 - 000003156 _____ C:\Windows\system32\Tasks\OC GURU II Auto Run
2023-10-04 23:00 - 2016-10-22 07:32 - 000003682 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-10-04 23:00 - 2016-10-22 07:32 - 000003554 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-10-03 12:08 - 2021-05-05 15:03 - 411123779 _____ C:\Windows\MEMORY.DMP
2023-10-03 12:08 - 2019-02-12 03:04 - 000000000 ____D C:\Windows\Minidump
2023-10-03 05:47 - 2017-04-15 01:58 - 000000000 ____D C:\Users\Petrovo\AppData\Roaming\vlc
2023-10-02 18:58 - 2017-05-09 15:42 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2023-10-02 18:44 - 2020-10-22 13:21 - 000275168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2023-10-02 18:44 - 2020-04-20 22:33 - 000559696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2023-10-02 18:44 - 2019-01-16 17:54 - 000297992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2023-10-02 18:44 - 2019-01-16 17:54 - 000096064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2023-10-02 18:44 - 2018-10-22 16:39 - 000039760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2023-10-02 18:44 - 2017-05-09 15:42 - 000708048 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2023-10-02 18:44 - 2017-05-09 15:42 - 000319560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2023-10-02 18:44 - 2017-05-09 15:42 - 000105248 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2023-10-02 18:44 - 2017-05-09 15:42 - 000080416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2023-10-02 18:43 - 2019-01-16 20:22 - 000392984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2023-10-02 18:43 - 2019-01-16 17:54 - 000031528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2023-10-02 18:43 - 2017-11-19 15:17 - 000240176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2023-10-02 18:43 - 2017-05-09 15:42 - 000950696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2023-09-15 04:29 - 2020-06-30 05:47 - 000002221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-09-15 04:29 - 2020-06-30 05:47 - 000002180 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk

==================== Files in the root of some directories ========

2019-02-28 14:36 - 2019-02-28 14:36 - 000007605 _____ () C:\Users\Petrovo\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2023-09-15 20:25
==================== End of FRST.txt ========================

#4 Příspěvek od **Rudy** » 05 říj 2023 08:49

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: H - H:\autorun.exe
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: {120e2374-b9dc-11e8-a0ee-408d5c8c9bb7} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: {3e579665-9817-11e6-b5f4-806e6f6e6963} - F:\Run.exe
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: {b33923b7-1caa-11eb-b043-408d5c8c9bb7} - G:\Setup.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {17687609-13E0-4611-A5A6-BECC5CFE650E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-22] (Google Inc -> Google Inc.)
Task: {D2BF2C90-F21E-4A29-A3C0-9559CBC0D7DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-22] (Google Inc -> Google Inc.)
Task: {5250C9ED-00CD-4975-A729-E5D7C47CC7BE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {404EA2BB-673D-4DE0-AD37-218CFB1531BD} - System32\Tasks\StartDVR => "C:\Program Files\AMD\CNext\CNext\dvrcmd.exe" (No File)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
AlternateDataStreams: C:\Users\Jarda\Data aplikací:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Jarda\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [4422]
FirewallRules: [{ACA391CE-C664-4338-BB08-5EECD31BDCBC}] => (Allow) E:\Hry\Steam\steamapps\common\GRID (2019)\Grid_dx12.exe => No File
FirewallRules: [{753E7E02-17DA-4576-A116-7E86BDC513B3}] => (Allow) E:\Hry\Steam\steamapps\common\GRID (2019)\Grid_dx12.exe => No File
FirewallRules: [{51F874E3-1BC0-41AC-B5D1-4C5D80FAF6D3}] => (Allow) E:\Hry\Steam\steamapps\common\BattleBit Remastered Playtest\BattleBitEAC.exe => No File
FirewallRules: [{99A8A98E-BE51-4286-B453-A3D65DAF5C13}] => (Allow) E:\Hry\Steam\steamapps\common\BattleBit Remastered Playtest\BattleBitEAC.exe => No File
FirewallRules: [{52C26868-86B9-4FE9-9EC0-E57C4B1AE234}] => (Allow) E:\Hry\Steam\steamapps\common\BattleBit Remastered Playtest\EACRepair.exe => No File
FirewallRules: [{BA2489D6-6B6B-4848-A192-34894AD903F2}] => (Allow) E:\Hry\Steam\steamapps\common\BattleBit Remastered Playtest\EACRepair.exe => No File
FirewallRules: [TCP Query User{CDE44C21-65A3-41FD-AF23-38C97A354706}F:\hry\pac-man world re-pac\pac-man world re-pac.exe] => (Block) F:\hry\pac-man world re-pac\pac-man world re-pac.exe => No File
FirewallRules: [UDP Query User{1B40C52F-CE4C-4FD7-BE24-95B3F35F8072}F:\hry\pac-man world re-pac\pac-man world re-pac.exe] => (Block) F:\hry\pac-man world re-pac\pac-man world re-pac.exe => No File
FirewallRules: [TCP Query User{038F1160-636F-4F91-965B-C470357D6020}E:\eth\ravencoin\nbminer_win\nbminer.exe] => (Allow) E:\eth\ravencoin\nbminer_win\nbminer.exe => No File
FirewallRules: [UDP Query User{A2CD1F30-AE63-46BB-80EE-846F0CB6A010}E:\eth\ravencoin\nbminer_win\nbminer.exe] => (Allow) E:\eth\ravencoin\nbminer_win\nbminer.exe => No File
FirewallRules: [{FA5947EE-789B-4755-B96A-552D49783553}] => (Allow) F:\Hry\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe => No File
FirewallRules: [{02BBE435-3874-49B6-9843-E487D32F31C3}] => (Allow) F:\Hry\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe => No File
FirewallRules: [TCP Query User{9BE4BD8A-3E2D-4736-9AA4-FFD1F0ED21E1}E:\hry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\hry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{B42922ED-8B7F-46B4-B79A-AA8B7E214266}E:\hry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\hry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{5B076C88-2445-454D-93B4-7E6BD67642C3}] => (Allow) E:\Hry\Steam\steamapps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{E71EAD4F-9A70-4D0F-AE86-2CD634DB76D2}] => (Allow) E:\Hry\Steam\steamapps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{2C5BD9E2-E1DE-47C3-9785-2FC960B9F316}] => (Allow) E:\Hry\Steam\steamapps\common\Soul Survivors\Soul Survivors.exe => No File
FirewallRules: [{F246F530-B089-424C-B2C8-E5D027D047B5}] => (Allow) E:\Hry\Steam\steamapps\common\Soul Survivors\Soul Survivors.exe => No File
FirewallRules: [TCP Query User{A82D1CD1-3A7F-4747-80D0-71F0C4FFDD55}E:\hry\grand emprise - time travel survival\newkaragon\binaries\win64\newkaragon.exe] => (Block) E:\hry\grand emprise - time travel survival\newkaragon\binaries\win64\newkaragon.exe => No File
FirewallRules: [UDP Query User{986DA1A1-2E3D-48FB-8A9A-9D9597165546}E:\hry\grand emprise - time travel survival\newkaragon\binaries\win64\newkaragon.exe] => (Block) E:\hry\grand emprise - time travel survival\newkaragon\binaries\win64\newkaragon.exe => No File
FirewallRules: [TCP Query User{1F01590C-B74E-444C-BA61-2B13C0EC5F91}F:\hry\armored core 6 - fires of rubicon\artbookost\acvi_for digital artbook and soundtrack.exe] => (Block) F:\hry\armored core 6 - fires of rubicon\artbookost\acvi_for digital artbook and soundtrack.exe => No File
FirewallRules: [UDP Query User{E8CC5A1E-B478-4CF2-977A-0299E3AD5240}F:\hry\armored core 6 - fires of rubicon\artbookost\acvi_for digital artbook and soundtrack.exe] => (Block) F:\hry\armored core 6 - fires of rubicon\artbookost\acvi_for digital artbook and soundtrack.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Paulie0001 · #5 Příspěvek od **Paulie0001** » 05 říj 2023 15:13

Před fixem jsem ještě projel PC ccleanerem. Určitě to je o něco lepší. Ještě jsem bráchovi objednal 16GB ram, protože těch 4GB mi příjde opravdu málo.
Posílám fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 25-09-2023
Ran by Petrovo (05-10-2023 16:06:30) Run:1
Running from C:\Users\Petrovo\Desktop
Loaded Profiles: Petrovo
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: H - H:\autorun.exe
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: {120e2374-b9dc-11e8-a0ee-408d5c8c9bb7} - J:\HiSuiteDownLoader.exe
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: {3e579665-9817-11e6-b5f4-806e6f6e6963} - F:\Run.exe
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\...\MountPoints2: {b33923b7-1caa-11eb-b043-408d5c8c9bb7} - G:\Setup.exe
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {17687609-13E0-4611-A5A6-BECC5CFE650E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-22] (Google Inc -> Google Inc.)
Task: {D2BF2C90-F21E-4A29-A3C0-9559CBC0D7DB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2016-10-22] (Google Inc -> Google Inc.)
Task: {5250C9ED-00CD-4975-A729-E5D7C47CC7BE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {404EA2BB-673D-4DE0-AD37-218CFB1531BD} - System32\Tasks\StartDVR => "C:\Program Files\AMD\CNext\CNext\dvrcmd.exe" (No File)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
AlternateDataStreams: C:\Users\Jarda\Data aplikac�:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Jarda\AppData\Roaming:00e481b5e22dbe1f649fcddd505d3eb7 [394]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [4422]
FirewallRules: [{ACA391CE-C664-4338-BB08-5EECD31BDCBC}] => (Allow) E:\Hry\Steam\steamapps\common\GRID (2019)\Grid_dx12.exe => No File
FirewallRules: [{753E7E02-17DA-4576-A116-7E86BDC513B3}] => (Allow) E:\Hry\Steam\steamapps\common\GRID (2019)\Grid_dx12.exe => No File
FirewallRules: [{51F874E3-1BC0-41AC-B5D1-4C5D80FAF6D3}] => (Allow) E:\Hry\Steam\steamapps\common\BattleBit Remastered Playtest\BattleBitEAC.exe => No File
FirewallRules: [{99A8A98E-BE51-4286-B453-A3D65DAF5C13}] => (Allow) E:\Hry\Steam\steamapps\common\BattleBit Remastered Playtest\BattleBitEAC.exe => No File
FirewallRules: [{52C26868-86B9-4FE9-9EC0-E57C4B1AE234}] => (Allow) E:\Hry\Steam\steamapps\common\BattleBit Remastered Playtest\EACRepair.exe => No File
FirewallRules: [{BA2489D6-6B6B-4848-A192-34894AD903F2}] => (Allow) E:\Hry\Steam\steamapps\common\BattleBit Remastered Playtest\EACRepair.exe => No File
FirewallRules: [TCP Query User{CDE44C21-65A3-41FD-AF23-38C97A354706}F:\hry\pac-man world re-pac\pac-man world re-pac.exe] => (Block) F:\hry\pac-man world re-pac\pac-man world re-pac.exe => No File
FirewallRules: [UDP Query User{1B40C52F-CE4C-4FD7-BE24-95B3F35F8072}F:\hry\pac-man world re-pac\pac-man world re-pac.exe] => (Block) F:\hry\pac-man world re-pac\pac-man world re-pac.exe => No File
FirewallRules: [TCP Query User{038F1160-636F-4F91-965B-C470357D6020}E:\eth\ravencoin\nbminer_win\nbminer.exe] => (Allow) E:\eth\ravencoin\nbminer_win\nbminer.exe => No File
FirewallRules: [UDP Query User{A2CD1F30-AE63-46BB-80EE-846F0CB6A010}E:\eth\ravencoin\nbminer_win\nbminer.exe] => (Allow) E:\eth\ravencoin\nbminer_win\nbminer.exe => No File
FirewallRules: [{FA5947EE-789B-4755-B96A-552D49783553}] => (Allow) F:\Hry\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe => No File
FirewallRules: [{02BBE435-3874-49B6-9843-E487D32F31C3}] => (Allow) F:\Hry\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe => No File
FirewallRules: [TCP Query User{9BE4BD8A-3E2D-4736-9AA4-FFD1F0ED21E1}E:\hry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\hry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [UDP Query User{B42922ED-8B7F-46B4-B79A-AA8B7E214266}E:\hry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) E:\hry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe => No File
FirewallRules: [{5B076C88-2445-454D-93B4-7E6BD67642C3}] => (Allow) E:\Hry\Steam\steamapps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{E71EAD4F-9A70-4D0F-AE86-2CD634DB76D2}] => (Allow) E:\Hry\Steam\steamapps\common\Factorio\bin\x64\factorio.exe => No File
FirewallRules: [{2C5BD9E2-E1DE-47C3-9785-2FC960B9F316}] => (Allow) E:\Hry\Steam\steamapps\common\Soul Survivors\Soul Survivors.exe => No File
FirewallRules: [{F246F530-B089-424C-B2C8-E5D027D047B5}] => (Allow) E:\Hry\Steam\steamapps\common\Soul Survivors\Soul Survivors.exe => No File
FirewallRules: [TCP Query User{A82D1CD1-3A7F-4747-80D0-71F0C4FFDD55}E:\hry\grand emprise - time travel survival\newkaragon\binaries\win64\newkaragon.exe] => (Block) E:\hry\grand emprise - time travel survival\newkaragon\binaries\win64\newkaragon.exe => No File
FirewallRules: [UDP Query User{986DA1A1-2E3D-48FB-8A9A-9D9597165546}E:\hry\grand emprise - time travel survival\newkaragon\binaries\win64\newkaragon.exe] => (Block) E:\hry\grand emprise - time travel survival\newkaragon\binaries\win64\newkaragon.exe => No File
FirewallRules: [TCP Query User{1F01590C-B74E-444C-BA61-2B13C0EC5F91}F:\hry\armored core 6 - fires of rubicon\artbookost\acvi_for digital artbook and soundtrack.exe] => (Block) F:\hry\armored core 6 - fires of rubicon\artbookost\acvi_for digital artbook and soundtrack.exe => No File
FirewallRules: [UDP Query User{E8CC5A1E-B478-4CF2-977A-0299E3AD5240}F:\hry\armored core 6 - fires of rubicon\artbookost\acvi_for digital artbook and soundtrack.exe] => (Block) F:\hry\armored core 6 - fires of rubicon\artbookost\acvi_for digital artbook and soundtrack.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => removed successfully
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => removed successfully
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{120e2374-b9dc-11e8-a0ee-408d5c8c9bb7} => removed successfully
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e579665-9817-11e6-b5f4-806e6f6e6963} => removed successfully
HKU\S-1-5-21-758563798-1108508322-4062090578-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b33923b7-1caa-11eb-b043-408d5c8c9bb7} => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{17687609-13E0-4611-A5A6-BECC5CFE650E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17687609-13E0-4611-A5A6-BECC5CFE650E}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D2BF2C90-F21E-4A29-A3C0-9559CBC0D7DB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D2BF2C90-F21E-4A29-A3C0-9559CBC0D7DB}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5250C9ED-00CD-4975-A729-E5D7C47CC7BE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5250C9ED-00CD-4975-A729-E5D7C47CC7BE}" => removed successfully
C:\Windows\System32\Tasks\AVAST Software\Avast settings backup => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Avast settings backup" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{404EA2BB-673D-4DE0-AD37-218CFB1531BD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{404EA2BB-673D-4DE0-AD37-218CFB1531BD}" => removed successfully
C:\Windows\System32\Tasks\StartDVR => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartDVR" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore" => not found
"C:\Users\Jarda\Data aplikac�" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"C:\Users\Jarda\AppData\Roaming" => ":00e481b5e22dbe1f649fcddd505d3eb7" ADS not found.
"C:\Users\Public\Shared Files" => ":VersionCache" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ACA391CE-C664-4338-BB08-5EECD31BDCBC}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{753E7E02-17DA-4576-A116-7E86BDC513B3}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{51F874E3-1BC0-41AC-B5D1-4C5D80FAF6D3}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99A8A98E-BE51-4286-B453-A3D65DAF5C13}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{52C26868-86B9-4FE9-9EC0-E57C4B1AE234}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BA2489D6-6B6B-4848-A192-34894AD903F2}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{CDE44C21-65A3-41FD-AF23-38C97A354706}F:\hry\pac-man world re-pac\pac-man world re-pac.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{1B40C52F-CE4C-4FD7-BE24-95B3F35F8072}F:\hry\pac-man world re-pac\pac-man world re-pac.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{038F1160-636F-4F91-965B-C470357D6020}E:\eth\ravencoin\nbminer_win\nbminer.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{A2CD1F30-AE63-46BB-80EE-846F0CB6A010}E:\eth\ravencoin\nbminer_win\nbminer.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FA5947EE-789B-4755-B96A-552D49783553}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{02BBE435-3874-49B6-9843-E487D32F31C3}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{9BE4BD8A-3E2D-4736-9AA4-FFD1F0ED21E1}E:\hry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B42922ED-8B7F-46B4-B79A-AA8B7E214266}E:\hry\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5B076C88-2445-454D-93B4-7E6BD67642C3}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E71EAD4F-9A70-4D0F-AE86-2CD634DB76D2}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2C5BD9E2-E1DE-47C3-9785-2FC960B9F316}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F246F530-B089-424C-B2C8-E5D027D047B5}" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{A82D1CD1-3A7F-4747-80D0-71F0C4FFDD55}E:\hry\grand emprise - time travel survival\newkaragon\binaries\win64\newkaragon.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{986DA1A1-2E3D-48FB-8A9A-9D9597165546}E:\hry\grand emprise - time travel survival\newkaragon\binaries\win64\newkaragon.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{1F01590C-B74E-444C-BA61-2B13C0EC5F91}F:\hry\armored core 6 - fires of rubicon\artbookost\acvi_for digital artbook and soundtrack.exe" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E8CC5A1E-B478-4CF2-977A-0299E3AD5240}F:\hry\armored core 6 - fires of rubicon\artbookost\acvi_for digital artbook and soundtrack.exe" => not found

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36018450 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 31488005 B
Windows/system/drivers => 486474 B
Edge => 0 B
Chrome => 13249863 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 58624634 B
systemprofile32 => 58691422 B
LocalService => 58757650 B
NetworkService => 58757650 B
Petrovo => 96605778 B

RecycleBin => 0 B
EmptyTemp: => 393.8 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 16:06:50 ====

#6 Příspěvek od **Rudy** » 05 říj 2023 16:09

4GB je dnes minimum. Ještě můžete defragmentovat disk.

Paulie0001 · #7 Příspěvek od **Paulie0001** » 05 říj 2023 17:12

Defragmentovat bych disk mohl, používám k tomu defraggler. Ale brácha má jen jeden 1TB disk, a myslím, že je to SSD. SSD disky by se neměly defragmentovat, nebo se pletu?

#8 Příspěvek od **Rudy** » 05 říj 2023 18:03

Pokud je to SSD, tak ne.

VIRY.CZ

Prosím o kontrolu logu

Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu

Re: Prosím o kontrolu logu