Dobry den, mam problem s notebookem.
neco mi zablokovalo aktualizace windowsu a take zablokovalo defenger ktery mi to nedovoli spustit.
prikladam logy:
predem dekuji za pomoc marty
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Ran by Jojkáč (administrator) on JOJKÁČ (TOSHIBA PORTEGE R930) (24-10-2023 10:59:07)
Running from C:\Users\Jojkáč\Desktop\FRST64.exe
Loaded Profiles: Jojkáč
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3516 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Users\Jojkáč\Desktop\AnyDesk.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe.to_delete
(services.exe ->) (Cisco Systems, Inc. -> Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dhpevm.inf_amd64_dc22ceb838778a98\dynabookHDDProtection.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\RMService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\ssh-agent.exe
(services.exe ->) (Microsoft Windows -> ) C:\Windows\System32\OpenSSH\sshd.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <3>
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19572304 2023-09-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [748624 2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [EnableCloudClipboard] 0
HKLM\Software\Policies\...\system: [CloudClipboardAutomaticUpload] 0
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKU\S-1-5-21-233814562-1263925994-259573688-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [42727840 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-233814562-1263925994-259573688-1001\...\Run: [MicrosoftEdgeAutoLaunch_F008425484F2D6EDA604049B7470F55F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4187176 2023-10-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-233814562-1263925994-259573688-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\ssText3d.scr [224768 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\118.0.5993.89\Installer\chrmstp.exe [2023-10-21] (Google LLC -> Google LLC)
BootExecute: autocheck autochk * sdnclean64.exeicarus_rvrt.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {70B9120F-56BD-42CF-966F-C85572384E47} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4C5385C4-EA11-429B-9B4E-14C4A840BF4E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {D52265AA-72E7-414D-8B5E-6CD908A3635D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "cf707b07-b6dc-4f87-9235-2334f46743eb" --version "6.16.10662" --silent
Task: {43D83AED-DCF3-4528-9DF6-0AC7E5CF682F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jojkáč\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (No File)
Task: {63962CF4-DF19-44E7-ACEF-558FB9353D9D} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jojkáč\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (No File)
Task: {51B67E35-8A53-4F98-8F7A-19F64F29702D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26657904 2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {FC06F463-6573-4096-AA2D-3CDEF8C4C7EF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26657904 2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8F35FEDD-5EC8-468B-AFD5-D55B2612CBE3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158768 2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {3291C4E8-6F92-4BF6-85C2-788B68C50C59} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158768 2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {312B050B-EB9C-4ADB-852E-AB2CAFE246C1} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [167864 2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B584E9E-931C-42FA-95D8-958C0306F769} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1192952 2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {5AD54134-D19D-466D-8BA3-13382A4DAD83} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Zmugt => C:\WINDOWS\system32\RUNDLL32.exe [71680 2021-02-01] (Microsoft Windows -> Microsoft Corporation) -> "C:\Program Files (x86)\Common Files\GoogleFrame\DnnenfaceDisc\EK0NIveryRLVR31.dll" acueusofttWqirver
Task: {6E198FED-68E6-42A5-A125-656756BEFFC0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} (No File)
Task: {A9F33263-5AFD-4C01-B7C5-D7C7DC16CF4B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} /CalendarRun (No File)
Task: {5A2441D2-305A-46E6-93A6-7A0C1BEB82B2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BDC393CC-D469-400D-AD47-DAAA7C134E77} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {656AD8B0-E151-43BC-8E6F-FFCBAF4FE50B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23080.2006-0\MpCmdRun.exe [1596304 2023-09-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2815C496-866E-4EE1-87B3-70383BBC93EC} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617848 2023-09-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {26ABE13B-E4EF-4B01-9E33-12BA681060F4} - System32\Tasks\WindowsAppPool\1OMUoK1GrprqqbL => C:\Users\JOJK~1\AppData\Local\Temp\1OMUoK1GrprqqbL.exe (No File) <==== ATTENTION
Task: {0C3CEF61-E76D-41DA-BEB8-71C5211F3AA5} - System32\Tasks\WindowsAppPool\4bpvL5dtff39Z3b => C:\Users\JOJK~1\AppData\Local\Temp\4bpvL5dtff39Z3b.exe (No File) <==== ATTENTION
Task: {5965DF3C-3EBF-4B1A-A031-C1B1AF2BE491} - System32\Tasks\WindowsAppPool\RfUAPKpk0TBidAY => C:\Users\JOJK~1\AppData\Local\Temp\RfUAPKpk0TBidAY.exe (No File) <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.159.174
Tcpip\..\Interfaces\{cf4dbc89-58a0-4c00-8379-d972c5009493}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{d3073044-c73a-4665-8472-09c8ba514898}: [DhcpNameServer] 192.168.159.174
Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\Jojkáč\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-24]
Edge DownloadDir: Default -> C:\Users\Jojkáč\Desktop
Edge HomePage: Default -> hxxp://www.google.com/
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Extension: (Forecastfox (fix version)) - C:\Users\Jojkáč\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\boljdehmejbffnfiiicckjhafabdepnd [2021-02-07]
Edge Extension: (Dokumenty Google offline) - C:\Users\Jojkáč\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
Edge Extension: (Edge relevant text changes) - C:\Users\Jojkáč\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-10-17]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.9.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-07] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
Chrome:
=======
CHR Profile: C:\Users\Jojkáč\AppData\Local\Google\Chrome\User Data\Default [2023-10-24]
CHR DownloadDir: C:\Users\Jojkáč\Desktop
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Glow) - C:\Users\Jojkáč\AppData\Local\Google\Chrome\User Data\Default\Extensions\bekmjjakgojplnhahcilegeiklenjbgb [2017-12-27]
CHR Extension: (Forecastfox (fix version)) - C:\Users\Jojkáč\AppData\Local\Google\Chrome\User Data\Default\Extensions\boljdehmejbffnfiiicckjhafabdepnd [2020-12-19]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jojkáč\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Profile: C:\Users\Jojkáč\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-24]
CHR HKU\S-1-5-21-233814562-1263925994-259573688-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-08-03] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5489224 2023-10-24] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-10-10] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11879392 2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
S4 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [761408 2023-03-10] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
S2 dosvc_bkp; C:\WINDOWS\system32\dosvc.dll [1536000 2023-09-02] (Microsoft Windows -> Microsoft Corporation)
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\DSDFunctionKeyCtlService.exe [689888 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
R2 DSDHDDProtectService; C:\WINDOWS\System32\DriverStore\FileRepository\dhpevm.inf_amd64_dc22ceb838778a98\dynabookHDDProtection.exe [473280 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9341488 2023-10-22] (Malwarebytes Inc. -> Malwarebytes)
S4 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [381504 2023-03-10] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\dynabookSystemService.exe [44786376 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TOSTABSYSSVC.exe [298192 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\RMService.exe [447296 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S4 UsoSvc_bkp; C:\WINDOWS\system32\usosvc.dll [570368 2023-10-01] (Microsoft Windows -> Microsoft Corporation)
S4 WaaSMedicSvc_bkp; C:\WINDOWS\System32\WaaSMedicSvc.dll [427520 2023-07-23] (Microsoft Windows -> Microsoft Corporation)
S2 wuauserv_bkp; C:\WINDOWS\system32\wuaueng.dll [3447296 2023-05-26] (Microsoft Windows -> Microsoft Corporation)
R2 AVGWscReporter; "C:\Program Files\AVG\Antivirus\wsc_proxy.exe" /runassvc /rpcserver [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 acsock; C:\WINDOWS\system32\DRIVERS\acsock64.sys [297888 2022-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Cisco Systems, Inc.)
R0 dhpevm; C:\WINDOWS\System32\drivers\dhpevm.SYS [29368 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R3 gHidPnp; C:\WINDOWS\System32\Drivers\gHidPnp.Sys [25600 2021-10-23] (Microsoft Windows Hardware Compatibility Publisher -> )
R3 gMouUsb; C:\WINDOWS\System32\drivers\gMouUsb.sys [14336 2021-10-23] (Microsoft Windows Hardware Compatibility Publisher -> )
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222800 2023-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-10-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 risdxc; C:\WINDOWS\System32\drivers\risdxc64.sys [106496 2013-07-29] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.)
S0 Thpevm; C:\WINDOWS\System32\drivers\Thpevm.SYS [27128 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ; C:\WINDOWS\System32\drivers\TVALZ.SYS [45880 2020-08-01] (Dynabook Inc. -> Dynabook Inc.)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [74064 2022-06-02] (Cisco Systems, Inc. -> Cisco Systems, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55872 2023-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105864 2023-09-02] (Microsoft Windows -> Microsoft Corporation)
S3 cpuz148; \??\C:\WINDOWS\temp\cpuz148\cpuz148_x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-24 10:59 - 2023-10-24 11:00 - 000024496 _____ C:\Users\Jojkáč\Desktop\FRST.txt
2023-10-24 10:58 - 2023-10-24 10:59 - 000000000 ____D C:\FRST
2023-10-24 10:57 - 2023-10-24 10:57 - 002383360 _____ (Farbar) C:\Users\Jojkáč\Desktop\FRST64.exe
2023-10-24 10:49 - 2023-10-24 10:52 - 000000000 ____D C:\ProgramData\AnyDesk
2023-10-24 10:49 - 2023-10-24 10:49 - 000001971 _____ C:\Users\Public\Desktop\AnyDesk.lnk
2023-10-24 10:49 - 2023-10-24 10:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AnyDesk
2023-10-24 10:49 - 2023-10-24 10:49 - 000000000 ____D C:\Program Files (x86)\AnyDesk
2023-10-24 10:47 - 2023-10-24 10:49 - 000000000 ____D C:\Users\Jojkáč\AppData\Roaming\AnyDesk
2023-10-24 10:47 - 2023-10-24 10:47 - 005489224 _____ (AnyDesk Software GmbH) C:\Users\Jojkáč\Desktop\AnyDesk.exe
2023-10-24 10:43 - 2023-10-24 10:43 - 000002087 _____ C:\Users\Jojkáč\Desktop\Adobe Acrobat.lnk
2023-10-23 21:30 - 2023-10-24 10:42 - 000000000 ____D C:\Users\Jojkáč\AppData\Local\CrashDumps
2023-10-23 21:30 - 2023-10-23 21:31 - 000000085 _____ C:\WINDOWS\wininit.ini
2023-10-23 21:08 - 2023-10-23 21:08 - 000000000 ____D C:\Program Files (x86)\AVG
2023-10-23 21:06 - 2023-10-23 21:05 - 000313272 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2023-10-23 21:04 - 2023-10-23 21:26 - 000000000 ____D C:\ProgramData\AVG
2023-10-23 21:04 - 2023-10-23 21:23 - 000000000 ____D C:\Program Files\AVG
2023-10-23 21:04 - 2023-10-23 21:04 - 000050048 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2023-10-23 21:04 - 2023-10-23 21:04 - 000000000 ____D C:\Program Files\Common Files\AVG
2023-10-23 20:58 - 2023-10-23 20:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\WPD
2023-10-23 20:58 - 2023-10-23 20:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2023-10-23 20:58 - 2023-10-23 20:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\COMODO
2023-10-23 20:43 - 2023-10-23 20:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Safer-Networking
2023-10-23 16:12 - 2023-10-23 16:31 - 000000000 ____D C:\Users\Jojkáč\AppData\Local\NPE
2023-10-23 16:12 - 2023-10-23 16:12 - 000000000 ____D C:\ProgramData\Norton
2023-10-23 11:25 - 2023-10-23 11:25 - 000000000 ____D C:\ProgramData\Oracle
2023-10-23 08:59 - 2023-10-23 08:59 - 000000000 ___HD C:\$SysReset
2023-10-22 21:38 - 2023-10-22 21:38 - 000003214 _____ C:\WINDOWS\system32\Tasks\RTKCPL
2023-10-22 14:24 - 2023-10-22 14:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-22 10:13 - 2023-10-22 10:53 - 000000000 ____D C:\Users\Jojkáč\AppData\Roaming\dmdskres2
2023-10-22 07:42 - 2023-10-22 07:42 - 000000000 ____D C:\Users\Jojkáč\AppData\LocalLow\Oracle
2023-10-21 22:59 - 2023-10-21 22:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo WinToUSB
2023-10-21 22:59 - 2023-10-21 22:59 - 000000000 ____D C:\Program Files\Hasleo
2023-10-17 14:43 - 2023-10-22 07:34 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-10-17 14:43 - 2023-10-17 14:43 - 000003716 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{C35AFF02-6656-4778-8EC8-104FDD722DA8}
2023-10-17 14:43 - 2023-10-17 14:43 - 000003592 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{6136DD25-19FB-40C2-8BD9-D68CBF70B174}
2023-10-17 14:43 - 2023-10-17 14:43 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-10-17 14:38 - 2023-10-17 14:38 - 000003844 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-10-17 14:38 - 2023-10-17 14:38 - 000003402 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-10-16 08:39 - 2023-10-16 08:33 - 000196608 _____ C:\ProgramData\86116509238885543123937914
2023-10-16 08:39 - 2021-05-28 06:26 - 000020480 _____ C:\ProgramData\73339155388092499138509774
2023-10-16 08:39 - 2021-05-28 06:26 - 000020480 _____ C:\ProgramData\34667915760545445242591319
2023-10-16 08:38 - 2023-10-16 08:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\WindowsAppPool
2023-10-16 08:38 - 2023-10-16 08:33 - 000196608 _____ C:\ProgramData\57787623556166352824711906
2023-10-16 08:38 - 2022-02-18 13:06 - 000028672 _____ C:\ProgramData\27310621516401164078330078
2023-10-16 08:38 - 2021-05-28 06:26 - 000020480 _____ C:\ProgramData\61478324978292240519270056
2023-10-16 08:37 - 2023-10-16 08:37 - 000002036 __RSH C:\ProgramData\ntuser.pol
2023-10-01 10:34 - 2023-10-01 10:34 - 000016059 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-10-01 09:21 - 2023-10-01 09:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Portable SSD Software 1.0
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-10-24 10:49 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-24 10:42 - 2018-12-20 06:38 - 000000000 ____D C:\Program Files\CCleaner
2023-10-24 10:41 - 2017-12-27 02:04 - 000000000 __SHD C:\Users\Jojkáč\IntelGraphicsProfiles
2023-10-23 21:37 - 2022-01-06 16:28 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-23 21:37 - 2017-12-27 09:37 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-23 21:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-23 21:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-10-23 20:25 - 2021-05-22 10:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-23 20:22 - 2020-11-23 04:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-23 20:22 - 2020-11-23 03:57 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-23 20:22 - 2020-11-23 02:58 - 000000000 ____D C:\ProgramData\ssh
2023-10-23 20:21 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-10-23 20:09 - 2020-06-26 12:00 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2023-10-23 19:09 - 2019-09-15 11:32 - 000000000 ____D C:\Users\Jojkáč\AppData\Roaming\VSO
2023-10-23 19:09 - 2019-09-15 11:32 - 000000000 ____D C:\ProgramData\VSO
2023-10-23 19:08 - 2019-09-15 11:32 - 000000000 ____D C:\Program Files (x86)\VSO
2023-10-23 19:01 - 2020-11-23 03:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-23 16:26 - 2020-11-23 03:10 - 000000000 ____D C:\Users\Jojkáč
2023-10-23 16:02 - 2017-12-27 09:37 - 000000000 ____D C:\Users\Jojkáč\AppData\Local\Google
2023-10-23 15:12 - 2020-11-23 04:25 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-10-22 21:37 - 2017-12-27 01:44 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2023-10-22 18:57 - 2017-12-27 03:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-22 09:13 - 2022-07-01 11:46 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2023-10-22 07:25 - 2021-02-04 21:26 - 000000930 _____ C:\Users\Public\Desktop\VLC media player.lnk
2023-10-22 04:28 - 2019-07-22 09:14 - 000000000 ___HD C:\temp
2023-10-21 23:34 - 2020-11-23 04:18 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-21 23:34 - 2019-12-07 16:43 - 000683504 _____ C:\WINDOWS\system32\perfh005.dat
2023-10-21 23:34 - 2019-12-07 16:43 - 000137284 _____ C:\WINDOWS\system32\perfc005.dat
2023-10-21 21:09 - 2017-12-27 09:37 - 000002315 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-10-21 19:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-21 19:40 - 2020-06-08 07:48 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-17 14:49 - 2019-12-31 00:11 - 000000000 ___HD C:\AdobeGCData
2023-10-17 14:06 - 2021-02-04 20:50 - 000001136 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2023-10-17 14:06 - 2017-12-27 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2023-10-17 13:34 - 2017-12-27 01:44 - 000000000 ____D C:\Users\Jojkáč\AppData\Roaming\Microsoft\MMC
2023-10-17 13:09 - 2020-11-23 03:20 - 000000000 ____D C:\Users\Jojkáč\AppData\Roaming\Microsoft\Network
2023-10-16 08:55 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-16 08:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-10-01 11:15 - 2022-12-31 12:28 - 000002087 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-10-01 11:11 - 2021-08-15 22:31 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-10-01 10:58 - 2020-11-23 03:58 - 000471944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-01 10:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-10-01 10:55 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-10-01 10:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-01 10:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-01 10:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-01 10:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-01 10:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-01 10:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-10-01 10:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-01 10:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-01 10:35 - 2016-07-16 14:58 - 000416156 __RSH C:\bootmgr
2023-10-01 10:34 - 2020-11-23 04:04 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-01 09:21 - 2023-06-08 08:33 - 000000000 ____D C:\Program Files (x86)\Samsung
2023-10-01 09:09 - 2018-02-24 08:13 - 000000000 ____D C:\Users\Jojkáč\AppData\Roaming\Microsoft\Word
2023-10-01 09:07 - 2021-06-24 10:44 - 000000000 ____D C:\Program Files\Microsoft Office
2023-10-01 09:06 - 2017-12-27 10:47 - 000000000 ____D C:\Users\Jojkáč\AppData\Roaming\vlc
2023-10-01 08:39 - 2020-06-11 13:08 - 177941912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2023-09-02 11:35 - 2023-09-02 11:35 - 000248887 ___SH () C:\Users\Jojkáč\AppData\Roaming\dstjrbe
2023-09-02 11:35 - 2023-09-02 11:35 - 000097240 ___SH (Microsoft Corporation) C:\Users\Jojkáč\AppData\Roaming\hieejeh
2021-06-12 20:12 - 2021-06-12 20:12 - 000000372 _____ () C:\Users\Jojkáč\AppData\Roaming\SaraBat.bat
2021-06-12 20:12 - 2021-06-12 20:12 - 000196984 _____ (Microsoft Corporation) C:\Users\Jojkáč\AppData\Roaming\SetupProd_Act.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by Jojkáč (24-10-2023 11:02:51)
Running from C:\Users\Jojkáč\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3516 (X64) (2020-11-23 02:27:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-233814562-1263925994-259573688-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-233814562-1263925994-259573688-503 - Limited - Disabled)
Guest (S-1-5-21-233814562-1263925994-259573688-501 - Limited - Disabled)
Jojkáč (S-1-5-21-233814562-1263925994-259573688-1001 - Administrator - Enabled) => C:\Users\Jojkáč
sshd (S-1-5-21-233814562-1263925994-259573688-1005 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-233814562-1263925994-259573688-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 23.006.20320 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AnyDesk (HKLM-x32\...\AnyDesk) (Version: ad 8.0.4 - AnyDesk Software GmbH)
AVG Update Helper (HKLM-x32\...\{EDB7AEE7-E932-4836-AE50-D3B0B7766CB5}) (Version: 1.8.1650.5 - AVG Technologies) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.10.05111 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{8823EF5A-F087-497D-91D8-52C979994A0B}) (Version: 4.10.05111 - Cisco Systems, Inc.) Hidden
Driver Easy 5.8.1 (HKLM\...\DriverEasy_is1) (Version: 5.8.1 - Easeware)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 118.0.5993.89 - Google LLC)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{9ECA1744-4800-4AE2-AC52-9109E24854AA}) (Version: 11.0.6.1194 - Intel Corporation) Hidden
Intel(R) ME UninstallLegacy (HKLM\...\{335F9123-9306-4DB0-AF07-9C636317EE9D}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Java 8 Update 381 (64-bit) (HKLM\...\{77924AE4-039E-4CA4-87B4-2F64180381F0}) (Version: 8.0.3810.9 - Oracle Corporation)
Malwarebytes version 4.6.5.293 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.6.5.293 - Malwarebytes)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.16626.20208 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.16626.20208 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 118.0.2088.61 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 118.0.2088.61 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{2953E19B-9F91-4A49-A23B-7E25970A1951}) (Version: 3.73.0.0 - Microsoft Corporation)
MiniTool Partition Wizard Professional Edition 9.1 (HKLM\...\{69237D97-3063-450F-AE49-2357B191EA5D}_is1) (Version: - MiniTool Solution Ltd.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20208 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.16626.20208 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.1 - hxxp://winaero.com)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9273.1 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 5.2.0 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 5.2.0 - VS Revo Group, Ltd.)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 4.0.0.19 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 7.3.0.1100 - Samsung Electronics)
Samsung Portable SSD Software 1.0 (HKLM-x32\...\SamsungPortableSSD_1.0_is1) (Version: 1.7.5.4 - Samsung Electronics)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.191 - Synaptics Incorporated)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 11.01 - Ghisler Software GmbH)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.19 - VideoLAN)
WinRAR 6.23 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.23.0 - win.rar GmbH)
WinToUSB (HKLM\...\WinToUSB_is1) (Version: 7.9.2 - Hasleo Software.)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1804.3.0_x64__8wekyb3d8bbwe [2018-05-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1804.3.0_x86__8wekyb3d8bbwe [2018-05-05] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-233814562-1263925994-259573688-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2020-11-22] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2023-10-24 10:49 - 2023-10-24 10:49 - 000394240 _____ (Google Inc.) [File not signed] C:\Program Files (x86)\AnyDesk\gcapi.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-233814562-1263925994-259573688-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => regfile
==================== Internet Explorer (Whitelisted) ==========
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2023-10-01] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-233814562-1263925994-259573688-1001\...\sharepoint.com -> hxxps://szdc-files.sharepoint.com
2020-01-07 22:22 - 2020-01-07 22:23 - 000000395 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-233814562-1263925994-259573688-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.159.174
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run32: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{CD5ACED8-40B0-4D9A-BF7A-1514116D788A}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0F3731D5-4859-4F9D-9CD8-52B59F250162}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{325A3F3E-A3FF-44C8-A9EB-A87EE6E02125}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{0EBFCD21-8796-4C97-BE3D-1FF7E434A061}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{2090B606-7BDB-4A5A-9144-E050E3FF3B45}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
FirewallRules: [{7F83FE62-88A2-4DA5-82F4-1259322A09AF}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9F2D0056-45F0-4944-A31E-70CB771EDB8B}] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{B6C48A28-96F3-47C1-82CA-8B6DB1896DC3}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{EA33687C-D111-4193-88C5-38798A742F32}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C350EA36-6F87-4D29-96BE-1E944D2F7C49}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{09A23BDF-F398-4A0F-B899-EEE82A99099F}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6D360176-4649-44D5-904F-B883666257AB}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B4D41924-8021-4BC6-B8E5-C4E2E269272D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{367EDA77-81AE-48E5-83AB-30310424F083}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ADBE2EE1-A6A1-4941-BDB1-1FA226C6C1DA}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [{E11D13E4-B0F6-408F-92A3-CB89C145FF0B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{82A82F14-970C-48CC-AFE5-072EAE286E1A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\118.0.2088.61\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{AFAD047F-9DF3-4BA8-8DDD-6DE045CF9C5F}C:\users\jojkáč\desktop\anydesk (1).exe] => (Allow) C:\users\jojkáč\desktop\anydesk (1).exe => No File
FirewallRules: [UDP Query User{0013E804-6BC7-44B1-B561-D8DD4FA48D39}C:\users\jojkáč\desktop\anydesk (1).exe] => (Allow) C:\users\jojkáč\desktop\anydesk (1).exe => No File
FirewallRules: [{6DE9BA07-E7C0-4278-B31B-2E990E184A21}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{19632B8C-F496-4C51-911C-88FFFA39915D}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{8B4C3617-F52F-4CAF-91B8-A001406392A5}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [{D80C6A87-3BD3-47D2-B558-0C85AFFFE24A}] => (Allow) C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [TCP Query User{14CC93E2-4917-4D08-8DF0-125726C8E886}C:\users\jojkáč\desktop\anydesk.exe] => (Allow) C:\users\jojkáč\desktop\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
FirewallRules: [UDP Query User{F3918D3D-CF09-4C97-B3F0-78BF5039688C}C:\users\jojkáč\desktop\anydesk.exe] => (Allow) C:\users\jojkáč\desktop\anydesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:97.54 GB) (Free:58.05 GB) (60%)
==================== Faulty Device Manager Devices ============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
System errors:
=============
Error: (10/24/2023 10:43:23 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
Description: Při pokusu o načtení souboru místních hostitelů došlo k chybě.
Error: (10/24/2023 10:42:49 AM) (Source: DCOM) (EventID: 10000) (User: JOJKÁČ)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (10/23/2023 09:42:34 PM) (Source: DCOM) (EventID: 10010) (User: JOJKÁČ)
Description: Server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/23/2023 09:42:03 PM) (Source: DCOM) (EventID: 10010) (User: JOJKÁČ)
Description: Server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/23/2023 09:41:31 PM) (Source: DCOM) (EventID: 10010) (User: JOJKÁČ)
Description: Server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/23/2023 09:41:00 PM) (Source: DCOM) (EventID: 10010) (User: JOJKÁČ)
Description: Server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/23/2023 09:40:29 PM) (Source: DCOM) (EventID: 10010) (User: JOJKÁČ)
Description: Server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} se v daném časovém limitu neregistroval u služby DCOM.
Error: (10/23/2023 09:39:58 PM) (Source: DCOM) (EventID: 10010) (User: JOJKÁČ)
Description: Server {F36AD0D0-B5F0-4C69-AF08-603D177FEF0E} se v daném časovém limitu neregistroval u služby DCOM.
Windows Defender:
================
Date: 2023-10-01 11:49:58
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUABundler:Win32/FusionCore
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_D:\MY DOCUMENTS\Windows\CDBurner XP\cdbxp_setup_4.5.8.6795.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: JOJKÁČ\Jojkáč
Název procesu: C:\Windows\explorer.exe
Verze bezpečnostních informací: AV: 1.397.1873.0, AS: 1.397.1873.0, NIS: 1.397.1873.0
Verze modulu: AM: 1.1.23080.2005, NIS: 1.1.23080.2005
Date: 2023-07-27 11:34:53
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {07376D28-B326-407B-9920-1BCC83EF457E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-07-27 09:21:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {A0CB9FBE-6A86-4AB6-84FF-638D93F02508}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: JOJKÁČ\Jojkáč
Date: 2023-07-07 08:37:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {874ADB96-CCAB-463E-96B8-ACF65B757A97}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2023-06-16 11:30:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3A9BA6BE-0AFF-44B6-8F24-CA9EBA336B24}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2023-10-16 08:10:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1873.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-10-16 08:10:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1873.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-10-16 08:10:47
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1873.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.
Date: 2023-10-16 08:10:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1873.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.
Date: 2023-10-16 08:10:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.397.1873.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.23080.2005
Kód chyby: 0x80072ee2
Popis chyby: Operace nebyla v požadované době dokončena.
CodeIntegrity:
===============
Date: 2023-10-23 21:07:44
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2023-10-23 20:06:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: TOSHIBA Version 6.70 04/04/2013
Motherboard: TOSHIBA PORTEGE R930
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 73%
Total physical RAM: 3990.16 MB
Available physical RAM: 1043.86 MB
Total Virtual: 4694.16 MB
Available Virtual: 1686.17 MB
==================== Drives ================================
Drive c: (Windows 10 Pro) (Fixed) (Total:97.54 GB) (Free:58.05 GB) (Model: HGST HTS545032A7E380) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total: ? GB) (Free: ? GB) (Model: HGST HTS545032A7E380) (Protected) (Locked)
Drive f: () (Removable) (Total: ? GB) (Free: ? GB) (Protected) (Locked)
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: FAC36CA0)
Partition 1: (Active) - (Size=97.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
==========================================================
Disk: 1 (Protective MBR) (Size: 29.7 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
nefunguje win update a zapnout defenger
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: nefunguje win update a zapnout defenger
ahoj,
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
•Ulozte vytvoreny TXT jako fixlist.txt
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe
•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txt
citat:
Tvorba fixlistu pro FRST
•Spustte poznamkovy blok (Start-spustit-notepad)
•Zkopirujte skript >>
Kód: Vybrat vše
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
BootExecute: autocheck autochk * sdnclean64.exeicarus_rvrt.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {70B9120F-56BD-42CF-966F-C85572384E47} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {43D83AED-DCF3-4528-9DF6-0AC7E5CF682F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jojkáč\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (No File)
Task: {63962CF4-DF19-44E7-ACEF-558FB9353D9D} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jojkáč\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (No File)
Task: {6E198FED-68E6-42A5-A125-656756BEFFC0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} (No File)
Task: {A9F33263-5AFD-4C01-B7C5-D7C7DC16CF4B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} /CalendarRun (No File)
Task: {26ABE13B-E4EF-4B01-9E33-12BA681060F4} - System32\Tasks\WindowsAppPool\1OMUoK1GrprqqbL => C:\Users\JOJK~1\AppData\Local\Temp\1OMUoK1GrprqqbL.exe (No File) <==== ATTENTION
Task: {0C3CEF61-E76D-41DA-BEB8-71C5211F3AA5} - System32\Tasks\WindowsAppPool\4bpvL5dtff39Z3b => C:\Users\JOJK~1\AppData\Local\Temp\4bpvL5dtff39Z3b.exe (No File) <==== ATTENTION
Task: {5965DF3C-3EBF-4B1A-A031-C1B1AF2BE491} - System32\Tasks\WindowsAppPool\RfUAPKpk0TBidAY => C:\Users\JOJK~1\AppData\Local\Temp\RfUAPKpk0TBidAY.exe (No File) <==== ATTENTION
R2 AVGWscReporter; "C:\Program Files\AVG\Antivirus\wsc_proxy.exe" /runassvc /rpcserver [X]
2023-09-02 11:35 - 2023-09-02 11:35 - 000248887 ___SH () C:\Users\Jojkáč\AppData\Roaming\dstjrbe
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [TCP Query User{AFAD047F-9DF3-4BA8-8DDD-6DE045CF9C5F}C:\users\jojkáč\desktop\anydesk (1).exe] => (Allow) C:\users\jojkáč\desktop\anydesk (1).exe => No File
FirewallRules: [UDP Query User{0013E804-6BC7-44B1-B561-D8DD4FA48D39}C:\users\jojkáč\desktop\anydesk (1).exe] => (Allow) C:\users\jojkáč\desktop\anydesk (1).exe => No File
EmptyTemp:
Reboot:
End
•Presunte vytvoreny fixlist vedle FRST
Spustte znovu FRST.exe•Kliknete na Fix
•Probehne oprava a vytvori log Fixlog.txt
Restart PC a dejte mi sem fixlog.txtFRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: nefunguje win update a zapnout defenger
log je zde:
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by Jojkáč (24-10-2023 18:29:02) Run:1
Running from C:\Users\Jojkáč\Desktop
Loaded Profiles: Jojkáč
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
BootExecute: autocheck autochk * sdnclean64.exeicarus_rvrt.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {70B9120F-56BD-42CF-966F-C85572384E47} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {43D83AED-DCF3-4528-9DF6-0AC7E5CF682F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jojkáč\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (No File)
Task: {63962CF4-DF19-44E7-ACEF-558FB9353D9D} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jojkáč\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (No File)
Task: {6E198FED-68E6-42A5-A125-656756BEFFC0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} (No File)
Task: {A9F33263-5AFD-4C01-B7C5-D7C7DC16CF4B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} /CalendarRun (No File)
Task: {26ABE13B-E4EF-4B01-9E33-12BA681060F4} - System32\Tasks\WindowsAppPool\1OMUoK1GrprqqbL => C:\Users\JOJK~1\AppData\Local\Temp\1OMUoK1GrprqqbL.exe (No File) <==== ATTENTION
Task: {0C3CEF61-E76D-41DA-BEB8-71C5211F3AA5} - System32\Tasks\WindowsAppPool\4bpvL5dtff39Z3b => C:\Users\JOJK~1\AppData\Local\Temp\4bpvL5dtff39Z3b.exe (No File) <==== ATTENTION
Task: {5965DF3C-3EBF-4B1A-A031-C1B1AF2BE491} - System32\Tasks\WindowsAppPool\RfUAPKpk0TBidAY => C:\Users\JOJK~1\AppData\Local\Temp\RfUAPKpk0TBidAY.exe (No File) <==== ATTENTION
R2 AVGWscReporter; "C:\Program Files\AVG\Antivirus\wsc_proxy.exe" /runassvc /rpcserver [X]
2023-09-02 11:35 - 2023-09-02 11:35 - 000248887 ___SH () C:\Users\Jojkáč\AppData\Roaming\dstjrbe
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [TCP Query User{AFAD047F-9DF3-4BA8-8DDD-6DE045CF9C5F}C:\users\jojkáč\desktop\anydesk (1).exe] => (Allow) C:\users\jojkáč\desktop\anydesk (1).exe => No File
FirewallRules: [UDP Query User{0013E804-6BC7-44B1-B561-D8DD4FA48D39}C:\users\jojkáč\desktop\anydesk (1).exe] => (Allow) C:\users\jojkáč\desktop\anydesk (1).exe => No File
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center => removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => value restored successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" folder move:
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{70B9120F-56BD-42CF-966F-C85572384E47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70B9120F-56BD-42CF-966F-C85572384E47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{43D83AED-DCF3-4528-9DF6-0AC7E5CF682F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43D83AED-DCF3-4528-9DF6-0AC7E5CF682F}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63962CF4-DF19-44E7-ACEF-558FB9353D9D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63962CF4-DF19-44E7-ACEF-558FB9353D9D}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6E198FED-68E6-42A5-A125-656756BEFFC0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E198FED-68E6-42A5-A125-656756BEFFC0}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9F33263-5AFD-4C01-B7C5-D7C7DC16CF4B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F33263-5AFD-4C01-B7C5-D7C7DC16CF4B}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26ABE13B-E4EF-4B01-9E33-12BA681060F4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26ABE13B-E4EF-4B01-9E33-12BA681060F4}" => removed successfully
C:\WINDOWS\System32\Tasks\WindowsAppPool\1OMUoK1GrprqqbL => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsAppPool\1OMUoK1GrprqqbL" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C3CEF61-E76D-41DA-BEB8-71C5211F3AA5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C3CEF61-E76D-41DA-BEB8-71C5211F3AA5}" => removed successfully
C:\WINDOWS\System32\Tasks\WindowsAppPool\4bpvL5dtff39Z3b => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsAppPool\4bpvL5dtff39Z3b" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5965DF3C-3EBF-4B1A-A031-C1B1AF2BE491}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5965DF3C-3EBF-4B1A-A031-C1B1AF2BE491}" => removed successfully
C:\WINDOWS\System32\Tasks\WindowsAppPool\RfUAPKpk0TBidAY => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsAppPool\RfUAPKpk0TBidAY" => removed successfully
AVGWscReporter => Unable to stop service.
HKLM\System\CurrentControlSet\Services\AVGWscReporter => could not remove, key could be protected
C:\Users\Jojkáč\AppData\Roaming\dstjrbe => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AFAD047F-9DF3-4BA8-8DDD-6DE045CF9C5F}C:\users\jojkáč\desktop\anydesk (1).exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0013E804-6BC7-44B1-B561-D8DD4FA48D39}C:\users\jojkáč\desktop\anydesk (1).exe" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3201326 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 394240 B
Edge => 9216 B
Chrome => 13094713 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 4096 B
ProgramData => 4096 B
Public => 4096 B
systemprofile => 688520293 B
systemprofile32 => 688520293 B
LocalService => 688520293 B
NetworkService => 1837834731 B
Jojkáč => 1838054463 B
RecycleBin => 0 B
EmptyTemp: => 5.4 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-10-2023 18:32:00)
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\AVGWscReporter => removed successfully
==== End of Fixlog 18:32:01 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 06-10-2023
Ran by Jojkáč (24-10-2023 18:29:02) Run:1
Running from C:\Users\Jojkáč\Desktop
Loaded Profiles: Jojkáč
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
BootExecute: autocheck autochk * sdnclean64.exeicarus_rvrt.exe
GroupPolicy: Restriction - Windows Defender <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {70B9120F-56BD-42CF-966F-C85572384E47} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {43D83AED-DCF3-4528-9DF6-0AC7E5CF682F} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Jojkáč\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe LOGON (No File)
Task: {63962CF4-DF19-44E7-ACEF-558FB9353D9D} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Jojkáč\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe SCHED (No File)
Task: {6E198FED-68E6-42A5-A125-656756BEFFC0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} (No File)
Task: {A9F33263-5AFD-4C01-B7C5-D7C7DC16CF4B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => %windir%\UpdateAssistant\UpdateAssistant.exe /ClientID Win10Upgrade:VNL:EosWu:{} /CalendarRun (No File)
Task: {26ABE13B-E4EF-4B01-9E33-12BA681060F4} - System32\Tasks\WindowsAppPool\1OMUoK1GrprqqbL => C:\Users\JOJK~1\AppData\Local\Temp\1OMUoK1GrprqqbL.exe (No File) <==== ATTENTION
Task: {0C3CEF61-E76D-41DA-BEB8-71C5211F3AA5} - System32\Tasks\WindowsAppPool\4bpvL5dtff39Z3b => C:\Users\JOJK~1\AppData\Local\Temp\4bpvL5dtff39Z3b.exe (No File) <==== ATTENTION
Task: {5965DF3C-3EBF-4B1A-A031-C1B1AF2BE491} - System32\Tasks\WindowsAppPool\RfUAPKpk0TBidAY => C:\Users\JOJK~1\AppData\Local\Temp\RfUAPKpk0TBidAY.exe (No File) <==== ATTENTION
R2 AVGWscReporter; "C:\Program Files\AVG\Antivirus\wsc_proxy.exe" /runassvc /rpcserver [X]
2023-09-02 11:35 - 2023-09-02 11:35 - 000248887 ___SH () C:\Users\Jojkáč\AppData\Roaming\dstjrbe
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers2: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [TCP Query User{AFAD047F-9DF3-4BA8-8DDD-6DE045CF9C5F}C:\users\jojkáč\desktop\anydesk (1).exe] => (Allow) C:\users\jojkáč\desktop\anydesk (1).exe => No File
FirewallRules: [UDP Query User{0013E804-6BC7-44B1-B561-D8DD4FA48D39}C:\users\jojkáč\desktop\anydesk (1).exe] => (Allow) C:\users\jojkáč\desktop\anydesk (1).exe => No File
EmptyTemp:
Reboot:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center => removed successfully
HKLM\System\CurrentControlSet\Control\Session Manager\\"BootExecute"="autocheck autochk *" => value restored successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" folder move:
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{70B9120F-56BD-42CF-966F-C85572384E47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70B9120F-56BD-42CF-966F-C85572384E47}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{43D83AED-DCF3-4528-9DF6-0AC7E5CF682F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43D83AED-DCF3-4528-9DF6-0AC7E5CF682F}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63962CF4-DF19-44E7-ACEF-558FB9353D9D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63962CF4-DF19-44E7-ACEF-558FB9353D9D}" => removed successfully
C:\WINDOWS\System32\Tasks\EOSv3 Scheduler onTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6E198FED-68E6-42A5-A125-656756BEFFC0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E198FED-68E6-42A5-A125-656756BEFFC0}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A9F33263-5AFD-4C01-B7C5-D7C7DC16CF4B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A9F33263-5AFD-4C01-B7C5-D7C7DC16CF4B}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{26ABE13B-E4EF-4B01-9E33-12BA681060F4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{26ABE13B-E4EF-4B01-9E33-12BA681060F4}" => removed successfully
C:\WINDOWS\System32\Tasks\WindowsAppPool\1OMUoK1GrprqqbL => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsAppPool\1OMUoK1GrprqqbL" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C3CEF61-E76D-41DA-BEB8-71C5211F3AA5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C3CEF61-E76D-41DA-BEB8-71C5211F3AA5}" => removed successfully
C:\WINDOWS\System32\Tasks\WindowsAppPool\4bpvL5dtff39Z3b => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsAppPool\4bpvL5dtff39Z3b" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5965DF3C-3EBF-4B1A-A031-C1B1AF2BE491}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5965DF3C-3EBF-4B1A-A031-C1B1AF2BE491}" => removed successfully
C:\WINDOWS\System32\Tasks\WindowsAppPool\RfUAPKpk0TBidAY => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WindowsAppPool\RfUAPKpk0TBidAY" => removed successfully
AVGWscReporter => Unable to stop service.
HKLM\System\CurrentControlSet\Services\AVGWscReporter => could not remove, key could be protected
C:\Users\Jojkáč\AppData\Roaming\dstjrbe => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon32 => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\SDECon64 => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AFAD047F-9DF3-4BA8-8DDD-6DE045CF9C5F}C:\users\jojkáč\desktop\anydesk (1).exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{0013E804-6BC7-44B1-B561-D8DD4FA48D39}C:\users\jojkáč\desktop\anydesk (1).exe" => removed successfully
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 3201326 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 394240 B
Edge => 9216 B
Chrome => 13094713 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 4096 B
ProgramData => 4096 B
Public => 4096 B
systemprofile => 688520293 B
systemprofile32 => 688520293 B
LocalService => 688520293 B
NetworkService => 1837834731 B
Jojkáč => 1838054463 B
RecycleBin => 0 B
EmptyTemp: => 5.4 GB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-10-2023 18:32:00)
Result of scheduled keys to remove after reboot:
HKLM\System\CurrentControlSet\Services\AVGWscReporter => removed successfully
==== End of Fixlog 18:32:01 ====
Re: nefunguje win update a zapnout defenger
Vycistene - malo by to byt OK
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: nefunguje win update a zapnout defenger
bohuzel... ani defender a ani win update nelze porad zapnout.
Re: nefunguje win update a zapnout defenger
S prikazoveho riadku spust ako spravca
Sfc / scannow
Sfc / scannow
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Re: nefunguje win update a zapnout defenger
Moc dekuji dekuji za pomoc, ale nakonec byl z toho format C: , bo ntb uz nesel ani zapnout po restartu, takze nez se trapit, tak sme se pro ten format rozhodli.
Dokumenty byly na cloudu, tak ze v tomto smeru pohoda.
Dekuji za vas cas. Jestli chcete, muzete toto tema uzamknout.
Dokumenty byly na cloudu, tak ze v tomto smeru pohoda.
Dekuji za vas cas. Jestli chcete, muzete toto tema uzamknout.
Re: nefunguje win update a zapnout defenger
Rado sa stalo 
FRST |ADWCleaner |MBAM |CCleaner |AVPTool
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
V prípade spokojnosti je možné podporiť fórum https://platba.viry.cz/payment/
Přispějete na provoz fóra?