frst kontrola pre istotu
Napsal: 10 dub 2023 14:34
Zdravím,
pozrie niekto prosím?
ADW Cleaner bol čistý
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-04-2023
Ran by igorv (administrator) on DESKTOP-PB3B57S (TOSHIBA Satellite L650) (10-04-2023 15:19:06)
Running from C:\Users\igorv\Downloads
Loaded Profiles: igorv
Platform: Microsoft Windows 10 Home Version 22H2 19045.2788 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\72.0.3.0\crashpad_handler.exe <3>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\RMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2780_none_7df1b05c7ca1f251\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [MicrosoftEdgeAutoLaunch_12DCDEA817FD98234F2AB1F8B100D4B7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4140496 2023-04-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [39159608 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {142370FA-AFBF-4F05-B9D8-2A09F1BDA1DB} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "f4a308bf-cca6-47ff-8aea-188963f05ee2" --version "6.10.10347" --silent
Task: {2F85AF99-05D3-45B2-8756-FE04C61AF4BE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7A92C71F-CAE2-4481-8E74-D902284BE024} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8BEE143A-D951-40CD-B0AA-E158F79F1DD3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A61090AD-1F57-4275-B1BF-B64E1373F27A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2023-03-02] (Google LLC -> Google LLC)
Task: {A96D2DAE-3D3A-4BCE-AEA9-2A4277421CC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B74711C0-5233-44D0-8046-FB8D3CE00F30} - System32\Tasks\CCleanerSkipUAC - igorv => C:\Program Files\CCleaner\CCleaner.exe [33038648 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {EE0ADF9F-0C84-48F3-A192-EF713051CB6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2023-03-02] (Google LLC -> Google LLC)
Task: {F4658624-54BC-43D7-981C-554143B8BD9D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.31.248 8.8.8.8
Tcpip\..\Interfaces\{1b830fbc-5f0e-4a85-a095-15d1aeb2d45b}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{2835ed5a-0fac-45c6-bfda-73ae710e5958}: [DhcpNameServer] 192.168.31.248 8.8.8.8
Tcpip\..\Interfaces\{7ae0656c-d38d-4fa0-9319-481e1e5b4555}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Edge:
=======
Edge DefaultProfile: Profile 4
Edge Profile: C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Profile 4 [2023-04-10]
Edge DownloadDir: Profile 4 -> C:\Users\igorv\Downloads
Edge HomePage: Profile 4 -> hxxp://www.google.sk/
Edge Extension: (Edge relevant text changes) - C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-06]
Chrome:
=======
CHR HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DSDFunctionKeyCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDFunctionKeyCtlService.exe [714864 2022-08-26] (Dynabook Inc. -> Dynabook Inc.)
S2 DSDTabletControlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDTabSysSvc.exe [301192 2022-08-26] (Dynabook Inc. -> Dynabook Inc.)
R2 DSDWirelessLEDCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\RMService.exe [451248 2022-08-26] (Dynabook Inc. -> Dynabook Inc.)
R2 dynabookSettingService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\dynabookSystemService.exe [44797568 2022-08-26] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dhotkey; C:\Windows\System32\drivers\dhotkey.sys [52360 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R1 dsrvctldrv; C:\Windows\System32\drivers\dsrvctldrv.sys [29328 2022-08-26] (Dynabook Inc. -> Dynabook Inc.)
R0 DVALZ_O; C:\Windows\System32\drivers\DVALZ_O.SYS [47464 2022-07-18] (Dynabook Inc. -> Dynabook Inc.)
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ_O; C:\Windows\System32\drivers\TVALZ_O.SYS [46656 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49608 2023-03-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [495896 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-10 15:19 - 2023-04-10 15:21 - 000012283 _____ C:\Users\igorv\Downloads\FRST.txt
2023-04-10 15:17 - 2023-04-10 15:20 - 000000000 ____D C:\FRST
2023-04-10 15:16 - 2023-04-10 15:16 - 002379776 _____ (Farbar) C:\Users\igorv\Downloads\FRST64.exe
2023-04-07 19:49 - 2023-04-10 09:53 - 000000000 ____D C:\Program Files\CCleaner
2023-04-07 19:49 - 2023-04-07 19:49 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-04-07 19:49 - 2023-04-07 19:49 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-04-07 19:49 - 2023-04-07 19:49 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - igorv
2023-04-07 19:49 - 2023-04-07 19:49 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-04-07 19:49 - 2023-04-07 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-04-04 10:20 - 2023-04-04 10:20 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-10 15:23 - 2023-03-02 18:09 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-04-10 15:23 - 2022-12-25 19:56 - 000000000 ____D C:\Program Files (x86)\Steam
2023-04-10 15:23 - 2022-03-09 16:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-10 14:33 - 2022-03-09 11:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-04-10 13:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-08 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-07 19:55 - 2022-10-07 20:11 - 000000000 ____D C:\Users\igorv\AppData\Local\CrashDumps
2023-04-07 19:55 - 2022-07-04 15:36 - 000000000 ____D C:\Windows\Minidump
2023-04-07 19:55 - 2022-03-09 11:16 - 000000000 ____D C:\Windows\Panther
2023-04-07 14:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-07 14:12 - 2022-03-09 11:22 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-05 09:40 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-04-04 12:12 - 2022-03-09 11:49 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-04 12:04 - 2022-03-09 11:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-04 12:04 - 2022-03-09 11:17 - 000258088 _____ C:\Windows\system32\FNTCACHE.DAT
2023-04-04 12:04 - 2020-02-21 12:41 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-04 12:02 - 2019-12-07 11:03 - 000262144 _____ C:\Windows\system32\config\BBI
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-04-04 11:29 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-04-04 11:00 - 2022-03-09 11:21 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-04-01 12:12 - 2022-03-09 11:20 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-01 12:12 - 2022-03-09 11:20 - 000003508 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-28 09:55 - 2022-03-09 11:18 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-03-15 10:01 - 2022-03-09 14:02 - 000000000 ____D C:\Windows\system32\MRT
2023-03-15 09:50 - 2022-03-09 14:02 - 153620824 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories ========
2022-03-09 12:38 - 2022-03-09 12:38 - 000007602 _____ () C:\Users\igorv\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
pozrie niekto prosím?
ADW Cleaner bol čistý
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-04-2023
Ran by igorv (administrator) on DESKTOP-PB3B57S (TOSHIBA Satellite L650) (10-04-2023 15:19:06)
Running from C:\Users\igorv\Downloads
Loaded Profiles: igorv
Platform: Microsoft Windows 10 Home Version 22H2 19045.2788 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\72.0.3.0\crashpad_handler.exe <3>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\RMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2780_none_7df1b05c7ca1f251\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [MicrosoftEdgeAutoLaunch_12DCDEA817FD98234F2AB1F8B100D4B7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4140496 2023-04-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4362600 2023-03-24] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [39159608 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\72.0.3.0\GoogleDriveFS.exe [52902680 2023-03-21] (Google LLC -> Google, Inc.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {142370FA-AFBF-4F05-B9D8-2A09F1BDA1DB} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "f4a308bf-cca6-47ff-8aea-188963f05ee2" --version "6.10.10347" --silent
Task: {2F85AF99-05D3-45B2-8756-FE04C61AF4BE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {7A92C71F-CAE2-4481-8E74-D902284BE024} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8BEE143A-D951-40CD-B0AA-E158F79F1DD3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A61090AD-1F57-4275-B1BF-B64E1373F27A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2023-03-02] (Google LLC -> Google LLC)
Task: {A96D2DAE-3D3A-4BCE-AEA9-2A4277421CC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B74711C0-5233-44D0-8046-FB8D3CE00F30} - System32\Tasks\CCleanerSkipUAC - igorv => C:\Program Files\CCleaner\CCleaner.exe [33038648 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {EE0ADF9F-0C84-48F3-A192-EF713051CB6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2023-03-02] (Google LLC -> Google LLC)
Task: {F4658624-54BC-43D7-981C-554143B8BD9D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MpCmdRun.exe [1645904 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.31.248 8.8.8.8
Tcpip\..\Interfaces\{1b830fbc-5f0e-4a85-a095-15d1aeb2d45b}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{2835ed5a-0fac-45c6-bfda-73ae710e5958}: [DhcpNameServer] 192.168.31.248 8.8.8.8
Tcpip\..\Interfaces\{7ae0656c-d38d-4fa0-9319-481e1e5b4555}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Edge:
=======
Edge DefaultProfile: Profile 4
Edge Profile: C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Profile 4 [2023-04-10]
Edge DownloadDir: Profile 4 -> C:\Users\igorv\Downloads
Edge HomePage: Profile 4 -> hxxp://www.google.sk/
Edge Extension: (Edge relevant text changes) - C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Profile 4\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-04-06]
Chrome:
=======
CHR HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DSDFunctionKeyCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDFunctionKeyCtlService.exe [714864 2022-08-26] (Dynabook Inc. -> Dynabook Inc.)
S2 DSDTabletControlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDTabSysSvc.exe [301192 2022-08-26] (Dynabook Inc. -> Dynabook Inc.)
R2 DSDWirelessLEDCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\RMService.exe [451248 2022-08-26] (Dynabook Inc. -> Dynabook Inc.)
R2 dynabookSettingService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\dynabookSystemService.exe [44797568 2022-08-26] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\NisSrv.exe [3224328 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.7-0\MsMpEng.exe [133544 2023-03-28] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dhotkey; C:\Windows\System32\drivers\dhotkey.sys [52360 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R1 dsrvctldrv; C:\Windows\System32\drivers\dsrvctldrv.sys [29328 2022-08-26] (Dynabook Inc. -> Dynabook Inc.)
R0 DVALZ_O; C:\Windows\System32\drivers\DVALZ_O.SYS [47464 2022-07-18] (Dynabook Inc. -> Dynabook Inc.)
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ_O; C:\Windows\System32\drivers\TVALZ_O.SYS [46656 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49608 2023-03-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [495896 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99624 2023-03-28] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-10 15:19 - 2023-04-10 15:21 - 000012283 _____ C:\Users\igorv\Downloads\FRST.txt
2023-04-10 15:17 - 2023-04-10 15:20 - 000000000 ____D C:\FRST
2023-04-10 15:16 - 2023-04-10 15:16 - 002379776 _____ (Farbar) C:\Users\igorv\Downloads\FRST64.exe
2023-04-07 19:49 - 2023-04-10 09:53 - 000000000 ____D C:\Program Files\CCleaner
2023-04-07 19:49 - 2023-04-07 19:49 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2023-04-07 19:49 - 2023-04-07 19:49 - 000003476 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2023-04-07 19:49 - 2023-04-07 19:49 - 000002904 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - igorv
2023-04-07 19:49 - 2023-04-07 19:49 - 000000760 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2023-04-07 19:49 - 2023-04-07 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-04-04 10:20 - 2023-04-04 10:20 - 000000000 ___HD C:\$WinREAgent
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-04-10 15:23 - 2023-03-02 18:09 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-04-10 15:23 - 2022-12-25 19:56 - 000000000 ____D C:\Program Files (x86)\Steam
2023-04-10 15:23 - 2022-03-09 16:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-04-10 14:33 - 2022-03-09 11:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-04-10 13:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-04-08 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2023-04-07 19:55 - 2022-10-07 20:11 - 000000000 ____D C:\Users\igorv\AppData\Local\CrashDumps
2023-04-07 19:55 - 2022-07-04 15:36 - 000000000 ____D C:\Windows\Minidump
2023-04-07 19:55 - 2022-03-09 11:16 - 000000000 ____D C:\Windows\Panther
2023-04-07 14:17 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-04-07 14:12 - 2022-03-09 11:22 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-04-05 09:40 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2023-04-04 12:12 - 2022-03-09 11:49 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2023-04-04 12:04 - 2022-03-09 11:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-04-04 12:04 - 2022-03-09 11:17 - 000258088 _____ C:\Windows\system32\FNTCACHE.DAT
2023-04-04 12:04 - 2020-02-21 12:41 - 000008192 ___SH C:\DumpStack.log.tmp
2023-04-04 12:02 - 2019-12-07 11:03 - 000262144 _____ C:\Windows\system32\config\BBI
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-04-04 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2023-04-04 11:29 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2023-04-04 11:00 - 2022-03-09 11:21 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-04-01 12:12 - 2022-03-09 11:20 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-04-01 12:12 - 2022-03-09 11:20 - 000003508 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-28 09:55 - 2022-03-09 11:18 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-03-15 10:01 - 2022-03-09 14:02 - 000000000 ____D C:\Windows\system32\MRT
2023-03-15 09:50 - 2022-03-09 14:02 - 153620824 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories ========
2022-03-09 12:38 - 2022-03-09 12:38 - 000007602 _____ () C:\Users\igorv\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================