nedari se obnova do tovarniho nastaveni

[TomTom23]

Dobry den, prosim o kontrolu/pomoc...

pri vypinani se objevyla hlaska app elara brani ve vypnuti

nb se zapina mnohem dele nez obvykle

nejde obnovit do tovarniho nastaveni (nejde stahnout win z cloudu/ vyskytla se chyba...)

Diky

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-06-2023
Ran by noone (administrator) on DESKTOP-8VQ403R (TOSHIBA TECRA Z50-A) (15-06-2023 07:46:52)
Running from C:\Users\noone\Desktop\FRST64.exe
Loaded Profiles: noone
Platform: Microsoft Windows 10 Pro Version 22H2 19045.2965 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eOppFrame.exe
(Discord Inc. -> Discord Inc.) C:\Users\noone\AppData\Local\Discord\app-1.0.9013\Discord.exe <6>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <16>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\RMService.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\efwd.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-05-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [194704 2023-03-24] (ESET, spol. s r.o. -> ESET)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3844432990-3656964575-129454201-1001\...\Run: [Discord] => C:\Users\noone\AppData\Local\Discord\Update.exe [1525016 2023-04-26] (Discord Inc. -> GitHub)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [975104 2023-04-06] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {746570BC-221C-4E69-872F-043D9A41C2C5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [732064 2023-06-14] (Mozilla Corporation -> Mozilla Foundation)
Task: {83403291-6F1F-4963-A9B2-7B17250158C9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {92C5ECB3-8758-4F1D-BC53-C265E7EE9418} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\noone\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-06-14] (ESET, spol. s r.o. -> ESET)
Task: {97333017-F8BD-4FE8-B68F-271F8041125E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1949503-32BC-4000-A14A-925DF5B1219F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [680352 2023-06-14] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {F74DD56B-B378-41A5-AAD8-E400C5DF01B8} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\noone\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [21737944 2023-06-14] (ESET, spol. s r.o. -> ESET)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.200.77.1 188.75.128.188 8.8.8.8
Tcpip\..\Interfaces\{bb462e32-3ee2-4471-b1c6-859962c1c7f6}: [DhcpNameServer] 10.200.77.1 188.75.128.188 8.8.8.8

Edge:
=======
Edge Profile: C:\Users\noone\AppData\Local\Microsoft\Edge\User Data\Default [2023-05-12]

FireFox:
========
FF DefaultProfile: 8dfn17r9.default
FF ProfilePath: C:\Users\noone\AppData\Roaming\Mozilla\Firefox\Profiles\8dfn17r9.default [2023-05-12]
FF ProfilePath: C:\Users\noone\AppData\Roaming\Mozilla\Firefox\Profiles\ha6glo7c.default-release [2023-06-15]
FF Extension: (Add-ons Restricted Domains) - C:\Users\noone\AppData\Roaming\Mozilla\Firefox\Profiles\ha6glo7c.default-release\features\{39b9aa21-2dc9-4fd5-9800-6d137f4d632e}\addons-restricted-domains@mozilla.com.xpi [2023-06-09]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-04-06] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-04-06] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-04-06] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-04-06] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-04-06] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2023-04-06] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3844432990-3656964575-129454201-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-04-06] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3844432990-3656964575-129454201-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-04-06] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3844432990-3656964575-129454201-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2023-04-06] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2023-06-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3054520 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\DSDFunctionKeyCtlService.exe [689888 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
R2 efwd; C:\Program Files\ESET\ESET Security\efwd.exe [2509944 2023-03-24] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3650416 2023-03-24] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3650416 2023-03-24] (ESET, spol. s r.o. -> ESET)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336256 2023-05-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\dynabookSystemService.exe [44786376 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TOSTABSYSSVC.exe [298192 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\RMService.exe [447296 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
R2 valWBFPolicyService; C:\WINDOWS\System32\valWBFPolicyService.exe [85608 2019-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 config; C:\WINDOWS\System32\drivers\ibtfudrv.sys [70088 2013-07-01] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [198448 2023-03-24] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [118872 2023-03-24] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [16336 2023-03-24] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [244920 2023-03-24] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\System32\drivers\ekbdflt.sys [55440 2023-03-24] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [81728 2023-03-24] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [123008 2023-03-24] (ESET, spol. s r.o. -> ESET)
R3 guardian2; C:\WINDOWS\System32\Drivers\oz776x64.sys [100560 2019-08-05] (BayHub Technology Inc. -> O2Micro)
S3 plser; C:\WINDOWS\System32\drivers\plser64.sys [258040 2020-05-21] (WDKTestCert charles-yeh,132058328970830801 -> Prolific Technology Inc.)
S3 SaiK1713; C:\WINDOWS\System32\drivers\SaiK1713.sys [180544 2012-09-20] (Mad Catz Inc -> Saitek)
S3 SaiU1713; C:\WINDOWS\System32\drivers\SaiU1713.sys [47168 2012-09-20] (Mad Catz Inc -> Saitek)
S3 Ser2pl; C:\WINDOWS\System32\drivers\ser2pl64.sys [303000 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Prolific Technology Inc.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [65144 2021-10-08] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.)
S3 tosdbt; C:\WINDOWS\System32\drivers\tosdbt.sys [57344 2007-01-15] (Microsoft Windows Hardware Compatibility Publisher -> TOSHIBA Corporation)
S3 toshidpt; C:\WINDOWS\system32\drivers\Toshidpt.sys [10232 2012-08-01] (TOSHIBA CORPORATION -> TOSHIBA Corporation.)
R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ; C:\WINDOWS\System32\drivers\TVALZ.SYS [45880 2020-08-01] (Dynabook Inc. -> Dynabook Inc.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-15 07:46 - 2023-06-15 07:47 - 000016401 _____ C:\Users\noone\Desktop\FRST.txt
2023-06-15 07:45 - 2023-06-15 07:47 - 000000000 ____D C:\FRST
2023-06-15 07:41 - 2023-06-15 07:41 - 002382848 _____ (Farbar) C:\Users\noone\Desktop\FRST64.exe
2023-06-15 07:39 - 2023-06-15 07:40 - 000000000 ____D C:\$Windows.~BT
2023-06-15 07:38 - 2023-06-15 07:43 - 000000000 ___HD C:\$SysReset
2023-06-15 06:20 - 2023-06-15 06:20 - 000000000 ___HD C:\$WinREAgent
2023-06-15 06:11 - 2023-06-15 06:11 - 000000000 ____D C:\Users\noone\AppData\Local\ElevatedDiagnostics
2023-06-14 21:07 - 2023-06-14 21:07 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2023-06-14 21:07 - 2023-06-14 21:07 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2023-06-14 20:50 - 2023-06-14 20:50 - 000000000 ____D C:\Users\noone\AppData\Roaming\Microsoft\MMC
2023-06-14 20:32 - 2023-06-14 20:32 - 000001389 _____ C:\Users\noone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2023-06-14 19:13 - 2023-06-14 19:36 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-06-14 17:39 - 2023-06-14 17:39 - 000000000 ____D C:\Users\noone\AppData\Local\D3DSCache
2023-06-14 17:10 - 2023-06-14 17:10 - 000004036 _____ C:\WINDOWS\system32\Tasks\PostponeDeviceSetupToast_S-1-5-21-3844432990-3656964575-129454201-1001_0
2023-06-14 17:04 - 2023-06-14 17:05 - 000000000 ____D C:\WINDOWS\Minidump
2023-06-14 17:04 - 2023-06-14 17:04 - 930374087 _____ C:\WINDOWS\MEMORY.DMP
2023-06-14 17:04 - 2023-06-14 17:04 - 001297572 _____ C:\WINDOWS\Minidump\061423-10765-01.dmp
2023-06-14 17:04 - 2023-04-25 14:05 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2023-06-14 17:04 - 2023-04-25 11:32 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2023-06-10 10:57 - 2023-06-14 17:04 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2023-06-08 18:45 - 2023-06-08 18:45 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2023-05-30 21:51 - 2023-06-14 20:32 - 000000000 ____D C:\Users\noone\AppData\Local\ESET
2023-05-30 18:20 - 2023-05-30 18:21 - 000000000 ____D C:\Users\noone\Documents\NinjaTrader 8
2023-05-30 18:20 - 2023-05-30 18:20 - 000000000 ____D C:\Users\noone\Documents\NinjaTrader Backup
2023-05-30 18:20 - 2023-05-30 18:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NinjaTrader
2023-05-30 18:20 - 2023-05-30 18:20 - 000000000 ____D C:\Program Files\NinjaTrader 8
2023-05-18 09:33 - 2023-05-18 09:33 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-06-15 07:46 - 2023-05-14 07:08 - 000000000 ____D C:\Users\noone\AppData\Local\Discord
2023-06-15 07:34 - 2023-05-12 20:44 - 000000000 ____D C:\Users\noone\AppData\LocalLow\Mozilla
2023-06-15 07:34 - 2023-05-12 20:16 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-06-15 07:17 - 2023-05-12 19:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-06-15 07:16 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-06-15 06:51 - 2023-05-12 19:22 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-06-15 06:51 - 2019-12-07 16:43 - 000717980 _____ C:\WINDOWS\system32\perfh005.dat
2023-06-15 06:51 - 2019-12-07 16:43 - 000145122 _____ C:\WINDOWS\system32\perfc005.dat
2023-06-15 06:51 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-06-15 06:46 - 2023-05-14 07:08 - 000000000 ____D C:\Users\noone\AppData\Roaming\discord
2023-06-15 06:46 - 2023-05-12 19:29 - 000000000 __SHD C:\Users\noone\IntelGraphicsProfiles
2023-06-15 06:46 - 2023-05-12 19:15 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-06-15 06:43 - 2023-05-12 19:15 - 000000000 ____D C:\ProgramData\Synaptics
2023-06-15 06:43 - 2023-05-12 19:14 - 000008192 ___SH C:\DumpStack.log.tmp
2023-06-15 06:43 - 2023-05-12 19:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-06-15 06:35 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-06-14 20:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-06-14 19:36 - 2023-05-12 20:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-06-14 19:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-06-14 19:21 - 2023-05-12 20:16 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-06-14 17:40 - 2023-05-12 19:26 - 000000000 ____D C:\Users\noone
2023-06-14 17:04 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-06-14 10:42 - 2023-05-14 06:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-06-14 10:40 - 2023-05-14 06:58 - 170078616 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-06-14 10:40 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-06-14 10:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-06-13 19:38 - 2023-05-12 19:14 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-06-13 19:38 - 2023-05-12 19:14 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-06-12 08:39 - 2023-05-12 19:29 - 000000000 ____D C:\Users\noone\AppData\Local\Packages
2023-06-11 12:01 - 2023-05-12 20:44 - 000001066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-06-10 18:21 - 2023-05-12 19:14 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-05-30 19:59 - 2023-05-12 19:31 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3844432990-3656964575-129454201-1001
2023-05-30 19:59 - 2023-05-12 19:31 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3844432990-3656964575-129454201-1001
2023-05-30 19:59 - 2023-05-12 19:26 - 000002388 _____ C:\Users\noone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-05-22 10:06 - 2023-05-12 20:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-05-18 09:26 - 2019-12-07 16:45 - 000000000 ____D C:\WINDOWS\OCR

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-06-2023
Ran by noone (15-06-2023 07:47:45)
Running from C:\Users\noone\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.2965 (X64) (2023-05-12 17:18:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3844432990-3656964575-129454201-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3844432990-3656964575-129454201-503 - Limited - Disabled)
Guest (S-1-5-21-3844432990-3656964575-129454201-501 - Limited - Disabled)
noone (S-1-5-21-3844432990-3656964575-129454201-1001 - Administrator - Enabled) => C:\Users\noone
WDAGUtilityAccount (S-1-5-21-3844432990-3656964575-129454201-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {DF8BEACB-94C9-218A-73AD-A78362A8C516}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {E7B06BEE-DEA6-20D2-58F2-0EB69C7B826D}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Discord (HKU\S-1-5-21-3844432990-3656964575-129454201-1001\...\Discord) (Version: 1.0.9013 - Discord Inc.)
ESET Security (HKLM\...\{67878CC3-9C1F-40AD-9027-A6469F3C58F4}) (Version: 16.1.14.0 - ESET, spol. s r.o.)
FastStone Image Viewer 7.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 7.7 - FastStone Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 114.0.1823.43 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 114.0.1823.43 - Microsoft Corporation)
Microsoft Office 2013 pro podnikatele - cs-cz (HKLM\...\HomeBusinessRetail - cs-cz) (Version: 15.0.5553.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3844432990-3656964575-129454201-1001\...\OneDriveSetup.exe) (Version: 23.107.0521.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 114.0.1 (x64 cs)) (Version: 114.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 102.11.0 - Mozilla)
Mozilla Thunderbird (x64 cs) (HKLM\...\Mozilla Thunderbird 102.12.0 (x64 cs)) (Version: 102.12.0 - Mozilla)
NinjaTrader (HKLM\...\{7E3D620C-3D58-4673-AEB8-97F6AD107F66}) (Version: 8.1.1.6 - NinjaTrader, LLC)
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-1000-0000000FF1CE}) (Version: 15.0.5553.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-1000-0000000FF1CE}) (Version: 15.0.5553.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0405-1000-0000000FF1CE}) (Version: 15.0.5553.1000 - Microsoft Corporation) Hidden
PDF-XChange Editor (HKLM\...\{27B09AC2-12E9-4B42-B5B7-D042A3E339E9}) (Version: 9.5.368.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{7355a6b3-4efb-4023-88a1-8c00d955b625}) (Version: 9.5.368.0 - Tracker Software Products (Canada) Ltd.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7520 - Realtek Semiconductor Corp.)
WinRAR 6.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.21.0 - win.rar GmbH)

Packages:
=========
Disney+ -> C:\Program Files\WindowsApps\Disney.37853FC22B2CE_1.54.2.0_x64__6rarf9sa4v8jt [2023-06-10] (Disney)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.16.3140.0_x64__8wekyb3d8bbwe [2023-05-12] (Microsoft Studios) [MS Ad]
TradingView -> C:\Program Files\WindowsApps\TradingView.Desktop_2.3.4.4397_x64__n534cwy3pjxzj [2023-05-12] (TradingView, Inc.) [Startup Task]
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x64__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)
WindowsAppRuntime.1.3 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.3_3000.851.1712.0_x86__8wekyb3d8bbwe [2023-06-07] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-03-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2023-04-06] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-03-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-05-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2023-03-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2023-02-16] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2023-05-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2023-05-12] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3844432990-3656964575-129454201-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.200.77.1 - 188.75.128.188
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{1EDD3227-BC69-4CD9-84B9-695560DE7FAC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FE91BDD5-F17F-4A27-8324-9E74A4CC3A53}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FC460A86-F31F-4A34-9B7B-00C957F00FA3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CFEB1354-DEE1-4A33-AA7C-EF0F55C08964}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A4D1D60C-A5C5-4495-8710-DB2451EE6B3F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D4EF5A79-18AD-4FC8-B8D8-C96AF1E6295A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C4BD451E-E66F-44A7-9921-918A7A36EFB1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3402.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{77410819-B886-4060-8084-EE629289C298}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\114.0.1823.43\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (06/15/2023 05:57:51 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (06/14/2023 08:15:26 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (06/14/2023 08:00:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.19041.546, časové razítko: 0x5da7ab91
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0x80131623
Posun chyby: 0x00007ffccd58200f
ID chybujícího procesu: 0x1260
Čas spuštění chybující aplikace: 0x01d99eea1617a675
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 66dbc1c6-5956-49cf-89cb-8f6f57e2aeb5
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (06/14/2023 08:00:22 PM) (Source: .NET Runtime) (EventID: 1025) (User: )
Description: Application: wmiprvse.exe
Framework Version: v4.0.30319
Description: The application requested process termination through System.Environment.FailFast(string message).
Message: Byla vyvolána neočekávaná výjimka od poskytovatele:
System.IO.FileLoadException:
File name: 'Microsoft.AppV.AppvClientComConsumer, Version=10.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.AppV.AppvPublishingServerWMI.AppvPublishingServer.EnumeratePublishingServers()


Stack:
at System.Environment.FailFast(System.String)
at WmiNative.WbemProvider.WmiNative.IWbemServices.CreateInstanceEnumAsync(System.String, Int32, WmiNative.IWbemContext, WmiNative.IWbemObjectSink)

Error: (06/14/2023 08:00:20 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (06/14/2023 08:00:20 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (06/14/2023 08:00:20 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (06/14/2023 07:15:59 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2


System errors:
=============
Error: (06/15/2023 07:45:01 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Došlo k chybě:
2147943792
při provádění příkazu:
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3025_none_7e36ee127c6f13fc\TiWorker.exe -Embedding

Error: (06/15/2023 07:45:00 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Došlo k chybě:
2147943792
při provádění příkazu:
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3025_none_7e36ee127c6f13fc\TiWorker.exe -Embedding

Error: (06/15/2023 07:44:59 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Došlo k chybě:
2147943792
při provádění příkazu:
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3025_none_7e36ee127c6f13fc\TiWorker.exe -Embedding

Error: (06/15/2023 07:44:58 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Došlo k chybě:
2147943792
při provádění příkazu:
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3025_none_7e36ee127c6f13fc\TiWorker.exe -Embedding

Error: (06/15/2023 07:44:57 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Došlo k chybě:
2147943792
při provádění příkazu:
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3025_none_7e36ee127c6f13fc\TiWorker.exe -Embedding

Error: (06/15/2023 07:44:56 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Došlo k chybě:
2147943792
při provádění příkazu:
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3025_none_7e36ee127c6f13fc\TiWorker.exe -Embedding

Error: (06/15/2023 07:44:55 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Došlo k chybě:
2147943792
při provádění příkazu:
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3025_none_7e36ee127c6f13fc\TiWorker.exe -Embedding

Error: (06/15/2023 07:44:54 AM) (Source: DCOM) (EventID: 10000) (User: NT AUTHORITY)
Description: Nelze spustit server DCOM: {0823B6F8-F499-4D5E-B885-EA9CB4F43B24}. Došlo k chybě:
2147943792
při provádění příkazu:
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3025_none_7e36ee127c6f13fc\TiWorker.exe -Embedding


CodeIntegrity:
===============
Date: 2023-06-15 06:56:00
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements.

Date: 2023-06-15 06:47:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET Security\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

BIOS: TOSHIBA Version 3.50 04/15/2014
Motherboard: TOSHIBA TECRA Z50-A
Processor: Intel(R) Core(TM) i7-4600U CPU @ 2.10GHz
Percentage of memory in use: 49%
Total physical RAM: 8101.33 MB
Available physical RAM: 4069.21 MB
Total Virtual: 13989.33 MB
Available Virtual: 9686.05 MB

==================== Drives ================================

Drive c: (TI31272900A) (Fixed) (Total:218.26 GB) (Free:172.24 GB) (Model: TOSHIBA THNSFJ256GMCT) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{30628e58-0000-0000-0000-100000000000}\ (System) (Fixed) (Total:1.46 GB) (Free:0.85 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 238.5 GB) (Disk ID: 30628E58)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=218.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=8 GB) - (Type=84)
Partition 4: (Not Active) - (Size=10.8 GB) - (Type=17)

==================== End of Addition.txt =======================

[JaRon]

ahoj,
oba subory otestuj na www.virustotal.com
2023-06-14 17:04 - 2023-04-25 14:05 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2023-06-14 17:04 - 2023-04-25 11:32 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

[TomTom23]

done
No security vendors and no sandboxes flagged this file as malicious
No security vendors and no sandboxes flagged this file as malicious

[JaRon]

OK
precitaj si toto: https://blog.webtech360.com/cz/android/ ... n/88810330

[TomTom23]

jasny..., jen me mate ten start a nechapu proc mi nejde to obnoveni...

[JaRon]

1. prescanuj preventivne PC s MBAM
2. s prikazoveho riadku spusteneho ako spravca spust sfc /scannow
3. obnovenie do tovarenskeho nastavenia je viazane na particiu disku pre obnovenie - bud je poskodena, alebo nebola ani vytvorena

[TomTom23]

C:\WINDOWS\system32>sfc /scannow

Windows Resource Protection could not start the repair service.

[JaRon]

pokial si spustil cmd ako spravca malo by to fungovat

[TomTom23]

jj, jako spravce ale nespusti se (ten scan)

[JaRon]

s tym som sa este nestretol a napr. chkdsk spusti ?

[TomTom23]

ano

C:\WINDOWS\system32>sfc/scannow

Windows Resource Protection could not start the repair service.

C:\WINDOWS\system32>chkdsk
The type of the file system is NTFS.
Volume label is TI31272900A.

WARNING! /F parameter not specified.
Running CHKDSK in read-only mode.

Stage 1: Examining basic file system structure ...
1434368 file records processed.
File verification completed.
Phase duration (File record verification): 10.29 seconds.
22778 large file records processed.
Phase duration (Orphan file record recovery): 0.00 milliseconds.
0 bad file records processed.
Phase duration (Bad file record checking): 0.51 milliseconds.

Stage 2: Examining file name linkage ...
145 reparse records processed.
Index entry TE7390~1.MAN in index $I30 of file 24368 is incorrect.
1675408 index entries processed.
Index verification completed.
Phase duration (Index verification): 13.35 seconds.

Errors found. CHKDSK cannot continue in read-only mode.

C:\WINDOWS\system32>

[JaRon]

1. za sfc by mala byt medzera, ale neviem ci to pomoze
2. na disku sa nasli chyby takze spust chkdsk/f odsuhlas spustenie po dalsom starte a restart PC

[TomTom23]

chkdsk/f probehlo...

sfc /scannow nic...

[JaRon]

1. ako dopadol scan s MBAM ?
2. prip. riesenie sfc https://softwarekeep.com/help-center/ho ... ir-service

[TomTom23]

mbam cisty...