Prosim o kontrolu PC

Zpráva

pppalec · #1 Příspěvek od **pppalec** » 13 srp 2023 21:16

Zdravim,
prosim o kontrolu PC, pred par dnami vo vyhladavaci, konkretne v googli prestal fungovat Enter ako potvrdenie a stale posuval na dalsi riadok. Jak som sa s tym hral a skusal to spravit, tak po kliknuti na "Zkusim stesti" otvorilo divnu stranku - na zaciatku stavoveho riadku bola vlajka nejakeho statu, hned som to zavrel. PC bol spomaleny. Na dalsi den vsetko ok. Tak neviem ci je tam nejaky virus alebo co to bola za haluz. Prosim tymto o pomoc a kontrolu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-08-2023
Ran by Admin (administrator) on MALTON (Dell Inc. OptiPlex 3050) (13-08-2023 21:59:55)
Running from C:\Users\Admin\Desktop\FRST64.exe
Loaded Profiles: Admin
Platform: Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxEM.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_7208949846a9b9dc\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_d6e4236a0f82e7b4\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_9cf4db1a1fd1b22d\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_19812d3db79f7a21\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_19812d3db79f7a21\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102808 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe [1222536 2018-12-04] (Waves Inc -> Waves Audio Ltd.)
HKU\S-1-5-21-1359861362-2047865837-2026727432-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41572768 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1359861362-2047865837-2026727432-1001\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4088272 2023-08-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {FDEB117B-55C1-4A65-BFF8-C6CDF6C22EC3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {92C07247-C721-4FC7-B7AE-B513FB235C2A} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "4d616995-f3c4-41c3-9f94-21c1836a73e0" --version "6.14.10584" --silent
Task: {E09BFAC1-BDDD-4776-9B48-1DE37AC122A4} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [34677664 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {DC7A705C-E68D-4665-80A1-5307A07D1D9A} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {DC7A705C-E68D-4665-80A1-5307A07D1D9A} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {DC7A705C-E68D-4665-80A1-5307A07D1D9A} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {9C4AA51E-603A-4BBF-ACF9-1436FABB8AE3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A7DD656B-A067-416E-B862-49FABF494886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F5C7A209-62C3-4570-B060-472B4A19F1C5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DDBB3CA7-20A4-46FC-92B8-80387C859902} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7ADA985C-5835-4197-88EB-BF649BD26A7F} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-08-12] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {7F815139-E7C1-4150-8D3E-C50D95126A32} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {B32E449A-E990-4725-B526-B2A02CA0CAAA} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618080 2021-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3dc45149-e83c-4316-a9e9-9d8c21bbf9f0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7ad686d4-70eb-4512-a426-5f07dec27887}: [DhcpNameServer] 208.67.222.222
Tcpip\..\Interfaces\{ab1ecfd8-2ebc-4f75-b25b-d548e60eae29}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-13]

FireFox:
========
FF DefaultProfile: n98sc20b.default
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n98sc20b.default [2022-01-18]
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n73ly54c.default-release [2023-08-13]
FF Homepage: Mozilla\Firefox\Profiles\n73ly54c.default-release -> www.google.cz
FF Extension: (AdBlocker Ultimate) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n73ly54c.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2023-05-25]
FF Extension: (Dream of Waves) - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n73ly54c.default-release\Extensions\{a07400bb-b55c-4435-906d-5b6d8303f4c1}.xpi [2022-01-21]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [402200 2023-08-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WifiAutoInstallSrv; C:\Program Files\Tenda\WifiAutoInstall\WifiAutoInstallSrv.exe [118720 2018-10-26] (Realtek Semiconductor Corp. -> Realtek)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 MpKslab8c56f5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FB7D1AAE-AD93-451A-8404-9EC5FF0749CF}\MpKslDrv.sys [222464 2023-08-13] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55704 2023-08-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572656 2023-08-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-13 21:59 - 2023-08-13 22:00 - 000013974 _____ C:\Users\Admin\Desktop\FRST.txt
2023-08-13 21:59 - 2023-08-13 22:00 - 000000000 ____D C:\FRST
2023-08-13 21:57 - 2023-08-13 21:57 - 002385408 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2023-08-13 18:36 - 2023-08-13 18:36 - 000000000 ___HD C:\$WinREAgent
2023-08-12 17:43 - 2023-08-13 21:02 - 087031808 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-08-12 17:42 - 2023-08-12 17:43 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2023-08-12 16:31 - 2023-08-13 17:34 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-08-13 21:54 - 2022-02-08 22:59 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-13 21:53 - 2022-01-18 23:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-13 21:16 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-13 21:13 - 2022-07-09 21:35 - 000000000 ____D C:\Program Files\CCleaner
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-13 21:06 - 2022-01-18 23:16 - 001605602 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-13 21:06 - 2019-12-07 16:43 - 000682184 _____ C:\WINDOWS\system32\perfh005.dat
2023-08-13 21:06 - 2019-12-07 16:43 - 000137000 _____ C:\WINDOWS\system32\perfc005.dat
2023-08-13 21:03 - 2020-01-28 11:39 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles
2023-08-13 21:02 - 2022-01-18 23:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-13 21:02 - 2022-01-18 23:10 - 000259768 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-13 21:02 - 2022-01-18 23:10 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-13 21:02 - 2020-01-28 11:39 - 000000000 ____D C:\Intel
2023-08-13 21:02 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-08-13 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-13 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-13 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-13 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-13 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-13 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-13 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-13 21:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-13 21:02 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-13 18:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-13 18:45 - 2022-01-18 23:14 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-13 17:34 - 2022-01-18 20:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-12 17:15 - 2020-01-28 11:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-12 17:15 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-12 17:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-12 17:14 - 2020-01-28 11:55 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-12 16:46 - 2022-01-18 20:03 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-12 16:41 - 2022-01-18 21:58 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-12 16:40 - 2020-01-28 11:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-06 09:44 - 2022-01-18 23:11 - 000000000 ____D C:\Users\Admin
2023-08-05 18:19 - 2022-01-22 13:33 - 000000000 ____D C:\Users\Admin\Desktop\bazos
2023-08-05 18:00 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2023-08-05 07:05 - 2022-01-18 23:15 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1359861362-2047865837-2026727432-1001
2023-08-05 07:05 - 2022-01-18 23:15 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1359861362-2047865837-2026727432-1001
2023-08-05 07:05 - 2022-01-18 23:11 - 000002381 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-07-27 15:45 - 2020-01-28 11:57 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-07-21 16:01 - 2022-09-21 13:12 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-07-20 17:13 - 2022-09-21 13:12 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-07-20 17:13 - 2022-07-09 21:35 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-08-2023
Ran by Admin (13-08-2023 22:03:00)
Running from C:\Users\Admin\Desktop
Microsoft Windows 10 Pro Version 22H2 19045.3324 (X64) (2022-01-18 21:15:31)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Admin (S-1-5-21-1359861362-2047865837-2026727432-1001 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-1359861362-2047865837-2026727432-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1359861362-2047865837-2026727432-503 - Limited - Disabled)
Guest (S-1-5-21-1359861362-2047865837-2026727432-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1359861362-2047865837-2026727432-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CCleaner (HKLM\...\CCleaner) (Version: 6.14 - Piriform)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.13058.0 - Waves Audio Ltd.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 115.0.1901.203 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 115.0.1901.203 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1359861362-2047865837-2026727432-1001\...\OneDriveSetup.exe) (Version: 23.147.0716.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{BB052C53-34CB-42DE-AF41-66FDFCEEC868}) (Version: 3.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.28.29334 (HKLM-x32\...\{a9cfe9c7-e54f-46cd-9c5c-542ff8e3e8c4}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29334 (HKLM-x32\...\{b2d0f752-adc5-496e-8f70-8669de01f746}) (Version: 14.28.29334.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29334 (HKLM\...\{2E11EF4E-901F-4B2D-B68E-3DB2A566C857}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29334 (HKLM\...\{8A3F7D5B-422D-49D9-84F7-8DC1B7782967}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29334 (HKLM-x32\...\{14C49FC8-3E9B-4F29-8526-26629B5CF30B}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29334 (HKLM-x32\...\{0D01A812-82A1-481F-8546-8E28E976F8DF}) (Version: 14.28.29334 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 116.0.2 (x64 cs)) (Version: 116.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 96.0.1 - Mozilla)
Phone Nokia USB Driver (HKLM-x32\...\{D301AA7E-EF41-4906-A059-4D173047D577}) (Version: 1.3.0 - Mobile)
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9175.1 - Realtek Semiconductor Corp.)
Tenda Wireless Adapter (HKLM\...\{80B43A16-440F-45FB-8C08-AEF579EBD792}_is1) (Version: 1.0.5.2 - Tenda)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{82BD0A1C-815F-487F-9AE7-CE73DA413CFF}) (Version: 4.91.0.0 - Microsoft Corporation)
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)

Packages:
=========
Cortana -> C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2308.1005.0_x64__8wekyb3d8bbwe [2023-08-12] (Microsoft Corporation)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-01-22] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-01-28] (Microsoft Corporation)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1037.0_x64__8j3eq9eme6ctt [2023-03-02] (INTEL CORP)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-01-18] (Microsoft Corporation) [MS Ad]
Ovládací centrum grafiky Intel® -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5180.0_x64__8j3eq9eme6ctt [2023-08-12] (INTEL CORP) [Startup Task]
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2023-02-28] (Samsung Electronics Co. Ltd.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0 [2023-08-04] (Spotify AB) [Startup Task]
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2022-01-18] (Waves Audio)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1359861362-2047865837-2026727432-1001_Classes\CLSID\{a9872fee-5a55-4ecb-9b0f-b06fedcf14d1}\localserver32 -> C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\MaxxAudioPro.exe (Waves Inc -> Waves Audio Ltd)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> )
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\WINDOWS\System32\DriverStore\FileRepository\iastorpinningcomponent.inf_amd64_357b728ba88fb99a\OptaneShellExt.dll [2022-12-18] (Intel Corporation -> )

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2019-03-19 06:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2023-01-30 21:37 - 2023-01-30 21:37 - 000000437 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1359861362-2047865837-2026727432-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppHost => (EnableWebContentEvaluation: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-1359861362-2047865837-2026727432-1001\...\StartupApproved\Run: => "Steam"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{54EE64E6-82DF-4ACD-8BDC-E15B2F4F7B47}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DF4681BF-0BAD-4A4D-9DAF-A8F1992F99C9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0763455A-61CE-46B9-8CB9-591BF5C508D0}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{8EFD7C3A-B28D-4487-89A8-C303BA566A53}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{D78DDB0A-DA76-4FEF-A16B-211AF78796D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{D37C7ED7-C0C7-4BCB-B92C-0E4A4E5B8E47}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{DFC76310-F383-40DB-8B28-392E851B8DB1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{AA6B58A0-7F3B-4DC8-AF21-9D5AFC33E98B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{7D00420B-5E05-4DAA-8F57-5A2E584CF6D5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1180B079-40CA-404B-B49A-A9DDB1080EE3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{77C545A8-36F3-4811-8A1D-534E7B765779}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7E9BDDC8-2302-420A-B33F-72ABCC9ABB35}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.99.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EC7F71AF-B645-4155-96CD-1C669793F926}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D71A45D3-D5A6-49A1-9DDB-6D746F31984C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{42E201A6-C9F5-4312-9852-26126456050F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{2A53A148-511E-4C8A-8382-59361FE541FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{147FC9CD-29A2-4649-86D0-E36BFEA87E1D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{01824259-DD14-44E7-BC99-7D99750D2AFC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{C7FE51A8-3D8C-4E82-97BA-B99DD2EECF46}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{3676996C-CDA9-4F66-AA0F-D89CF55D8AB7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{98C01760-9835-4819-933D-39471ECBDCAD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{9C4F9367-EC81-445F-865B-841ABAD501F4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.217.834.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{0F2D3C9D-3D40-4BE0-A21E-C8DCFD9D463A}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\115.0.1901.203\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

29-07-2023 20:53:55 Naplánovaný kontrolní bod
12-08-2023 17:51:36 Instalační služba modulů systému Windows
13-08-2023 18:36:07 Instalační služba modulů systému Windows
13-08-2023 18:37:53 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (08/13/2023 05:41:40 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (08/12/2023 04:32:44 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (08/05/2023 02:56:34 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (08/04/2023 03:04:50 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (08/03/2023 04:02:10 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (08/02/2023 05:58:18 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (08/01/2023 03:28:56 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

Error: (07/30/2023 11:53:55 AM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2

System errors:
=============
Error: (08/12/2023 04:41:53 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1069 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (08/12/2023 04:41:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Update neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (08/12/2023 04:41:53 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba wuauserv se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Požadavek není podporován.

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (08/12/2023 04:41:53 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1069 při pokusu o spuštění služby wuauserv s argumenty Není k dispozici za účelem spuštění serveru:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (08/12/2023 04:41:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Windows Update neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (08/12/2023 04:41:53 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba wuauserv se nemohla přihlásit jako NT AUTHORITY\SYSTEM s aktuálně konfigurovaným heslem z důvodu následující chyby:
Správci zabezpečení účtů (SAM) nebo serveru místní autority zabezpečení (LSA) se nepodařilo provést zabezpečovací operaci.

Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (08/06/2023 09:44:49 AM) (Source: DCOM) (EventID: 10010) (User: MALTON)
Description: Server {5F7F3F7B-1177-4D4B-B1DB-BC6F671B8F25} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/06/2023 07:34:36 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (20:34:09, ‎05.‎08.‎2023) bylo neočekávané.

Windows Defender:
================
Date: 2023-08-12 17:51:46
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {87C7DE5C-18CB-4102-BCF1-76A039C7A149}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-08-12 17:14:56
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2FDFA636-832B-4993-AACC-AF69F8C8C5F5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-08-12 16:40:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {25A25ADE-BBC2-4335-A15A-98CFEB4B8FDB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Úplné prohledávání
Uživatel: MALTON\Admin

Date: 2023-08-05 16:17:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {ADAFC8F1-5DB5-4002-9B92-5CE4DDC0720B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2023-08-02 19:48:40
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7D393B87-926C-4233-B7C7-B74118D91951}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2023-08-13 21:15:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_19812d3db79f7a21\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2023-08-12 16:32:15
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_19812d3db79f7a21\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

BIOS: Dell Inc. 1.25.0 04/05/2023
Motherboard: Dell Inc. 0W0CHX
Processor: Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
Percentage of memory in use: 56%
Total physical RAM: 8075.51 MB
Available physical RAM: 3513.53 MB
Total Virtual: 9355.51 MB
Available Virtual: 4810.1 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.31 GB) (Free:244.2 GB) (Model: KingFast) NTFS

\\?\Volume{9873ba95-311b-4017-b1ed-af825d90c313}\ (Obnovení) (Fixed) (Total:0.52 GB) (Free:0.1 GB) NTFS
\\?\Volume{2978ae11-fdfa-443e-a718-3a6d17bcd5bc}\ () (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

#2 Příspěvek od **Rudy** » 14 srp 2023 08:06

Zdravím!

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
FirewallRules: [{D78DDB0A-DA76-4FEF-A16B-211AF78796D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{D37C7ED7-C0C7-4BCB-B92C-0E4A4E5B8E47}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{DFC76310-F383-40DB-8B28-392E851B8DB1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{AA6B58A0-7F3B-4DC8-AF21-9D5AFC33E98B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

pppalec · #3 Příspěvek od **pppalec** » 14 srp 2023 10:04

Fix result of Farbar Recovery Scan Tool (x64) Version: 12-08-2023
Ran by Admin (14-08-2023 11:01:33) Run:1
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\DumpStack.log.tmp
FirewallRules: [{D78DDB0A-DA76-4FEF-A16B-211AF78796D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{D37C7ED7-C0C7-4BCB-B92C-0E4A4E5B8E47}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{DFC76310-F383-40DB-8B28-392E851B8DB1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{AA6B58A0-7F3B-4DC8-AF21-9D5AFC33E98B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D78DDB0A-DA76-4FEF-A16B-211AF78796D8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D37C7ED7-C0C7-4BCB-B92C-0E4A4E5B8E47}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DFC76310-F383-40DB-8B28-392E851B8DB1}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AA6B58A0-7F3B-4DC8-AF21-9D5AFC33E98B}" => removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1572864 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16928344 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 61097676 B
Windows/system/drivers => 6466608 B
Edge => 69120 B
Firefox => 1115104176 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 2350 B
Admin => 21183218 B

RecycleBin => 3750151 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 14-08-2023 11:02:34)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 11:02:34 ====

#4 Příspěvek od **Rudy** » 14 srp 2023 14:29

Smazáno. Log již vypadá OK.

pppalec · #5 Příspěvek od **pppalec** » 14 srp 2023 16:22

Tak to je super. Bol tam nejaky vir?

#6 Příspěvek od **Rudy** » 14 srp 2023 16:29

Nebyl. Jen zbytečnosti.

pppalec · #7 Příspěvek od **pppalec** » 14 srp 2023 16:46

Ok, velke diky za rychle vyriesenie! Posielam prispevok

#8 Příspěvek od **Rudy** » 14 srp 2023 17:44

Za podporu děkujeme a vy nemáte zač!

VIRY.CZ

Prosim o kontrolu PC

Prosim o kontrolu PC

Re: Prosim o kontrolu PC

Re: Prosim o kontrolu PC

Re: Prosim o kontrolu PC

Re: Prosim o kontrolu PC

Re: Prosim o kontrolu PC

Re: Prosim o kontrolu PC

Re: Prosim o kontrolu PC