VIRY.CZ

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-08-2021
Ran by Toshiba (administrator) on TOSHIBA-PC (TOSHIBA Satellite C660D) (22-08-2021 18:40:42)
Running from C:\Users\Toshiba\OneDrive\Plocha
Loaded Profiles: Toshiba
Platform: Windows 10 Home Version 20H2 19042.1165 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_06f74206248919c7\DSDFunctionKeyCtlService.exe <2>
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_06f74206248919c7\dynabookSystemService.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_06f74206248919c7\RMService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1161_none_7e3076a27c733477\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774552 2014-11-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818288 2014-04-12] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2286134859-4179934650-635084521-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3144760 2021-05-10] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2286134859-4179934650-635084521-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35144320 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2286134859-4179934650-635084521-1000\...\Run: [MicrosoftEdgeAutoLaunch_F13FB48B8F2E5E50C0FEF169D2A181EC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {5866D2E5-CF01-4859-A49F-BBA53E7AF3FC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)
Task: {62F3EC7D-AFF3-4B8B-908B-ADA672D889D6} - System32\Tasks\CCleanerSkipUAC - Toshiba => C:\Program Files\CCleaner\CCleaner.exe [29211264 2021-08-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8CB57531-5B33-48DA-9066-72A2DAF7F6EF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {99B22789-F0F9-4FAB-A018-6F7E92316401} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A5CF0826-142D-422D-8467-C7396CB0EAF6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-22] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A741F6DD-7FDB-4A60-BD1E-01CFE50D4BD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-08-22] (Microsoft Windows Publisher -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 172.20.100.2 172.20.100.10
Tcpip\..\Interfaces\{0a8d197b-3687-424e-9f22-f338da25ed99}: [DhcpNameServer] 172.20.100.2 172.20.100.10

Edge:
=======
DownloadDir: C:\Users\Toshiba\Downloads
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Toshiba\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-22]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [File not signed]
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_06f74206248919c7\DSDFunctionKeyCtlService.exe [631472 2021-08-16] (Dynabook Inc. -> Dynabook Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2547288 2021-05-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3487320 2021-05-10] (Electronic Arts, Inc. -> Electronic Arts)
R2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_06f74206248919c7\dynabookSystemService.exe [44783168 2021-08-16] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_06f74206248919c7\TOSTABSYSSVC.exe [304864 2021-08-16] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_06f74206248919c7\RMService.exe [454856 2021-08-16] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-08-22] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-08-22] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-09-05] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU CO LTD -> DEVGURU Co., LTD.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2020-07-21] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_06f74206248919c7\TosSrvCtlDrv.sys [27112 2021-08-16] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-08-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-08-22] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-08-22] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-22 18:38 - 2021-08-22 18:43 - 000000000 ____D C:\FRST
2021-08-22 18:31 - 2021-08-22 18:31 - 000000000 ___HD C:\$WinREAgent
2021-08-22 17:34 - 2021-08-22 17:34 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-08-22 17:34 - 2021-08-22 17:34 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-08-22 17:34 - 2021-08-22 17:34 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-08-22 17:34 - 2021-08-22 17:34 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-08-22 17:33 - 2021-08-22 17:33 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-22 17:32 - 2021-08-22 17:32 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-22 17:32 - 2021-08-22 17:32 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-22 17:31 - 2021-08-22 17:31 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-22 17:30 - 2021-08-22 17:30 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-22 17:30 - 2021-08-22 17:30 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-22 17:28 - 2021-08-22 17:28 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-22 14:02 - 2021-08-22 14:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2021-08-22 14:02 - 2021-08-22 14:02 - 000000000 ____D C:\Program Files\Defraggler
2021-08-22 13:59 - 2021-08-22 14:01 - 007466056 _____ (Piriform Software Ltd) C:\Users\Toshiba\Downloads\dfsetup222.exe
2021-08-22 13:49 - 2021-08-22 13:49 - 000179464 _____ C:\Users\Toshiba\OneDrive\Dokumenty\cc_20210822_134848.reg
2021-08-22 13:34 - 2021-08-22 13:34 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-08-22 13:34 - 2021-08-22 13:34 - 000002902 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Toshiba
2021-08-22 13:33 - 2021-08-22 18:15 - 000000000 ____D C:\Program Files\CCleaner
2021-08-22 13:30 - 2021-08-22 13:31 - 036335448 _____ (Piriform Software Ltd) C:\Users\Toshiba\Downloads\ccsetup584.exe
2021-08-22 13:25 - 2021-08-22 13:25 - 000000000 ____D C:\Users\Toshiba\AppData\Local\OneDrive
2021-08-22 13:23 - 2021-08-22 13:23 - 000000000 ____D C:\Users\Toshiba\AppData\Local\D3DSCache

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-22 19:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-22 18:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-22 18:14 - 2020-10-15 00:56 - 001693140 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-22 18:14 - 2019-12-07 16:41 - 000718024 _____ C:\WINDOWS\system32\perfh005.dat
2021-08-22 18:14 - 2019-12-07 16:41 - 000145166 _____ C:\WINDOWS\system32\perfc005.dat
2021-08-22 18:14 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-22 18:11 - 2020-06-08 04:53 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-22 18:07 - 2020-10-15 01:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-22 18:07 - 2020-10-15 00:34 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-22 18:06 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-08-22 18:00 - 2020-10-15 00:34 - 000258096 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-22 17:56 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-22 17:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-22 17:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-22 17:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-08-22 17:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-22 17:56 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-22 17:55 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-22 17:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-22 17:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-22 17:55 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-08-22 17:55 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-22 17:51 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-22 16:38 - 2020-10-15 00:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-22 14:25 - 2019-01-17 16:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-22 14:15 - 2019-01-17 16:27 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-22 14:13 - 2020-10-06 01:03 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-22 14:07 - 2019-01-06 20:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-08-22 13:38 - 2020-10-06 01:28 - 000000000 ___DC C:\WINDOWS\Panther
2021-08-22 13:38 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-08-22 13:34 - 2016-09-07 13:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-08-22 13:28 - 2020-10-15 19:51 - 000003490 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6a27ce62bedc9
2021-08-22 13:28 - 2020-10-15 01:16 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-22 13:27 - 2020-10-15 01:16 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2286134859-4179934650-635084521-1000
2021-08-22 13:27 - 2020-10-15 00:44 - 000002383 _____ C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-22 13:27 - 2016-07-05 16:38 - 000000000 ___RD C:\Users\Toshiba\OneDrive
2021-08-22 13:24 - 2020-05-03 17:37 - 000000000 ____D C:\ProgramData\Origin
2021-08-22 13:23 - 2020-05-03 17:37 - 000000000 ____D C:\Users\Toshiba\AppData\Local\Origin
2021-08-22 13:22 - 2020-05-03 17:37 - 000000000 ____D C:\Users\Toshiba\AppData\Roaming\Origin
2021-08-04 22:13 - 2020-10-15 00:44 - 000000000 ____D C:\Users\Toshiba
2021-08-04 21:49 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-04 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-08-04 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-08-04 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-08-04 21:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021
Ran by Toshiba (22-08-2021 19:14:45)
Running from C:\Users\Toshiba\OneDrive\Plocha
Windows 10 Home Version 20H2 19042.1165 (X64) (2020-10-14 23:18:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2286134859-4179934650-635084521-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2286134859-4179934650-635084521-503 - Limited - Disabled)
Guest (S-1-5-21-2286134859-4179934650-635084521-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2286134859-4179934650-635084521-1002 - Limited - Enabled)
Toshiba (S-1-5-21-2286134859-4179934650-635084521-1000 - Administrator - Enabled) => C:\Users\Toshiba
WDAGUtilityAccount (S-1-5-21-2286134859-4179934650-635084521-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.84 - Piriform)
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.67 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2286134859-4179934650-635084521-1000\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.99.47918 - Electronic Arts, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7399 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.8.2 - Synaptics Incorporated)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.63.136.1010 - Electronic Arts Inc.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden

Packages:
=========
Any Player -> C:\Program Files\WindowsApps\15191PeakPlayer.50533F9B98293_3.1.9.0_x64__y5c4dfz5b21fm [2021-01-22] (Any DVD &amp; Office App)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.2060.2.0_x86__kgqvnymyfvs32 [2021-07-12] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_12.0.2.0_x86__m9bz608c1b9ra [2021-04-25] (Nordcurrent)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.8.1108.0_x64__rz1tebttyb220 [2021-05-31] (Dolby Laboratories)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2020-02-02] (Fitbit)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-06-24] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com)

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2015-08-21 22:09 - 2015-08-21 22:09 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-08-21 22:09 - 2015-08-21 22:09 - 000102400 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2021-05-23 22:01 - 2021-04-25 22:49 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\LIBEAY32.dll
2021-05-23 22:01 - 2021-04-25 22:50 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Origin\ssleay32.dll
2021-05-23 22:01 - 2021-04-25 22:49 - 001611264 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\platforms\qwindows.dll
2021-05-23 22:01 - 2021-04-25 22:50 - 005487104 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Core.dll
2021-05-23 22:01 - 2021-04-25 22:50 - 005841920 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Gui.dll
2021-05-23 22:01 - 2021-04-25 22:50 - 001179136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Network.dll
2021-05-23 22:01 - 2021-04-25 22:50 - 000146432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5WebSockets.dll
2021-05-23 22:01 - 2021-04-25 22:50 - 005089792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Widgets.dll
2021-05-23 22:01 - 2021-04-25 22:50 - 000184832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\Origin\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-01-06 17:14 - 2019-01-06 17:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2286134859-4179934650-635084521-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Toshiba\Desktop\obrazky\Citaty\20160106_094950_Quote_Image.jpg
DNS Servers: 172.20.100.2 - 172.20.100.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2286134859-4179934650-635084521-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2286134859-4179934650-635084521-1000\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-2286134859-4179934650-635084521-1000\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C82D449A-3DB7-469E-A4DF-DD264319A0B2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5DDF8635-BBFF-41EE-9C2A-9C6A28EC505A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{1EBD4328-0E41-4502-8789-4A2771625B3D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6D838A8F-5222-4C63-BB6C-4476842BFCFA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

23-06-2021 00:25:38 Naplánovaný kontrolní bod
11-07-2021 21:34:16 Instalační služba modulů systému Windows
22-08-2021 14:52:27 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/22/2021 06:06:08 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (08/22/2021 06:06:08 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (08/22/2021 06:06:08 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (08/22/2021 06:06:08 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (08/22/2021 05:51:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (08/22/2021 05:51:37 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]

Error: (08/22/2021 05:51:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.

Error: (08/22/2021 05:51:37 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]


System errors:
=============
Error: (08/22/2021 06:06:06 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby TrustedInstaller s argumenty Není k dispozici za účelem spuštění serveru:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (08/22/2021 05:59:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:58:07, ‎22.‎08.‎2021) bylo neočekávané.

Error: (08/22/2021 05:51:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Instalační služba modulů systému Windows byla ukončena s následující chybou:
%%2340 = Seznam zařízení není platný.

Error: (08/22/2021 01:51:29 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (08/22/2021 01:51:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024001e): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.347.208.0).

Error: (08/04/2021 10:13:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/04/2021 10:13:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {995C996E-D918-4A8C-A302-45719A6F4EA7} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/04/2021 09:29:56 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Aktualizovat službu Orchestrator přestala během spouštění reagovat.


Windows Defender:
================
Date: 2021-08-22 19:14:34
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Alawar
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Toshiba\OneDrive\Dokumenty\31.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: Toshiba-PC\Toshiba
Název procesu: C:\Users\Toshiba\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.347.217.0, AS: 1.347.217.0, NIS: 1.347.217.0
Verze modulu: AM: 1.1.18400.5, NIS: 1.1.18400.5

Date: 2021-08-22 19:14:12
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: App:Piriform_CCleaner
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Toshiba\Downloads\ccsetup521.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.347.217.0, AS: 1.347.217.0, NIS: 1.347.217.0
Verze modulu: AM: 1.1.18400.5, NIS: 1.1.18400.5

Date: 2021-08-22 19:14:08
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\Toshiba\Downloads\ccsetup521.exe; containerfile:_C:\Users\Toshiba\Downloads\ccsetup526.exe; file:_C:\Users\Toshiba\Downloads\ccsetup521.exe->(nsis-instdata); file:_C:\Users\Toshiba\Downloads\ccsetup526.exe; file:_C:\Users\Toshiba\Downloads\ccsetup526.exe->(nsis-instdata)
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: Toshiba-PC\Toshiba
Název procesu: C:\Users\Toshiba\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.347.217.0, AS: 1.347.217.0, NIS: 1.347.217.0
Verze modulu: AM: 1.1.18400.5, NIS: 1.1.18400.5

Date: 2021-08-22 19:14:04
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/PiriformBundler
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: containerfile:_C:\Users\Toshiba\Downloads\ccsetup521.exe; file:_C:\Users\Toshiba\Downloads\ccsetup521.exe->(nsis-instdata)
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: Toshiba-PC\Toshiba
Název procesu: C:\Users\Toshiba\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.347.217.0, AS: 1.347.217.0, NIS: 1.347.217.0
Verze modulu: AM: 1.1.18400.5, NIS: 1.1.18400.5

Date: 2021-08-22 19:13:59
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: PUA:Win32/Seznam
Závažnost: Nízké
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\Toshiba\Downloads\7z1602-x64 (1).exe; file:_C:\Users\Toshiba\Downloads\7z1602-x64.exe; file:_C:\Users\Toshiba\Downloads\X16-32004 Office 2010 Czech 32bit.exe
Původ detekce: Místní počítač
Typ detekce: Konkrétní
Zdroj detekce: Ochrana v reálném čase
Uživatel: Toshiba-PC\Toshiba
Název procesu: C:\Users\Toshiba\OneDrive\Plocha\FRST64.exe
Verze bezpečnostních informací: AV: 1.347.217.0, AS: 1.347.217.0, NIS: 1.347.217.0
Verze modulu: AM: 1.1.18400.5, NIS: 1.1.18400.5

Date: 2021-08-22 14:03:24
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.347.208.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18400.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-07-11 22:34:44
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.343.642.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18300.4
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2021-07-03 02:31:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.341.1522.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070643
Popis chyby: Při instalaci došlo k závažné chybě.

Date: 2021-07-03 02:31:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.271.0
Předchozí verze bezpečnostních informací: 1.341.1522.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2021-07-03 02:31:01
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.343.271.0
Předchozí verze bezpečnostních informací: 1.341.1522.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18300.4
Předchozí verze modulu: 1.1.18200.4
Kód chyby: 0x80070666
Popis chyby: Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

==================== Memory info ===========================

BIOS: TOSHIBA 1.60 01/10/2012
Motherboard: TOSHIBA PWWBE
Processor: AMD E-300 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 84%
Total physical RAM: 2667.64 MB
Available physical RAM: 409.17 MB
Total Virtual: 6635.64 MB
Available Virtual: 3858.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.17 GB) (Free:232.43 GB) NTFS

\\?\Volume{d9fcb039-cb5b-11e4-a2a4-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{4f48ebe3-0000-0000-0000-20514a000000}\ () (Fixed) (Total:0.82 GB) (Free:0.3 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: 4F48EBE3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=297.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=842 MB) - (Type=27)

==================== End of Addition.txt =======================

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

# -------------------------------
# Malwarebytes AdwCleaner 8.3.0.0
# -------------------------------
# Build: 06-29-2021
# Database: 2021-08-09.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-22-2021
# Duration: 00:00:08
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1406 octets] - [22/08/2021 20:01:28]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Start

CloseProcesses:
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\Toshiba\OneDrive\Dokumenty\31.exe
C:\Users\Toshiba\Downloads\7z1602-x64.exe

EmptyTemp:
End

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-08-2021
Ran by Toshiba (22-08-2021 21:03:52) Run:1
Running from C:\Users\Toshiba\OneDrive\Plocha
Loaded Profiles: Toshiba
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
C:\Users\Toshiba\OneDrive\Dokumenty\31.exe
C:\Users\Toshiba\Downloads\7z1602-x64.exe

EmptyTemp:
End
*****************

Processes closed successfully.
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\BookReader_B171F20233094AC88D05A8EF7B9763E8 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => removed successfully
HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\MicrosoftEdge\ExtensionsStore\datastore\Config\PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => removed successfully
C:\Users\Toshiba\OneDrive\Dokumenty\31.exe => moved successfully
C:\Users\Toshiba\Downloads\7z1602-x64.exe => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9499734 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 114019409 B
Edge => 196718 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 6656 B
NetworkService => 129939274 B
Toshiba => 142492405 B
DefaultAppPool => 142499061 B

RecycleBin => 0 B
EmptyTemp: => 523.5 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:05:10 ====